Virtual Theft

Professor Jacobs, bevandera was not able to post to the blog, so this is his blog post.

Virtual Theft

The concept of “virtual crime” itself seems the main issue in establishing the legal bounds of “theft” within virtual worlds and communities.  Lastowka outlines many of the definitions legal scholars have proposed, as well as the hurdles that arise from each.  Susan Brenner, for instance, stated that virtual crimes “would need to have all the elements of real crimes, and thus were not really a meaningfully new variety of criminal activity”.  Of course, the vast majority of statutes defining crimes and outlining their elements were created before the advent of virtual environments, and the language used in the statutes is accordingly vague and difficult to apply to such environments.

For example, the titular sword from Carli’s “The Sword, The Thief, and the EULA”.  The Dragon Sword was an intangible electronic item existing only on the Legends of Mir 3 server.  Was it legal property?  If so, to whom did it belong?  Did it belong to Qui Chengwei, who only lent his property to a friend temporarily on the mutually agreed upon understanding that the item would be returned to him?  Did it belong to Zhu Caoyuan, who was able to obtain the item within the game mechanics through arguably “in-role” and therefore acceptable treachery?  Or did it belong to the creators of Legends of Mir 3, assuming they included a provision in their EULA reserving their exclusive rights to all property, items, characters, graphics, etc. created within the server and game?

The United States has begun developing laws such as the Computer Fraud and Abuse Act to combat virtual crimes such as theft.  However, the CFAA only encompasses those unauthorized accesses to computers or servers causing more than $5000 in damages.  Proving this amount becomes an issue when courts refuse to acknowledge the value, or even status as property, of intangible items in virtual environments.

The 2003 “BlackHat Conference” of network and computer security specialists held a moot court which found that juries can understand and agree with the concept of virtual property having real value.  One may argue that the value of the property shifts daily and is difficult to establish.  Has that stopped us from regulating the buying, selling, and transferring of shares of stocks?  One might argue that the objects are valueless since their only application is within the virtual environment for which and in which they were created.  Is the same not true for gambling chips from a casino?  Is there any practical difference between a $10 poker chip and $10 worth of Linden dollars?  Both have no use other than within their “homes” (the casino and Second Life, respectively).  Both can be invested for attempted gain at the risk of loss – whether by betting on “red” at the roulette wheel or by paying a monthly fee for Second Life real estate to open a virtual bar.  Both can be “cashed out” back into U.S. currency through an intra-environment transfer.  If someone at a casino took your pile of gambling chips off the table in front of you, ran to cash them out, and then fled the building with cash in hand, there is no question or ambiguity regarding the occurrence of theft.   The courts seem to struggle with treating the virtual analog with the same clarity.

While a “Bone Crusher mace” may only be the electronic representation of a mace, that does not mean the item should be excluded from relevant theft and property laws.  An MP3 is simply bytes of ordered waveform data.  The transferral or copying of this data is illegal due to the effect of the transfer or copy.  Even before digital licensed copies were legally sold on venues such as iTunes, the copying of MP3s was treated the same as if a copyrighted CD was duplicated.  Despite the lack of any physical existence of the MP3, the essence and effect of the crime existed and real financial consequences occurred and the courts treated it accordingly.  The legal entity possessing the copyright and distribution rights to the recording is adversely affected by the creation or transferral of an unlicensed copy, regardless of whether such a copy is a tangible disc-based media or a data file existing only as binary on a hard drive.  As a result, such copying is considered piracy and theft.

Child pornography laws are not limited to physical photos and videotapes.  A JPEG (one of the most common electronic image formats) is simply a grid of colored squares, yet the distribution or even possession of such a file can constitute a crime under child pornography laws (if the file is determined to fall under the relevant statute).  Again, as with the MP3 copying, there is no need for the picture to have tangible form – the crime can be committed completely electronically with the same effect and real consequences as if the image existed as a Polaroid picture.

