The two issues requiring address are privacy and protection of authors’ creative works.
The privacy problem is, simply, that what is put on the Internet can be, and probably is, seen by more people than just the intended recipient. Even more personal information will be available as commercial transactions increase through on-line services. This means that the opportunities for invasions of privacy through cyberspace will similarly multiply. Although the Internet as a communications medium is sometimes compared to the phone system, the flaw in this comparison is that no phone will allow someone to probe into personal information or documents unless there’s another live person at the other end of the phone line — and willing to give it. But the Internet will, and does. The protection issue is equally important. It is also one which has grown in complexity.
|
“The quantity of information that can be stolen or the amount of damage that can be caused may be limited only by the speed of the network and the criminal’s equipment.”
— Scott Charney
Chief, Computer Crime Unit |
|
“Copyright protection and privacy laws already exist and should be applied in a broad way... It is not necessary to view the world of the Internet as different from the rest of the world.” — Bruce Koball Technology consultant |
The field of written works such as books, religious works and the like, does not afford such programmable booby-traps to prevent theft. The Working Group on Intellectual Property of the Clinton administration’s Information Infrastructure Task Force found that copyright law is adequate to protect these and other such works from Internet hijacking.
Bruce Koball, a technology consultant in Berkeley, California and member of the executive committee for this year’s CFP conference, told Freedom, “We need to see an extension of existing laws when it comes to the Internet. Copyright protection and privacy laws already exist and should be applied in a broad way, such that they are transparent to new wrinkles in the technology. It is not necessary to view the world of the Net as different from the rest of the world.”
Even if the laws are applied equally, a deft cyberthief can still pilfer another’s computer files so long as he isn’t caught — and anonymity certainly plays its part. According to Tsutomu Shimomura, a computer security expert who was instrumental in the arrest of computer criminal Kevin Mitnick, “Most systems do not have adequate security measures. What Mitnick was doing can still be done on many computers.” Rick Smith of the FBI’s San Francisco office confirms, “The public should be aware that they are not secure.”
This is a problem which Koball and others associated with CFP have taken a keen interest in. According to Koball, the problems of protection and privacy have a nexus: the National Security Agency. “Cryptography is the technology everybody needs to be able to ensure the security of their programs and networks,” Koball said. “However, agencies like NSA have actively sought to control the type of cryptography used, as computer security has somehow been viewed as a threat. They have regulated programs to ensure that their codes are simply not that difficult to crack.”
As an example, Koball cited a good encryption system which was developed but then limited to a 40-bit key — a relatively easy key to crack given a decent code-cracking program on one of today’s supercomputers. This obviously makes it easier for the government to get in, but also makes it easier for anyone else.
An even more extreme example was when the NSA introduced its own “clipper chip” which was proposed to become the standard encryption system for all computer systems — with the government holding the key. That proposal was resoundingly shouted down, with more than 50,000 petition signatures rounded up against it. “The irony,” said Koball, “is that while the government spends all its effort chasing after Mitnick, it spends its time trying to suppress the technology that could secure those networks.”
Abuse of anonymity can bring about unwanted and burdensome regulation on the Internet if it is not curbed. A remedy to stem the abuse may take the form of requiring those who “remail” messages to identify actual sources of anonymous postings that violate the law. These remailers may then be held responsible for unlawful postings when necessary. Alternatively, users may need to provide some form of identification or registration on their communications.
Treating anonymity in this way aligns with current practices in other communications media. In news reporting, for example, publishers have long been free to print information from anonymous sources, but cannot then claim to have no responsibility if the data proves false.
With such a solution applied to the Internet, laws already on the books can protect citizens from rip-offs and other unlawful activity. To make protecting oneself possible, federal regulations which limit the quality of encryption systems should be disposed of, so that computers, software and networks can be safe. Ultimately, the solution lies in making sure the few abusers of on-line services do not act — and are not permitted to act — above the law.
