I actually doubt that there are more works - individual recordings - that are played at venues that are under a no royalty license, than there are works that are under royalty licenses.
I don't see how it needs special casing, it's copyright infringement. I'm no fan of the Berne Convention, but it requires copyright to be automatic and involve no formal registration. It's only fair to either uphold that treaty for both copyright and copyleft, or neither.
Legally speaking, there is no copyleft. It's simply a legal issue of licensing a copyrighted work under a royalty free license. The problem isn't with the copyright, it's with the collection agencies and their mandates. Since they are set up to collect for all the works under their purview, copyleft agreements confuse them.
In the US, ASCAP collects for recordings by Spanish, French, and Outer Mongolian artists - those people never actually see any money since they aren't usually registered with ASCAP, but they do collect. According to ASCAP, it is a violation to not pay for the use of the songs, even if the songs have been released under a royalty free license. The only exemption recognized by the law that allows ASCAP to collect is public domain works - so it's possible that they are correct. That is a flaw in the law creating the collection agencies not the copyright law.
The issue is that the vast majority of the works are used under national Mandatory Licensing regulations. This allows venues to use the works without having to negotiate individual use licenses. Because they are built around the ML, individual licensing agreements aren't considered when calculating royalty payments to the collection agencies. There are 2 approaches to resolving the issue:
Require registration of "collect" works.
Require registration of "do not collect" works.
Given the vast disparity of volume in "collect" vs "do not collect", the easy solution is to require copyleft works to register. This also has many other advantages for the collection agencies:
Simplified paperwork.
Shorter search lists - exclude vs include.
More royalties collected that will never have to be passed to artists.
Since I can't read the original proposed law, I will give it the benefit of the doubt and say it seems to be a step in the right direction in that it at least codifies the right of an artist to remove their work from the mandatory collection pool without having to deposit the work in the public domain.
The theory on a patent is that anyone skilled in the art - an engineer for machinery, a chemist for drugs, etc. - would be able to build the object using the information in the patent. Now it's not the engineers and chemists that write them, it's the corporate lawyers. So rather than "heat @ 97deg C for 30 minutes" you get "apply heat for an extended period of time". Of course, only 97 deg C for 30 min works, but by not telling you that, they keep a trade secret reality while getting protection in case it turns out that 101 deg C for 24 minutes turns out to work too.
Most of the patents being submitted are either business patents or software. Actual engineering patents are a small segment of the pool, and a huge chunk of the chemical patents are from pharmaceutical companies either re-applying the same product for a new 'use patent' or for the same chemical compound with a slight twist that keeps the original compound covered beyond it's 17 year limit.
The other problem is that most of the people approving these patents are not skilled in the art they are approving. That means that things like 3 reference linked lists get approved because the lawyer reviewing it can't find a reference to exactly that in the references provided by the company requesting the patent. The fact that they are used in almost every class that teaches a linked list structure is irrelevant & is now a million dollar problem to anyone who uses linked lists.
since when was there a need to prove "criminal intent" before prosecuting someone?
Always. Criminal guilt carries to elements:
Actus reus = the guilty act
Mens rea = the guilty mind
Not true. There are a large number of crimes where intent is irrelevant. The simple fact that an event occurred is sufficient for criminal prosecution. Statutory Rape is perhaps the best known. Even if the 'offender' was lied to & deceived with forged documents, the fact that sex occurred between a minor and an adult is sufficient to secure a conviction. There is no requirement for Mens Rea.
The pope doesn't see teaching evolution as a big deal. It's only the religious fundies in the US who really seem to have an issue with it. Seems most of the other sects of Christianity around the world have decided that the Bible is allegory and not absolute truth.
Possibly, but that would be clearly individual hosted sites not the whole block.
or the owner wasn't handling his taxes correctly. His user name in the forums is a marketing site between the US and Canada. I'm guessing he could have been pulling down big ad money and not reporting it correctly between the two countries. Hosting websites is a business and businesses always get into trouble. When there's money involved, there's lawyers. And with lawyers come lawsuits and with lawsuits come temporary injunctions.
