[dionidium]

> We desperately need a law that says (or at least need people in power to understand that) if your server sends it (as an agent working on behalf of your interests), you decided it was ok for me to receive it!

No, this is a bad idea for a law. It's appealing to nerds (like myself), but it's not how the law does (or should) work. It's very easy to imagine scenarios where you could get a server to send you an HTTP 200 even though you knew you were accessing data you weren't supposed to. That should clearly be illegal. (It's not what happened here, though. This case is much sillier.)

[tshaddox]

Yes, this should be pretty obvious. If you kidnap someone and force them to log in to a computer system they have access to so that you can steal information or resources using that computer system, obviously that would be illegal (on top of the kidnapping) even though the computer system is working entirely as intended.