[2233] in bugtraq
LACC
daemon@ATHENA.MIT.EDU (Julian Assange)
Wed Sep 13 10:06:50 1995
Date: Wed, 13 Sep 1995 19:31:21 +1000
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Julian Assange <proff@suburbia.net>
X-To: bugtraq@fc.net
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
_ _____ _____
| | /\ / ____| / ____|
| | / \ | | | |
| | / /\ \ | | | |
| |____ / ____ \ | |____ | |____
|______| /_/ \_\ \_____| \_____|
Legal Aspects of Computer Crime
"echo subscribe lacc|mail lacc-request@suburbia.net"
REASONS FOR INCEPTION
---------------------
The growing infusion of computers and computing devices into society
created a legislative and common law vacuum in the 1980's. State
prosecutors attempted to apply traditional property protection and
deception laws to new technological crimes. By and large they were
successful in this endeavor. There were however a very few but well
publicized failed cases against computer "hackers" (most notable R
vs Gold - UK House of Lords).
In an atmosphere of increased government reliance on computer
databases and public fear and hostility towards computerization of
the workplace, the world's legislatures rushed to criminalize
certain types of computer use. Instead of expanding the scope of
existing legislation to more fully encompass the use of computers by
criminals, changing phrases such as "utter or write" to "utter,
write or transmit" (the former being the prosecutions undoing in the
well publicized Gold case) as had been done with the computerization
of copyright law, an entirely new class of criminal conduct was was
introduced. The computer had been seen not just as another tool that
criminals might use in committing a crime but something altogether
foreign and removed from the rest of society and established Law.
The result was a series of nievely drafted, overly broad and
under-defined statutes which criminalized nearly all aspects of
computer use under certain conditions.
In the the 1990's a fundamental and evolving shift in computer usage
in computer usage has started to occur. At work it is rare now to
see a white collar worker not in the possession of a computer. At
home over one third of households have computer systems. The
computer is no longer the "altogether foreign and removed from the
rest of society" device it once was. It has come out of the domain
technical specialist and into the main stream.
Even our notoriously slow moving legal profession is adopting it as
an essential tool. But there is another change. A qualitative one
important to our discussion.
When you connect hundreds of thousands of computers and thus the
people that use them together you find something remarkable occurs.
An event that you could never have predicted by merely summing the
discrete components involved. A unique virtual society forms. Despite
being designed with computer networking in mind computer crime
legislation copes very poorly with non homogeneous authorization.
Society's are based around a common knowledge of history, beliefs,
and current events. Each member of a society can be pinpointed as
belonging to the society in question by the ideas, beliefs and
knowledge they hold in common with its other members. Any new member
to a society learns this knowledge only because it is passed onto
them; directly by other members or indirectly via its media, works of
literature or observation.
Successful large scale computer networks like the Internet form for
one reason and one reason only; information sharing. When a critical
mass of diversity, interests, user population and information exchange
is reached, a situation develops that mirrors in all important
aspects a vibrant and evolving society. Members of these computer
network societies have nearly equal ability to convey their thoughts
to other members and do so in a timely manner without unwanted
distortion. This is a remarkably democratic process compared to the
very real self censorship and top heavy direction that is so
manifest in traditional broadcast and publishing industries.
But unlike the physical societies that have here-to been the norm,
the electronic network society is not isolationist. It continues to
draw from, mesh and feed its beliefs into the traditional societies
it was populated out of. This coupling process between computer
networks and traditional societies is expected to continue - at
least for English speaking countries, until a stage is reached were
it is difficult to find any boundary between the two.
The majority of citizens will then fall most completely under the
gamut of the appalling drafted computer crimes legislation many
times every day of their lives. In the vast majority of legislation
directed to address computer crime everything which can be performed
on a computer unless "authorized" is defined as illegal. Granted an
individual can authorize themselves to do anything they wish with
their own computer, but in a networked topology a typical computer
user may use or otherwise interact with hundreds or even thousands
of other peoples computers in any given day. In Law it has
previously been the case that which was not expressly forbidden was
permitted. Currently the digital equivalent of moving a chair is
illegal and carries with it in most countries a 5 to 10 year prison
term. It is a sad reflection on the legislature of the day that the
computer medium was criminalized rather than the intent or damage to
to the victem.
