GENWiki

Premier IT Outsourcing and Support Services within the UK

User Tools

Site Tools


archive:bbs:syslibli

From langz@ebay.sun.com Mon Apr 23 21:05:51 1990 Received: from Sun.COM by gaak.LCS.MIT.EDU via TCP with SMTP

id AA09583; Mon, 23 Apr 90 21:05:27 EDT

Received: from EBay.Sun.COM (male.EBay.Sun.COM) by Sun.COM (4.1/SMI-4.1)

id AA21291; Mon, 23 Apr 90 18:03:56 PDT

Received: from khayyam.EBay.Sun.COM by EBay.Sun.COM (4.1/SMI-4.1)

id AA04566; Mon, 23 Apr 90 18:02:40 PDT

Received: by khayyam.EBay.Sun.COM (4.0/SMI-4.0)

id AA09346; Mon, 23 Apr 90 17:57:50 PDT

Date: Mon, 23 Apr 90 17:57:50 PDT From: langz@ebay.sun.com (Lang Zerner) Message-Id: 9004240057.AA09346@khayyam.EBay.Sun.COM To: ptownson@gaak.LCS.MIT.EDU Subject: Defamation Liability of Sysops article Status: R

           D E F A M A T I O N   L I A B I L I T Y 
                             O F 
                   C O M P U T E R I Z E D 
       B U L L E T I N   B O A R D   O P E R A T O R S 
          A N D   P R O B L E M S   O F   P R O O F 
                                     John R. Kahn
                                     CHTLJ Comment
                                     Computer Law Seminar
                                     Upper Division Writing
                                     February, 1989
                                     
                                     
           D E F A M A T I O N   L I A B I L I T Y 
                             O F 
                   C O M P U T E R I Z E D 
       B U L L E T I N   B O A R D   O P E R A T O R S 
          A N D   P R O B L E M S   O F   P R O O F 

John R. Kahn CHTLJ Comment/Upper Division Writing/Computer Law Seminar

February, 1989

_

I. INTRODUCTION

       A  computer  user  sits  down  at her personal computer, 

turns it on, and has it dial the number of a local computerized

bulletin board service (BBS) where she has been exchanging

opinions, information, electronic mail, and amicable

conversation with other users. Upon connecting with the BBS, she

enters a secret "password", presumably known only to herself and

to the bulletin board operator, so as to gain access to the

system.

       To  her  surprise,  she  finds herself deluged with lewd 

electronic mail from complete strangers and hostile messages

from persons with whom she believed she was on friendly terms.

The messages read: "Why did you call me a worthless son-of-a —-

- yesterday? I really thought we could be friends, but I guess I

was wrong"; "Hey, baby, I liked your fetish you were telling me

about yesterday: call me at home, or I'll call YOU"; and, "Why

didn't you get around to telling me about your venereal disease

sooner?". Yet our user has not called this BBS in weeks and has

never made any of these statements. Dismayed and angered, the

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 2

user comes to realize that she is the victim of computerized

bulletin board abuse.

       A  personal  computer  hobbyist  (hereafter "SYSOP") who 

operates a computerized bulletin board system notices a rash of

heated arguments, profanity and complaints being reported to him

by users on what had been a forum for the peaceful exchange of

ideas. Investigating the complaints, he discovers that

previously responsible users have suddenly and

uncharacteristically been leaving insulting, rude and false

messages about other users on the bulletin board. One user is so

enraged about a public message accusing her of sexual

misadventures that she is threatening to sue the computer

hobbyist in libel for having permitted the message to appear.

The SYSOP realizes that both he and his subscribers have

suffered computerized bulletin board abuse.

       The  aggravating  force behind both the above situations 

is most likely a third user (known hereafter as "the

masquerader") who maliciously exploits both his computer

knowledge and his access to BBSes. Since the masquerader has

discovered the password and name of the regular user, and uses

them to access bulletin boards, he appears for all intents and

purposes to be that regular user. The computer thus believes it

has admitted a legitimate subscriber to its database when it has

in fact given almost free reign to a reckless hacker. The

masquerader, posing as another legitimate user, is then free to

portray that user in whatever light he pleases and also to

harass other users of the bulletin board.

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 3

       When  validated  users  later discover that someone else 

has been impersonating them, they invariably cancel their

subscriptions to that BBS and often bring a defamation action

against its SYSOP for the smearing of their good names.

Conversely, the SYSOP, in an effort to avoid liability,

reluctantly engages in monitoring each and every piece of

information posted daily by hundreds of users. If the SYSOP

chooses instead to stop running his BBS altogether, another

efficient and valuable forum for ideas is lost.

       What  sort of defamation action may be maintained by the 

wrongfully disparaged user? Is the computerized bulletin board

offered by the SYSOP subject to the stricter self-scrutiny of

newspapers, or does it operate under some lesser standard? How

may the initial party at fault - the masquerader - be held

accountable for his computerized torts?

       The  scope  of  this  Comment  will  be  to  examine the 

defamation liability of computerized BBS operators and

evidentiary proof issues that arise in tracing computerized

defamation to its true source. Other possible Tort causes of

action - intentional infliction of emotional distress, invasion

of privacy, trespass to chattels - are not addressed. It is

assumed throughout that the plaintiff is a private person and

that the issues involved are not matters of "public interest" as

defined in Gertz v. Robert Welch, Inc.1

  A.   Background
       Computerized  BBSes exist as a quick, easy and efficient 

way to acquire and exchange information about the entire

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 4

spectrum of interests.2 The growing popularity of these

electronic forums was demonstrated in a recent study which

numbered BBSes at more than 3,500 nationwide.3 The size and

complexity of computerized BBSes range from relatively simple

programs, run on privately-owned microcomputers with a few

hundred subscribers, to vast, multi-topic database systems with

nationwide lists of subscribers and operated for profit.4

       The  process  of  reaching,  or "accessing" one of these 

bulletin boards is quite simple: all that is required is a

computer, a computer program that allows the computer to

communicate over the phone lines, and a "modem" (a device which

converts the computer's electrical signals into acoustic

impulses, defined infra).5 Once she has accessed the BBS, the

caller is free to trade useful non-copyrighted computer

programs, exchange ideas on a host of topics, post electronic

mail for later reading by others, and much more.6 The ease with

which most BBSes may be accessed and the wealth of interests to

be found there ensure that they will continue to be important

sources of information and discourse.

       However,  the speed and efficiency of computerized BBSes 

also subject them to serious, wide-ranging civil and criminal

abuse. Recently a young computer user paralyzed several major

computer systems across the nation by sending a harmful computer

program (or "worm") to them over telephone lines. The worm

quickly replicated itself in the computers' memories and thus

decreased their output capacities.7 Further, certain computer

abusers (known as "hackers") use the power of the computerized

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 5

forum to ply illegal copies of copyrighted programs, bilk

hundreds of millions of dollars annually from credit card and

phone companies, and to wrongfully access others' data files.8 A

minority of other BBSes exist mainly to circulate racist

ideologies.9

       What  is  more,  it now appears that the ancient tort of 

defamation is actively being practiced through the use of

computerized BBSes.10 Due to the almost ethereal way

computerized BBSes operate - one person may conveniently leave

an electronic message for others to respond to at their leisure

and there is no need for the parties to converse directly or

even to know each other11 - the risk of detection when the BBS

is abused is lower than that for defamation practiced in the

print media.12 Difficulties arise with identifying the true

party at fault and with authenticating the computer records as

evidence of the defamation.13 Adding to this problem is an

uncertainty in the laws concerning the appropriate liability of

SYSOPs for defamatory messages on their BBSes of which they were

unaware.14

  B.   Definitions
       The  following  are  brief definitions of some important 

technical terms connected with electronic BBSes:

       SYSOP:  An  abbreviation  for "System Operator", this is 

the individual generally responsible for organizing information

and for trouble-shooting on a computerized bulletin board. On

larger bulletin boards covering hundreds of topics, several

SYSOPS may be in charge of maintaining information contained in

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 6

separate discrete fields.15 But when the BBS is privately owned

and operated, a single SYSOP may very well oversee all aspects

of the board's operations, in addition to being able to access

all his users' passwords and personal information.16

       Modem:   An  abbreviation  for  "Modulator/Demodulator". 

This is a device which links a computer to an ordinary phone

line and converts computer signals to auditory phone signals. A

computer modem on the other end of the transmission then

reverses the process. Computers using modems transfer data

rapidly across phone lines and thus share information.17

       Validation:  Basically  this is a set of procedures used 

by responsible SYSOPs to do everything reasonably possible to

verify that the personal information supplied by a user is true

and correct. Common sense and emerging legal standards dictate

that the SYSOP should not merely rely on the name provided by a

potential user when the SYSOP does not personally know that

individual. The SYSOP may be required to independently

corroborate the prospective subscriber's information by first

asking the potential user's name, address and phone number and

then by checking that information with directory assistance.18

These procedures will hopefully aid the operator in identifying

wrongdoers if misuse occurs;19 however, as will be seen, these

procedures are by no means foolproof.

       Database:  Any  collection  of  data  in  a computer for 

purposes of later retrieval and use, i.e., names, addresses,

phone numbers, membership codes, etc.

       User:  Anyone who accesses a computerized bulletin board 

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 7

system and is exposed to the information stored there. Users may

be identified by their true names, by an assigned numerical

code, or by colorful "handles", or "usernames."20

       Operating  System:  This is a program which controls the 

computer's basic operations and which recognizes different

computer users so that their actions do not interfere with one

another.21 For example, most multi-user operating systems will

not allow one user to delete another's data unless the second

user gives explicit permission.22 BBS system software programs

perform this function through their use of "accounts" and

"passwords":23 private electronic mail sent to a particular user

may not be read or deleted by others. The BBS' operating system

is also designed to deny access to those attempting to log on

under an unvalidated or unrecognized name.24

       Account/Username:   As   another   part  of  BBS  system 

security, each user chooses an "account", or "username",

consisting of one to eight letters or numbers.25 The BBS'

operating system then will not allow commands issued by one user

of one account to modify data created by another account;26 nor

will it grant access to an account that has been terminated or

invalidated.

