There may be no such thing as justice in America.
That's one of the sinking feelings in hearts and minds of those who have fallen into the grip of the Netflix true-crime documentary series Making a Murderer. But the knotty legal questions raised by the show may extend further than most fans realize.
The show centers on Wisconsin man Steven Avery, who was exonerated by DNA evidence after spending 18 years in prison for attempted rape only to be arrested again for a murder he maintains he did not commit. Officers of the Manitowoc County Sheriff's Department appear hellbent on putting him behind bars—perhaps because he filed a $36 million lawsuit against them for his earlier imprisonment.
“Yes, it absolutely would violate the CFAA.”
Did Avery commit the murder of 25-year-old photographer Teresa Halbach? Did police frame him for the crime? If not Avery or the police, then who?
These are the questions that leave Making a Murderer viewers burning with rage and bewilderment. What also grabbed my attention, however, was what appears to have been a flagrant violation of federal law by one of the prosecution's key witnesses—one some fans believe could have done the dastardly deed himself.
Ryan Hillegas, the ex-boyfriend of Halbach, testified during the Avery murder trial that he and his friends “figured out” the password to Halbach's Cingular Wireless account. Hillegas, who was never questioned by police about his possible involvement in Halbach's murder, accessed her phone records and listened to her voicemails, some of which are said to have been mysteriously deleted.
Now, this might sound like a reasonable—if not suspicious—thing to do when your friend goes missing. It is also, according to legal experts, likely a violation of the Computer Fraud and Abuse Act.
Jennifer Granick, director of civil liberties at the Stanford Center for Internet and Society, said accessing Halbach's wireless account is possibly a violation of the CFAA. “The short answer is yes, it could be,” she told the Daily Dot in an email, though she says she has not yet watched Making a Murderer.
Orin Kerr, a law professor at George Washington University and a leading expert on the CFAA, said it is “absolutely” a CFAA violation.
“I haven't followed the show, but based on the video: Yes, it absolutely would violate the CFAA,” Kerr told the Daily Dot in an email. “It would violate 18 U.S.C. 1030(a)(2).”
As 18 U.S.C. 1030(a)(2) states, anyone who “intentionally accesses a computer without authorization or exceeds authorized access” violates the statute. Guessing someone's password and username to access their phone records and voicemail would almost certainly fall under the CFAA definition of unauthorized access to a computer.
A person convicted under CFAA could face a $250,000 fine and up to 20 years in prison.
The harsh penalties of the CFAA and its broad definitions have made it one of the most infamous laws on the Internet. Some have argued, for example, that it could be used to prosecute a person for violating a website's terms of service (though courts have so far rejected that argument).
The CFAA has been used to prosecute some of the Internet's biggest names, including Chelsea Manning, PlayStation jailbreaker George “Geohot” Hotz and, perhaps most notably, activist and developer Aaron Swartz, who ended his own life under the burden of a CFAA prosecution.
In short, violating the CFAA isn't murder, but it is a serious crime.
Of course, this is all a side note in the meditation on criminal justice that is Making a Murderer. But there is still an important lesson in this for viewers: If you have the urge to access someone's password-protected accounts because you think they might be a victim of a crime, it's best to leave that job to the police—who, some Making a Murderer fans might say, can get away with damn near anything.
Correction: Orin Kerr is a law professor at George Washington University.