Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacking By Subpoena

Posted by Hemos on from the not-gonna-do-it dept.

solidox writes "SecurityFocus has an article on how Alwyn Farey-Jones instructed his lawyer to issue a subpoena against ICA to get all their emails. ICA's ISP, NetGate, complied and gave them over 300 emails from ICA employees. When ICA found out about this they sued and the court ruled that this was a violation of the Computer Fraud and Abuse Act. This could be good news for those trying to fight off the RIAA subpoenas to isps to catch file-sharers."

5 of 30 comments (clear)

  1. Subpoenas by Goo.cc · · Score: 1, Insightful

    From what I read of the article, it sounds like anyone can issue a subpoena without going to court first. Am I understanding this correctly? If so, it seems silly that anyone can subpoena e-mail just on their word.

    1. Re:Subpoenas by Anonymous Coward · · Score: 1, Insightful

      Never underestimate the power of human stupidity. Sure you need to go to court, but not if the other guy is too stupid to check, since that was the point of this story.

  2. Re:The oldest form of hacking by MrWa · · Score: 4, Insightful
    This comment ignores the fact that the oldest form of hacking is social engineering. Doing something to sound official, or to appear to have clout that you don't have, in order to get what you want (generally, to get something you're not supposed to have) is definitely a form of hacking, used in some cases for nefarious purposes. The case mentioned in the article definitely has nefarious outcomes, and so, this sort of social engineering should definitely be prohibited.

    This comment ignores the fact that the first comment was about breaking in and not about hacking. To equate breaking in with hacking only serves to further the illusion that all hacking is, by its very nature, something that is at best in the grey area of the law. This is, of course, absurd.

    The aforementioned comment goes even further to suggest that social engineering - and overly broad subpoenas by connection - are something that should be regulated because this particular case had "nefarius outcomes." Not a good idea - more regulation is not the answer, thank you very much.

    A better, and more reasoned approach, would be to not give business to an ISP that doesn't care about the privacy of its customers enough to ask what that company would want to do. Maybe, if an ISP were sued for providing the emails in the first place - industrial espionage? - we could focus on the misapplication of a subpoena. This is, though, something that is not new and unique to cyberspace. The application of anti-hacking laws to something that is, in essence, a purely "real-world" problem creates a scary precedent considering the inept laws regarding computers and the Internet that have been created in the past few years.

    BTW: does an ISP actually own the traffic going over its network and, if so, are they not culpable for stolen MP3s? If not, how can the ISP be asked to provide something that does not belong to them (emails in this case...)

  3. Over broad ? by jefu · · Score: 3, Insightful
    Every subpoena is overbroad. It's the responsibility of the party receiving the subpoena to try and narrow it.

    IANAL (naturally) so I'm confused.

    As I understand it, the DMCA allows someone who thinks they are being ill used (in copyright sorts of ways) to issue a subpoena essentially without a judge being involved and those on the receiving end are then supposed to comply. But this lawyer says that those on the receiving end get to try to negotiate it. If there's no court/judge involved, who do you negotiate with?

  4. Re:Was former Netgate customer by Anonymous Coward · · Score: 5, Insightful
    However, Netgate's social/legal policies really stank. At the time, for example, they had agreed to host godhatesfags.com. So, I left.
    In other words, you're not a big fan of freedom of speech?