Von Clausewitz said that war is diplomacy by other means. If that’s true, then litigation — particularly divorce and custody litigation is war by other means. And in war, there are casualties. In modern custody and divorce litigation, one of the casualties is cybersecurity and privacy.
And the courts don’t seem to care. At all.
The difference between criminal law and family law is that a criminal lawyer sees the worst people in society at their best. A family lawyer sees the opposite. Husbands and wives using whatever tactics they deem useful to “get back” at spouses. It’s deeply emotional. One tactic frequently used is spying. Husbands and wives spy on each other — during the marriage, in the lead-up to a divorce, during divorce proceedings, and during post-divorce custody, child support, alimony and related hearings. Think of Sam Marlowe being retained by some dame to spy on her philandering spouse. But modern spying involves technology. Using shared passwords to access each other’s computers and files. Logging in to the other spouse’s email. Accessing bank records, travel records, financial information, tax returns, school records, intimate conversations, photographs, social media. All for tactical advantage in the divorce case.
Now during a marriage, the concept of “inter-spousal interception” is a difficult one for the law to deal with. Listening in on a spouse’s phone call from a shared phone (OK, kids, there used to be things called landline phones with extension phones…) happens all the time, is technically a crime in many states (acquiring the contents of a phone conversation with technical means without consent) and is occasionally punished. Whether reading a spouse’s emails, glancing at their cell phone and accessing their accounts is a crime during a marriage is dependent on a host of factors including whether there is express or implied consent to access, whether it’s a shared account between the spouses, and sometimes based on some exigency — like where access is necessary for the safety of children. That’s during the marriage.
After the marriage is a different story. Unless the parties have agreed to joint access to email, bank accounts, social media, stored files, etc., the parties have no right to read each other’s communications, access each other’s files, or use software, tricks, fraud or deception to get electronic information about each other, any more than your next-door neighbor or the local FSB officer would have the right to that information. Accessing someone else’s computer is a crime. A computer crime. Punishable under the computer crime statute. 18 USC 1030. Accessing someone else’s emails is a crime. A federal crime under 18 USC 2701. Intercepting their communications is a crime. Eavesdropping and wiretapping. A federal crime under 18 USC 2511. It’s also fraud, theft, false personation, larceny, deception, conversion, invasion of privacy, intrusion into seclusion, false light, and a whole bunch of torts.
It’s serious stuff. The kind of stuff that lands hackers from Bulgaria in a level II federal prison in Tallahassee, Florida for a few decades. It’s the kind of stuff that the FBI and CIA and NSA and DHS tell everyone they are on the lookout for. It’s the kind of stuff that the DOJ CCIPS, USAO’s computer crime units, and state Attorney’s General would leap at. It’s the kind of stuff that local State’s Attorney’s and District Attorney’s ordinarily would seek prison time for. It’s hacking, theft, destruction of property, invasion of privacy, revenge porn, extortion all rolled up into a nice, slimy ball of matrimonial litigation. It’s also often perjury in court, lying and deceiving the court, obstruction of justice, contempt of court, and violation of standing orders relating to discovery and contact with the other spouse.
It’s very serious sh*t.
But it’s not. Not to cops. Not to the FBI. Not to courts. Not to judges. Not to prosecutors. And this is the fallacy of computer and privacy crimes. The FBI C3 squad encourages the reporting of cyber crimes but in my experience (and this is anecdotal) almost nothing ever happens when these offenses are reported. They are seen as “civil” matters or “family” matters, and law enforcement is reluctant to get involved. This is especially true in divorce or custody cases, where the cops and prosecutors may feel — sometimes with justification, other times without — that the reporting of the cybercrime is simply a ploy to get an advantage in a divorce — to get more visitation, reduce or increase alimony or support, or just to make the other party look bad. War by other means.
The worst part is the cavalier and dismissive attitude taken by the courts to inter-party hacking. Take for example a case in Illinois where one spouse set up and automatic forwarding rule on the other spouse’s email to send a copy of every email. That means every work email, everything related to their schedule, friends, associates, colleagues. Emails about a friend’s sex life — forwarded to the spouse. Emails about health issues — sent to spouse. It’s not just the spouse’s privacy that’s invaded — it’s the privacy of everyone who communicates with the spouse. Now in litigation, it is possible to obtain any of the relevant conversations. That’s what the rules of discovery are for. But the snooping spouse didn’t want to just get the information that was relevant. They wanted to see everything the spouse was doing. And they didn’t want to go through the court. They just decided to break in — through an electronic avatar. It’s called self-help and courts typically look askance at it. It’s like breaking into someone’s house cause you think they might have information you’re interested in.
Now you would think the court would be upset — furious even at this abuse and crime. Not so much. After determining that the activity did not amount to an unlawful “interception” of communications “in transmission” the court sent the case back to the lower court to consider whether the activity constituted unlawful access to stored communications. But respected federal appellate Judge Richard Posner, agreeing with the decision, went further, opining the suit was a waste of judicial resources and an effort to conceal the crime of adultery. Privacy and process be damned. Posner expresses his disdain for even the concept of privacy noting:
Obviously not all claims of privacy are or should be protected by law. Virtually every adult in a society such as ours values his or her privacy, but it doesn’t follow that privacy is always, or even primarily, a social good, which is to say a good that promotes social welfare. “Privacy” means concealment of facts about a person. Often such concealment serves a social purpose — an example is concealing the fact that one is on the verge of inventing a new product or process that will be patentable and make the inventor wealthy; premature disclosure might enable competitors to exploit the invention to the detriment of the inventor, thus discouraging invention. But often the facts sought to be concealed in the name of privacy are facts that, being disreputable, would if disclosed publicly tarnish a person’s reputation and by doing so perhaps diminish his or her social and professional welfare and opportunities. The motive of concealment in such a case is understandable, but if the concealment is of genuine misconduct, I am unclear why it should be protected by the law. I don’t understand why law should promote dishonesty and deception by protecting an undeserved, a rightly tarnished, reputation.”