       Password:  Yet  another aspect of BBS system security is 

the use of "passwords" as a prerequisite to accessing the

computer system. Most operating systems require the user to

enter both her account name and password to use the account.27

Because electronic mail cannot be sent without the username to

which it is being addressed, and because the account cannot be

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 8

used without knowledge of the password, usernames are generally

public knowledge while passwords are a closely-guarded secret,

known only to the user and the operating system.28

       Teleprocessing:  This is defined as accessing a computer 

from a remote location, usually over a telephone line or similar

communications channel.29

       Uploading/Downloading:   For   purposes   of  exchanging 

computer programs or electronic mail over the phone lines, the

process of transferring information from one's personal computer

to the bulletin board is called uploading. The reverse process -

transferring information from a bulletin board to a personal

computer - is known as downloading.30

II. DEFAMATION LIABILITY OF COMPUTERIZED BBS OPERATORS

  A.   Computerized Defamation: Libel or Slander?
       Libel  is  the  "publication  of  defamatory  matter  by 

written or printed words, by its embodiment in physical form, or

by any other form of communication that has the potentially

harmful qualities characteristic of written or printed words."31

Publication of a defamatory matter is "its communication

intentionally or by a negligent act to one other than the person

defamed."32 A communication is defamatory if it "tends to so

harm the reputation of another as to lower him in the estimation

of the community or to deter third persons from associating or

dealing with him."33 The difference between libel and slander

has traditionally depended upon the form of the communication:

oral defamation generally is considered slander, while written

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 9

defamation is generally considered libel.34 The distinction is

important, because libel requires no proof of special damages

and is actionable by itself, while slander generally requires

proof of special damages in order to be actionable.35

       However,  with  the  advent  of  electronic  media,  the 

traditional libel/slander distinctions as they apply to sight

and hearing are no longer valid. For example, passing defamatory

gestures and signals, though visible to sight, were considered

slander;36 an ad-libbed statement on a telecast impugning a

person's financial status was found to be libel.37

       It  has been suggested that the real distinction between 

libel and slander is the threat and magnitude of harm to

reputation inherent in the form of publication.38 Libel has been

historically associated with writings because (1) a writing is

made more deliberately than an oral statement; (2) a writing

makes a greater impression to the eye than does an oral

statement to the ear; (3) a writing is more permanent than

speech; and (4) a writing has a wider area of dissemination than

speech.39 These four qualities inherent in a writing made the

possible harm to reputation greater than mere spoken words. In

applying libel to the new form of computerized communication

used on BBSes, the potentiality for harm to reputation is

significant, and should again be considered the controlling

factor.

       In  our hypothetical situation, the user discovered that 

another user (the masquerader) had usurped her account name and

password, causing her great embarrassment and humiliation. The

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 10

act of prying into and taking another's computer information to

misuse it elsewhere would indicate a certain deliberation on the

actor's part to spread defamatory messages. Secondly, the

defamatory message is displayed to other users on their computer

monitors in the form of electronic characters, making a visual

impression. Third, this electronic defamation is more permanent

than mere words because it is stored in the BBS' memory until

erased by the user or SYSOP. Finally, the message arguably has a

wider area of dissemination than a one-to-one spoken defamation

because, as a message on an electronic BBS, it has the potential

of being viewed by hundreds, perhaps thousands, of users each

day. Based on these four criteria, the capacity for harm to our

user's reputation due to the masquerader's activities is indeed

great enough to be considered libellous.

  B.   Defamation Liability of the SYSOP
       Having  established  the  electronic  message  as  being 

libellous, the next issue is to determine the extent of

liability for the SYSOP who unknowingly permits the message to

be communicated over his BBS. Case law indicates that the

SYSOP's liability depends upon the type of person defamed and on

the subject matter of the defamation.

       1.   Degree of fault required
       The  United  States  Supreme  Court has addressed modern 

defamation liability in two major decisions. Both conditioned

the publisher's liability on the type of person defamed and on

the content of the defamation. In New York Times v. Sullivan,40

the Court determined that in order for a public official to

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 11

recover damages in a defamation action, the statement must be

shown to have been made with "actual malice", i.e., with

knowledge of its falsity or with reckless disregard for its

truth.41 Due to society's interest in "uninhibited, robust and

wide-open" debate on public issues, neither factual error nor

defamatory content sufficed to remove the First Amendment's

shield from criticism of an official's conduct.42

       The  Supreme  Court  further  elaborated  on  defamation 

liability standards in the private and quasi-private sphere when

it decided Gertz v. Robert Welch, Inc.43 In Gertz, the publisher

of a John Birch Society newsletter made certain false and

inaccurate accusations concerning an attorney who represented a

deceased boy's family. The family had civilly sued the policeman

who murdered the boy. In rebutting what he perceived to be a

secret campaign against law and order, the publisher labelled

the family's attorney a "Leninist" and "Communist-fronter".44 In

addition, the publisher asserted that the attorney had been a

member of the National Lawyers Guild, which "'probably did more

than any other outfit to plan the Communist attack on the

Chicago police during the 1968 Democratic Convention.'"45 In

publishing these statements throughout Chicago, the managing

editor of the Birch Society newsletter made no effort to verify

or substantiate the charges against the attorney.46

       The  Supreme  Court  held  in  Gertz  that  while  First 

Amendment considerations protect publications about public

officials47 and about "public figures"48, requiring a showing of

"actual malice" before defamation damages could be recovered,

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 12

the same was not true for defamation suits brought by private

citizens49, a group to which the attorney was held to belong.50

Private citizens were seen as deserving more protections from

defamation than public officials or public figures, so they were

not required to show "actual malice" as a precondition to

recovery.51 The Court then left it to the states to decide the

precise standard of liability for defamation of private

individuals, so long as liability without fault was not the

standard.52

       By  Gertz,  then,  the appropriate standard of liability 

for publicizing defamation of private parties falls somewhere

below actual malice and above strict liability. The problem with

defining the defamation standard for computerized BBS operators,

however, is a lack of uniform standards. In such circumstances,

the objective "reasonable person" standard will likely be

applied to the SYSOP's actions.53 Several cases may be usefully

applied by analogy.

       The  court  in  Hellar  v.  Bianco54  held  that  a  bar 

proprietor could be responsible for not removing a libellous

message concerning the plaintiff's wife that appeared on the

wall of the bar's washroom after having been alerted to the

message's existence.55 The court noted that "persons who invite

the public to their premises owe a duty to others not to

knowingly permit their walls to be occupied with defamatory

matter…. The theory is that by knowingly permitting such

matter to remain after reasonable opportunity to remove [it],

the owner of the wall or his lessee is guilty of republication

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 13

of the libel."56 The Hellar court then left the ultimate

determination of the bar owner's negligence to the jury.57 This

holding seems to be in accord with the Restatement of Torts,

which provides:

       PUBLICATION:
       (2)  One  who  intentionally  and unreasonably 
            fails  to  remove  defamatory matter that 
            he  knows  to  be  exhibited  on  land or 
            chattels  in  his possession or under his 
            control  is  subject to liability for its 
            continued publication.58
            
       
       Contrarily,  however, the Ohio court of appeals in Scott 

v. Hull59 found that the building owner and agent who had

control over a building's maintenance were not responsible for

libel damages for graffiti inscribed by an unknown person on an

exterior wall.60 The court distinguished Hellar by noting that

in Hellar the bartender constructively adopted the defamatory

writing by delaying in removing it after having been expressly

asked to do so:

       "It  may  thus  be  observed  from these cases 
       that  where  liability is found to exist it is 
       predicated  upon  actual  publication  by  the 
       defendant  or  on the defendant's ratification 
       of  a publication by another, the ratification 
       in  Hellar  v. Bianco...consisting of at least 
       the   positive   acts  of  the  defendants  in 
       continuing  to  invite  the  public into their 
       premises  where  the  defamatory matter was on 
       view  after  the  defendants  had knowledge of 
       existence of same."61
       
       
       The  Scott  court  held  that  defendants  could only be 

responsible for publishing a libellous remark through a positive

act, not nonfeasance; thus, their mere failure to remove the

graffiti from the building's exterior after having it called to

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 14

their attention was held not to be a sufficient basis of

liability.62

       A  situation  similar to Scott arose recently in Tackett 

v. General Motors Corporation.63 There, an employee brought a

libel suit against his employer for, inter alia, failing to

remove allegedly defamatory signs from the interior wall of its

manufacturing plant after having notice of their existence. One

large sign remained on the wall for two to three days while a

smaller one remained visible for seven to eight months.64

Instead of focussing on the Scott malfeasance/nonfeasance

test,65 the Tackett court considered defendant's implied

adoption of the libellous statement to be the correct basis of

liability.66 While saying that failure to remove a libellous

message from a publicly-viewed place may be the equivalent of

adopting that statement, and noting that Indiana would follow

the Restatement view "when the time comes,"67 the Tackett court

held that the Restatement view could be taken too far. Citing

Hellar, the court wrote:

       The  Restatement  suggests that a tavern owner 
       would   be   liable   if  defamatory  graffiti 
       remained  on  a  bathroom  stall a single hour 
       after  the discovery [Citation to Hellar]. The 
       common  law  of  washrooms is otherwise, given 
       the  steep discount that readers apply to such 
       statements   and   the  high  cost  of  hourly 
       repaintings  of  bathroom  stalls [Citation to 
       Scott].   The  burden  of  constant  vigilance 
       exceeds  the  benefits  to be had. A person is 
       responsible   for   statements   he  makes  or 
       adopts,  so  the  question is whether a reader 
       may  infer  adoption  from  the  presence of a 
       statement.  That inference may be unreasonable 
       for  a  bathroom  wall  or  the  interior of a 
       subway  car  in  New York City but appropriate 
       for  the  interior  walls  of  a manufacturing 

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 15

       plant,   over   which   supervisory  personnel 
       exercise  greater supervision and control. The 
       costs  of  vigilance  are  small (most will be 
       incurred    anyway),    and    the    benefits 
       potentially   large   (because  employees  may 
       attribute  the  statements  to  their employer 
       more  readily  than patrons attribute graffiti 
       to barkeeps).68
       
       
       According  to  this  reasoning,  then,  the location and 

length of time the libel is allowed to appear plays an integral

part in determining whether a given defendant has adopted the

libel, and thus has published it.

