Portions of Twitter’s source code were reportedly leaked online




Andrew Tarantola

Andrew Tarantola

 



A company’s public image is arguably even more important to its bottom line than the product they produce and very much not something to be trifled with. Would Disney be the entertainment behemoth it is today if not for its family-friendly facade, would Google have garnered so much goodwill if not for its “don’t be evil” motto? Nobody’s going to buy your cars if they think the company is run by some “pedo guy.” With the scale of business that modern tech giants operate at and the amounts of money at stake, it’s little surprise that these titans of industry will eagerly leverage their legal departments to quash even the slightest sullying of their reputations. But they can only Cease and Desist you if they can find.


In The United States of Anonymous: How the First Amendment Shaped Online Speech, associate professor of cybersecurity law in the United States Naval Academy Cyber Science Department and author Jeff Kosseff explores anonymity’s role in American politics and society, from its colonial and revolutionary era beginnings, to its extensive use by the civil rights movement, to the modern online Damocles sword it is today. In the excerpt below, Kosseff recounts the time that Raytheon got so mad by posts on the Yahoo! Finance message board, that it tried to subpoena Yahoo! to give up the real life identities of anonymous users so it could in turn sue them for defamation.


 

Reprinted from The United States of Anonymous: How the First Amendment Shaped Online Speech, by Jeff Kosseff. Copyright (c) 2022 by Cornell University. Used by permission of the publisher, Cornell University Press.



“BONUSES WILL HAPPEN—BUT WHAT ARE THEY REALLY?”







That was the title of a November 1, 1998, thread on the Yahoo! Finance bulletin board dedicated to tracking the financial performance of Raytheon, the mammoth defense contractor. Like many publicly traded companies at the time, Raytheon was the subject of a Yahoo! Finance message board, where spectators commented and speculated on the company’s financial status. Yahoo! allowed users to post messages under pseudonyms, so its Finance bulletin boards quickly became a virtual — and public — water cooler for rumors about companies nationwide.


The Yahoo! Finance boards largely operated on the “marketplace of ideas” approach to free speech theory, which promotes an unregulated flow of speech, allowing the consumers of that speech to determine its veracity. Although Yahoo! Finance may have aspired to represent the marketplace of ideas, the market did not always quickly sort the false from the true. During the dot-com boom of the late 1990s, Yahoo! Finance users’ instant speculation about a company’s financial performance and stock price took on new importance to investors and companies. But some of these popular bulletin boards contained comments that were not necessarily helpful to fostering productive financial discussion. “While many message boards perform their task well, others are full of rowdy remarks, juvenile insults and shameless stock boosterism,” the St. Petersburg Times wrote in 2000. “Some boards are abused and fall prey to posters who try to manipulate a company’s stock, typically by pushing up its price with misleading information, then selling the stock near its peak.”


Corporate executives and public relations departments routinely monitored the bulletin boards, keenly aware that one negative post could affect employee morale and, more importantly, stock prices. And they did not have faith in the marketplace of ideas sorting out the truth from the falsities. While companies were accustomed to handling negative press coverage, the pseudonymous criticism on Yahoo! Finance was an entirely different world. Executives knew to whom they could complain if a newspaper’s business columnist wrote about inflated share prices or pending layoffs. Yahoo! Finance’s commenters, on the other hand, typically were not easily identifiable. They could be disgruntled employees, shareholders, or even executives.


The reputation-obsessed companies and executives could not use the legal system to force Yahoo! to remove posts that they believed were defamatory or contained confidential information. In February 1996, Congress passed Section 230 of the Communications Decency Act, which generally prevents interactive computer services—such as Yahoo!—from being “treated as the publisher or speaker” of user content. In November 1997, a federal appellate court construed this immunity broadly, and other courts soon followed. Congress passed Section 230 in part to encourage online platforms to moderate objectionable content, and the statute creates a nearly absolute bar to lawsuits for defamation and other claims arising from third-party content, whether or not they moderate. Section 230 has a few exceptions, including for intellectual property law and federal criminal law enforcement. Section 230 meant that an angry subject of a Yahoo! Finance post could not successfully sue Yahoo! for defamation, but could sue the poster. That person, however, often was difficult to identify by screen name.


Not surprisingly, the Yahoo! Finance bulletin boards would become the first major online battleground for the right to anonymous speech. Companies’ attempts in the late 1990s to unmask Yahoo! Finance posters would set the stage for decades of First Amendment battles over online anonymity.


A November 1, 1998, reply in the Raytheon bonuses thread came from a user named RSCDeepThroat. The four-paragraph post speculated on the size of bonuses. “Yes, there will be bonuses and possibly for only one year,” RSCDeepThroat wrote. “If they were really bonuses, the goals for each segment would have been posted and we would have seen our progress against them. They weren’t, and what we get is black magic. Even the segment execs aren’t sure what their numbers are.” RSCDeepThroat predicted bonuses would be less than 5 percent. “That’s good as many sites are having rate problems largely due to the planned holdback of 5%. When it becomes 2%, morale will take a hit, but customers on cost-plus jobs will get money back and we will get bigger profits on fixed-price jobs.”


