List: best-of-security Subject: BoS: Legal Aspects of Computer Crime From: Julian Assange <proff () suburbia ! net> Date: 1995-09-13 6:21:00 _ _____ _____ | | /\ / ____| / ____| | | / \ | | | | | | / /\ \ | | | | | |____ / ____ \ | |____ | |____ |______| /_/ \_\ \_____| \_____| Legal Aspects of Computer Crime "echo subscribe lacc|mail lacc-request@suburbia.net" REASONS FOR INCEPTION --------------------- The growing infusion of computers and computing devices into society created a legislative and common law vacuum in the 1980's. State prosecutors attempted to apply traditional property protection and deception laws to new technological crimes. By and large they were successful in this endeavor. There were however a very few but well publicized failed cases against computer "hackers" (most notable R vs Gold - UK House of Lords). In an atmosphere of increased government reliance on computer databases and public fear and hostility towards computerization of the workplace, the world's legislatures rushed to criminalize certain types of computer use. Instead of expanding the scope of existing legislation to more fully encompass the use of computers by criminals, changing phrases such as "utter or write" to "utter, write or transmit" (the former being the prosecutions undoing in the well publicized Gold case) as had been done with copyright law, an entirely new class of criminal conduct was was introduced. The computer had been seen not just as another tool that criminals might use in committing a crime but something altogether foreign and removed from the rest of society and established Law. The result was a series of nievely drafted, overly broad and under-defined statutes which criminalized nearly all aspects of computer use under certain conditions. In the second quarter of the 1990's there was a fundamental shift in computer usage. At work it is rare now to see a white collar worker not in the possession of a computer. At home over one third of households have computer systems. The computer is no longer "altogether foreign and removed from the rest of society". Even our notoriously slow moving legal profession is adopting it as an essential tool. But there is another change. A qualitative one important to our discussion. When you connect hundreds of thousands of computers and thus the people that use them together you find something remarkable occurs. An event that you could never have predicted by merely summing the discrete components involved. A unique virtual society forms. Society's are based around a common knowledge of history, beliefs, and current events. Each member of a society can be pinpointed as belonging to the society in question by the ideas, beliefs and knowledge they hold in common with its other members. Any new member to a society learns this knowledge only because it is passed onto them; directly by other members or indirectly via its media, works of literature or observation. Successful large scale computer networks like the Internet form for one reason and one reason only; information sharing. When a critical mass of diversity, interests, user population and information exchange is reached, a situation develops that mirrors in all important aspects a vibrant and evolving society. Members of these computer network societies have nearly equal ability to convey their thoughts to other members and do so in a timely manner without unwanted distortion. This is a remarkably democratic process compared to the very real self censorship and top heavy direction that is so manifest in traditional broadcast and publishing industries. But unlike the physical societies that have here-to been the norm, the electronic network society is not isolationist. It continues to draw from, mesh and feed its beliefs into the traditional societies it was populated out of. This coupling process between computer networks and traditional societies is expected to continue - at least for English speaking countries, until a stage is reached were it is difficult to find any boundary between the two. The majority of citizens will then fall most completely under the gamut of the appalling drafted computer crimes legislation many times every day of their lives. In the vast majority of legislation directed to address computer crime everything which can be performed on a computer unless "authorized" is defined as illegal. Granted an individual can authorize themselves to do anything they wish with their own computer, but in a networked topology a typical computer user may use or otherwise interact with hundreds or even thousands of other peoples computers in any given day. In Law it has previously been the case that which was not expressly forbidden was permitted. Currently the digital equivalent of moving a chair is illegal and carries with it in most countries a 5 to 10 year prison term. It is a sad reflection on the legislature of the day that the computer medium was criminalized, and not the crime. It is unlikely that law reform will occur until current political concern over computer networks such as the Internet is moderated. If anything the push so far from political drafters has being to once again introduce brand new medium criminalizing legislation rather than revitalizing the existing codes. This unfortunate "labeled arrow" approach will continue as long as there exists an ill informed and technologically ignorant legislature that finds itself pliant to the whims of sensationalist media and honed to their dubious targets. It is however within the above unfortunate lack of appropriate legislation, precedents and judicial guidance that practitioners, prosecutors, law enforcement personnel and drafters of future legislation have to work. This list has been created in an attempt to mitigate the lack of resources we have to work with. It is hoped that by bringing together knowledgeable people in the aforementioned fields together with para-legal personnel and informed lay persons, information and resources relevant to the difficult task of analyzing, presenting in court or otherwise dealing with computer crime law and computer crimes may be shared and intelligent discussion stimulated. nb. this list it is also an appropriate forum to discuss computerized legal, law enforcement and criminology databases, such as Netmap, Watson, PROMIS, Lexis, APAIS, CRIM-L, et cetera. GUIDELINES ---------- In order to keep the semantic content high on this list, please consult the following before posting: DO POST DON'T POST ------- ---------- Un/reported decisions. Personal insults. Commentaries on cases. Signatures >4 lines. Reviews on relevant books. Quoted replies with more than 30% Relevant journal articles. quoted from the original. Information about proposed legislation. Short questions, or questions which Full text of CC legislation. otherwise do not convey useful Judicially defined terms. information in their own right. Articles on new arrests or Gossip about the moderator. cases. Articles about computer (in)security, Detailed questions. they should be sent to: Intelligent commentary. "best-of-security@suburbia.net" Personal experiences with computer "breaking into a computer is the same crime. as...." Very well thought out analogies. Petitions (if you think they are Relevant transcripts. exceptionally relevant, send them to Defence or prosecution strategy. the moderator, who may post them). Relevant papers, thesis. Chain letters. Conference announcements and details. Advertising material. Locations of legal resources. Ethical considerations that are only Computer forensics information. "opinion". Trial/court dates, verdicts etc. Content free news reports or Reviews of legal software. articles. Pointers to any of the above. Abusive, antagonistic or otherwise, Cross post relevant information from non information rich or constructive other lists or news groups. Phrases. Relevant affidavits, court documents. Quotes from Dan Quale. SUBSCRIBING ----------- Send mail to: lacc-request@suburbia.net with the body of: subscribe lacc UNSUBSCRIBING ------------- Send mail to: lacc-request@suburbia.net with the body of: unsubscribe lacc POSTING ------- To send a message to the list, address it to: lacc@suburbia.net REPLYING -------- If you are replying to a message already on the LACC list using your mail programs reply facility you will almost certainly have to change the reply address to lacc@suburbia.net. This is because the LACC mailing list program is configured to have return replies sent no "nobody" in order to avoid receiving the replies of "vacation" programs which automatically send email saying "I've gone to the moon for 2 weeks to hunt rare bits". --END -- +----------------------------------+-----------------------------------------+ | Julian Assange | "if you think the United States has | | | has stood still, who built the largest | | proff@suburbia.net | shopping centre in the world?" - Nixon | +----------------------------------+-----------------------------------------+