Legally the laptop would belong to John Paul Mac Isaac per Delaware’s Abandoned Personal Property laws (25 Del. C. § 4001). He would have a right to ownership of the laptop. That said, the data contents of the laptop should have been wiped (that’s customary, not a legal requirement) before the transferring of ownership.
All of that said, 18 USC § 1030 covers the data that is hidden behind a Windows login. Yes you can boot up a system with an unencrypted drive and read the contents of it, but that’s circumventing. Now where this and everything else differs, is that in a lot of prior cases a warrant was obtained to gain discovery of the information. In this case, Giuliani just circumvented the login, and post facto indicated evidentiary data.
It’s a good question to bring before the courts. Can someone circumvent a protection, find incriminating data, and then after the fact present it to law enforcement? Because we don’t have a lot that goes down this road of questioning. Kind of the reason law enforcement needs to be the one that bypasses those kinds of protections legally is because, your average person, can do things that “tamper” with evidence. And with digital data, can do so without knowing they have done so, like last access timestamps and what not.
and if so, how is that not illegal access to someone else’s data
I mean that’s the central question of the suit. Which you can find as case 2:23-cv-8032 in the Central District of California. And I can’t off the cuff think of a good prior that answers this. And there’s parallels that can be drawn for both ways this can go. You cannot just randomly break into a house, discover illegal shit going on, and then report that (I mean you can, but you’ve also violated the law with your B&E) But if you reasonably suspect something is going on (like you heard a scream from the house), you can break into a house, discover illegal shit going on, and then report that (that is you haven’t violated the law with your B&E in some situations).
Basically the case doesn’t negate the laptop as evidence in some other case, it just implicates Giuliani into what amounts to digital breaking and entry. Which given the case, even if Giuliani was found guilty the sentence is usually a fine for first offense when the information obtained is not property of the US Government proper. So even if the courts do find Giuliani should have contacted the FBI before actually attempting to get the data, the most he would be face (if they really wanted to throw the book at him) is one year in prison AND a fine.
It is an interesting case though, we don’t have laptops screaming for help to justify breaking legally protected locks on data. So, it an interesting case to see what the courts lay down as lines for “reasonable belief that an illegal activity is happening” if Giuliani decides to go down that road. But I don’t hold much hope for that, they’ll likely argue that the data on the laptop is theirs to begin with, which no court is going to accept that. But we’ll just have to see.
I don’t know Delaware law but at least under common law of bailments, notice to the owner is required before one can claim title by abandonedment, how else would one know of the true owner intends tk retrieve it? I’d bet the NJ statute also requires due notice.
As to that, the CFAA, and the California state claims, I note that the case is not against the laptop repair guy and the suit does not admit or concede that any “laptop” ever existed. Rather, they concede that some of the data was in fact the Plaintiff’s. Further, the Defendants admit that they never had a “laptop,” only an external hard drive said to be a copy of the laptop’s data made by the computer repair guy.
Even if the repair guy had title to the laptop, and had authority to grant access to the Defendants, the Defendant’s accessed the data with an intent to defraud, blackmail, or extort something of value. There is no right of access which allows that. The access in such a case is per se unauthorized. That’s Paragraph 42 of the complaint and it seems like a slam dunk to me. Notice how the wording as to the access is reversed compared to Paragraphs 40 and 41.
40 (illegally accessessing to obtain financial records) and 41 (illegally accessing a computer used in interstate commerce) rely on the argument that the Defendant had no authority to access the data, which itself depends on the authority the computer repair guy had, if any, and whether he could have granted access to the Defendants. I think any right the computer guy had and could have transferred, the Defendant’s nevertheless exceeded by what they planned to do and did do with the data.
In Count II, the California state claims, seem much easier to prove. That’s not a computer access statute, it’s a data privacy statute. Paragraph 46 is similar to 42 above, it’s the wrongful intent of the access that makes the Defendant’s conduct actionable. 47 and 48 are like 40 and 41, they hinge on permission of someone with authority to grant access. Paragraph 49, if I’m reading the statute correctly, is unique. That one goes to the Defendants’ communications with the laptop repair guy and their efforts to obtain the external drive when the laptop guy claimed the data belonged to Hunter Biden and the Defendants’ sought to obtain it without Plaintiff’s permission.
Count III is a typical unfair business practices claim. It alleged the Defendants’ were running a business and engaged in lies and deception that harmed the Plaintiff. Rudy couldn’t help himself from going on the air and waving a laptop around claim “this is Hunter Biden’s laptop,” while having already admitted that he never had Hunter Biden’s laptop, only an external drive claimed by someone to be Hunter Biden’s.
At this point, the repair owner has no credibility as to the authenticity of data and the only evidence that could prove a particular piece of data is authentic is if Hunter Biden testifies so. Guilliani and Costello have no competency to testify as to the authenticity of the data because we’re not involved until years after the fact and did not witness any of the underlying facts or circumstances as to the receipt and storage of the data, their thoughts on it would be inadmissible hearsay. Pretty precarious legal position to be in; incompetent to testify to the one defense they might have. Too bad for them they went into business as spooks and bagmen instead of journalists.
