California, Crime, Cyberlaw, Facebook, Privacy, Social Networking Websites, Technology

Don’t Mess With Your Friend’s Facebook; It Might Be a Felony

When I was in college, it was not altogether uncommon for people to leave their laptops unattended with their Facebook accounts still logged in. It was not altogether uncommon for an enterprising prankster to creatively twiddle with said account. A little switch of sexual preference here, a mildly offensive profile picture there, and maybe a nonsensical new profile quote.

It was annoying, and at worst required minor social media damage control, but nobody seemed to care much.

Nowadays, people definitely care. The California Court of Appeals ruled on July 21 that the same sort of online mischief can lead to felony identity theft conviction.

Let’s learn more about Rolando S., a teenager who messed with the wrong Facebook account….

The Technology & Marketing Law Blog has a good explanation of In Re Rolando S.:

Rolando was a juvenile who received an unsolicited text message with the victim’s email password. According to the court, he used the password to gain access to the victim’s Facebook account and posted several sexually inappropriate messages from the victim’s account. The Facebook posts included posts on the walls of the victim’s friends and the following change to the victim’s profile:

“Hey, Face Bookers, [sic] I’m [S.], a junior in high school . . . I want to be a pediatrician but I’m not sure where I want to go to college. I have high standards for myself and plan to meet them all. I love to suck d*ck.”

Not exactly the ideal content for a high school girl to find on her Facebook profile. The girl Rolando hacked, so to speak, said she faced “social stigma” after this happened. (For what it’s worth, Zach Galifianakis once ran into similarly embarrassing fellatio-related allegations; he came up with a funny, creative explanation.)

Rolando claimed he meant the whole thing as a joke, but was convicted in juvenile court of identity theft under California law.

Rolando wasn’t exactly the model student. He had already been in trouble for driving his car “at three girls in the school parking lot, but stopped abruptly several feet away from them in an attempt to scare them.”

The appellate ruling against Rolando hinged on the court’s opinion that he willfully obtained the girl’s password and used it for an unlawful purpose.

As the writers at the Technology & Marketing Law Blog point out out, it’s not nearly that simple. To begin with, Rolando didn’t steal the password. Someone gave it to him. The court doesn’t elaborate much more than that, but it’s likely the owner of the account revealed her password to someone untrustworthy.

It sucks, but it happens. A few years ago, an unlucky friend of mine inadvertently let some other friends see the password to his work BlackBerry. A few days later, my friend got a call from human resources about some brothel visits and drug deals that had been mysteriously scheduled in his calendar. Was he mad at the culprits? Hell yes. Did he get fired? No. Does he protect his passwords better now? I hope so.

Once a juvenile finds out he/she can get access to a peer’s Facebook account, it seems like it would be almost irresistible not to muck around with it. I don’t want to dismiss this entirely as “kids will be kids,” but I’m sure a non-trivial percentage of kids would take advantage of a peer’s password if the circumstance presented itself. Perhaps it’s like the joyriding of days of old. If people left keys in their cars, some kids will take the cars for a spin. We can enact draconian laws to discourage joyriding, but if keys are left in cars, joyrides are inevitable. Here, the defendant basically took the victim’s Facebook account for a joyride. It was unquestionably wrong behavior, but given its inevitability, it probably shouldn’t be felonious.

I don’t doubt the girl had to endure some nasty jokes — high-schoolers are evil. But even bad, hurtful jokes do not a felony make. (Although, weirdly, sometimes bad jokes are a sex offense.)

The court stretched the identity theft statute too far. … [T]he court confronted several statutory ambiguities without any good common law precedent. The court also didn’t acknowledge or consider any constitutional concerns with its ruling. Instead, the court reaches the counterintuitive and potentially troubling result that publishing fake content through someone else’s account steals their identity. Obviously that takes us a pretty far distance from a paradigmatic case of pretending to be someone for commercial benefit (i.e., what I typically think of as “theft”). …

[K]ids are going to push limits with electronic tools just like they do offline. We need to find safer ways to let kids be kids online without ruining their lives.

Seriously. Part of growing up is learning to deal with a-holes. We’ve covered the litigiousness of schoolyard drama time and again. The lesson for now, though, is simply to hide yo’ kids, hide yo’ bad jokes and immaturity, because they are suing and prosecuting everyone out here.

Logging Into Someone Else’s Facebook Account and Posting Messages on Their Friends’ Walls Could Be Identity Theft — In re Rolando S. [Technology & Marketing Law Blog]

Christopher Danzig is a writer in Oakland, California. He previously covered legal technology for InsideCounsel magazine. Follow Chris on Twitter @chrisdanzig or email him at You can read more of his work at

(hidden for your protection)

comments sponsored by

Show all comments