defamation liability of computerized bulliten board operators.txt

1000 HOWTOs for various needs [WINDOWS]

	caf-talk-request@eff.org    - for administrivia

-------------------

masquerader.  It has been suggested that the SYSOP should be held 
to  the  same standard of liability as a neighborhood supermarket 
which   furnishes   a   public  bulletin  board:95  just  as  the 
supermarket  would not be liable for posting an advertisement for 
illicit  services,  so  should the BBS SYSOP escape liability for 
libellous  messages left on his board, especially when its poster 
appears to be a validated user.96

         However,  this  comparison  lacks  merit for the reasons 
given  by  the  Seventh  Circuit  in  Tackett  v.  General Motors 
Corporation.97  The  defendant's liability in that case rested on 
its  publication of libel by implicitly adopting the statement.98 
Defendant's  failure  to  remove a defamatory sign painted on one 
of  the  interior  walls of its factory for seven or eight months 
after  discovering  its  presence  was  such that "[a] reasonable 
person  could conclude that Delco 'intentionally and unreasonably 

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn             22
----------------------

fail[ed]   to   remove'  this  sign  and  thereby  published  its 
contents."99

         There  would  certainly  be  accomplice liability if the 
supermarket  unreasonably  delayed  removing an advertisement for 
illegal  services  from its bulletin board once it was made aware 
of  it.  The  market  could  be  seen  as having adopted the ad's 
statements  by  not  acting  responsibly  to  its viewing public. 
Similarly,  a  SYSOP  would  be  liable  for  defamatory messages 
posted  on  his  BBS - even by what appears to be the true user - 
if  he  fails  to  act  reasonably by using his computer skill to 
eviscerate  the  libel.100  While  the  computerized  BBS  may be 
nothing  more  than a hobby of the SYSOP, the speed with which it 
can  disseminate potentially damaging information among its users 
demands the standards of responsibility described above.

    C.   Defamation Liability of the Masquerader

         1.   Degree of fault required

         It  should  be noted that the liability and proof issues 
concerning  the  SYSOP  and  masquerader  are  inverse. As to the 
SYSOP  who allows libellous messages to be posted on his BBS, his 
liability  may  be  inferred  simply  by  those  messages  having 
appeared  there;101  however, his degree of fault - actual malice 
or  simple  negligence  -  is  subject  to debate.102 Conversely, 
while  the  masquerader's  degree of fault is clearly evident,103 
tracing  that  fault back to him is a more elusive matter.104 The 
requisite  degree of fault for masqueraders is set out in federal 
and state law.105

         2.   Damages

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn             23
----------------------


         Assuming  arguendo  that  the  masquerader's  defamatory 
publications  have  been  successfully  traced back to him by the 
plaintiff,  actual  and  punitive  damages  may then be recovered 
from  him  based on his knowledge of the publication's falsity or 
reckless  disregard  for its truth.106 Federal and state law have 
also specified certain remedies.107

III PROBLEMS OF PROOF

    A.   Proof of SYSOP's Actions

         We  have seen that while the appropriate degree of fault 
for  a  SYSOP  to  be liable for defamatory messages appearing on 
his  BBS  is subject to dispute,108 a showing that the defamation 
appeared  there  due  to  the  SYSOP's  negligence  is  much more 
capable  of  resolution.109  The jury should be made aware of the 
actual  validation/security procedures practiced by the SYSOP and 
should  weigh  them  in  light  of  the  prevailing  practice.110 
Several  facets  of  an emerging standard of care for SYSOPs have 
already  been  suggested  in  this  Comment,111  and  the SYSOP's 
adherence to them could be shown through users' testimony.

    B.   Proof of Masquerader's Actions

         In  contrast  with  the  degree  of  fault  required  to 
establish  the  SYSOP's publication of the libellous message, the 
degree  of  fault  for  the  masquerader  is much less subject to 
debate.   The   masquerader's   actions  are  not  likely  to  be 
considered  merely  inadvertent or negligent.112 However, because 
the  masquerader  has  intentionally  discovered  and usurped the 
user's  name  and  password,  he  appears  to be that user on all 

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn             24
----------------------

computer    records.   Tracing   the   masquerader's   defamatory 
publication   back   to   him   thus  encounters  some  important 
evidentiary  barriers:  the  maligned  user  is forced to rely on 
computerized  records  produced  by  the BBS and phone company in 
trying  to  link  the masquerader's libellous publication back to 
him.113  We  turn  now  to consider the evidentiary hurdles to be 
overcome  in  tracing  the  libellous  communication  to its true 
source.

         1.   The Hearsay Rule & Business Records Exception

         The   first   evidentiary  obstacle  to  connecting  the 
masquerader  with  his libellous publication is the hearsay rule. 
As  defined  by  the  Federal  Rules  of  Evidence, hearsay is "a 
statement,  other than one made by the declarant while testifying 
at  the  trial or hearing, offered in evidence to prove the truth 
of  the  matter  asserted";114  as  such,  it  is inadmissible as 
evidence  at  trial.115 Computer-generated evidence is subject to 
the  hearsay  rule,  not  because  it  is  the  "statement  of  a 
computer",  but  because it is the statement of a human being who 
entered  the  data.116 To the extent the plaintiff user relies on 
computer-generated  records  to  show that a call was placed from 
the  masquerader  to  the  BBS  at the time and date in question, 
then, her evidence may be excluded.