       An  application  of  the foregoing analysis to the issue 

at hand highlights the need for greater care in allowing the

posting of electronic mail messages on a BBS. The Tackett court

noted that while the content of graffitti scrawled on bathroom

walls might be subject to healthy skepticism by its readers, the

same might not be true for other locations such as interiors of

subway cars or manufacturing plant walls.69 If this is true,

then it is reasonable to assume that a defamatory message

displayed in a forum for the exchange of ideas is more apt to be

taken seriously by its readers - especially when the libellous

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 16

message purports to be written by the subject of the libel.70

       Further,  the Tackett court indicated that the high cost 

of repainting bathroom stalls by the hour outweighed its

perceptible benefits. The same is not true for electronic BBSes,

where the costs of prevention are minimal in light of the threat

of widespread harm to users' reputations.71

       2.   Damages
       Once  the plaintiff establishes that the SYSOP failed to 

act reasonably in removing statements known to be libellous from

his BBS or in negligently failing to prevent their appearance

there,72 no proof of special damages is necessary as libel is

actionable per se.73 The state's interest in protecting private

reputations has been held to outweigh the reduced constitutional

value of speech involving matters of no public concern such that

presumed and punitive damages may be recovered absent a showing

of actual malice.74

       The  proper  gauge  of  liability  has again raised some 

questions.75 One writer has noted that if the burden of proof is

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 17

to rest on the plaintiff, she may be at a disadvantage in

producing sufficient evidence to demonstrate negligent conduct

on the part of the SYSOP.76 Solutions to this problem have

ranged from a rebuttable presumption of negligence in favor of

the plaintiff77 to adoption of a set of standards similar to

those set out in the Federal Fair Credit Reporting Act.78 In

either event, damage awards for computer abuse have been

addressed both by federal and state law.79

       3.   Suggestions
       Because  computerized  BBSes  are still a relatively new 

technological phenomena, consistent standards for SYSOPs' duties

have yet to be developed.80 However, at least one users' group

has adopted a voluntary code of standards for electronic BBSes,

applicable to both users and SYSOPs of boards open to the

general public:

       SCOPE:
       This  Minimum  Code  of  Standards  applies to 
       both  users  and  SYStem Operators (SYSOPs) of 
       electronic  bulletin  boards  available to the 
       general public.
       FREEDOM OF SPEECH AND IDEAS
       Each  user  and  SYSOP  of  such systems shall 
       actively   encourage   and  promote  the  free 
       exchange   and   discussion   of  information, 

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 18

       ideas,  and  opinions, except when the content 
       would:
       -    Compromise  the  national security of the 
            United States.
       -    violate proprietary rights.
       -    violate personal privacy,
       -    constitute a crime,
       -    constitute libel, or
       -    violate   applicable  state,  federal  or 
            local   laws  and  regulations  affecting 
            telecommunications.
       DISCLOSURE
       Each user and SYSOP of such system will:
       -    disclose their real name, and
       -    fully  disclose  any personal, financial, 
            or  commercial  interest  when evaluation 
            any specific product or service.
       PROCEDURES
       SYSOPS shall:
       -    review  in  a  timely manner all publicly 
            accessible information, and
       -    delete  any  information  which they know 
            or  should  know conflicts with this code 
            of standards.
       A  'timely  manner'  is  defined  as  what  is 
       reasonable  based  on  the potential harm that 
       could be expected. Users are responsible for:
       -    ensuring   that   any   information  they 
            transmit  to such systems adheres to this 
            Minimum Code of Standards, and
       -    upon   discovering   violations   of  the 
            Minimum  Code of Standards, notifying the 
            SYSOP immediately.
       IMPLEMENTATION
       Electronic  bulletin board systems that choose 
       to  follow  this  Minimum  Code  of  Standards 
       shall  notify  their  users by publishing this 
       Minimum  Code,  as  adopted by the [Capitol PC 
       Users  Group],  and  prominently  display  the 
       following:
       'This  system  subscribes  to  the  Capitol PC 
       Users  Group  Minimum  Code  of  Standards for 
       electronic bulletin board systems.'81
       
       
       While  non-binding  on  publicly-accessible  BBSes,  the 

above guidelines furnish sound basic policies that all SYSOPs

might use in shielding themselves from defamation liability. Our

hypothetical at the beginning of this Comment described a

situation where a malicious intruder was able to access and

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 19

masquerade as a validated user on a BBS; the following are some

additional computer security measures that the reasonable SYSOP

could conduct to avoid that situation:

       a.   Special   "screening"   software:  One  writer  has 

suggested discouraging potential BBS misuse through programming

the BBS to reject those messages containing common defamatory

and obscene language;82 such a program would discard a message

containing any of those terms and would presumably notify the

SYSOP of their presence. Drawbacks to this procedure are that

computer programs cannot understand all the nuances of libellous

messages83 and would thus lead to the rigid deletion of many

otherwise legitimate messages.84

       b.   Unique    passwords:   A   more   fundamental   and 

economical approach would be for the SYSOP to both notify all

new users about the potential for computerized BBS abuse and to

encourage their use of a unique password on each BBS they call.

This would have the practical effect of keeping a masquerader

from using the names and passwords found on one BBS to

wrongfully access and masquerade on other BBSes. A drawback to

this procedure is that the truly malicious masquerader may still

discover a BBS' most sensitive user records by way of a renegade

computer program called a "trojan horse".85 However, one could

speculate that the SYSOP acts reasonably in informing potential

users of the existing threat and in helping them avoid it.

       c.   Encryption:  This  is  essentially  a  way  for the 

SYSOP to make the users' passwords unique for them. The power of

the computer allows complex algorithms to be applied to data to

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 20

encode it in such a way that, without the key to the code, it is

virtually impossible to decode the information.86 This technique

would have the added benefit of forcing the masquerader, upon

accessing the BBS with a trojan horse program, to search for the

secret decoding algorithm in addition to the BBS' secret user

files. Indeed, it is conceivable that a special encryption or

password could be devised to allow only the SYSOP access to the

BBS' decoding algorithm. However, encryption involves a

significant overhead - impractical for most small, privately-

operated BBSes - and is more frequently used to protect messages

from one system to another where the data is vulnerable to

interception as it passes over transmission lines.87

       d.   Prompt  damage  control:  In  accord with Hellar,88 

the Restatement (Second) of Torts,89 and possibly Tackett,90 a

SYSOP acts reasonably in promptly assisting the libelled user to

partially reverse the effects of the masquerader's actions.

Recall that in those instances a defendant was held to have

impliedly adopted a defamatory statement by acting unreasonably

slowly in removing it from his property once having been made

aware of it.91 While it may be unreasonable to expect the SYSOP

to monitor each message posted every day - especially where the

defamatory message appears to have been left by the true user -

it is not too much to require the SYSOP to quickly remedy

security flaws in his BBS as they are pointed out to him.92 To

this end, the SYSOP has several options. In situations where the

defaming user libels another without masquerading as the

libelled party, the SYSOP could simply delete the defamer's

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 21

account. In situations where a user masquerading as another

posts a libellous message, the SYSOP could publish a retraction

to all his subscribers, urging them to use a different password

on each BBS they call. Further, where a masquerader published

the libel, the SYSOP should offer his full cooperation to the

maligned user in tracking down the time and date the libellous

message was posted93 in order to better limit the SYSOP's

liability.

       Certain  BBS  SYSOPs  claim that holding them liable for 

information appearing on their BBSes violates their First

Amendment rights by restricting their right to free speech94 and

by holding them responsible for the libel perpetrated by the

masquerader. It has been suggested that the SYSOP should be held

to the same standard of liability as a neighborhood supermarket

which furnishes a public bulletin board:95 just as the

supermarket would not be liable for posting an advertisement for

illicit services, so should the BBS SYSOP escape liability for

libellous messages left on his board, especially when its poster

appears to be a validated user.96

       However,  this  comparison  lacks  merit for the reasons 

given by the Seventh Circuit in Tackett v. General Motors

Corporation.97 The defendant's liability in that case rested on

its publication of libel by implicitly adopting the statement.98

Defendant's failure to remove a defamatory sign painted on one

of the interior walls of its factory for seven or eight months

after discovering its presence was such that "[a] reasonable

person could conclude that Delco 'intentionally and unreasonably

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 22

fail[ed] to remove' this sign and thereby published its

contents."99

       There  would  certainly  be  accomplice liability if the 

supermarket unreasonably delayed removing an advertisement for

illegal services from its bulletin board once it was made aware

of it. The market could be seen as having adopted the ad's

statements by not acting responsibly to its viewing public.

Similarly, a SYSOP would be liable for defamatory messages

posted on his BBS - even by what appears to be the true user -

if he fails to act reasonably by using his computer skill to

eviscerate the libel.100 While the computerized BBS may be

nothing more than a hobby of the SYSOP, the speed with which it

can disseminate potentially damaging information among its users

demands the standards of responsibility described above.

