Your sentiment is silly. In general, with important caveats I will not state here, you can of course voice a threat to do an action that is legal (file a lawsuit), and may not voice a threat to do an action that is illegal (physical assault).
I'm not even suggesting it has to happen at a legal level, but perhaps at a professional level, I would think any lawyer writing baseless threatening letters to people should be subject to losing there license.
Perhaps they shouldn't. If we lived in a world where lawyers were more cautions about what they attached there name to out of concern for losing their license we would probably be better off. Less bullying by corporations with lots of money etc. No problems with demand letters for legitimate issues that are well supported by evidence though.
>If we lived in a world where lawyers were more cautions about what they attached there name to out of concern for losing their license we would probably be better off.
That's already the case. Lawyers can be disbarred for filing frivolous lawsuits.
I'm in favor of the work done by the security researchers, and the defense offered by the EFF. However, your first comment was such a surface level understanding, and I wanted to bring it back to reality.
The general form of such a "legal threat" (threat relating to the law) is perfectly reasonable, normal, and legal (as in, conforming to the law). It's a standard part of practicing law.
However, in this specific case, they do appear to have broken one professional rule, regarding the threat of criminal prosecution conditional on a civil demand.
Aside from that one professional rule, the Fizz/Buzz letter was probably perfectly technically accurate. Whether the DA would take up the case, I doubt, but that's up to their discretion/advice from the DoJ, not based on the legal code.
I think Fizz/Buzz were incredibly foolish to send such a letter, as the researchers were essentially good samaritans being punished for their good deed (probably only because customers don't like it when supposedly professional organizations are found to be in need of such basic good deeds from good samaritans, and Fizz/Buzz would rather punish the good samaritans instead of "suffering" the "embarrassment" of public knowledge).
You seem to have the facts of this case incorrect. They definitely broke the law by hacking this app without prior authorization. You may disagree with the law but I don’t understand how you made the leap to calling for the suspension of specific attorneys.
The role of a lawyer is to make persuasive arguments in their clients favor, and those arguments are supported by a wide spectrum in strength of evidence and legal opinion.
Completely baseless stuff can get lawyers disbarred, but many things are shades of gray. The way the CFAA is written, just about any security research on someone else's machine that doesn't include "we got permission in advance" often falls into this gray area.
The fact that the DOJ doesn't prosecute good-faith security research is DOJ policy, not actual law. The law as-written doesn't have a good-faith exemption.
We've banned this account for repeatedly breaking the site guidelines.
If you don't want to be banned, you're welcome to email hn@ycombinator.com and give us reason to believe that you'll follow the rules in the future. They're here: https://news.ycombinator.com/newsguidelines.html.