Highly unlikely. Tax issues don't get you a gag order. If you're having tax troubles, they audit you and take you to court or seize assets.
If he's under as tight a gag order as he seems to be saying, he probably received a NSL. If so, chances are pretty good (according to the oversight committee) that its been issued either incorrectly or as a way to avoid pesky things like the correct paperwork. An organized child porn ring might get this type of gag order in order to pursue members that they have yet to identify - but just the closing of the site is sufficient warning to them anyway.
Blanket takedown of the whole business not individual sites screams arbitrary and excess - exactly the kind of thing you expect to see with a NSL.
Lobbyists are already pushing for updates that require a more active role in policing.
So yes, Google won, for now. At a cost that is sufficient to bankrupt most small internet companies. Yeah, let's really push the victory party there.
I won't be happy until a judge hands down sanctions against the lawyers for bringing a frivolous case. The lawyers are first and for most officers of the court. Before the interests of their bank accounts & before the interests of their clients, they are supposed to be officers of the court. These and so many others have failed that duty.
Let's see, Viacom vs Youtube was all about major media holders not being willing to file the takedown notices. They don't want to file, they don't want to allow anything under fair use, and they want everyone else to pay for the privilege of doing their work for them.
So, they've taken the new fad of gestures instead of clicks & added it to the page turn imagery that's been in use for at least 5 years on some of the Comic book houses. Oh, how novel is that. Why, I can't believe that nobody else in the whole wide world could come up with that idea.
Next are they going to patent using a stylus instead of a light pen to guide sprites around a virtual game board on smart phones?
Are actors getting screwed out of money by these companies?
Depends, usually big name actors get a theoretical cut of net, a few have enough weight to swing gross. 95% of the leading actors get pay to play & all of the fillers get standard wage.
So yes, the ones who are big enough to swing it are getting screwed, but the vast majority of them are just being paid to show up & don't expect any residuals.
Does the state they're incorporated in not have usury laws for commercial loans?
Probably not. Most US banks/CC companies are incorporated in Delaware explicitly because they don't have a usury law. Because it was found to be a restriction on interstate trade, CC's & banks can safely ignore usury laws in other states. I can't see why a company that's setting up it's own loan agency would ignore this particular loophole when signing the Incorporation papers.
I believe the way it works is that all the revenue is distributed among the subsidiaries leaving the parent shell company with no profit. I believe it's only tax fraud if the subsidiaries didn't pay the taxes.I don't know since IANATL.
I believe it's a bit more involved than that, but essentially yes. The parent company has a shell company that does the production & sub contracts it's other subsidiaries to the shell company to siphon off the revenue. At the end of the day, all of the subsidiaries & the parent company are reporting profits, except for the actual production company.
So Movie Madness Corp claims $1/2B net profit on 'Bubba Eats a Booger'*, but Movie Production Corp (Wholly owned subsidiary of MMC) shows a loss of $150M. As long as MMC pays taxes on $350M, the IRS doesn't care & MMC stock goes up because they're profitable. Because all the 'base + %net' contracts are signed with MPC, nobody involved in the actual production sees anything but the base rate.
* - have you seen this years movie selection? Chances are it would be more entertaining.
Ideally, no company should ever be allowed to bill a division of itself under any circumstances.
No, internal billing has a place. It's an ingrained part of project accounting & isn't a problem as such. In most companies that are actually doing it, they charge exactly what it costs. You took 400 man hours of 'Research' time & we paid $30/hour for that time, we're billing you $12K which you can account for in your project budget.
The abusive companies are saying: You took 400 man hours of 'Research' time & we paid $30/hour for it. Adding in our profit margin of 100%, we're billing you $24K.