Judge Posner went on to Chile the litigant for seeking advantage in the divorce litigation and saying that he couldn’t see how the federal privacy law should “an interest so lacking in any social benefit” as privacy. Indeed, Judge Posner likened the person who exposed the spouse’s intimate secrets through criminal conduct to “a bounty hunter — a private person who promotes a governmental interest. She has uncovered criminal conduct hurtful to herself, and deserves compensation, such as a more generous settlement in her divorce proceeding.”
Another case, Bailey v. Bailey, Dkt. No. 2:07-cv-11672-SFC-MKM in the Eastern District of Michigan, shows just how dismissive courts are about claims of even the most egregious privacy violations. In that case, one spouse alleged that the other had installed spyware on her computer, and was continuously monitoring every keystroke she entered into the computers despite her having hired security professionals to remove the spyware and rebuild the impacted devices. She sent fictitious emails and other communications as “bait,” and found the contents of these fake messages appear in pleadings filed in the divorce/custody case. The intercepting spouse introduced hundreds of communications — including highly personal ones, and communications between the other spouse and her lawyer – as evidence in the divorce case without either he or his lawyer mentioning where they came from. The divorce judge found the emails and other documents admissible in the divorce case irrespective of how they were obtained. The wife hired a computer forensics expert to demonstrate that the keylogger was stealing information and passwords and privileged information, and her lawyer requested that the ex-spouse be prosecuted – a request that was declined. A complaint against the attorney grievance committee was rejected. Efforts to obtain an injunction against the continuing surveillance and the use of the unlawfully obtained information were similarly rejected. Nobody cared.
In another case in Michigan, the husband hired a cyber-forensics and investigative company to hack the ex-wife lover’s emails — which astonishingly they did. The lover then sued the ex-husband claiming that he violated the federal Stored Communications Act by accessing his emails from Yahoo without her knowledge or consent. The Court rejected the claim because the HUSBAND got the emails from the forensics company he hired, NOT from Yahoo! The Court concluded “[lover] has not come close to alleging that [husband]l himself accessed a facility through which an electronic communication service is provided. Rather, he alleges that defendant Cyber-Trace accessed his email account. Even if [husband] used this information, however, such use is not actionable.”
Really? Really?
In a New Jersey case, the court was similarly dismissive of one spouse’s reading of the other’s email without consent, finally observing “Can it be said that defendant’s activities here are “highly intrusive?” … She was searching for indicia that her husband was involved in an extramarital liaison—not an uncommon occurrence in the realm of human experience. Is rummaging through files in a computer hard drive any different than rummaging through files in an unlocked file cabinet? Not really.”
Other courts, however exclude evidence of inter-spousal spying – particularly where it involves “interception” of communications in transmission, where the law provides the specific remedy of criminalizing not only the interception itself, but the “disclosure” of the contents of unlawfully intercepted communications. The problem is, in most divorce cases, the communications are not “intercepted” in transmission, but read by hacking into an email account which remains both unlawful and tortious, but doesn’t explicitly say that the contents of the unlawfully obtained evidence are excluded.
Sure. But there’s no law that says that if your break into your ex-wife’s house (or her lawyer’s) and steal stuff because you want it that you shouldn’t be able to use that in evidence. Come to think of it, there’s no statute that says if you put a gun to your ex-spouse’s head and get them to admit an affair, that you can’t use that “admission” in your custody battle to show that they are a bad spouse, right? At the end of the day, while “suppression” of evidence because of wrongdoing in obtaining it is the least — and I do mean the least — that can be done, many courts refuse to do even that.
In a recent case in Washington, D.C., for example, a divorcing husband alleged that his estranged wife hacked into “his (a) AT&T wireless account, (b) George Washington University email account, (c) iCloud account, (d) American Express account, (e) Vonage account, (f) United Airlines account, (g) Starwood account, and (h) other unspecified accounts; (2) altered passwords and contact information associated with some of the accounts; and (3) obtained private information, such as call and text message logs, as a result of the unauthorized access.” You know, the kind of thing that lands people in the pokey. Was the court outraged? Was the US Attorney called? Was the spouse lead off in handcuffs? Did the Court even have a hearing on the matter? Um.. no, no, no, and no. Instead, the federal court, charged with enforcing the federal wiretap, hacking and stored communications laws, punted. They figured that the D.C. Superior Court Family Division was in the best position to determine who “owned” these accounts and whether the hacking was “authorized” so the federal court stayed the hacking case and deferred to the family court.
That’s. Not. What. Congress. Intended.
We have strong computer crime, privacy, eavesdropping and electronic surveillance laws. They should not only be enforced, but those who violate them should not be rewarded by permitting them the benefit of the fruits of the very tree that they have themselves poisoned. Sure, people during a divorce do stupid and irrational things. They even do illegal things. But it’s time that courts, prosecutors, judges, and investigators stop dismissing these privacy related crimes as just “well, that’s what happens.” When an ex-employee hacks his former boss, “well, that’s just what happens.” When the Chinese Army hacks U.S. steel manufacturers’ trade secrets, “well, that’s just what happens.” And when the Russian government hacks U.S. political parties and manipulates voters, “well, that’s just what happens.” I’m not suggesting lengthy prison sentences for spouses who read each other’s emails. But let’s send the message that privacy and security are important. In love and in war.