Very interesting article about a systems administrator who, just before he left his company, deleted 615 files. Wrong? Sure. Civil wrong, criminally possibly under destruction of property type laws.

But this *seems* not to fit (to me). You computer types may have a different read on it.

https://www.wired.com/2016/06/admin-faces-felony-deleting-files-flawed-hacking-law/

i'm not sure how I feel about this. He was maliciously and premeditatedly damaged digital company property. I would argue he VERY much could fall under the realm of malicious destruction. Even though there are backups in place, did he verify those backups? Backups and even transferred backups fail. He as an IT support person should know this. I am quite torn about this, having seen how abused IT staff are by major corporations. One of my former colleagues said he expects every job he takes to last no more than 3 yrs, because he WILL get laid off and his job out-sourced. Then when everything falls apart, the company will bring in new americans to fix things, then repeat. He had 14 jobs in 10 yrs because of layoffs (most where they laid off the entire IT staff) and he said it is just part of the game, that you get used to it.

I think my bigger problem is that this law contains a mandatory 10yr minimum sentence which seems incredibly disproportionate to the crime committed.

Honestly, there might be a lot more to this story but from this article I don't see much that makes me sympathetic to his case.

It seems like it's probably a misapplication of the law, but this guy has done nothing to get any sympathy from me on it. it's probably a classic case of law being made from a case that is more the exception than the rule, where the sympathetic or unsympathetic nature of the person in question has more impact than it should.

I do think what he did was criminal as well as civil. If you drove over to your employer's office and burned it down or destroyed product that's a crime as well as a civil case, and what he did was the destruction of property.

But it does seem there should be a law to cover that destruction that doesn't make it "hacking" per se, but maybe that law doesn't exist. The courts and legislatures have been behind on dealing with the digital world since its inception.

In fairness if such a law did exist then presumably there would be no need to have it again in a hacking law. THen a hacker could be tried for hacking if they did so, and property damage if he then damaged property as well. Maybe that law for digital property doesn't exist in that state?

I will say I'm not sure it was "authorized access". Even if he had an account and otherwise had access I don't think anyone is authorized to go in intentionally and do damage. that's still unauthorized access even if he had an account. Even with an account your authorization has particular parameters.