The internal profit making is what needs to be stopped, not the process of internal billing. If Division A is spending time helping Division B, there needs to be some form of accounting in place to show why A lost X number of man hours that quarter, otherwise it just fucks everyone's bonus and job evaluations.
Or...am I the only one that not only had to unravel the mess
Oh gods no. Though it's no so much the normalization - that's no different than starting from scratch anyway. The big problems are trying to explain to the people using the DB that 'canceled' isn't a valid integer and cleaning up the data that's been all dumped into text fields because those 'make it easy to change what they put in the field'.
That would be my plan. I would design a very expensive plan that involve a lot of new, very expensive, border routers - oh, and a new logging server with failover backup. I think that should be in it's own building offsite - with an OC 3 or perhaps something bigger. Oh, and staffing. I think a crew of 6 for each shift should do it.
I could probably rack up a $2-3M startup costs with $1+M/year operating fee. With my plan ready, I would tell them that I am only waiting for the copyright holders to finance it. What? They don't want to? Sorry, we can't justify spending that kind of money to police civil complaints. Guess we'll just have to follow the DMCA.
That would be where they carefully balanced your right to make backups with the prohibition on selling or distributing software that would allow you to actually do it.
Don't ever underestimate the stupidity of customers.
Techs doing residential work live on it. Face it, nothing involved in doing a virus removal is rocket science. I had a customer who used to call me every other month to clean up their son's computer. Now the son's at college and it's someone else's goldmine.
I have a USB stick with Linux & TWM. It's some variant of Debian. I have it set up with clamAV and I run FreshClam before going out for a job. I made sure I have a CD that I can boot & chroot if the hardware won't boot off of a USB HD.
By running the separate OS, I don't have to worry about a rootkit hiding itself from the Windows OS. I know several people who also have XP running from flash drives & run MBAM and other software from them.
I write articles and code - and find that having the reference stuff up at the same time on another screen, with graphics on another, makes writing a LOT faster!!!
My preference is 3 monitors:
Coding - the IDE or Nedit windows.
Reference - Usually both language reference windows for rarely used commands and the project reference on the same window.
Testing - Web browser or testing script windows depending on the project.
With that setup, I don't have to flip between desktops to work & doing reference checks is as simple as looking between the monitors. No flipping back & forth between the project reference & the test results you just compare the 2 windows & be done with it.
That said, I can't even think of what I would do with 12 monitors other than running a kiosk with each K/V/M setup dedicated to it's own OS image.
My understanding is that many people set up the hardware without saving the configuration to NVRAM as a security measure when dealing with off-site hardware. Since almost all of the hardware was out of his physical control, the configuration was appropriate. However, the failure to store the configuration in the 'bus' safe along with the appropriate passwords was inappropriate.
The law was explicitly written with the idea of extortionware in mind - "I have your computer system & I'm not giving it back unless you pay me." or massive DDOS attacks. The city decided that the wording could be stretched to include not giving up a password after you've been fired, and the jury agreed with them.
Was he guilty of 'tampering' under any rational definition- absolutely not.
Did he deny them access - to be honest I don't think it's appropriate to say yes from a technical standpoint, however that's the problem that specialists face when dealing with juries - they don't understand nor care to, the specifics of the job.
We had a cop in a town near us who kept ticketing the State Police when they sped through her town - every ticket was thrown out without comment or hearing. The state doesn't want to deal with cops breaking 'minor' rules and that leads to the mindset that all the rules are fair game.
Exactly what definition of hijack are you using? He built and managed a system that nobody else touched. He was the only person authorized to make alterations to the configurations, and as such was the only person with the root password to the routers. That's certainly not 'hijacking' the network - it's functioning under the paradigm created by the city.
It doesn't matter that he was the only admin and nobody else "needed" (even allowing this rather hefty value judgment) access.
In terms of the security policy he was contractually obligated to follow and was subject to civil and criminal charges for violating, it most certainly does matter.
It was their system. He built it for them. They got rid of him, and he decided that he wasn't going to let them have a thing that was theirs by right.