RSCDeepThroat posted again, on January 25, 1999, in a thread with the title “98 Earnings Concern.” The poster speculated about business difficulties at Raytheon’s Sensors and Electronics Systems unit. “Word running around here is that SES took a bath on some programs that was not discovered until late in the year,” RSCDeepThroat posted. “I don’t know if the magnitude of those problems will hurt the overall Raytheon bottom line. The late news cost at least one person under Christine his job. Maybe that is the apparent change in the third level.” The poster speculated that Chief Executive Dan Burnham “is dedicated to making Raytheon into a lean, nimble, quick competitor.” Although RSCDeepThroat did not provide his or her real name, the posts’ discussion of specifics—such as the termination of someone who worked for “Christine”—suggested that RSCDeepThroat worked for Raytheon or was receiving information from a Raytheon employee.


RSCDeepThroat and the many other people who posted about their employers on Yahoo! Finance had good reason to take advantage of the pseudonymity that the site provided. Perhaps the most important driver was the Economic Motivation; if their real names were linked to their posts, they likely would lose their jobs. Likewise, the Legal Motivation drove their need to protect their identities, as many employers had policies against disclosing confidential information, and some companies require their employees to sign confidentiality agreements. And the Power Motivation also was a likely factor in the behavior of some Yahoo! Finance posters—suddenly, the words and feelings of everyday employees mattered to the company’s top executives.


Raytheon sought to use its legal might to silence anonymous posters. The prospect of inside information being blasted across the Internet apparently rankled Raytheon’s executives so much that the company sued RSCDeepThroat and twenty other Yahoo! Finance posters for breach of contract, breach of employee policy, and trade secret misappropriation in state court in Boston. In the complaint, the company wrote that all Raytheon employees are bound by an agreement that prohibits unauthorized disclosure of the company’s proprietary information. Raytheon claimed that RSCDeepThroat’s November post constituted “disclosure of projected profits,” and the January post was “disclosure of inside financial issues.”


Raytheon’s complaint stated only that the company sought damages in excess of twenty-fi ve thousand dollars. Litigating this case might cost more than any money the company would recover in settlements or jury verdicts. The lawsuit would, however, allow Raytheon to attempt to gather information to identify the authors of the critical posts.


Raytheon’s February 1, 1999, complaint was among the earliest of what would become known as a “cybersmear lawsuit,” in which a company filed a complaint against (usually pseudonymous) online critics. Because of its high visibility and large number of pseudonymous critics, Yahoo! Finance was ground zero for cybersmear lawsuits.


??Because Raytheon only had the posters’ screen names, the defendants listed on the complaint included RSCDeepThroat, WinstonCar, DitchRaytheon, RayInsider, RaytheonVeteran, and other monikers that provided no information about the posters’ identities. To appreciate the barriers that the plaintiffs faced, it first is necessary to understand the taxonomy that applies to the levels of online identity protection. This was best explained in a 1995 article by A. Michael Froomkin. He summarized four levels of protection:




  • Traceable anonymity: “A remailer that gives the recipient no clues as to the sender’s identity but leaves this information in the hands of a single intermediary.”



  • Untraceable anonymity: “Communication for which the author is simply not identifiable at all.”



  • Untraceable pseudonymity: The message is signed with a pseudonym that cannot be traced to the original author. The author might use a digital signature “which will uniquely and unforgeably distinguish an authentic signed message from any counterfeit.”



  • Traceable pseudonymity: “Communication with a nom de plume attached which can be traced back to the author (by someone), although not necessarily by the recipient.” Froomkin wrote that under this category, a speaker’s identity is more easily identifiable, but it more easily allows communication between the speaker and other people.


Although traceable anonymity and traceable pseudonymity are not substantially diff erent from a technical standpoint—in both cases, the speakers can be identified, Margot Kaminski argues that a speaker’s choice to communicate pseudonymously rather than anonymously might have an impact on their expression because pseudonymous communication “allows for the adoption of a developing, ongoing identity that can itself develop an image and reputation.”


Yahoo! Finance largely fell into the category of traceable pseudonymity. Yahoo! did not require users to provide their real names before posting. But it did require them to use a screen name and asked for an email address (though there often was no guarantee that the email address alone would reveal their identifying information). It automatically logged their Internet Protocol (IP) addresses, unique numbers associated with a particular Internet connection. Plaintiff’s could use the legal system to obtain this information, which could lead to their identities, albeit with no guarantee of success.





 

Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics  

(10)