By Noah Feldman
Was 2014 the year of the hack? Or 2013? Or maybe 2011? The answer, of course, is that they all were, and there are going to be lots more coming.
But events in 2014 have helped frame a profound question that we're going to have to answer about the right balance among property, privacy, and free speech - and a glance through the year's prominent hacks sheds some light on how we should answer it.
Let's work backward. The latest major hacking scandal involves someone's theft and exposure of internal Sony documents ranging from embarrassing e-mail exchanges to script proposals.
But more important for our purposes is the demand by Sony's lawyers that the news media delete the data stolen and released by hackers. This was not simply some symbolic proclamation that it would be unjust or immoral to reproduce e-mails and documents. It took the form of a letter asserting that Sony "does not consent to your possession, review, copying, dissemination, publication, uploading, downloading or making any use" of the material - grounds, the letter implied, for a future lawsuit.
Compare this claim to the nude-photos hacking scandal that involved Jennifer Lawrence and other celebrities. Lawrence called the hacking "a sex crime." In fact, legal arguments may have been available to her and other celebrities, as they indeed may be available to Sony. At a minimum, it can be a violation of copyright laws to post material to which you don't own the copyright. Maximally, the photos could be thought of as the proceeds of a criminal violation.
Earlier in the year, and for the previous several years, we saw a third version of the argument for the suppression of hacked material. The U.S. government considers classified material released through the WikiLeaks scandal and by Edward Snowden still to be illegally in the public domain. Although it hasn't prosecuted newspapers for revealing that information, it has prohibited U.S. government officials from viewing the material if they don't have the right classifications. Classification isn't exactly the same as ownership from a legal perspective, but there is a similarity between them: In principle, it's a punishable federal crime for anyone to reveal classified information, which means the act is a kind of federal theft.
What these instances have in common is a claim to property and privacy by the party whose information gets hacked. What's on the other side? Here the legal answer is identical: the free-speech right of the First Amendment. Those who publish or republish information to which they were not initially entitled can and indeed must argue that they are speaking on matters of public concern, which lie at the heart of First Amendment values and jurisprudence.
Who's right? The answer isn't at all simple. The First Amendment as interpreted by the courts is not and has never been absolute. The government may suppress information for reasons of security, and it may punish disclosures for reasons of privacy under some circumstances. Libel laws protect against false and defamatory statements, even when they concern public figures.
Perhaps most important, the free-speech right doesn't protect theft of information. Intellectual property rights like copyright and trademark regulate what can be expressed, and by whom. It's hard to get an advance injunction against someone who's about to violate your intellectual property rights. But it's commonplace to receive damages after the fact. And under federal copyright law, damages can be enormous - and can be stacked up by the number of violating images downloaded.
Setting the right balance between intellectual property and free speech has never been easy, but the hacking scandals strongly suggest that a balance must be developed to match the emerging technological environment. And painful though it may be to those who get hacked, we need to set the standards for protecting public speech very high to ensure the continuing benefits of free speech.
The way to do this is to make a strong distinction between the wrongdoing of stealing information and the fundamental liberty of disseminating information once it is in the public domain. Without this distinction, the fault of the original hacker can spread like a contagion over everyone who consumes that information.
And that contagion can be tracked down by powerful and rich corporate actors who seek suppression. The size and scope of the Internet alone won't suffice to guarantee that information spreads no matter what legal sanctions are threatened. China's Great Firewall offers some proof that effective control of a significant portion of the Web can be brought about by a government prepared to expend the resources. That's one reason it's important to have robust free-speech protections if the flow of information is going to be preserved.
Not every piece of hacked information will be of public value, of course. Nude pictures of celebrities are an example of information we don't need (although they certainly seem to be something we want). But it's not realistic to think we could distinguish between the embarrassment of revealing pictures and the embarrassment of borderline racist e-mail exchanges between high-ranking corporate executives. The latter have something profound to teach us about the making of information in the functioning of contemporary media. We're going to have to sacrifice some privacy and property to sustain free speech. Sometimes it'll be painful - but it's necessary.