Define they. The passwords were demanded in a setting that violated almost every bullet point of the security policy. His refusal to turn over the passwords in that scenario is fully justified - he was contractually and legally obligated to follow the security policy. In fact, demanding the passwords in such a setting should have gotten his supervisor reprimanded/fired for violating it. This demand was followed by an arrest - at which point there aren't very many people who would be in a cooperative mood. Note the timeline - password demanded in violation of security policy -> arrested -> password demanded by unauthorized personal -> password given to Mayor.
I am going to assume you've never worked in an environment that takes it's security policy seriously. Bosses generally don't get root passwords. They don't need them. Admins need root passwords, bosses need limited accounts to observe. In most large companies and/or government offices, complying with the original request would have left Childs civilly and legally liable for any misuse by anyone in attendance - in person or on the conference call. In fact, according to the security policy in place at the time, it was a firing offense and would have left him exposed to criminal charges had any information on the network been exposed.
If this was a corporation, he'd be sued six ways to sunday. Since it's the government, they're talking about jail.
The government doesn't get to play that way. Only the military is outside the legal system - they have the Uniform Code of Military Justice instead. If the proper course of action for a company is to sue him, then the proper course for the government is to sue him. The charges are a big stick designed to make him pay for not playing politics and embarrassing people by exposing how petty and overreaching they were.
The proper course of action was to follow the actual written policy. If that didn't work, move on to getting a court order to compel him to reveal the password. Jumping from demanding the password in violation of policy to arresting him on hacking charges is the issue because it's an abuse of the system.
Your point about exiting angrily and recommendations is completely irrelevant.
It was your comment - I was just responding to it to round out my reply by indicating demeanor has little to do with it.
Exiting gracefully -- handing over access
The question is, to whom should he have handed over access? To the unknown people on the conference call, the police officers, HR personel, and his supervisor - none of whom were authorized to work on the system?
-- would have 100% avoided the situation he is now in.
And he would have been 100% criminally & civilly liable for any damage to the network or protected information that was leaked. Some days you are damned if you do and damned if you don't. Given the original demand for the PW, Childs was well within the security policy to say no. What should have followed was a documented paper trail showing procedure being followed not a bunch of trumped up charges.
I'm not sure it's germane to the case, but the fact that you're fired doesn't relieve you of responsibilities
Really depends on the responsibility.
such as NDAs,
They are written to persist after termination so it's not surprising that you're obligations persist.
following city security policy (his own defense),
To be honest, don't think you have to follow policy after you're not employed anymore. Legally, he probably could have given the password to the secretary on the way out by shouting it to her from the door. Of course, he probably would have been held responsible for any issues that happened afterwards. It's a good idea to CYA because the last guy who left is always the one at fault.
distributing necessary information to your employer.
It's nice, but I'm not certain there's any legal mandate to tell a former employer anything. As of the moment they stop paying you, the employer has no legal right to compel you to provide them with any information. If they want you as a consultant, great. If they want you to be nice & walk them through the system - sorry, it's a pay-to-play world folks.
Slashdot Mirror
I actually doubt that there are more works - individual recordings - that are played at venues that are under a no royalty license, than there are works that are under royalty licenses.
Legally speaking, there is no copyleft. It's simply a legal issue of licensing a copyrighted work under a royalty free license. The problem isn't with the copyright, it's with the collection agencies and their mandates. Since they are set up to collect for all the works under their purview, copyleft agreements confuse them.
In the US, ASCAP collects for recordings by Spanish, French, and Outer Mongolian artists - those people never actually see any money since they aren't usually registered with ASCAP, but they do collect. According to ASCAP, it is a violation to not pay for the use of the songs, even if the songs have been released under a royalty free license. The only exemption recognized by the law that allows ASCAP to collect is public domain works - so it's possible that they are correct. That is a flaw in the law creating the collection agencies not the copyright law.