It may seem as though all actions occurring within a virtual environment should be governed exclusively by the EULA and the administrators.  However, the same is not true in other game environments.  Actions taking place using a game’s server or software do not necessarily fall within the rules and norms of the game anymore than actions taking place in a baseball stadium necessarily fall within the rules and norms of baseball.  A player “stealing” a base in the regular course of the game is distinct from a spectator scaling the fence and actually taking the base from the field.  These same distinctions exist within virtual environments, and the law should not ignore these distinctions in favor of treating all actions on a game’s server as “part of the game”.

Lastowka proposes a definition of virtual crime broad enough to create so many loopholes as to make it impractical, yet narrow enough to draw the lines of distinction necessary to sort actions fairly taken within the scope of the game/environment.  Lastowka distinguishes virtual crime as crimes that “exist or result in essence or effect, though not in actual fact, form, or name”.   This definition separates the legitimate in-game thieving by a person playing a “Rogue” class using a “pickpocket” skill from a person logging in as another person’s character and stripping them of all valuables.  This definition helps bring the server and the baseball stadium closer together in the eyes of the law.  It may not be the perfect definition to solidify the concept of virtual theft, but it is an excellent start.


~ by jhmcguire07 on September 21, 2009.

5 Responses to “Virtual Theft”

  1. Even in modern culture, where email and internet usage is increasingly a necessity to accomplish anything, it’s stunning that “virtual crime” and “virtual theft” is largely ignored by the populace. Attempts to apply “real world” law to the few cases that are brought forward have probably left most people confused because of the inaccurate fit akin to pushing a square peg into a circular hole. As more and more companies and individuals create, exchange and modify virtual property, it is clear that the lack of formal legal boundaries for virtual crimes will become an increasing problem. Technology moves quickly, much more quickly than the development of new law. I suppose Lastowka should be commended for addressing the need for defining virtual theft, but his proposal seems to suffer from problem of being too vague to be of any practical use. If a jury was to be instructed to determine if a crime took place that “exists in essence, but not in actual form,” I suspect you’d get six/twelve very confused reactions.

    The analogies that you discussed in the fourth paragraph, likening the value of virtual property to casino chips or stock shares, crystallized the issue in a way that the average juror could understand. By framing “virtual theft” in such a context, particularly the casino chip analogy, you could easily connect with a large percentage of the populace using existing law.

    However, after stepping back for a moment, I wonder if that would be the best outcome. Of the two analogies, comparing virtual properties to stock shares is probably more appropriate in light of the fluctuation in value of most virtual property. Securities law is complex in itself, and the intersection of the “virtual world” and the “real world” would only add to the complication s. Would agreements made in the “real world” be enforceable for transactions that take place in the “virtual world”? In the context of MMORPGs or platforms such as Second Life, I don’t think agreements (such as what happened in the case involving the Dragon Sword) between users would be acknowledged or enforced in the “virtual world” even though the parties could follow all of the formalities of contracts in the “real world”. Effective laws governing crime in the virtual context need to be written from scratch, but will have reverberating effects in regulating “virtual theft” and other areas including TOS/EULAs and beyond.

  2. I am deeply conflicted about the concept of virtual theft, as the same exact “theft” may be legitimate in one virtual space, and illegitimate in another.

    Here’s an example of what I would consider “legitimate theft”: I read an article a few years ago about Eve Online, and how a bunch of players conspired to murder (in-game) and steal tens of thousands of dollars from another player. Not only did the game developer do nothing to punish these players, they actively encouraged these kinds of underhanded activities to occur in-game. Even though a player had many valuable possessions stolen in game, it was all part of the game design.

    Now, let’s take a look at what most people would call an illegitimate theft. While surfing the net, I click on a link that downloads a Trojan unto my computer. Later that night, the developer of that Trojan sees me input my username and password unto Eve Online, and later goes into my account and relieves me of all of my items.

