A California Court of Appeal ruled that a school pupil had committed identity theft under Californian laws when he obtained a schoolmate’s email password, used it to gain access to her Facebook account, and posted sexually suggestive messages whilst posing as the girl.
Wilfully obtaining personal identifying information and using it “for an unlawful purpose” without the person’s consent is illegal under the provisions of California’s Penal Code.
The student, referred to as Rolando S in the ruling, had received the girl’s email password from an “unsolicited” text message, the Court ruling said. Because he had kept a record of the password and intended to use it later Rolando S had wilfully obtained personal identifying information belonging to the girl, the Court said.
“We conclude [Rolando S] wilfully obtained the victim’s password when he chose to remember the password from the text message, and later affirmatively used the password to gain access to the victim’s electronic accounts,” the Court said in its ruling (13-page / 39KB PDF).
Read more on Out-Law.com. There will undoubtedly be many who are unhappy with this ruling, but after reading it, it does seem that the California legislature was quite clear in its stated intent that they wanted to expand the application of identity theft law to cover situations that didn’t just involve financial fraud or the like. I wonder if those legislators have any second thoughts now that a young person has been charged and convicted. Might or could this case have been more appropriately handled as a case of harassment? Should account takeovers used for purposes of harassment really be viewed as identity theft?
Thanks to @EducationNY for sending me this link.