The issue is that the vast majority of the works are used under national Mandatory Licensing regulations. This allows venues to use the works without having to negotiate individual use licenses. Because they are built around the ML, individual licensing agreements aren't considered when calculating royalty payments to the collection agencies. There are 2 approaches to resolving the issue:
Given the vast disparity of volume in "collect" vs "do not collect", the easy solution is to require copyleft works to register. This also has many other advantages for the collection agencies:
Since I can't read the original proposed law, I will give it the benefit of the doubt and say it seems to be a step in the right direction in that it at least codifies the right of an artist to remove their work from the mandatory collection pool without having to deposit the work in the public domain.
The theory on a patent is that anyone skilled in the art - an engineer for machinery, a chemist for drugs, etc. - would be able to build the object using the information in the patent. Now it's not the engineers and chemists that write them, it's the corporate lawyers. So rather than "heat @ 97deg C for 30 minutes" you get "apply heat for an extended period of time". Of course, only 97 deg C for 30 min works, but by not telling you that, they keep a trade secret reality while getting protection in case it turns out that 101 deg C for 24 minutes turns out to work too.
Most of the patents being submitted are either business patents or software. Actual engineering patents are a small segment of the pool, and a huge chunk of the chemical patents are from pharmaceutical companies either re-applying the same product for a new 'use patent' or for the same chemical compound with a slight twist that keeps the original compound covered beyond it's 17 year limit.
The other problem is that most of the people approving these patents are not skilled in the art they are approving. That means that things like 3 reference linked lists get approved because the lawyer reviewing it can't find a reference to exactly that in the references provided by the company requesting the patent. The fact that they are used in almost every class that teaches a linked list structure is irrelevant & is now a million dollar problem to anyone who uses linked lists.
Not true. There are a large number of crimes where intent is irrelevant. The simple fact that an event occurred is sufficient for criminal prosecution. Statutory Rape is perhaps the best known. Even if the 'offender' was lied to & deceived with forged documents, the fact that sex occurred between a minor and an adult is sufficient to secure a conviction. There is no requirement for Mens Rea.
The pope doesn't see teaching evolution as a big deal. It's only the religious fundies in the US who really seem to have an issue with it. Seems most of the other sects of Christianity around the world have decided that the Bible is allegory and not absolute truth.
Possibly, but that would be clearly individual hosted sites not the whole block.
Highly unlikely. Tax issues don't get you a gag order. If you're having tax troubles, they audit you and take you to court or seize assets.
If he's under as tight a gag order as he seems to be saying, he probably received a NSL. If so, chances are pretty good (according to the oversight committee) that its been issued either incorrectly or as a way to avoid pesky things like the correct paperwork. An organized child porn ring might get this type of gag order in order to pursue members that they have yet to identify - but just the closing of the site is sufficient warning to them anyway.
Blanket takedown of the whole business not individual sites screams arbitrary and excess - exactly the kind of thing you expect to see with a NSL.
So yes, Google won, for now. At a cost that is sufficient to bankrupt most small internet companies. Yeah, let's really push the victory party there.
I won't be happy until a judge hands down sanctions against the lawyers for bringing a frivolous case. The lawyers are first and for most officers of the court. Before the interests of their bank accounts & before the interests of their clients, they are supposed to be officers of the court. These and so many others have failed that duty.
Let's see, Viacom vs Youtube was all about major media holders not being willing to file the takedown notices. They don't want to file, they don't want to allow anything under fair use, and they want everyone else to pay for the privilege of doing their work for them.
So, they've taken the new fad of gestures instead of clicks & added it to the page turn imagery that's been in use for at least 5 years on some of the Comic book houses. Oh, how novel is that. Why, I can't believe that nobody else in the whole wide world could come up with that idea.
Next are they going to patent using a stylus instead of a light pen to guide sprites around a virtual game board on smart phones?
