Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cybercrime Treaty Fight Begins

Posted by Hemos on from the fight-this-battle dept.

Deskpoet writes "This article on ZDnet details how the Global Internet Liberty Campaign, based in Europe, is rising up to create awareness of this perfidy-in-action. There's also info about how it's really US law enforcement that's driving this thing. Your tax dollars at work."

6 of 155 comments (clear)

  1. Re:It's better than that by Paladin128 · · Score: 5

    "Criminalize the production, sale, distribution or otherwise making available of devices or computer programs who's primary use is to access, intercept or interfere with computer systems or communications."

    This also means many other tools will be illegal, including telnet, ftp, ssh, tcpdump...

    "Evil beware: I'm armed to the teeth and packing a hampster!"

    --
    Lex orandi, lex credendi.
  2. There goes telnet and minicom by Hairy_Potter · · Score: 5
    From the article, with my bolding

    Criminalize the production, sale, distribution or otherwise making available of devices or computer programs who's primary use is to access, intercept or interfere with computer systems or communications;

    So, any program that is designed to access a computer system is illegal? Like:

    • telnet
    • minicom
    • lynx
    • ftp
    • smbclient


    They better rethink that one.

    I imagine they will try to outlaw SA security tools too, like SAINT, COPS, TIGER and crack, just because a cracker can use these too.

    Of course, I can think of a lot of Slashdotter's who wouldn't object to these tools being outlawed, because they're dangerous and can be misused by uneducated persons, no wait, that's guns that should be outlawed because they're dangerous, not security tools.

    No, there certainly is no analogy between security tools like SAINT that can be misused and guns that can protect you or be misused, none at all.

  3. If we can trust ZDNet's take on it... by squiggleslash · · Score: 5
    I've never regarded ZDNet as a particularly intelligent news source, but assuming what they're saying is correct, the salient points seem to be:

    Any country that adopts the legislation will be required to:
    * Make illegal access, interception, and interference of computer systems or communications a criminal offense;

    I assume this is poorly worded and the wording should have been "Make illegal unauthorized access", otherwise it doesn't make sense! ["We caught you using your own computer, your nicked!"] This is already illegal in most juristictions I'm aware of. Arguably the laws tend to be unworkable and/or go after the wrong targets, but they do exist. Britain has the Computer Misuse Act and Telecommunications Act 1984 which coveres different aspects of the above.

    * Criminalize the production, sale, distribution or otherwise making available of devices or computer programs who's primary use is to access, intercept or interfere with computer systems or communications;"

    The key words being "whose primary use" is to. Again I'm not sure whether the wording is suspect, surely they mean "whose primary use is intended to be..." as arresting someone for, say, creating an ordinary FTP client which, for coincidental reasons, ends up being the #1 choice of crackers would be unfortunate...

    Assuming, again, ZDNet is being sleepy this morning, this isn't that unusual a request. Indeed, it probably already is illegal. In the US, the reason Napster is being targetted as a piracy tool rather than mIRC is because Napster's #1 intended use was to facilitate unauthorised copying, whereas mIRC was designed as a chat program. The fact that there are legitimate uses for Napster and illegal uses for mIRC doesn't change that. One assumes intent, therefore, is already a significant part of the equation.

    * Outlaw the fraud and forgery of computer data as well as copyright infringement;

    I'd be surprised if there aren't laws out there covering some of this, and copyright infringement's been covered by treaties for years. This is one of those "Why bother?" entries.

    * Broadly criminalize child pornography, even if the subject only appears to be a child;

    I assume "intent" is going to be part of this. How else do you legally distinguish between child porn and pictures of children? FWIW, I recall Britain has a law now against artificial child porn - pictures that have been created via Photoshop.

    Either way, it's tempting to get worried about this because no question of intent is explicitly worded, and many IANAL types get worried about anything so subjective, but given there'd be a international outcry if proud parents, owners of stores selling goods aimed at children, etc, suddenly started getting jailed and/or deported due to pictures of people under 21 appearing on their sites, we can be reasonably sure that intent will be a factor in practice.

    * Hold corporations liable for crimes and make certain service providers can collect data on their subscribers and save such data when authorities request it;

    It's pretty much true that, because of the lack of common carrier statuses to ISPs even in countries that have the notion of a common carrier (in Britain, most phone companies have no legal protection against acts of their subscribers, for instance), corporations are liable. The collection of data is the new bit, but I assume it needs clarification. What possible incentive does a company have for collecting acurate data on its own users if the only occasion it will be used is in evidence against it? Is the intention that companies who collect such data will not be held liable?

    Finally:

    * Cooperate with other jurisdictions to secure evidence and extradite those persons charged with a computer crime.

    Probably the only part of this that I think is going to be largely new in most juristictions.

    The truth is that generally governments already have this mix of laws, in one way or another, both the somewhat bizarre ones and the not so bizarre ones, with the exception of the extradition part. That's the only bit that scares me - how far does it go? Can a 16 year old in the US looking at an adult website in Holland result in the extradition of the webmaster because the age of consent is different in the two countries?
    --

    --
    You are not alone. This is not normal. None of this is normal.
  4. ZDNET have summarised the article incorrectly by judd · · Score: 5

    That is what zdnet say. But if you read the actual treaty (http://conventions.coe.int/treaty/EN/projets/cybe rcrime.doc) (sorry for the icky Word doc, NMF) you will see that the words "access, intercept or interfere" are qualified with the term "without right", and the treaty sections are headed "Illegal Access", "Illegal Interception", and so on.

    I don't like the treaty for other reasons, but it's not that stupidly drafted. So remember people, always read the primary sources, and don't get distracted from the main issues, which are (IMHO):
    - to what extent governments should compromise your rights in order to prevent or detect crime.
    - what constitutes "cybercrime" in any case.

  5. This is really poor reporting by bwalling · · Score: 5

    Here is a link to the actual draft of the treaty. Please read it before posting. The article makes terrible simplifications of the wording that blur the original meaning.

    Can someone please put this link into the /. article? It is important to the topic.

  6. Yes! by British · · Score: 5

    Yes, new laws against those mean "hackers" and "Cybercrime" will definitely solve the problem! I mean, it sure as hell solved all those drug problems.