In a recent post, co-blogger Stewart Baker writes that there is “a very real possibility” that the Obama campaign won the 2012 election by increasing turnout among its supporters, using tactics that violated the Computer Fraud and Abuse Act. It is difficult to definitively disprove such claims. But the available evidence cuts the other way – at least if “real possibility” means more than an extremely small chance.
To prove that Obama won by violating the CFAA, it must be shown that 1) that Obama won because of unusually successful efforts to increase turnout among his supporters, and 2) that turnout would have been so much smaller absent violations of the CFAA, that Romney would have won. Both claims are problematic. Contrary to much conventional wisdom, Obama’s victory was actually well in line with historic trends. Standard econometric models based on trends in the economy predicted a narrow win for Obama, and his margin of victory was only slightly greater than the predictions, as I explained in this post shortly after the election. The final popular vote margin was larger than that indicated in the early numbers I used in the post; but the key point is that Obama would have won even if he had gotten exactly the percentage of the vote predicted by standard electoral models. Sean Trende and political scientist John Sides make similar points in greater detail (see also Sides’ forthcoming book with Lynn Vavreck). As Sides and Trende emphasize, incumbent presidents usually win reelection if there is even moderate improvement in the economy during the last year or so before the election. A major scandal or an unusually strong opposing candidate can overcome this tendency. But the GOP in 2012 didn’t benefit from either.
To the extent that high-tech campaign tactics and selective turnout did help Obama, the violation of Facebook terms of service emphasized by Stewart was just one of many “microtargeting” tactics used by his campaign. It seems highly unlikely that it was individually decisive. Had Obama’s operatives scrupulously obeyed the CFAA, the president would almost certainly have won anyway, even if by a modestly smaller margin. Moreover, given the extremely broad nature of the CFAA, which, according to Stewart, criminalizes any unauthorized violation of a website’s terms of service, I find it highly unlikely that the Romney campaign was in perfect compliance with it.
Obviously, it’s possible to argue that the Obama campaign’s violation of the CFAA is a major scandal even if it didn’t decide the outcome of the election. If Stewart’s analysis is correct, the campaign still violated the law repeatedly. If you believe that all laws must be strictly enforced at all times, the Justice Department’s failure to prosecute here is deeply objectionable.
But such strict enforcement is both impossible and undesirable in a world where the scope of federal criminal law is so vast that the majority of Americans are probably guilty of one or more federal felonies. Consider what would happen if the feds tried to prosecute everyone who violated the CFAA by using a website in ways that are not authorized by its terms of service. If you have ever let a friend or family member log on to your Facebook or Twitter [UPDATE: I’m actually not sure about Twitter’s terms of service] account, you have committed the exact same crime as the Obama campaign did.
If it is a moral imperative to prosecute campaign operatives for this violation of the CFAA, perhaps it is also essential to prosecute all the Obama campaign workers who exceeded the speed limit or engaged in minor violations of other traffic laws as they went about their work for Obama. If all Obama campaign workers had scrupulously obeyed all traffic laws in the course of work-related trips, they would have lost a lot of extra time in traffic, and perhaps the president’s turnout efforts would have been less successful.
I take seriously the admonition that presidents and their operatives should be required to obey the law in the same way as ordinary citizens. But this possible violation of the CFAA is the kind of thing that millions of private citizens do all the time, and are almost never prosecuted for unless the violation is combined with other criminal or civilly liable activity that is more serious. The same standards of prosecutorial discretion should apply to Obama’s campaign staffers.
As regular VC readers know, I am no great fan of the Obama administration. And I think there are times when they play fast and loose with the law in ways that are truly reprehensible. Waging a war in Libya without constitutionally required congressional authorization was a particularly serious example. Engaging in minor technical violations of the ridiculously overbroad CFAA is not even remotely in the same category.
UPDATE: Some readers might cite the Aaron Swartz prosecution as evidence that minor violations of the CFAA do get prosecuted. I don’t have a strong view about whether and to what extent Swartz should have been prosecuted. But, for reasons outlined by Orin Kerr here, I think Swartz’s conduct was a lot more problematic than merely giving someone else access to your Facebook account in violation of terms of service. Swartz sought to allow unpaid public access millions of copyrighted articles [I have rephrased this sentence to make it clearer – IS], thereby massively undermining the copyright system. The rough Facebook equivalent of that would be if Obama campaign workers took millions of people’s private data from their Facebook accounts and published it on a website where everyone could see it. If the Obama campaign had done that, there would be a much stronger case for prosecution.
UPDATE #2: Some commenters argue that, contra Stewart and Michael Vatis, the Obama campaign’s actions did not really violate the CFAA. I think Vatis makes a fairly solid case that they did, and especially that they did so under the Justice Department’s current broad interpretation of the CFAA. But no important argument in my post hinges on agreement with that conclusion. To make things more clear, my argument is that, even assuming that the campaign’s actions did violate the CFAA in the way described by Stewart and Vatis, those actions were not decisive to the outcome of the election, and the operatives who did it probably should not be prosecuted.
UPDATE #3: In a post written after this one, co-blogger Orin Kerr argues that the Obama campaign did not violate the CFAA, but merely the Justice Department’s “absurd” interpretation thereof. Orin knows a lot more about the CFAA than I do, and he may well be right. I will only note that it’s not as clear as he suggests that Michael Vatis also disagrees with the DOJ’s interpretation of the CFAA. Vatis says that a CFAA prosecution based on violations of a website’s terms of service would be “an absurdity,” but it is not clear that it would be absurd because the DOJ’s interpretation of the law is wrong, or because the law is itself “absurd.” In the last part of his post, Vatis argues that the CFAA needs to be revised to prevent prosecutions based on TOS violations, which suggests that the DOJ’s interpretation of the law is at least plausible. Regardless of all this, as I indicated in my previous update, nothing important in my post hinges on the correctness of the DOJ/Stewart Baker interpretation of the CFAA. If that interpretation is wrong, it just means that there is a third weakness weakness in Stewart’s earlier post, in addition to the two I discuss above.
UPDATE #4: In this follow-up post, I explain why I should not have opined on some of the issues discussed above, relating to Facebook’s TOS and its relationship to the CFAA. My mistake on that question does not undermine the main two points made in this post. But it was an error nonetheless, and should be acknowledged.