  C.   Defamation Liability of the Masquerader
       1.   Degree of fault required
       It  should  be noted that the liability and proof issues 

concerning the SYSOP and masquerader are inverse. As to the

SYSOP who allows libellous messages to be posted on his BBS, his

liability may be inferred simply by those messages having

appeared there;101 however, his degree of fault - actual malice

or simple negligence - is subject to debate.102 Conversely,

while the masquerader's degree of fault is clearly evident,103

tracing that fault back to him is a more elusive matter.104 The

requisite degree of fault for masqueraders is set out in federal

and state law.105

       2.   Damages

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 23

       Assuming  arguendo  that  the  masquerader's  defamatory 

publications have been successfully traced back to him by the

plaintiff, actual and punitive damages may then be recovered

from him based on his knowledge of the publication's falsity or

reckless disregard for its truth.106 Federal and state law have

also specified certain remedies.107

III PROBLEMS OF PROOF

  A.   Proof of SYSOP's Actions
       We  have seen that while the appropriate degree of fault 

for a SYSOP to be liable for defamatory messages appearing on

his BBS is subject to dispute,108 a showing that the defamation

appeared there due to the SYSOP's negligence is much more

capable of resolution.109 The jury should be made aware of the

actual validation/security procedures practiced by the SYSOP and

should weigh them in light of the prevailing practice.110

Several facets of an emerging standard of care for SYSOPs have

already been suggested in this Comment,111 and the SYSOP's

adherence to them could be shown through users' testimony.

  B.   Proof of Masquerader's Actions
       In  contrast  with  the  degree  of  fault  required  to 

establish the SYSOP's publication of the libellous message, the

degree of fault for the masquerader is much less subject to

debate. The masquerader's actions are not likely to be

considered merely inadvertent or negligent.112 However, because

the masquerader has intentionally discovered and usurped the

user's name and password, he appears to be that user on all

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 24

computer records. Tracing the masquerader's defamatory

publication back to him thus encounters some important

evidentiary barriers: the maligned user is forced to rely on

computerized records produced by the BBS and phone company in

trying to link the masquerader's libellous publication back to

him.113 We turn now to consider the evidentiary hurdles to be

overcome in tracing the libellous communication to its true

source.

       1.   The Hearsay Rule & Business Records Exception
       The   first   evidentiary  obstacle  to  connecting  the 

masquerader with his libellous publication is the hearsay rule.

As defined by the Federal Rules of Evidence, hearsay is "a

statement, other than one made by the declarant while testifying

at the trial or hearing, offered in evidence to prove the truth

of the matter asserted";114 as such, it is inadmissible as

evidence at trial.115 Computer-generated evidence is subject to

the hearsay rule, not because it is the "statement of a

computer", but because it is the statement of a human being who

entered the data.116 To the extent the plaintiff user relies on

computer-generated records to show that a call was placed from

the masquerader to the BBS at the time and date in question,

then, her evidence may be excluded.

       However,  numerous  exceptions  to the hearsay rule have 

developed over the years such that evidence which might

otherwise be excluded is deemed admissible. The most pertinent

hearsay exception as applied to computerized evidence is the

"business records exception", which admits into evidence any

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 25

records or data compilations, so long as (1) they were made

reasonably contemporaneously with the events they record; (2)

they were prepared/kept in the course of a regularly conducted

business activity; and (3) the business entity creating these

records relied on them in conducting its operations.117 The

veracity of the compvter seco0ds and of the actual business

practices are shown by the record custodian's or other qualified

witness' testimony, unless the circumstances indicate lack of

trustworthiness.118 The term "business" as used in this rule

includes callings of every kind, whether or not conducted for

profit.119

       Statutes  and  judicial decisions in several states have 

gradually recognized that the business records exception extends

to include computer-generated records.120 This is largely due to

(1) modern business' widespread reliance on computerized record-

keeping, (2) the impracticability of calling as witnesses every

person having direct personal knowledge of the records'

creation, and (3) the presumption that if a business was willing

to rely on such records, there is little reason to doubt their

accuracy.121

       Using  this  exception  to  the  hearsay rule, plaintiff 

user would most likely seek to admit the BBS' computer-generated

username/password log-in records plus the phone company's call

records to establish the connection between the masquerader's

telephone and the BBS at the precise instant the libellous

message was posted.122 As an initial matter, however, plaintiff

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 26

must first lay a foundation for both the BBS' and phone

company's computer-generated business records.

       A  sufficient  foundation for computer-generated records 

was found recently to exist in People v. Lugashi.123 There, the

California Court of Appeal affirmed a conviction of grand theft

based on evidence adduced from computer-generated bank records.

Defendant, an oriental rug store owner, had been convicted of

fraudulently registering thirty-seven sales on counterfeit

credit cards. The issuing banks became suspicious of criminal

activity when charge card sales data from defendant's store

showed 44 fraudulent uses of charge cards at defendant's store

within only five weeks.124 As each fraudulent credit card

transaction was completed, defendant registered the sale

simultaneously with the banks' computers.125 Each night, as

standard bank practice, the banks then reduced the computer

records of credit card transactions to microfiche. Information

gleaned from these microfiche records was entered against

defendant at trial.126

       The  California  Court  of  Appeal  recognized the trial 

court judge's wide discretion in determining whether a

sufficient foundation to qualify evidence as a business record

has been laid.127 It held that defendant's allocations of error

were without merit since defendant himself had acknowledged that

the bank's computer entries memorialized in the microfiche

record were entered simultaneously as they occurred in the

regular course of business.128 Further, the Court of Appeals

dismissed defendant's claim that only a computer expert could

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 27

supply testimony concerning the reliability of the computer

record:

  Appellant's  proposed test incorrectly presumes computer 
  data  to  be  unreliable, and, unlike any other business 
  record,   requires   its   proponent   to  disprove  the 
  possibility  of error, not to convince the trier of fact 
  to  accept  it,  but  merely to meet the minimal showing 
  required for admission....
  The  time  required  to produce this additional [expert] 
  testimony  would unduly burden our already crowded trial 
  courts to no real benefit.129
  
  
       The  Lugashi  court  then  followed  the  bulk  of other 

jurisdictions adopting similar analyses and upholding admission

of computer records with similar or less foundational showings

over similar objections.130

       As  to  admission  into evidence of telephone companies' 

computer-generated call records under the business records

exception, courts have evinced a similar attitude to that in

Lugashi. In State v. Armstead,131 a prosecution for obscene

phone calls, the trial court was held to have properly admitted

computer printouts showing that calls had been made from

defendant's mother's telephone, despite defendant's contention

that the witness who was called to lay the foundation had not

been personally responsible for making the record.132 Because

the printout represented a simultaneous self-generated record of

computer operation, the court held it was therefore not

hearsay.133

       In   an   Ohio   prosecution  for  interstate  telephone 

harassment, it was held no error was committed in admitting

defendant's computerized phone statement under the Business

Records exception which showed that telephone calls had been

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 28

made from defendant's phone in Ohio to various numbers in

Texas.134 A sufficient foundation for the admission of business

records under Federal Rules of Evidence 803(6) was established

when a telephone company witness identified the records as

authentic and testified they were made in the regular course of

business.135

       Applying  the foregoing analyses to BBSes, the plaintiff 

user would establish a foundation for the correlated BBS136 and

telephone company phone logs by showing that (1) they were made

contemporaneously with the posting of the libellous message;137

(2) they were prepared/kept in the course of a regularly

conducted business activity, since both the BBS and telephone

company consistently maintain accounts of all persons who use

their services; and (3) the BBS and telephone company relied on

those records for billing purposes.138 Once such a foundation is

laid, the trial court has wide discretion in admitting business

records into evidence.139

       2.   Authentication & the Voluminous Records Exception
       The  second  evidentiary  barrier encountered in tracing 

the masquerader's libellous messages back to him is proving his

authorship of the libel, or "authenticating" the computerized

records.140 The computer-generated phone and BBS records showing

that a call from a certain phone number at a particular date and

time resulted in a libellous message being published must

somehow be linked to the masquerader.

       The  Federal  Rules  of  Evidence  provide  in pertinent 

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 29

part:

  (a)  General     provision.     The    requirement    of 
       authentication  or  identification  as  a condition 
       precedent   to   admissibility   is   satisfied  by 
       evidence  sufficient  to support a finding that the 
       matter in question is what its proponent claims.
  (b)  Illustrations.  By  way  of  illustration only, and 
       not   by  way  of  limitation,  the  following  are 
       examples   of   authentication   or  identification 
       conforming with the requirements of this rule:...
       (6)  Telephone       conversations.       Telephone 
            conversations,  by  evidence  that  a call was 
            made  to  the  number  assigned at the time by 
            the  telephone  company to a particular person 
            or business, if 
            (A)  in  the  case of a person, circumstances, 
                 including  self-identification,  show the 
                 person  answering  to  be the one called, 
                 or
            (B)  in  the  case of a business, the call was 
                 made  to  a  place  of  business  and the 
                 conversation    related    to    business 
                 reasonably     transacted     over    the 
                 telephone....141
  
  
       The   question   of   whether   a  writing  is  properly 

authenticated is primarily one of law for the court; if the

court decides the question affirmatively, it is ultimately for

the jury.142 The court will make no assumptions as to the

authenticity of documents in deciding their initial

admissibility.143 The difficulty presented here is that the

Federal Rules of Evidence seem to require authentication of

telephone calls by reference to their specific content.144 The

specific content of a given phone call is not demonstrated by

phone logs showing merely the date and time the call occurred.

