Previously posted on SSRN.

Abstract

While writing this Article, I interviewed a journalist who writes stories about harmful technologies. To do this work, he gathers information from websites to reveal trends that online platforms would prefer to hide. His team has exposed how Facebook threatens people’s privacy and safety, how Amazon hides cheaper deals from consumers, and how Google diverts political speech from our inboxes. You’d think the journalist might want credit for telling these important stories, but he instead insisted on anonymity when we talked because his lawyer was worried he’d be confessing to breaking the law—to committing the crime and tort of cyber-trespass.

Cyber-trespass law makes it illegal to access websites and gather information without a platform’s permission. Some courts treat all websites as “blackacres”—enclaves of private property that platforms may govern much like people may exert dominion over their private land in the real world. This legal regime empowers platforms to selectively and arbitrarily grant and withhold their consent whenever people attempt to access their websites. Platforms have long exercised these gatekeeper rights through their computer code, restricting access through authentication barriers like password gates. But cyber-trespass law has empowered platforms to limit access through legal code, using their terms of service or cease-and-desist letters to deter people from gathering information for any reason whatsoever.

This Article argues that this indiscriminate treatment of all websites as blackacres violates the First Amendment. Applying cyber-trespass rules identically across the internet undermines core constitutional values by giving platforms unlimited discretion to prevent access to information that’s already within the public sphere. To avoid these unconstitutional applications of cyber-trespass law, courts should recognize two types of cyberspaces: Cyber-trespass law should have no force on websites that are accessible to the general public, but it should offer robust privacy protections on websites that aren’t. Whether a website is publicly accessible for constitutional purposes should turn on the social structure of communicative practices on particular websites, not merely whether a website sits behind a password gate. Adopting this framework would not only satisfy the First Amendment, but also protect privacy interests that are increasingly threatened in the digital age.

Share

COinS