Slashdot Mirror
Building a Global Cyber Police Force
dasButcher writes "One of the biggest obstacles to fighting hackers and cyber-criminals is that many operate in the safe harbors of their home countries, insulated from prosecution by authorities in foreign countries where their targets reside. As Larry Walsh writes in his blog, several security vendors and a growing number of countries are now beginning to consider the creation of a global police force that would have trans-border jurisdiction to investigate and arrest suspected hackers."
I foresee this running into a lot of problems. I mean, we can't even get a lot of countries to agree to ICJ (International Court of Justice) jurisdiction. How are we going to get them to agree to let people physically into their countries to investigate crimes and make arrests? Ain't gonna happen ... and this kind of thing is only effective if everyone signs up without reservations.
The trouble with this, of course, is that one man's "hacker" is another man's journalist, or whistle-blower, or what have you.
Proverbs 21:19
Personally I think anything with "trans-border jurisdiction" is just asking to be taken advantage of. I like the seperation of government and jurisdiction, although I definately think that something like th UN should reform some of their policies on extradition. In any case, trans-border jurisdiction means jack squat if you cant get the local government to cooperate.
The real problem is the lack of international cooperation and extradition treaties that would cover not only cyber crime, but crimes of all sorts. Creating a hyper-focused solution for a narrow aspect of a broader problem is only going to create more problems, and ultimately erode more freedoms than the number of crimes it may solve.
Wouldn't that be Interpol? Sounds too much like big brother when someone asks for a police force that already exists. The bigger problem with hackers is they are hard to find regardless of which country they are in. Sure Iranian Hackers are harder to catch but with their bandwidth are they really a threat? Do we need yet another redundant police force?
who will prosecute the suspects? A criminal trial is expensive and ends up importing criminals to whichever nation chooses to prosecute. That's the reason that the Somali pirates get turned loose. A similar situation would arise for trans-border cyber crime. Everyone would hope that someone else would prosecute.
So if this is the future...where's my jet pack?
Isn't that pretty much what the International Criminal Police Organization is supposed to do? It's the second largest intergovernmental conglomeration behind the UN, and has almost 200 member countries. Given that cyber crime is crime nonetheless, I'd hope that they were gearing up to be able to handle more and more of it. I feel like more than anything, the laws need to catch up to the criminals in these cases- or they aren't really criminals at all.
Finnally team america will save us! Fuck Yeah!
As long as America can vote away from this nonsense, I'm alright with the rest of the world doing what they want with their countries.
the MPAA, RIAA and other such scumbags getting in on this. Instead of catching real hackers, they go for the easy fish and arrest students and casual pirates.
Nowadays I don't have trust in any authoritative figure like this. They are usually backed by big corporations, that serve only corporate interests.
Well, that's already being taken care of ( ACTA, the secret copyright treaty ).
And I think this would be the same way that ACTA is - USA laws forced in to other countries. No thank you. And I'm pretty sure Russia and China don't want to introduce USA laws either, and with those countries out of it, is there any point?
The problem here is not a lack of police with the jurisdiction to investigate and arrest suspected hackers. The subject countries have lots of those.
What's missing is a state willingness to prosecute, a willingness that won't change just because the cops are enforcers from Superpol. There is no reason to believe that the US, for example, would let a bunch of policemen from Europe and the Middle East come in and arrest US citizens on the basis of allegations that they broke some Saudi law. They barely tolerate Interpol, and those guys are just librarians.
When you balance the probable damage a "global police force" would do (is anyone naive enough to think that their mandate wouldn't be expanded?) against the damage that expatriate hackers do, the wise thing is to go with the hackers. The proper solution is the one already in place, and that's to have bilateral and multi-lateral extradition agreements.
Sending contract cops into a country that doesn't have laws against hacking may make good TV but the real-life consequences are much more complicated.