       The   authentication   of  extrinsic  documents  may  be 

subject to a "best evidence rule" objection. As stated in

Federal Rule of Evidence 1002:

  REQUIREMENT  OF  ORIGINAL:  To  prove  the contents of a 

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 30

  writing,  recording, or photograph, the original of that 
  writing,  recording,  or  photograph is required, unless 
  provided  otherwise  in  these  rules  or  by  an act of 
  Congress.145
  
  
       Since  its  introduction  in  the  18th century, various 

rationales have been posited for this rule.146 While earlier

writers asserted that the rule is intended to prevent fraud,

most modern commentators agree that the rule's main purpose is

to convey to the court the exact operative effect of the

writing's contents.147

       However,   at  least  one  jurisdiction  has  implicitly 

equated compliance with the business records exception with the

Best Evidence Rule. In Louisiana v. Hodgeson,148 the defendant

in a manslaughter trial contended that a printout of her

telephone bill, offered to show communications between her and a

third party, was not authenticated.149 The court, while making

no specific reference to the authentication point, rejected

defendant's contention, noting that the information from the

computer's storage was the company's business record and that it

was accessible only by printout.150

       Similarly,  in  an  Indiana bank robbery prosecution,151 

the state offered microfiche copies of the telephone company's

computerized records showing certain telephone calls from

defendant. On appeal, defendant argued that these documents were

not authenticated because they were not the "original or first

permanent entry," and that they therefore should not have been

admitted into evidence. The court disagreed, saying that a

duplicate was admissible to the same extent as an original

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 31

unless a "genuine issue" were raised as to the authenticity of

the original.152

       By  these  precedents,  then,  provided  plaintiff  user 

establishes that both the telephone and BBS user records were

prepared in accordance with the business records exception,153

the fact that a call from the masquerader's phone is shown to

have occurred at the same instant the libellous message was

posted may be sufficient to authenticate that the call was made

by the masquerader. Other circumstantial evidence adduced by

plaintiff user would strengthen this inference.154

       Another  authentication  hurdle  in  plaintiff's case is 

the requirement that the entire original record sought to be

authenticated be produced.155 This requirement can prove highly

impractical in situations where there are vast numbers of

individual records extending over long periods of time.156

Requiring plaintiff to produce the entire body of these records

would be unduly expensive and time-consuming. What is more, if

plaintiff were to attempt to summarize vast computerized

business data compilations so as to introduce those summaries

into evidence without producing the complete body of computer

records, such summaries might not be admissible on the grounds

that they were not made "in the regular course of business."157

       However,   an   exception   to   strict   authentication 

requirements of the Federal Rules of Evidence has been

developed. Rule 1006 provides:

  The  contents  of  voluminous  writings,  recordings, or 
  photographs  which  cannot  conveniently  be examined in 
  court  may be presented in the form of a chart, summary, 
  

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 32

  or  calculation.  The originals, or duplicates, shall be 
  made  available  for examination or copying, or both, by 
  other  parties  at  reasonable time and place. The court 
  may order that they be produced in court.158
  
  
       In   Cotton   v.  John  W.  Eshelman  &  Sons,  Inc.,159 

summaries of certain computerized records were held properly

admitted into evidence on the theory that "[w]hen pertinent and

essential facts can be ascertained only by an examination of a

large number of entries in books of account, an auditor or

expert examiner who has made an examination and analysis of the

books and figures may testify as a witness and give summarized

statements of what the books show as a result of his

investigation, provided the books themselves are accessible to

the court and to the parties."160 Under this precedent,

plaintiff user would only need to produce the pertinent parts of

the computerized records, as determined by an impartial auditor.

IV. CONCLUSION

       It  is  difficult  to  overestimate  the ease with which 

computers now enable us to compile and exchange information.

Computerized "bulletin boards" run on personal microcomputers by

private persons and businesses are examples of this enhanced

form of communication. Users can trade computer programs and

exchange a wealth of ideas, opinions, and personal information

through such forums.

       The  advantages  of  this  process  break down, however, 

when malicious users abuse the system and BBS SYSOPS

intentionally or negligently allow this to occur. The nature of

computerized data is such that tortious misinformation may

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 33

easily be spread to thousands of users before it is discovered.

Because the potential for harm to reputation is so tremendous,

appropriate standards of liability and methods of proof must be

addressed.

       The  requisite  degree  of  fault  in  libelling private 

persons is less than that for libelling public officials/public

figures, and may be established as against a SYSOP by a simple

showing of his negligent failure to observe reasonably minimal

computer security measures. The basis of liability for a

masquerader who intentionally misappropriates another's private

information is even less subject to debate.

       Two  main evidentiary hurdles face the plaintiff seeking 

to link the masquerader with his libellous message through

reliance on computer-generated records. First, the hearsay rule

automatically excludes all evidence produced out-of-court that

is being offered to prove the truth of the matter at hand.

Second, the authentication requirement demands that the

masquerader's connection to the entire body of proffered

computer records be established.

       However,  certain exception to both of these limitations 

ease the plaintiff's burden. First, the business records

exception to the hearsay rule admits computer records into

evidence if they (1) were made reasonably contemporaneously with

the events they record; (2) were prepared/kept in the course of

a regularly conducted business activity; and (3) the business

entity creating these records relied on them in conducting its

operations. Both BBS and telephone company records may come

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 34

under this exception. Second, the voluminous writings exception

allows the contents of voluminous computerized records which

cannot conveniently be examined in court to be presented in the

form of a summary. So long as the original records or duplicates

thereof are available for examination by other parties at

reasonable times and places, the entire data compilation need

not be produced. Plaintiff should employ both of these

exceptions in an effort to convince a jury by a preponderance of

the evidence that the masquerader has abused his computer skills

and has damaged plaintiff's reputation.

         ==============================================

From telecom@eecs.nwu.edu Sat Apr 21 01:07:10 1990 Received: from delta.eecs.nwu.edu by gaak.LCS.MIT.EDU via TCP with SMTP

id AA15278; Sat, 21 Apr 90 01:06:53 EDT

Resent-Message-Id: 9004210506.AA15278@gaak.LCS.MIT.EDU Received: from Sun.COM by delta.eecs.nwu.edu id aa15095; 20 Apr 90 14:45 CDT Received: from EBay.Sun.COM (male.EBay.Sun.COM) by Sun.COM (4.1/SMI-4.1)

id AA20305; Fri, 20 Apr 90 12:46:45 PDT

Received: from khayyam.EBay.Sun.COM by EBay.Sun.COM (4.1/SMI-4.1)

id AA06083; Fri, 20 Apr 90 12:46:36 PDT

Received: by khayyam.EBay.Sun.COM (4.0/SMI-4.0)

id AA08069; Fri, 20 Apr 90 12:42:02 PDT

Date: Fri, 20 Apr 90 12:42:02 PDT From: Lang Zerner langz@ebay.sun.com Message-Id: 9004201942.AA08069@khayyam.EBay.Sun.COM To: telecom@eecs.nwu.edu Subject: Sysops and libel liability – endnotes Resent-Date: Sat, 21 Apr 90 0:05:23 CDT Resent-From: telecom@eecs.nwu.edu Resent-To: ptownson@gaak.LCS.MIT.EDU Status: RO

Here are the endnotes to the paper I submitted in a separate message.

Be seeing you… ==Lang

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 35

                           ENDNOTES

1. 418 U.S. 323, 94 S.Ct. 2997, 41 L.Ed.2d 789 (1974).

2. These interests can cover anything from science fiction

       to  gourmet  cooking. Uyehara, Computer Bulletin Boards: 
       Let the Operator Beware, 14 Student Lawyer 28 (1986).
       

3. Id., at 30.

4. The data service Compuserve is one such national BBS

       run  for  profit  by business organizations. Uyehara, at 
       28.  Other  examples  of  large databases of interest to 
       the  legal profession are computerized research services 
       such as LEXIS and WESTLAW.
       

5. Uyehara, at 28; Manning, Bulletin Boards: Everybody's

       Online  Services,  Online, Nov. 1984, at 8,9. "Modem" is 
       defined infra, note 17 and accompanying text.
       

6. "…computer bulletin boards offer their users

       important  benefits.  An  individual  can use a bulletin 
       board  to  express  his  opinion  on  a matter of public 
       interest.  He  may  find  a  review  of  a product he is 
       considering  buying.  He  may  find  a  useful  piece of 
       software.  An  individual  might  also  use the bulletin 
       board  to  ask  a  technical  question  about a specific 
       computer   program."   Note,   Computer  Bulletin  Board 
       Operator  Liability  For  User Misuse, 54 Fordham L.Rev. 
       439,  440  (1985)  (Authored  by  Jonathan Gilbert); see 
       also  Lasden,  Of  Bytes And Bulletin Boards, N.Y.Times, 
       August  4, 1985, sec. 6, at 34, col. 1, where the author 
       notes  computer  users  may now use BBSes to voice their 
       opinions directly to State Senators' offices.
       

7. "Virus" Hits Nation's Research Computers, San Jose

       Mercury News, Nov. 4, 1988, at 1, col. 1.
       

8. "It is estimated that the theft of long-distance

       services  and  software  piracy  each  approximate  $100 
       million  a  year;  credit card fraud via computers costs 
       about   $200   million   annually."   Pittman,  Computer 
       Security  In Insurance Companies, 85 Best's Rev. - Life-
       Health Ins. Edition, Apr. 1985 at 92.
       

9. Schiffres, The Shadowy World of Computer "Hackers,"

       U.S. News & World Report, June 3, 1985, at 58.

10. Pollack, Free Speech Issues Surround Computer Bulletin

       Board  Use,  N.Y.  Times,  Nov. 12, 1984, note 1, at D4, 
       col. 6.
       

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 36

11. Note, 54 Fordham L.Rev. 440-441 (1985).

12. Poore and Brockman, 8 Nat'l L.J. 14, (1985).

13. See infra, Topic III, Problems of Proof.

14. The uncertainty revolves around how to define BBSes.

       When  viewed as analogous to newspapers and other media, 
       SYSOPS  would  be  responsible for any message posted on 
       their   systems,   much   as   newspaper   editors   are 
       responsible  for  articles  appearing  in  their medium. 
       Uyehara,  14  Student  Lawyer  30 (1986). But when BBSes 
       are  compared to a bulletin board found in a public hall 
       or  supermarket,  the liability issue is focused more on 
       those  actually  posting the messages rather than on the 
       board's  owner.  Id.,  at 30. This Comment suggests that 
       BBS  SYSOPs  be  held  to  a reasonable standard of care 
       emerging  specifically  for  their endeavors. See infra, 
       Topic II.

15. Poore and Brockman, 8 Nat'l L.J. 14, (1985). Another

       writer  has  noted  that Compuserve now has over 200,000 
       users  making  use  of  nearly  100  diverse  databases. 
       Lasden,  Of  Bytes  And  Bulletin  Boards,  N.Y.  Times, 
       August 4, 1985, sec. 6, at 34, col. 1.