         However,  numerous  exceptions  to the hearsay rule have 
developed   over   the  years  such  that  evidence  which  might 
otherwise  be  excluded  is deemed admissible. The most pertinent 
hearsay  exception  as  applied  to  computerized evidence is the 
"business  records  exception",  which  admits  into evidence any 

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn             25
----------------------

records  or  data  compilations,  so  long  as (1) they were made 
reasonably  contemporaneously  with  the  events they record; (2) 
they  were  prepared/kept  in the course of a regularly conducted 
business  activity;  and  (3)  the business entity creating these 
records  relied  on  them  in  conducting  its operations.117 The 
veracity  of  the  computer  records  and  of the actual business 
practices  are shown by the record custodian's or other qualified 
witness'  testimony,  unless  the  circumstances indicate lack of 
trustworthiness.118  The  term  "business"  as  used in this rule 
includes  callings  of  every  kind, whether or not conducted for 
profit.119

         Statutes  and  judicial decisions in several states have 
gradually  recognized that the business records exception extends 
to  include computer-generated records.120 This is largely due to 
(1)  modern business' widespread reliance on computerized record-
keeping,  (2)  the impracticability of calling as witnesses every 
person   having   direct   personal  knowledge  of  the  records' 
creation,  and (3) the presumption that if a business was willing 
to  rely  on  such records, there is little reason to doubt their 
accuracy.121

         Using  this  exception  to  the  hearsay rule, plaintiff 
user  would most likely seek to admit the BBS' computer-generated 
username/password  log-in  records  plus the phone company's call 
records  to  establish  the  connection between the masquerader's 
telephone  and  the  BBS  at  the  precise  instant the libellous 
message  was  posted.122 As an initial matter, however, plaintiff 

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn             26
----------------------

must  first  lay  a  foundation  for  both  the  BBS'  and  phone 
company's computer-generated business records.

         A  sufficient  foundation for computer-generated records 
was  found  recently to exist in People v. Lugashi.123 There, the 
California  Court  of Appeal affirmed a conviction of grand theft 
based  on  evidence adduced from computer-generated bank records. 
Defendant,  an  oriental  rug  store owner, had been convicted of 
fraudulently   registering   thirty-seven  sales  on  counterfeit 
credit  cards.  The  issuing  banks became suspicious of criminal 
activity  when  charge  card  sales  data  from defendant's store 
showed  44  fraudulent  uses of charge cards at defendant's store 
within  only  five  weeks.124  As  each  fraudulent  credit  card 
transaction   was   completed,   defendant  registered  the  sale 
simultaneously  with  the  banks'  computers.125  Each  night, as 
standard  bank  practice,  the  banks  then  reduced the computer 
records  of  credit  card transactions to microfiche. Information 
gleaned   from  these  microfiche  records  was  entered  against 
defendant at trial.126

         The  California  Court  of  Appeal  recognized the trial 
court   judge's   wide   discretion   in  determining  whether  a 
sufficient  foundation  to  qualify evidence as a business record 
has  been  laid.127 It held that defendant's allocations of error 
were  without merit since defendant himself had acknowledged that 
the  bank's  computer  entries  memorialized  in  the  microfiche 
record  were  entered  simultaneously  as  they  occurred  in the 
regular  course  of  business.128  Further,  the Court of Appeals 
dismissed  defendant's  claim  that  only a computer expert could 

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn             27
----------------------

supply  testimony  concerning  the  reliability  of  the computer 
record:
    Appellant's  proposed test incorrectly presumes computer 
    data  to  be  unreliable, and, unlike any other business 
    record,   requires   its   proponent   to  disprove  the 
    possibility  of error, not to convince the trier of fact 
    to  accept  it,  but  merely to meet the minimal showing 
    required for admission....
    The  time  required  to produce this additional [expert] 
    testimony  would unduly burden our already crowded trial 
    courts to no real benefit.129
    
    

         The  Lugashi  court  then  followed  the  bulk  of other 
jurisdictions  adopting  similar analyses and upholding admission 
of  computer  records  with similar or less foundational showings 
over similar objections.130

         As  to  admission  into evidence of telephone companies' 
computer-generated   call  records  under  the  business  records 
exception,  courts  have  evinced  a  similar attitude to that in 
Lugashi.  In  State  v.  Armstead,131  a  prosecution for obscene 
phone  calls,  the trial court was held to have properly admitted 
computer   printouts  showing  that  calls  had  been  made  from 
defendant's  mother's  telephone,  despite defendant's contention 
that  the  witness  who  was called to lay the foundation had not 
been  personally  responsible  for  making the record.132 Because 
the  printout represented a simultaneous self-generated record of 
computer   operation,   the  court  held  it  was  therefore  not 
hearsay.133

         In   an   Ohio   prosecution  for  interstate  telephone 
harassment,  it  was  held  no  error  was committed in admitting 
defendant's  computerized  phone  statement  under  the  Business 
Records  exception  which  showed  that  telephone calls had been 

---
Defamation Liability of Computerized BBS Operators
& Problems of Proof          (C) 1989 John R. Kahn             28
----------------------

made  from  defendant's  phone  in  Ohio  to  various  numbers in 
Texas.134  A  sufficient foundation for the admission of business 
records  under  Federal  Rules of Evidence 803(6) was established 
when  a  telephone  company  witness  identified  the  records as 
authentic  and  testified they were made in the regular course of 
business.135

         Applying  the foregoing analyses to BBSes, the plaintiff 
user  would  establish a foundation for the correlated BBS136 and 
telephone  company  phone logs by showing that (1) they were made 
contemporaneously  with  the posting of the libellous message;137 
(2)  they  were  prepared/kept  in  the  course  of  a  regularly 
conducted  business  activity,  since  both the BBS and telephone 
company  consistently  maintain  accounts  of all persons who use 
their  services;  and (3) the BBS and telephone company relied on 
those  records for billing purposes.138 Once such a foundation is 
laid,  the  trial court has wide discretion in admitting business 
records into evidence.139

         2.   Authentication & the Voluminous Records Exception

         The  second  evidentiary  barrier encountered in tracing