I'm a Programmer. That's one level above Software Engineer and one level below Engineer.
and the parallel holds, since the end of the real wild west consisted of the feds moving into lawless lands and taking over from vigilante, ad hoc systems of justice, just like this proposal. that was pretty much the historical end of the real wild west
so i'm waiting for the internet's version of "dodge city", where tourists can go and experience the vicarious thrill of driveby downloading, phishing exploits, nigerian email scams, and id theft, much like in the real "dodge city", gunfights at high noon and cattle rustling are now recreated for tourist's sake
"wow dad, i was browsing the dancing hamster website with the purple gorilla in the taskbar on the windows ME simulation, and like, i just got pwned! the simulation showed me as the payload modified the registry settings in the simulation! was it really like that in the bad old days?"
"that's right son, when your dad was your age browsing the internet, you always had your sidearm antivirus at the ready. craven desperate men and psychotic outlaws were always just around the corner, a click away. you had to deal with danger and treachery on a daily basis"
"gee dad, did you actually get an email from belarus claiming to be citibank asking for your security credentials out of concern for your security?"
"sure did"
"that's scary dad! how did the early internet pioneers ever survive in such a hostile wilderness. how did we ever make it this far?"
"sometimes i wonder myself son"
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
You cannot impose yourself into someone else's country as their laws differ from yours. Calling it a "safe harbor" is a bit offensive. Like you want to poke them with a stick but local law, culture and geography doesn't allow you to do what you please with "them"..?
I'll start imposing my local laws on Americans. Then complain you wont allow me to proscecute an American, on American soil, under my terms. Say, I would be an Arab (I'm not) and I consider porn-watching criminal and punishble by death. (I've had to write a report on Saudi servers of a client once, where someone downloaded porn hoping we wouldn't login on those servers. Which became locally a criminal case punishable by death. No joke.)
As long you do not have a consensus, globally or the on what "cyber criminality" is, and the severity which it should be prosecuted and make it equally enforcable (legal backing) this is impossible. Once you have this consensus, globally, there would be no "safe harbor" anymore.
I think we can keep recursing like this until someone returns 1
Like the U.S. law in congress right now forcing foreign banks to provide all information related to American owning accounts internationally, close them, or have 30% of the bank's assets in the United States withheld.
How about the recent EU SWIFT information handover to the U.S.?
I could see the U.S. doing something similar with internet connections of ISPs that run through the U.S., or have buisness in the U.S. Perhaps they will withhold 30% of their bandwidth.
Living in Chile
How about first just doing something about the crimes? I've had good success with the UK police force, and the FBI (with some exceptions), but several other countries authorities have been painful to work with even in cases where there is solid evidence and the countries laws have clearly been broken. I can see how a law like this would help things, but just working on the cases based on current laws would already make a big difference.
Who will write the laws that this orginization enforces?
To whom will the law writers and this orginization be acountable?
What processes will exist for removing law writers and enforcers who do bad jobs?
What process will exist to appoint new law writers and enforcers?
These seem like rational questions.
Moderation : -1 Conservative Viewpoint
The problem isn't being protected from remote governments, its the tacit approval and involvement of the local government.
Russia, anyone? Do you think that cybercrime there doesn't involve FSB?
... the global DMCA can be better enforced.
"Pretty quiet place", not "crime-free utopia."
These towns had councils, reeves and sheriffs and all the machinery of law. They were also armed against the threats of the contemporary version of biker gangs who, as a consequence, behaved themselves in town. As I said, pretty quiet places.
I'm a Programmer. That's one level above Software Engineer and one level below Engineer.
Global police force?
The last time someone tried that, the Schutzstaffel endured much resistance and ultimately failed.
I suspect they would have as much difficulty today as then.
(It even starts the same with way, with some media moron(Berchtold) leading the Crusade)
Who the fuck needs the History Channel? Wait long enough and you get to see it all play out again, live...
Once upon a time I used to think that having separate countries was the problem with this world. I see now that national borders are the only thing keeping us safe from tyranny on a global scale. I see now that we cannot be ruled by one single governmental entity and expect everyone to be treated fairly.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!