Depends, usually big name actors get a theoretical cut of net, a few have enough weight to swing gross. 95% of the leading actors get pay to play & all of the fillers get standard wage.
So yes, the ones who are big enough to swing it are getting screwed, but the vast majority of them are just being paid to show up & don't expect any residuals.
Probably not. Most US banks/CC companies are incorporated in Delaware explicitly because they don't have a usury law. Because it was found to be a restriction on interstate trade, CC's & banks can safely ignore usury laws in other states. I can't see why a company that's setting up it's own loan agency would ignore this particular loophole when signing the Incorporation papers.
I believe it's a bit more involved than that, but essentially yes. The parent company has a shell company that does the production & sub contracts it's other subsidiaries to the shell company to siphon off the revenue. At the end of the day, all of the subsidiaries & the parent company are reporting profits, except for the actual production company.
So Movie Madness Corp claims $1/2B net profit on 'Bubba Eats a Booger'*, but Movie Production Corp (Wholly owned subsidiary of MMC) shows a loss of $150M. As long as MMC pays taxes on $350M, the IRS doesn't care & MMC stock goes up because they're profitable. Because all the 'base + %net' contracts are signed with MPC, nobody involved in the actual production sees anything but the base rate.
* - have you seen this years movie selection? Chances are it would be more entertaining.
No, internal billing has a place. It's an ingrained part of project accounting & isn't a problem as such. In most companies that are actually doing it, they charge exactly what it costs. You took 400 man hours of 'Research' time & we paid $30/hour for that time, we're billing you $12K which you can account for in your project budget.
The abusive companies are saying: You took 400 man hours of 'Research' time & we paid $30/hour for it. Adding in our profit margin of 100%, we're billing you $24K.
The internal profit making is what needs to be stopped, not the process of internal billing. If Division A is spending time helping Division B, there needs to be some form of accounting in place to show why A lost X number of man hours that quarter, otherwise it just fucks everyone's bonus and job evaluations.
Now, doesn't that depend on who is in the hotel room doing what to whom?
I can certainly think of some combinations that would put my ass in a movie theater seat.
Oh gods no. Though it's no so much the normalization - that's no different than starting from scratch anyway. The big problems are trying to explain to the people using the DB that 'canceled' isn't a valid integer and cleaning up the data that's been all dumped into text fields because those 'make it easy to change what they put in the field'.
That would be my plan. I would design a very expensive plan that involve a lot of new, very expensive, border routers - oh, and a new logging server with failover backup. I think that should be in it's own building offsite - with an OC 3 or perhaps something bigger. Oh, and staffing. I think a crew of 6 for each shift should do it.
I could probably rack up a $2-3M startup costs with $1+M/year operating fee. With my plan ready, I would tell them that I am only waiting for the copyright holders to finance it. What? They don't want to? Sorry, we can't justify spending that kind of money to police civil complaints. Guess we'll just have to follow the DMCA.
That would be where they carefully balanced your right to make backups with the prohibition on selling or distributing software that would allow you to actually do it.
Techs doing residential work live on it. Face it, nothing involved in doing a virus removal is rocket science. I had a customer who used to call me every other month to clean up their son's computer. Now the son's at college and it's someone else's goldmine.
I have a USB stick with Linux & TWM. It's some variant of Debian. I have it set up with clamAV and I run FreshClam before going out for a job. I made sure I have a CD that I can boot & chroot if the hardware won't boot off of a USB HD. By running the separate OS, I don't have to worry about a rootkit hiding itself from the Windows OS. I know several people who also have XP running from flash drives & run MBAM and other software from them.
My preference is 3 monitors:
With that setup, I don't have to flip between desktops to work & doing reference checks is as simple as looking between the monitors. No flipping back & forth between the project reference & the test results you just compare the 2 windows & be done with it.
That said, I can't even think of what I would do with 12 monitors other than running a kiosk with each K/V/M setup dedicated to it's own OS image.