16. Poore and Brockman, 8 Nat'l L.J. 14 (1985).

17. 14 Am Jur. POF 2d Computer-Generated Evidence Sec. 11

       (1977).

18. Note, 54 Fordham L.Rev. 439, 446 (1985).

19. Id.

20. See "Account," infra, note 25 and accompanying text.

21. Garfinkel, An Introduction to Computer Security, 33

       Prac. Law.41-42 (1987).

22. Id.

23. See infra, notes 25 and 27 and accompanying text.

24. Some more sophisticated operating systems provide

       greater  access  control  by  (1) recording unauthorized 
       attempts  at  entry;  (2)  recording  those attempts and 
       sending  a  warning  to the perpetrator; and (3) keeping 
       the   perpetrartor  off  the  system  permanently  until 
       he/she   is   reinstated   by  the  computer's  security 
       administrator  or  SYSOP. Balding, Computer Breaking and 
       Entering:  The  Anatomy of Liability, 5 Computer Lawyer, 
       Jan. 1988, at 6.

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 37

25. Garfinkel, An Introduction to Computer Security, 33

       Prac. Law. 42 (1987).

26. Id.

27. Id. "A password is a secret word or phrase that should

       be  known  only  to  the user and the computer. When the 
       user  first  attempts to use the computer, he must first 
       enter  the  password.  The  computer  then  compares the 
       typed  password  to  the  stored  password  and, if they 
       match, allows the user access."

28. Id., at 42 and 46.

29. 14 Am. Jur. POF 2d Computer-Generated Evidence Sec. 11

       (1977).

30. 54 Fordham L.Rev. 439, note 2 (1985).

31. Restatement (Second) of Torts Sec. 568(1) (1976).

32. Restatement (Second) of Torts Sec. 577(1) (1976).

33. Restatement (Second) of Torts Sec.559 (1976).

34. Veeder, The History and Theory of the Law of

       Defamation, 3 Colum. L.Rev. 546, 569-571 (1903).

35. Restatement (Second) of Torts Sec. 622 (1976).

36. Restatement, Torts Sec. 568, comment d (1938).

37. Shor v. Billingley, 4 Misc.2d 857, 158 N.Y.S.2d 476

       (Sup.  Ct.  1956),  aff'd  mem., 4 App.Div. 2d 1017, 169 
       N.Y.S.2d 416 (1st Dep't. 1957).

38. Torts: Defamation: Libel-Slander Distinction:

       Extemporaneous  Remarks  Made  on  Television Broadcast: 
       Shor  v.  Billingley,  4  Misc. 2d 857, 158 N.Y.S.2d 476 
       (Sup.Ct.  N.Y.  County  1957),  43 Cornell L.Q. 320, 322 
       (1957) (Authored by Stephen A. Hochman).

39. Id.

40. 376 U.S. 254, 84 S.Ct. 710, 11 L.Ed.2d 686 (1964),

       motion  denied  376  U.S. 967, 84 S.Ct. 1130, 12 L.Ed.2d 
       83.
       

41. 376 U.S. 254, 273.

42. 376 U.S. 254, 280.

43. 418 U.S. 323, 94 S.Ct. 2997, 41 L.Ed.2d 789 (1974).

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 38

44. Gertz v. Robert Welch, Inc., 418 U.S. 323, 326.

45. Id.

46. Id., at 327.

47. "…those who hold governmental office may recover for

       injury  to reputation only on clear and convincing proof 
       that  the  defamatory  falsehood was made with knowledge 
       of  its  falsity  or  with  reckless  disregard  for the 
       truth."  Gertz v. Robert Welch, Inc., 418 U.S. 323, 342. 
       "An  individual  who decides to seek governmental office 
       must  accept  certain  necessary  consequences  of  that 
       involvement  in  pubic  affairs.  He  runs  the  risk of 
       closer  public  scrutiny  than  might  otherwise  be the 
       case." Id., at 344.

48. "…[A]n individual may attain such pervasive fame and

       notoriety  that  he  becomes  a  public  figure  for all 
       purposes   and   in  all  contexts.  More  commonly,  an 
       individual  voluntarily injects himself or is drawn into 
       a  particular  public  controversy and thereby becomes a 
       public  figure  for a limited range of issues. In either 
       case  such  persons  assume  special  prominence  in the 
       resolution of public questions." 418 U.S. 323, 351.
       

49. "Even if the foregoing generalities do not obtain in

       every   circumstance,   the   communications  media  are 
       entitled  to act on the assumption that public officials 
       and  public  figures have voluntarily exposed themselves 
       to   the   increased  risk  of  injury  from  defamatory 
       falsehood   concerning   them.  No  such  assumption  is 
       justified  with  respect to a private individual. He has 
       not  accepted  public  office or assumed an 'influential 
       role  in  ordering  society.'  Curtis  Publishing Co. v. 
       Butts,  388  U.S., at 164 ...He has relinquished no part 
       of  his interest in the protection of his own good name, 
       and  consequently  he  has a more compelling call on the 
       courts   for   redress   of   injury  inflicted  by  the 
       defamatory  falsehood. Thus, private individuals are not 
       only  more  vulnerable  to  injury than public officials 
       and  public  figures;  they  are  also more deserving of 
       recovery." Id., at 345.

50. "…[P]etitioner was not a public figure. He … plainly did not thrust himself into the vortex of this

       public  issue,  nor did he engage the public's attention 
       in an attempt to influence its outcome." Id., at 352.

51. Justice Powell noted for the Court that

       
         "[T]he  communications  media are entitled to act on 
         the  assumption  that  public  officials  and public 
         figures   have  voluntarily  exposed  themselves  to 
         increased  risk  of injury from defamatory falsehood 

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 39

         concerning  them.  No  such  assumption is justified 
         with  respect  to  a  private individual. He has not 
         accepted  public  office  or assumed an 'influential 
         role  in  ordering  society....' He has relinquished 
         no  part  of  his  interest in the protection of his 
         own  good  name,  and  consequently  he  has  a more 
         compelling  call on the courts for redress of injury 
         inflicted  be  defamatory  falsehood.  Thus, private 
         individuals  are  not only more vulnerable to injury 
         than  public  officials and public figures; they are 
         also more deserving of recovery." Id., at 345.
         

52. Id., at 347.

53. Keeton, Dobbs, Keeton and Owen, Prosser and Keeton on

       Torts,  sec.  32,  p.174.  See also Vaughn v. Menlove, 3 
       Bing. (N.C.) 467, 132 Eng.Rep. 490 (1837).

54. 111 Cal. App. 2d 424, 244 P.2d 757, 28 ALR2d 451

       (1952).
       

55. 111 Cal. App. 2d 424, 427.

56. Id., at 426.

57. Id, at 427.

58. Restatement (Second) of Torts Sec. 577(2) (1976).

59. 22 Ohio App.2d 141, 259 N.E.2d 160 (1970).

60. Scott v. Hull, 259 N.E.2d 160, 162 (1970).

61. Id., at 161.

62. Id., at 162.

63. 836 F.2d 1042 (7th Cir. 1987).

64. Id., at 1047.

65. The Court of Appeals noted the Restatement view and

       observed  that  Indiana  law  had  neither  embraced nor 
       rejected that approach. Id., at 1046.

66. Id.

67. Id.

68. Id., at 1046-47.

69. Id.

70. Recall that in our hypothetical a third user Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 40

       masquerading  as  another  is  transmitting  messages to 
       others, revealing embarassing and false information.
       

71. BBS systems security and other preventative measures

       are discussed more fully infra, Topic 3.d.
       

72. Issues in proving the SYSOP's role in publishing the

       libellous  statement  are  discussed more fully in Topic 
       III. A., infra.

73. Sydney v. MacFadden Newspaper Publishing Corp., 242

       N.Y.  208, 151 N.E. 209, 44 A.L.R. 1419 (1926). See also 
       Restatement  (Second) of Torts Sec. 621 (1976) ("One who 
       is  liable  for a defamatory communication is liable for 
       the  proved, actual harm caused to the reputation of the 
       person defamed.")

74. Dun & Bradstreet, Inc. v. Greenmoss Builders, Inc., 472

       U.S. 749, 86 L.Ed.2d 593, 105 S.Ct. 2939 (1985).

75. See supra, note 53 and accompanying text.

76. Note, Protecting the Subjects of Credit Reports, 80

       Yale L.J. 1035, 1051-52, n.88 (1971).

77. Gertz did not rule out an assumption of defendant's

       negligence.  See  Eaton,  The American Law of Defamation 
       Through  Gertz  V.  Robert  Welch,  Inc., and Beyond: An 
       Analytical Primer, 61 Va. L.Rev. 1349 (1975).

78. 15 U.S.C.A. Sec. 1681 et seq. (1974). Two standards are

       proposed  there:  the  first,  willful noncompliance, is 
       defined  as  equivalent  to  the  New York Times "actual 
       malice"  standard,  and  violators are liable for actual 
       and  punitive  damages.  Sec. 1681(n), supra. Presumably 
       this  would  apply  to  the situation where the SYSOP is 
       dilatory  in  removing the libellous message. The second 
       proposed  standard,  negligent  noncompliance, occurs in 
       the  absence  of  willfulness  and  results in liability 
       only   for   actual   damages.   Sec.   1681(o),  supra. 
       Situations  where  the  SYSOP failed to adopt reasonable 
       computer   security   measures  might  come  under  this 
       category.

79. 18 U.S.C.S. Sec. 2707(b),© (Law. Co-op 1979 & Supp.

       1988) provides in pertinent part:
         (b)  Relief.  In  a civil action under this section, 
              appropriate relief includes -
              (1)  Such  preliminary  and  other equitable or 
                   declaratory relief as may be appropriate;
              (2)  damages under subsection (c); and
              (3)  a  reasonable  attorney's  fee  and  other 
                   litigation costs reasonably incurred. 
         (c)  Damages.  The  court may assess as damages in a 

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 41

              civil  action under this section the sum of the 
              actual  damages  suffered  by the plaintiff and 
              any  profits  made  by the violator as a result 
              of  the  violation,  but  in  no  case  shall a 
              person  entitled  to  recover receive less than 
              the sum of $1,000.
         
