EFF Warns of Harsher CFAA

An anonymous reader writes: The Computer Fraud and Abuse Act is "vague, draconian, and notoriously out of touch with how we use computers today," warns the EFF. But instead of reforming it, two U.S. Senators "are on a mission to make things worse..." The senators' proposed Botnet Prevention Act of 2016 "could make criminals of paid researchers who test access in order to identify, disclose, and fix vulnerabilities," according to the EFF. And the bill would also make it a felony to damage "critical infrastructure," which may include software companies and ISPs (since they're apparently using the Department of Homeland Security's definition).

The harsher penalties would ultimately give prosecutors much more leverage for plea deals. But worst of all, the proposed bill even "empowers government officials to obtain court orders to force companies to hack computer users for a wide range of activity completely unrelated to botnets. What's worse is that the bill allows the government to do this without any requirement of notice to non-suspect or innocent customers or companies, including botnet victims... These changes would only increase -- not alleviate -- the CFAA's harshness, overbreadth, and confusion."
The CFAA was originally written in 1986, and was partly inspired by the 1983 movie "WarGames".

Systematic subversion of the rule of law

[karlandtanya]

TLDR: You can't control an innocent man.

"...much more leverage for plea deals..."

The 'rule of law' means that the law is supreme. Not the guy wearing the uniform that week or the guy sitting in the oval office that year or the guy wearing the robe. The rule of law is meant to keep the *person* charged with the duty to serve the public from abusing the power they were given along with that duty.

This is the point, right here. Making 'hacking' 'security research' or even ordinary computer use illegal is not the point. The point is to make *everything* illegal. Nobody, including law enforcement, gives a rat's butt whether you abused or frauded a computer or if you botted a net.

Law enforcement knows who the bad guys are, they always have--it's their job. The problem is all these civil liberties and protections for the accused make their jobs--protecting you--damned near impossible.

Solution--you're all criminals. We've got a job to do, and we understand you don't like part of it. Maybe part of it is you paying a fine, turning over some information, or even going to jail. You're going to do it because we--the people who protect you from the bad guys--have fucking told you to do it.

Now--if you want to challenge our lawful orders or appeal to a higher authority, call a lawyer, stand in front of a judge, or whatnot, let us show you what you're guilty of. Here's a *long* list we just put together without even trying. And here's the time you're going to get behind bars if you DO push the issue.

You're guilty. If you want to stay out of jail, just let us take what we need in order to do our jobs protecting you. When we're done you can get back to your life. And you can keep your mouth shut if you don't want to see us again.

Because we're just here to protect you.