My understanding is that many people set up the hardware without saving the configuration to NVRAM as a security measure when dealing with off-site hardware. Since almost all of the hardware was out of his physical control, the configuration was appropriate. However, the failure to store the configuration in the 'bus' safe along with the appropriate passwords was inappropriate.
The law was explicitly written with the idea of extortionware in mind - "I have your computer system & I'm not giving it back unless you pay me." or massive DDOS attacks. The city decided that the wording could be stretched to include not giving up a password after you've been fired, and the jury agreed with them.
Was he guilty of 'tampering' under any rational definition- absolutely not.
Did he deny them access - to be honest I don't think it's appropriate to say yes from a technical standpoint, however that's the problem that specialists face when dealing with juries - they don't understand nor care to, the specifics of the job.
We had a cop in a town near us who kept ticketing the State Police when they sped through her town - every ticket was thrown out without comment or hearing. The state doesn't want to deal with cops breaking 'minor' rules and that leads to the mindset that all the rules are fair game.
Exactly what definition of hijack are you using? He built and managed a system that nobody else touched. He was the only person authorized to make alterations to the configurations, and as such was the only person with the root password to the routers. That's certainly not 'hijacking' the network - it's functioning under the paradigm created by the city.
In terms of the security policy he was contractually obligated to follow and was subject to civil and criminal charges for violating, it most certainly does matter.
Define they. The passwords were demanded in a setting that violated almost every bullet point of the security policy. His refusal to turn over the passwords in that scenario is fully justified - he was contractually and legally obligated to follow the security policy. In fact, demanding the passwords in such a setting should have gotten his supervisor reprimanded/fired for violating it. This demand was followed by an arrest - at which point there aren't very many people who would be in a cooperative mood. Note the timeline - password demanded in violation of security policy -> arrested -> password demanded by unauthorized personal -> password given to Mayor.
I am going to assume you've never worked in an environment that takes it's security policy seriously. Bosses generally don't get root passwords. They don't need them. Admins need root passwords, bosses need limited accounts to observe. In most large companies and/or government offices, complying with the original request would have left Childs civilly and legally liable for any misuse by anyone in attendance - in person or on the conference call. In fact, according to the security policy in place at the time, it was a firing offense and would have left him exposed to criminal charges had any information on the network been exposed.
The government doesn't get to play that way. Only the military is outside the legal system - they have the Uniform Code of Military Justice instead. If the proper course of action for a company is to sue him, then the proper course for the government is to sue him. The charges are a big stick designed to make him pay for not playing politics and embarrassing people by exposing how petty and overreaching they were.
The proper course of action was to follow the actual written policy. If that didn't work, move on to getting a court order to compel him to reveal the password. Jumping from demanding the password in violation of policy to arresting him on hacking charges is the issue because it's an abuse of the system.
It was your comment - I was just responding to it to round out my reply by indicating demeanor has little to do with it.
The question is, to whom should he have handed over access? To the unknown people on the conference call, the police officers, HR personel, and his supervisor - none of whom were authorized to work on the system?
And he would have been 100% criminally & civilly liable for any damage to the network or protected information that was leaked. Some days you are damned if you do and damned if you don't. Given the original demand for the PW, Childs was well within the security policy to say no. What should have followed was a documented paper trail showing procedure being followed not a bunch of trumped up charges.
Really depends on the responsibility.
They are written to persist after termination so it's not surprising that you're obligations persist.
To be honest, don't think you have to follow policy after you're not employed anymore. Legally, he probably could have given the password to the secretary on the way out by shouting it to her from the door. Of course, he probably would have been held responsible for any issues that happened afterwards. It's a good idea to CYA because the last guy who left is always the one at fault.
It's nice, but I'm not certain there's any legal mandate to tell a former employer anything. As of the moment they stop paying you, the employer has no legal right to compel you to provide them with any information. If they want you as a consultant, great. If they want you to be nice & walk them through the system - sorry, it's a pay-to-play world folks.