It is unlikely that law reform will occur until current political
concern over computer networks such as the Internet is moderated. If
anything the push so far from political drafters has being to once again
introduce brand new medium criminalizing legislation rather than
revitalizing the existing codes. This unfortunate "labeled arrow"
approach will continue as long as there exists an ill informed and
technologically ignorant legislature that finds itself pliant to the
whims of sensationalist media and honed to their dubious targets.
So ill defined and over broad are the terms used in computer crime
legislation that in most western countries pressing a button on a
silicon wrist watch without permission can be construed as
"insertion of data into a computer without authority" an offence
which carries 10 years penalty in some countries.
It is however within the above unfortunate lack of appropriate
legislation, precedents and judicial guidance that judiciary,
practitioners, prosecutors, law enforcement personnel and drafters
of future codes have to struggle to find resolution.
This list has been created in an attempt to mitigate the lack of
tangible resources people involved with computer crime rely on. It
is hoped that by bringing together knowledgeable people in the
aforementioned fields together with para-legal personnel and
informed lay persons; information and resources relevant to the
difficult task of analyzing, presenting in court or otherwise
dealing with computer crime law and computer crimes may be shared
and intelligent discussion stimulated.
nb. this list it is also an appropriate forum to discuss computerized
legal, law enforcement and criminology databases, such as Netmap,
Watson, PROMIS, Lexis, APAIS, CRIM-L, et cetera.
GUIDELINES
----------
In order to keep the semantic content high on this list, please consult
the following before posting:
DO POST DON'T POST
------- ----------
Un/reported decisions. Personal insults.
Commentaries on cases. Signatures >4 lines.
Reviews on relevant books. Quoted replies with more than 30%
Relevant journal articles. quoted from the original.
Information about proposed legislation. Short questions, or questions which
Full text of CC legislation. otherwise do not convey useful
Judicially defined terms. information in their own right.
Articles on new arrests or Gossip about the moderator.
cases. Articles about computer (in)security,
Detailed questions. they should be sent to:
Intelligent commentary. "best-of-security@suburbia.net"
Personal experiences with computer "breaking into a computer is the same
crime. as...."
Very well thought out analogies. Petitions (if you think they are
Relevant transcripts. exceptionally relevant, send them to
Defence or prosecution strategy. the moderator, who may post them).
Relevant papers, thesis. Chain letters.
Conference announcements and details. Advertising material.
Locations of legal resources. Ethical considerations that are only
Computer forensics information. "opinion".
Trial/court dates, verdicts etc. Content free news reports or
Reviews of legal software. articles.
Pointers to any of the above. Abusive, antagonistic or otherwise,
Cross post relevant information from non information rich or constructive
other lists or news groups. Phrases.
Relevant affidavits, court documents. Quotes from Dan Quale.
SUBSCRIBING
-----------
Send mail to:
lacc-request@suburbia.net
with the body of:
subscribe lacc
UNSUBSCRIBING
-------------
Send mail to:
lacc-request@suburbia.net
with the body of:
unsubscribe lacc
POSTING
-------
To send a message to the list, address it to:
lacc@suburbia.net
REPLYING
--------
If you are replying to a message already on the LACC list using your
mail programs reply facility you will almost certainly have to change
the reply address to lacc@suburbia.net. This is because the LACC mailing
list program is configured to have return replies sent no "nobody" in
order to avoid receiving the replies of "vacation" programs which
automatically send email saying "I've gone to the moon for two weeks to
hunt rare bits".
--
+----------------------------------+-----------------------------------------+
| Julian Assange | "if you think the United States has |
| | has stood still, who built the largest |
| proff@suburbia.net | shopping centre in the world?" - Nixon |
+----------------------------------+-----------------------------------------+
