INFOCRIME: PROTECTING INFORMATION THROUGH CRIMINAL LAW
Author: Eli Lederman
Publisher: Cheltenham, UK; Northampton, MA: Edward Elgar Publishing, 2016. 488p.
Reviewer: Geraldine Szott Moohr | January 2017
Eli Lederman, professor of law at Tel-Aviv University, is no stranger to the criminal laws that protect information. His interest dates from 1989 with publication of “Criminal Liability for Breach of Confidential Commercial Information.” Lederman is thus well-placed to undertake the task he set himself: to construct a theoretical structure that describes and supports the application of criminal law to information.
In essence, his purpose is to impose some order on the problematic plethora of disparate criminal laws, varying subject matter, and often inconsistent rationales that protect rights in information. Federal and state legislators passed such criminal laws as the need arose, at different times, and for different reasons. In sum, the body of criminal law that applies to information and information products is disordered and sometimes contradictory.
The topic immediately presents an organizational problem; whether to categorize topics by the kind of information at issue or by criminal laws that apply. Neither is ideal. Certain crimes, like theft and fraud, apply to many kinds of intangible property. Some types of information overlap with others; trade secret law is linked to patents and to confidential information. And still others, like copyright infringement, are unique. Overlapping or duplicative discussions of crimes and of types of information seem inevitable.
Lederman tries to side-step this dilemma by dividing types of information according to the rationale for protecting them. His method results in a comprehensive treatment that includes ancient common law crimes like peeping and trespassing, comparatively new offenses like misappropriating trade secrets, and crimes like sexting and data mining. In this way, duplication is minimized, although not eliminated.
Serious conceptual problems also complicate Lederman’s project. As he recognizes, it is difficult, if not impossible, to establish a clear boundary between the “structure” of criminal law (reflecting the framework of specific provisions, where they appear in the code, and the harms they are intended to prevent), and its “substance” (what the law actually prohibits). Further, although one can recognize how criminal provisions might shape a conceptual structure, it is difficult to identify how it affects the development of such laws. Finally, the project deals with a moving target. The subject matter steadily expands as legislators respond to demands for protection by the public, the government, and those in the business of producing it. Subsequent judicial interpretations of those statutes can expand or limit their application.
Lederman limits the scope of his inquiry by focusing on substantive criminal law. He also omits infringement of rights created by copyright, patent, and trademark law because of statutory limitations of coverage and duration inherent in intellectual property. Yet the text includes trade secrets, which are limited by the right of independent discovery and even inadvertent disclosure. Most property rights are limited to some degree and including infringement would enlighten discussion of other forms of information products.
Following a review of various information theories, Lederman presents a framework divided by the rights of those who hold information. The result is three models: spatial, communication, and content. The spatial model is based on intrusions of places in which information is located and encompasses the crimes of trespass and peeping. These are traditional, ancient offenses that were codified by the states. Lederman’s concept of place broadens to include metaphorical spaces of computerized data and personal physicality. In the latter case, criminal treatment of intrusion is largely based on privacy, a subject to which he (and this review) will return.
The second model, communication, centers on the transfer of information between individuals. It is based on breaching confidentiality obligations that are based on status, such as doctor and patient, client and financial advisor, and family members. The contested issue here is the scope of the holder’s continuing control over information voluntarily given to another.
Lederman’s third model is based on the content of the information at issue, which gives holders the right to prevent others from accessing, revealing, or using it. It includes information held by private entities and discusses misappropriating trade secrets and the crimes that apply to that conduct. It also includes information held by the government and the crime of espionage. Lederman briefly notes the national security justification and the consequent breadth of government power to define state secrets. In light of the current controversy over Edward Snowden’s shocking disclosures of federal government surveillance (which led to a change in governing law), the topic merits greater attention than given here. The interests of citizens subject to surveillance or the possibly constructive role of whistleblowers are not considered. Government intrusions into citizens’ private lives are unlikely to go away and may well worsen; scholars and decision makers would benefit from a consideration of countervailing interests that could offset state interests.
This third category also includes crimes that apply to misappropriation of confidential information, the newest entry of criminal law into an area previously governed by tort claims. Returning to the justification of privacy, Lederman suggests that confidential information involves privacy issues as well as property rights, although he also notes that the line between privacy and property is unclear and can even merge. Considering privacy is a useful insight; reliance only on a property prism necessarily limits analysis. Yet once an interest in information is protected by criminal law, the content and in many cases the category becomes, at a minimum, quasi-property.
Lederman also considers sexting, the practice of posting or sending explicit sexual content over the Internet. It begins when senders, who may be young adolescents, transfer a textual and/or visual message about themselves to others. The message can include digital photographs – nude or otherwise compromising – taken by the sender. Those who receive the message may transmit it to others, which can cause serious harm to the primary sender. Lederman’s discussion of the conduct, its harm, and the approaches of prosecutors and state legislators is knowledgeable and sensitive. He surveys various approaches to sexting, such as using child pornography statutes against minors, both those who initially send their own pictures and those who send them on to others. Conscious of underlying societal values emanating from First Amendment rights of speech and expression, he counsels caution and moderation in the use of criminal law. Unlike the treatment of espionage, this analysis encompasses a wider perspective that deepens discussion.
The book is comprehensively researched as evidenced by references to a wide body of scholarship and judicial opinions that include both theory and doctrine. It is enhanced by references to the laws of other nations as counterpoints to laws of the United States. More prosaically, readers will appreciate the use of footnotes rather than endnotes, although everyone may not appreciate the use of the masculine “he” throughout. Another minor matter, given the complexity and range of it subject matter, is accessibility. Discussions of pertinent topics are not listed separately in the table of contents. For example, a cogent treatment of information in criminal records (section 188.8.131.52.2.4) is not identified and could easily be overlooked.
In his final pages, Lederman addresses the balance between privacy and property rights. The developing culture of self-disclosure renders claims of a reasonable expectation of privacy less viable. Also, consumers routinely allow access to personal information requested in the course of using a computer for ordinary purposes. Information about a single consumer is infinitesimal when the data is aggregated. When the privacy rationale weakens, the property justification is allowed to strengthen. For example, data mining companies may successfully claim a property interest in the statistical profiles they create based on their investment and effort – and the existence of a market and commercial value.
In sum, Infocrime describes how criminal law now applies to information and offers an insightful analysis of the subject as it exists today. Taken together, the three models provide a conceptual structure that contributes a new and different way of thinking about information and the crimes that protect it. Whether Lederman’s structure will survive future technological developments that increase use and value of information remains to be seen. In any case, this substantial contribution is a valuable resource for scholars and decision makers who consider the role of criminal law in controlling unauthorized use of information.
Geraldine Szott Moohr, Emerita Professor of Law, University of Houston Law Center