Legally the laptop would belong to John Paul Mac Isaac per Delaware’s Abandoned Personal Property laws (25 Del. C. § 4001). He would have a right to ownership of the laptop. That said, the data contents of the laptop should have been wiped (that’s customary, not a legal requirement) before the transferring of ownership.
All of that said, 18 USC § 1030 covers the data that is hidden behind a Windows login. Yes you can boot up a system with an unencrypted drive and read the contents of it, but that’s circumventing. Now where this and everything else differs, is that in a lot of prior cases a warrant was obtained to gain discovery of the information. In this case, Giuliani just circumvented the login, and post facto indicated evidentiary data.
It’s a good question to bring before the courts. Can someone circumvent a protection, find incriminating data, and then after the fact present it to law enforcement? Because we don’t have a lot that goes down this road of questioning. Kind of the reason law enforcement needs to be the one that bypasses those kinds of protections legally is because, your average person, can do things that “tamper” with evidence. And with digital data, can do so without knowing they have done so, like last access timestamps and what not.
I mean that’s the central question of the suit. Which you can find as case 2:23-cv-8032 in the Central District of California. And I can’t off the cuff think of a good prior that answers this. And there’s parallels that can be drawn for both ways this can go. You cannot just randomly break into a house, discover illegal shit going on, and then report that (I mean you can, but you’ve also violated the law with your B&E) But if you reasonably suspect something is going on (like you heard a scream from the house), you can break into a house, discover illegal shit going on, and then report that (that is you haven’t violated the law with your B&E in some situations).
Basically the case doesn’t negate the laptop as evidence in some other case, it just implicates Giuliani into what amounts to digital breaking and entry. Which given the case, even if Giuliani was found guilty the sentence is usually a fine for first offense when the information obtained is not property of the US Government proper. So even if the courts do find Giuliani should have contacted the FBI before actually attempting to get the data, the most he would be face (if they really wanted to throw the book at him) is one year in prison AND a fine.
It is an interesting case though, we don’t have laptops screaming for help to justify breaking legally protected locks on data. So, it an interesting case to see what the courts lay down as lines for “reasonable belief that an illegal activity is happening” if Giuliani decides to go down that road. But I don’t hold much hope for that, they’ll likely argue that the data on the laptop is theirs to begin with, which no court is going to accept that. But we’ll just have to see.
I don’t know Delaware law but at least under common law of bailments, notice to the owner is required before one can claim title by abandonedment, how else would one know of the true owner intends tk retrieve it? I’d bet the NJ statute also requires due notice.
As to that, the CFAA, and the California state claims, I note that the case is not against the laptop repair guy and the suit does not admit or concede that any “laptop” ever existed. Rather, they concede that some of the data was in fact the Plaintiff’s. Further, the Defendants admit that they never had a “laptop,” only an external hard drive said to be a copy of the laptop’s data made by the computer repair guy.
Even if the repair guy had title to the laptop, and had authority to grant access to the Defendants, the Defendant’s accessed the data with an intent to defraud, blackmail, or extort something of value. There is no right of access which allows that. The access in such a case is per se unauthorized. That’s Paragraph 42 of the complaint and it seems like a slam dunk to me. Notice how the wording as to the access is reversed compared to Paragraphs 40 and 41.
40 (illegally accessessing to obtain financial records) and 41 (illegally accessing a computer used in interstate commerce) rely on the argument that the Defendant had no authority to access the data, which itself depends on the authority the computer repair guy had, if any, and whether he could have granted access to the Defendants. I think any right the computer guy had and could have transferred, the Defendant’s nevertheless exceeded by what they planned to do and did do with the data.
In Count II, the California state claims, seem much easier to prove. That’s not a computer access statute, it’s a data privacy statute. Paragraph 46 is similar to 42 above, it’s the wrongful intent of the access that makes the Defendant’s conduct actionable. 47 and 48 are like 40 and 41, they hinge on permission of someone with authority to grant access. Paragraph 49, if I’m reading the statute correctly, is unique. That one goes to the Defendants’ communications with the laptop repair guy and their efforts to obtain the external drive when the laptop guy claimed the data belonged to Hunter Biden and the Defendants’ sought to obtain it without Plaintiff’s permission.
Count III is a typical unfair business practices claim. It alleged the Defendants’ were running a business and engaged in lies and deception that harmed the Plaintiff. Rudy couldn’t help himself from going on the air and waving a laptop around claim “this is Hunter Biden’s laptop,” while having already admitted that he never had Hunter Biden’s laptop, only an external drive claimed by someone to be Hunter Biden’s.
At this point, the repair owner has no credibility as to the authenticity of data and the only evidence that could prove a particular piece of data is authentic is if Hunter Biden testifies so. Guilliani and Costello have no competency to testify as to the authenticity of the data because we’re not involved until years after the fact and did not witness any of the underlying facts or circumstances as to the receipt and storage of the data, their thoughts on it would be inadmissible hearsay. Pretty precarious legal position to be in; incompetent to testify to the one defense they might have. Too bad for them they went into business as spooks and bagmen instead of journalists.
Thanks for the in depth answer
Fantastic breakdown, thank you.