       18  U.S.C.S. Sec. 2707(e) (Law. Co-op 1979 & Supp. 1988) 
       limits  the civil action under this section to two years 
       after  the date upon which the claimant first discovered 
       or   had   a  reasonable  opportunity  to  discover  the 
       violation.
       As  to  damage  provisions  supplied  by  state law, see 
       California Penal Code 502(e)(1),(2) (West Pub. 1988):
         (e)(1)  In  addition  to any civil remedy available, 
         the  owner  or  lessee  of  the  computer,  computer 
         system,  computer network, computer program, or data 
         may   bring   a  civil  action  against  any  person 
         convicted   under   this  section  for  compensatory 
         damages,  including  any  expenditure reasonably and 
         necessarily  incurred  by  the  owner  or  lessee to 
         verify  that  a  computer  system, computer network, 
         computer  program, or data was not altered, damaged, 
         or  deleted  by  the access. For purposes of actions 
         authorized  by  this  subdivision, the conduct of an 
         unemancipated  minor  shall be imputed to the parent 
         or  legal  guardian having control or custody of the 
         minor,  pursuant to the provisions of Section 1714.1 
         of the Civil Code.
         (2)   In   any   action  brought  pursuant  to  this 
         subdivision   the   court   may   award   reasonable 
         attorney's fees to a prevailing party.
         

80. A lawsuit recently filed in the United States District

       Court  for  the  Southern  District of Indiana may break 
       new  ground  in  enunciating  precisely what BBS SYSOPs' 
       reasonable  duties  of  care  are. Thompson v. Predaina, 
       Civil  Action  #IP-88  93C  (S.D.  Ind. filed 1988). The 
       complaint  alleges,  inter  alia,  invasion of plaintiff 
       user's  privacy, libel, and wrongful denial of access to 
       the  BBS  in  violation  of  U.S.C.  Title  18,  ss 2701 
       (a)(2).  As  to  statutory damages available, see infra, 
       note 105.

81. Gemignani, Computer Law 33:7 (Lawyers Co-op 1985, Supp.

       1988)  (quoting  Capitol  PC Users Group Minimum Code of 
       Standards   for   electronic   Bulletin  Board  Systems, 
       reprinted in 4 Computer Law Reptr. 89).

82. Note, 54 Fordham L.Rev. 439, 449 (1985) (Authored by

       Jonathan Gilbert).

83. Id., at 449.

84. Id., at 449-50.

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 42

85. A "trojan horse" program takes control of the BBS and

       allows   its   sender  to  access  and  steal  its  most 
       sensitive  information.  Fites,  Johnston and Kratz, The 
       Computer  Virus Crisis, Van Nortrand/Reinhold (1989), at 
       39 and 45.

86. Balding, Computer Breaking and Entering: The Anatomy of

       Liability, 5 Computer Law. (January 1988), at 6.

87. Id.

88. Hellar v. Bianco, 244 P.2d 757. See supra, note 54 and

       accompanying text.

89. Restatement (Second) of Torts Sec. 577(2) (1976). See

       supra, note 58 and accompanying text.

90. Tackett v. General Motors Corporation, 836 F.2d 1042

       (7th  Cir.  1987).  See  supra, note 63 and accompanying 
       text.

91. See note 53, supra, and accompanying text.

92. It has been suggested that this would be the rough

       equivalent  of a newspaper publishing a retraction after 
       discovering  what  it  had printed was defamatory. Note, 
       54  Fordham  L.Rev.  439,  note 55 (1985). BBS operators 
       should  not  be held liable in this situation insofar as 
       they  did not know of the nature of the statement at the 
       time  it  was  made.  Restatement (Second) of Torts Sec. 
       581 (1977).

93. Proving the masquerader's actions is discussed more

       fully infra, Topic III. B.

94. Stipp, Computer Bulletin Board Operators Fret Over

       Liability  for Stolen Data, Wall St. J. Nov. 9, 1984, at 
       33, col. 1.

95. Id.

96. See Topic I., supra, where the masquerader has

       discovered  and  uses  the  password  and  name  of  the 
       regular  user;  he  appears for all intents and purposes 
       to be that regular user.

97. 836 F.2d 1042 (7th Cir. 1987).

98. Id., at 1047.

99. Id.

100. Indeed, U.S.C. Title 18, Sec. 2702 (Law. Co-op 1979 & Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 43

       Supp.  1988)  proscribes the knowing dissemination of an 
       electronically stored communication by the SYSOP:
         Sec. 2702. Disclosure of contents
         (a)  Prohibitions.  Except as provided in subsection 
              (b)-
              (1)  a    person   or   entity   providing   an 
                   electronic  communication  service  to the 
                   public  shall not knowingly divulge to any 
                   person   or   entity  the  contents  of  a 
                   communication  while in electronic storage 
                   on that service; and
              (2)  a   person   or  entity  providing  remote 
                   computing  service to the public shall not 
                   knowingly  divulge to any person or entity 
                   the  contents  of  any communication which 
                   is carried or maintained on that service-
                   (A)  on  behalf  of, and received by means 
                        of  electronic  transmission from (or 
                        created    by   means   of   computer 
                        processing      of     communications 
                        received   by   means  of  electronic 
                        transmissions  from), a subscriber or 
                        customer of such service; and
                   (B)  solely  for  the purpose of providing 
                        storage    or   computer   processing 
                        services   to   such   subscriber  or 
                        customer,  if  the  provider  is  not 
                        authorized  to access the contents of 
                        any  such communications for purposes 
                        of  providing any services other than 
                        storage or computer processing.
         
       A  similar  provision is embodied in Cal. Pen. Code sec. 
       502(c)(6) (West Pub. 1988), which provides:
       
              (c)  Except  as  provided  in  subdivision (i), 
                   any   person   who   commits  any  of  the 
                   following  acts  is  guilty  of  a  public 
                   offense:
                   (6)  Knowingly   and   without  permission 
                        provides  or  assists  in providing a 
                        means   of   accessing   a  computer, 
                        computer  system, or computer network 
                        in violation of this section.
         
         

101. The doctrine of res ipsa loquitor, or "the thing speaks

       for  itself"  warrants  the  inference  of  the  SYSOP's 
       negligence,  which  the  jury  may  draw  or  not as its 
       judgement   dictates.   See  Sullivan  v.  Crabtree,  36 
       Tenn.App. 469, 258 S.W.2d 782 (1953).

102. See discussion under Topic II. B., supra.

103. As someone who intentionally accesses confidential

       password  information  to  masquerade  as other users on 
       other  BBSes, the masquerader falls well within the pale 
       

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 44

       of  "actual  malice"  defined  in Gertz v. Robert Welch, 
       Inc.,   418   U.S.   323,   342,   supra,  note  43  and 
       accompanying  text (a defamatory falsehood was made with 
       knowledge  of its falsity or with reckless disregard for 
       the truth).

104. Evidentiary problems involved with proving the

       masquerader's  actions  are discussed more in Topic III. 
       B., infra.

105. 18 U.S.C.S. Sec. 2707(a) (Law. Co-op 1979 & Supp. 1988)

       describes the masquerader's fault thus:
         (a)  Cause  of action. Except as provided in section 
              2703(e),    any    provider    of    electronic 
              communication  service, subscriber, or customer 
              aggrieved  by  any violation of this chapter in 
              which  the  conduct  constituting the violation 
              is  engaged  in  with  a knowing or intentional 
              state  of  mind may, in a civil action, recover 
              from  the  person  or  entity  which engaged in 
              that   violation   such   relief   as   may  be 
              appropriate.
              
       California  Penal  Code  sec.  502(c) et seq. (West Pub. 
       1988) is even more specific:
         (c)  Except  as  provided  in  subdivision  (i), any 
              person  who  commits  any of the following acts 
              is guilty of a public offense:
              (1)  Knowingly  accesses and without permission 
                   alters,  damages,  deletes,  destroys,  or 
                   otherwise   uses   any   data,   computer, 
                   computer  system,  or  computer network in 
                   order to either
                   (A)  devise   or  execute  any  scheme  or 
                        artiface   to  defraud,  deceive,  or 
                        extort, or
                   (B)  wrongfully  control  or obtain money, 
                        property or data.
                                 * * *
              (3)  Knowingly  and  without permission uses or 
                   causes to be used computer services.
              (4)  Knowingly  accesses and without permission 
                   adds,   alters,   damages,   deletes,   or 
                   destroys  any  data, computer software, or 
                   computer  programs  which  reside or exist 
                   internal   or   external  to  a  computer, 
                   computer system, or computer network.
                                   * * *
              (7)  Knowingly  and without permission accesses 
                   or  causes  to  be  accessed any computer, 
                   computer system, or computer network.
         

106. Gertz v. Robert Welch, Inc., 418 U.S. 323, 342.

107. In addition to the remedies set forth in note 105, Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 45

       supra,  the  following  federal  and state penalties may 
       apply:
       18  U.S.C.S.  Sec.  2701(b),(c) (Law. Co-op 1979 & Supp. 
       1988):
         (b)  Punishment.   The  punishment  for  an  offense 
              under subsection (a) of this seciton is -
              (1)  if  the  offense is committed for purposes 
                   of    commercial    advantage,   malicious 
                   destruction    or   damage,   or   private 
                   commercial gain -
                   (A)  a  fine  not  more  dhan  &250,0

0 or

                        imprisonment  for  not  more than one 
                        year,  or  both,  in  the  case  of a 
                        first      offense     under     this 
                        subparagraph; and
                   (B)  a    fine   under   this   title   or 
                        imprisonment  for  not  more than two 
                        years,  or  both,  for any subsequent 
                        offense under this subparagraph; and
              (2)  a   fine   of  not  more  than  $5,000  or 
                   imprisonment   for   not   more  than  six 
                   months, or both, in any other case. 
         (c)  Exceptions.  Subsection  (a)  of  this  section 
              does   not   apply   with  respect  to  conduct 
              authorized-
              (1)  by  the  person or entity providing a wire 
                   or electronic communications service;
              (2)  by  a user of that service with respect to 
                   a  communication  of  or intended for that 
                   user; or
              (3)  in  section  2703,  2704,  or 2518 of this 
                   title.
         
