Ask Mike Godwin About Internet Law

Mike Godwin is probably best known to Slashdot readers for Godwin's Law, but that's one of the most minor reasons you should know him. In this blurb for his book, CYBER RIGHTS, he's (correctly) described as "one of the first lawyers to 'live and work in cyberspace.'" Naturally, Mike can't give specific legal advice, but he's certainly about as expert as they come about the development of law and legal hassles surrounding the Internet. We'll send him 10 of the highest-moderated questions, and publish his answers as soon as we get them back.

Re:Intellectual Property...

[AndroidCat]

Um no. While registering a copyright makes it much easier when you have to go to court, you have a copyright from the begining, registered or not.

This idea is a hold-over from rules before countries (including the US) brought copyright laws into line with the Berne convention.

Re:Individuals vs. Major ISPs

[bugnuts]

Gross negligence is prosecutable, both criminally and civilly. If you show that your house was locked, or the weapon was stored properly, then you're unlikely to be prosecuted criminally. But if you leave it outside in your front yard, you might be looking at all sorts of charges, like reckless endangerment. I know there are laws where I live, and I'd be very surprised if there weren't where you live, no matter where that is (in the USA).

It's possible to argue that connecting to the internet with an outdated and buggy OS could be negligence... what if that buggy computer is used to break into a hospital where the perpetrator changes something that results in a death? It's a good question, but not a cut & dry as "you didn't pull the trigger, therefore you are not guilty."

Re:Individuals vs. Major ISPs

[Zordak]

I'd really like to meet the prosecutor willing to try some poor schmo for using some old OS to connect to the internet, even if that computer were used for some gross criminal act. Your analogy of a gun left in the yard for anybody to use breaks down for several reasons. First, a cracker is, by definition, already using a computer. He doens't need your buggy computer to break into the hospital. He's just using it to add a layer of complexity in tracking him. Now, imagine some professional hit man with an entire arsenal of guns, who happens to come across one that you own and uses it to commit a crime. The ol' DA is going to have a tough time prosecuting the original gun owner, regardless of how the gun was found. Especially when it comes out that the trigger man was an experienced professional who knew how to find and exploit vulnerable, privately-owned firearms. The only place a criminal negligence charge would make sense would be if you provided the only access that person had to a firearm (for example, if the killer were your child, and the DA can demonstrate that you reasonably should have been able to anticipate his actions and exercise some parental control, the charge might stand). The second reason the analogy breaks down is that even a buggy old OS requires some kind of criminal exploit of a known vulnerability to compromise. If you so much as put a cheap $1.50 pad lock on your shed where you keep your gun, the DA will have a tough time with a criminal negligence case, unless he can show that you somehow advertised that the weapon was there and ready for the picking by anybody wishing to kill a cop. The only way to get the computer equivalent of "leaving the gun on your lawn" would be to do something like post you IP address and root password on www.hackthehospitalandkillsomebody.com. The point of criminal negligence is that you did something that you knew, or should have known, posed a grave danger to others. Can you make a case that it is common knowledge that using a buggy, old OS can endanger others? If you're a DA, Are you really going to prosecute my mother-in-law for using her old Compaq with a completely unpatched copy of Windows 95 and AOL 4 to e-mail her grandkids and do genealogy research? If so, are you prepared for the huge political fallout and major negative publicity?