Professor Joel Reidenberg, founder of the Center on Law and Information, was quoted in an article for Law360 on Facebook’s recent lawsuit claiming a spyware company compromised the phones of WhatsApp users.
The case is believed to be the first time that an encrypted communications platform has sued a private company for getting around its encryption. To do so, Facebook’s lawyers came up with a creative and potentially risky argument under the Computer Fraud and Abuse Act, the main federal anti-hacking statute, industry attorneys say.
Joel Reidenberg, a professor and founder of the Center on Law and Information Policy at Fordham University School of Law, agreed that Facebook’s CFAA argument put the company in somewhat uncharted legal territory. The Ninth Circuit has found that violating a company’s terms of service alone is not enough to breach federal anti-hacking law unless the company continues to do so after receiving a cease-and-desist letter, for example, though Facebook’s case includes other claims.
But the alleged spy campaign bolsters the social media giant’s position in its ongoing struggle with the U.S. government over whether it should be forced to break its encryption for law enforcement access, Reidenberg said.
U.S. officials have long called for tech giants to build a way for law enforcement to see their encrypted devices and communications, warning that criminals are using such platforms to “go dark” and evade detection. Tech companies have sharply criticized the suggestion that they build what they call “back doors” into their systems.
“I think an international moratorium is very unrealistic right now, because we don’t even have national consensus let alone an international one about how these tools should be used,” Reidenberg said.