       For  an  example of state-mandated damages provisions on 
       this  subject,  see California Penal Code sec. 502(d) et 
       seq. (West Pub. 1988).

108. See discussion under Topic II. B., supra.

109. See note 101, supra.

110. "Custom…bears upon what other will expect the actor

       to  do, and what, therefore, reasonable care may require 
       the   actor  to  do,  upon  the  feasibility  of  taking 
       precautions,  the  difficulty of change, and the actor's 
       opportunity  to  learn  the risks and what is called for 
       to  meet them. If the actor does only what everyone else 
       has  done, there is at least an inference that the actor 
       is  conforming  to  the  communit`'s  i`ea of reasonable 
       behavior."  Keeton,  Dobbs, Keeton and Owen, Prosser and 
       Keeton  on  Torts,  sec.  33,  p.194.  See  also  James, 
       Particularizing   Standards  of  Conduct  in  Negligence 
       Trials,  5  Vand. L. Rev. 697, 709-714 (1952); Ploetz v. 
       Big  Discount  Panel  Center,  Inc.,  402 So.2d 64 (Fla. 
       App. 1981).
       

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 46

111. See notes 80-93, supra, and accompanying text.

112. See note 103, supra.

113. See Pfau and Keane, Computer Logs Can Pinpoint Illegal

       Transactions,  Legal  Times  of Washington, vol. 6, p.16 
       (May  14,  1984):  "Computers can monitor their own use. 
       Unlike  other  such  forms  of physical evidence such as 
       guns,  computers  can keep track of individual users and 
       other  identifying  data.  Imagine a gun that logs every 
       instance  it  is  fired  or  even handled, and shows the 
       date,  time,  and  activity.  Recovery  of such a weapon 
       would be essential to the prosecution.
       "Most   computers   have   long   had  built-in  logging 
       capabilities....The   log   function   was  designed  to 
       facilitate  billing  for  the  use of computer resources 
       rather  than  to  assist  crime detection. To the extent 
       that  the  owner  of  a smaller computer does not charge 
       for  its  use,  he or she has no incentive to purchase a 
       self-executing  log.  Still, such logs keep surprisingly 
       accurate records of who is using the computer."

114. Fed. R. Evid. 801©.

115. Fed. R. Evid. 802: "Hearsay is not admissible except as

       provided  by  these rules or by other rules precribed by 
       the  Supreme Court pursuant to statutory authority or by 
       Act  of  Congress."  Exclusion  of  hearsay  evidence is 
       grounded  on:  (1)  nonavailability of the declarant for 
       cross-examination   and   observance  of  demeanor;  (2) 
       absence  of  an oath by the person making the statement; 
       amd  (3)  significant  risk  that  the  person  that the 
       witness  may report proffered statements inaccurately. 2 
       Bender, Computer Law, sec. 6.01[2].

116. Gemignani, The Data Detectives: Building A Case From

       Computer Files, 3 Nat'l L.J. 29 (1981).

117. Fed. R. Evid. 803(6). See also 2 Bender, Computer Law,

       sec. 6.01[4] (1988).

118. Fed. R. Evid. 803(6).

119. Id. In current practice records kept by nonprofit

       organizations,  such as churches, have long been held to 
       be  admissible.  Ford  v.  State,  82 Tex.Cr.R. 638, 200 
       S.W.  841  (1918).  It  is  at  least  arguable  that  a 
       computerized  BBS,  although run as a hobby, falls under 
       the same classification.

120. See Iowa Code Ann. Sec. 622.28; People v. Lugashi, 252

       Cal.Rptr 434 (Cal.App. 2 Dist. 1988).

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 47

121. See 14 Am.Jur. POF2d Sec. 15 (1977, Supp. 1988). Cf.

       United  States  v. De Georgia, 420 F.2d 889, 2 CLSR 479, 
       484  (1969,  CA9  Ariz),  where  it  was held that it is 
       immaterial  whether a business record is maintained in a 
       computer   rather   than   in  company  books  regarding 
       admissibility  of  those  records,  so  long  as (1) the 
       trial  court  requires the proponent of the computerized 
       records    to    lay    a   foundation   as   to   their 
       trustworthiness,  and  (2)  the  opposing party is given 
       the  same  opportunity  to  inquire  into the computer's 
       accuracy  as  he would have to inquire into the accuracy 
       of written business records.

122. The BBS program run on the SYSOP's computer ordinarily

       "stamps"  the  date  and time of day each user logs onto 
       the   BBS.   A  corresponding  record  is  automatically 
       affixed  to each piece of electronic mail posted so that 
       the  reader  knows  when  it  was added to the database. 
       Similarly,   the  telephone  company  maintains  copious 
       records  of  the  date  and  time  each  phone  call  is 
       connected  in  its  dialing  area.  The  caller  has  no 
       control over either of these processes.

123. 252 Cal.Rptr. 434 (Cal.App. 2 Dist. 1988).

124. Id., at 437.

125. Id.

126. Id.

127. Id., at 439.

128. Id., at 437.

129. Id., at 440.

130. Id., at 442. See also United States v. Russo, 480 F.2d

       1228  (CA6 Mich, 1973), cert den 414 U.S. 1157, 94 S.Ct. 
       915,  39 L.Ed.2d 109; Capital Marine Supply, Inc. v. M/V 
       Roland  Thomas  II,  719 F.2d 104 (1983 CA5 La), 104 Fed 
       Rules  Evid Serv 731; Peoples Cas & Coke Co. v. Barrett, 
       118  Ill.App.3d  52,  73  Ill.  Dec. 400, 455 N.E.2d 829 
       (1983).

131. 432 So.2d 837 (La., 1983).

132. Id., at 839-40.

133. Id., at 839.

134. United States v. Verlin, 466 F.Supp. 155 (ND Tex,

       1979).

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 48

135. Id., at 158.

136. The reasonable SYSOP should offer his full cooperation

       in  aiding  the maligned user to regain her good name by 
       providing  her  with  his  BBS' phone-in records made at 
       the  time  the  libellous message appeared. See note 93, 
       supra.

137. See note 123, supra.

138. Cf. note 118, supra. As to an electronic BBS being

       classified  as  a  "business"  for hearsay purposes, see 
       note 120, supra.

139. See note 128, supra.

140. Authentication has been broadly described thus: "[W]hen

       a  claim  or  offer  involves impliedly or expressly any 
       element  of personal connection with a corporeal object, 
       that  connection  must  be  made to appear...." Wigmore, 
       Evidence,   Sec.   2129  at  564  (2d  ed.  1972).  This 
       requirement is also known as the "Best Evidence Rule."

141. Fed. R. Evid. 901(a),(b)(6).

142. 2 Bender, Computer Law, sec. 5.03[1][a] (1988).

143. Id.

144. See Fed. R. Evid. 901(b)(6): "(6) Telephone

       conversations.   Telephone  conversations,  by  evidence 
       that  a call was made to the number assigned at the time 
       by  the  telephone  company  to  a  particular person or 
       business,  if  ***  (B)  in  the case of a business, the 
       call   was   made   to  a  place  of  business  and  the 
       conversation  related  to business reasonably transacted 
       over the telephone...." (emphasis added).

145. Fed. R. Evid. 1002.

146. E.W. Cleary, McCormick on Evidence, sec. 231 (2nd. Ed.

       1972).
       

147. Id. Further rationales for the rule are risks of

       inaccuracy    contained   in   commonly   used   copying 
       techniques    and   heightened   chances   of   witness' 
       forgetfulness through oral testimony. Id., sec. 231.
       

148. 305 So.2d 421, 7 C.L.S.R. 1238 (La. 1974).

149. 305 So.2d 421, 427.

150. Id., at 428.

Defamation Liability of Computerized BBS Operators & Problems of Proof (C) 1989 John R. Kahn 49

151. Brandon v. Indiana, 396 N.E.2d 365 (Ind. 1979).

152. Id., at 370.

153. See note 121, supra, and accompanying text.

154. Other circumstantial evidence might include, among

       other  things:  possible  motive  for the masquerader to 
       defame  plaintiff;  plaintiff's  own  inability  to call 
       from  the phone number from which the defamatory message 
       is  shown  to  have  originated;  or  even an electronic 
       "fingerprint"  left  by  the  particular  computer  from 
       which   the  defamatory  message  originated.  Pfau  and 
       Keane,  Computer  Logs Can Pinpoint Illegal Trasactions, 
       Legal Times of Washington, vol. 6, p.16 (May 14, 1984).

155. Fed. R. Evid. 1002 provides:

           REQUIREMENT  OF  ORIGINAL. To prove the content of 
           a  writing, recording, or photograph, the original 
           of   that  writing,  recording  or  photograph  is 
           required,   unless  provided  otherwise  in  these 
           rules or by an Act of Congress.
           

156. Examples of this situation are the telephone company's

       keeping   of   hundreds   of   thousands  of  individual 
       computerized  records of each telephone call made within 
       a  certain  dialing area, or a BBS' extensive history of 
       subscriber use compiled for billing purposes.

157. See Harned v. Credit Bureau of Gilette, 513 P2d 650, 5

       CLSR 394 (1973).

158. Fed. R. Evid. 1006.

159. 137 Ga.App. 360, 223 S.E.2d 757 (1976).

160. 223 S.E.2d 757, 760.

/data/webs/external/dokuwiki/data/pages/archive/bbs/syslibli.txt · Last modified: 2000/06/05 00:12 (external edit)