    I think the distinction between a legitimate and illegitimate theft is whether it occurs during the normal course of a game. If the developer gives you the option to steal items from another player, then it is clearly a design of the game, and no legal action should be taken. On the other hand, stealing your passwords in order to steal your items is no different than if somebody has access to your ATM pin, and clears out your bank account.

    One point that people keep bringing up is the sale of “stolen” items. I do not see how this is a valid concern. If one was to sell an item that they did not legitimately possess, then it is trafficking in stolen property. But, if one was to sell property that was legitimately “stolen”, such as in my Eve Online example, then I do not see how the act of selling the item is unlawful. If my newly acquired items have a real-world value, which I feel is undisputable, then where is the crime in exchanging those items of value for other valuable consideration?

    The example given in the readings, about a character naively lending an expensive sword to another character, is very much in a gray area. While it is not a “nice” thing to do, it was still done in a virtual world, where such things are bound to happen. I tend to think that when an in-game character steals something online, using only the options provided by the developer, there is no crime. In this case, if the developer agreed with the victim, then they were the ones that had the power and authority to give restitution to the victim. When the developer has the power to resolve the situation themselves, no government has any business interfering with that virtual space.

  3. If you’re spending over $300 of real money on a sword to use in a game, then it’s likely you’ve reached a certain level of sophistication in your understanding of that game. That’s a big investment that no mere dabbler would make. I think it’s safe to assume that Mr. Chengwei was not naive. He must have known the rules and the risks of the game. And for that reason, I’m less inclined to rescue him (or someone in his situation, I mean) from his own bad decision. In general, the law treats sophisticated parties/consumers/investors with less clemency than it treats novices or people who are out of their depth. The area of virtual crime should be no different. If Mr. Chengwei was an experienced gamer, we should treat him as a sophisticated investor who bet big and happened to lose. If I’m wrong and Mr. Chengwei actually had some good reason to believe that the law would protect him from virtual theft, then maybe the game needs to post a more visible notice warning users that no such protection exists.

  4. The fact that virtual crimes don’t need all the same elements as actual crime does pose an issue. How can you prosecute someone for doing something in the virtual world when they have not established all of the elements of the crime. You also run into the problem of deciding who is going to establish the elements to the virtual and how you are going to decide if those elements have actually been violated. Once those things are established then you have to figure who is going to actually monitor the activities that take place in the virtual world. That will take a lot of time and a whole lot of resources that the world currently does not have. The language in the current statutes would have to be updated to include all of the new technology that we are using and to take into consideration the different types of technologies that are still to come. That will also be difficult because how do you establish what the new technology will be. Also, it seems like an issue is that fact that creating laws for the new technology will also be obsolete after new technology has been invented, but that may need to be handled when it comes to the forefront.

    The amount in discussed in the CFAA is an issue that does need to be addressed. The laws need to be expanded to to include numerous other types of crimes like theft that can take place. The laws need to include and explain the definition of virtual property and virtual people in order for any laws to actually be established in regards to the different types of virtual crimes.

  5. For those that claim that we could use existing law for the prosecution of virtual crime, it’s helpful to look at the text of existing law to see where the difficulty lies.

    For example, the MPC defines theft as when someone “unlawfully takes, or exercises unlawful control over, movable property of another with purpose to deprive him thereof.” Virtual theft would satisfy all of these elements, except for the “movable” element because an intangible item is not “movable” in the traditional sense. However, virtual property may not fit the definition of “immovable” property either, because it can be transferred from one person to another over the internet.

    Another example is the definition of assault. Assault is defined as when a person “attempts to cause or purposely, knowingly, or recklessly causes bodily injury to another” or “attempts by physical menace to put another in fear of imminent serious bodily injury,” but can you have “bodily injury” of an avatar? Can a person be in “fear” of “imminent” injury when the assault takes place over the internet? The answer is probably no, but then how do we deal with cases like Megan Meier then?

    The solution is what others have said here: we need to either amend these laws to include virtual crimes or create a separate body of law that deals specifically with virtual crime.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: