In the wildly popular Girl With the Dragon Tattoo book series by Stieg Larsson, the protagonist Mikael Blomkvist is a journalist who engages in ever-increasingly sketchy practices to get the story and nail down his enemies. His friend Lisbeth Salander is a hacker, and, knowing what he wants, she breaks into computers and provides him information that she obtained illegally. This is sort of glossed over by the author in the interest at relaying an exciting plot. I couldn't help but be reminded of that when I read today's lengthy Times story about Fabrice "Fabulous Fab" Tourre, which relies on long-term access to his private e-mail account, handed to the paper by a source.
Of course, this isn't the first time Fab has suffered the indignity of having his personal e-mails read. But here's how the Times explains their access to his account this time:
These legal replies, which are not public, were provided to The New York Times by Nancy Cohen, an artist and filmmaker in New York also known as Nancy Koan, who says she found the materials in a laptop she had been given by a friend in 2006. The friend told her he had happened upon the laptop discarded in a garbage area in a downtown apartment building. E-mail messages for Mr. Tourre continued streaming into the device, but Ms. Cohen said she had ignored them until she heard Mr. Tourre’s name in news reports about the S.E.C. case. She then provided the material to The Times.
Obviously, there are some sketchy elements to that story, not the least of which is the fact that a man involved in crafting a key Goldman product — that eventually became emblematic of the CDO triggers to the global financial crisis — left his still-active laptop, with personal and business information, lying around in a "garbage area." This was in the middle of the time when his bank was using that product, no less. I kept my clunky desktop computer from college in my apartment for years because I was afraid to put it in the trash room where someone would find my crappy senior essay about Ulysses. And I never worked at an Über-secure place like Goldman, which presumably trains people to change passwords regularly on even personal accounts. But Felix Salmon gets at the key question: "Was the NYT, then, hacking into Tourre’s private emails in much the same way as the News of the World was hacking into private voicemails?"
I understand that the computer was found in a garbage area, and that there’s a long tradition of investigative reporters using information found in the trash. But if Tourre left a key to his apartment in the trash, that wouldn’t give reporters the right to use that key to enter his apartment and snoop around. The laptop was essentially a key to Tourre’s email account — which held highly confidential correspondence between Tourre and his lawyers. An email account, these days, is arguably more private than an apartment, and breaking into a password-protected email account is clearly wrong.
It's an ethical gray area, one which the Times no doubt plumbed in depth with its lawyers. Morgenstern and Story are practiced reporters who also, I'm sure, strictly followed whatever rules the paper's brass laid out for them when it came to the legality of it all. For example, Salmon seems to assume that the reporters were monitoring in some way Fabrice's e-mail account. But the Times indicates that they just received copies of the e-mails from Cohen and never dealt directly with the account. "As we disclosed in our story, certain documents were provided to us by a named source," a spokeswoman told me today. "The Times did not 'hack' any e-mail accounts or ask anyone to do so. We are confident that our receipt and use of those documents was in keeping with our journalistic standards and complied with the law."
When I pressed the issue, asking whether the laptop itself was also turned over and for clarity as to when the documents were provided in general, the Times declined to give further details. Salmon, for his part, wonders why the paper only published the story now, when Cohen presumably saw Tourre's name in the news and realized what she had in her hands in April of last year. He suspects they've been accessing the private e-mail account since then, and only stopped when he changed his password, thus drying up the fount of information and sparking, at last, a story. That doesn't seem like something the Times would do, and it's contrary to what the spokeswoman seems to be saying to me. Still, there is an element of this that reads a little like those popular Swedish thrillers — a journalistic trick that doesn't quite feel right, even if it's legal, but which can be easily set aside in the interest of a compelling plot.