Did WikiLeaks Break Federal Criminal Law using P2P Networks?

Bloomberg reporter Michael Ray writes that a Pensylvania firm may have discovered evidence that could be used to prosecute Wikileaks under US law.

Tiversa Inc., a company based in Cranberry Township, Pennsylvania, has evidence that WikiLeaks, which has said it doesn’t know who provides it with information, may seek out secret data itself, using so-called “peer-to-peer” networks, Chief Executive Officer Robert Boback claimed. He said the government is examining evidence that Tiversa has turned over.

The aricle goes on to quote Paul Ohm, an expert in cyber crime at the University of Colorado in Boulder and a writer for Freedom to Tinker, a blog sponsored by the Center for Information Technology Policy at Princeton University.  Responding via blog post Mr. Ohm clarifies the statements he made to Michael Ray.

The question presented by the reporter to me (though not in these words) was: is it a violation of the CFAA to systematically crawl a p2p network like Limewire searching for and downloading files that might be mistakenly shared, like spreadsheets or word processing documents full of secrets?

I don't think so. With everything I know about the text of this statute, the legislative history surrounding its enactment, and the cases that have interpreted it, this kind of searching and downloading won't "exceed the authorized access" of the p2p network. This simply isn't a crime under the CFAA.

unexplored wilderness

Given a difficult technology policy problem, lawyers will tend to seek technology solutions and technologists will tend to seek legal solutions. (Paul Ohm calls this “Felten’s Third Law”.) It’s easy to reject non-solutions in your own area because you have the knowledge to recognize why they will fail; but there must be a solution lurking somewhere in the unexplored wilderness of the other area. A Free Internet, If We Can Keep It | Freedom to Tinker