💾 Archived View for gemini.spam.works › mirrors › textfiles › law › forbes.txt captured on 2020-10-31 at 17:23:30.
-=-=-=-=-=-=-
"A Little Perspective, Please" by Mitchell Kapor Forbes Magazine June 21, 1993 (Permission granted for electronic redistribution) In Its Dec.21, 1992 cover story, headlined "The playground bullies are learning how to type," FORBES perpetuated a dangerous myth. This magazine blamed a new generation of "hacker hoods" for an epidemic of computer crime. It grates on me to see these two words- hacker and hood - used together. I'll begin by agreeing that computer crime is a real and serious problem. But the FORBES cover seemed to blur the distinction between theft and free speech, between adventuresome teenagers and crooks. Most hackers are just playing around or swapping information; only a minority are out to steal it. Hackers are not hoods, though a few may be. If I sound sensitive on this point, I have good reason. In the summer of 1990 John Perry Barlow and I founded the Electronic Frontier Foundation to challenge Secret Service seizures of computer bulletin board systems. Our goal was simple enough. We wanted to establish that the Bill of Rights applies in cyberspace as well as on Main Street. We wanted to help assure that law enforcement people, while fighting crime, do not violate the free speech and privacy rights of computer bulletin board users. We made one principle clear from the start: "Unauthorized entry into computer systems is wrong and should be illegal." Big high-tech rip-offs these days have to do with the theft of cellular and PBX codes. These can run up victims' phone bills into the hundreds of thousands of dollars. According to Donald Delaney, a New York State Police investigator who specializes in this area, major telecom fraud is typically committed by career criminals in their 30s, many of whom see it as more lucrative and safer than the drug business. Hardly your typical hacker. If the typical 17- year old hacker, gets caught stealing small amounts of phone service or breaking into a computer system where he has no business being, he's scared as hell, and ready to confess.. He's highly unlikely to do it again. These first-time offenders don't usually end up ever again on the business end of one of Dectective Delaney's warrants. There is no reason for bringing the full force of the law down on kids like this. So I was peeved at a FORBES cover that seemed to lump these kid pranksters in with hardened crooks. Such broad bracketing leads to excesses like those of the Secret Service in the recently decided Steve Jackson Games case. Federal Judge Sam Sparks found that the Secret Service illegally seized the private electronic mail of users of a customer relations bulletin board system operated by the Jackson firm.. At the trial, Judge Sparks roasted Secret Service agent Tim Foley for not making a simple investigation in advance that would have shown there was no cause to snoop on E-mail. The case demonstrates that accusations of computer crimes should be limited to cases involving seriously harmful behavior and injurious intent, not the mere suspicious use of a computer or a network. In Massachusetts, efforts to put such a balanced perspective into law are now under way. Governor William Weld has submitted computer crime legislation based on a report of his Commission on Computer Technology & Law, which I chaired. Commission members included law enforcement officials, such as a bulletin board-system literate district attorney, representatives from the computer and telecommunications industries and civil libertarians. The commission determined that much of what is labeled "Computer crime" would constitute a crime regardless of the particular means of accomplishment. Theft of a lot of money funds through manipulation of computer accounts is grand theft. Does the computer make it any grander? Our commission reported, and Governor Weld agreed, that changes to the law, where needed to plug gaps, are best accomplished by modifying existing law and building off familiar legal principles, not by passing overly broad and untested laws specifically covering computer crime. We found, for instance, that unauthorized access to a computer system is not, by itself, a violation of Massachusetts law. It should be. We therefore recommended an addition to the criminal law covering electronic trespass with penalties of up to $1,000 in fines or 30 days in jail. The proposed statute states that the requirement of a password constitutes the equivalent of a posted "No Trespassing" sign. The Massachusetts experience shows that it's possible for civil libertarians, law enforcers and industry experts to find common ground; they can address problems created by the spread of computers without compromising rights. This is the stroy the media ought to pay more attention to. Enough of these fantasies about dangerous teenagers stealing big money and compromising national security. --------------------------------------------------- Mitchell Kapor, Electronic Frontier Foundation Note permanent new email address for all correspondence as of 6/1/93 mkapor@kei.com