Laws in Cyberspace12-1992.
Conventional laws sometimes do not stay aligned with their original intent when they are applied to computer communications systems and networks. The basis of these laws has been built up over many years prior to the advent of computers and computer information systems, which have evolved in less than a generation. Computers and information systems bring with them new concepts and situations which existing laws do not always cover. This new environment has been termed "cyberspace," and refers to the all computer messaging and information services globally.
Some basic rights and criminal laws can be applied with no modifications. There are several legal concepts which need to be refined in order to apply to cyberspace. Until these uncertainties are resolved, there are no guidelines to follow in cyberspace and there is uncertainty in the law enforcement area, which can possibly lead to injustice.
Two major subjects of legal concern, transfer of bank funds and credit card code fraud and trafficking, can be applied fairly easily. In addition, gambling, drug trafficking, and obscenity laws also apply in the network context (Rose 2). More than 1000 people who shared credit card numbers, which they used fraudulent, were arrested. They gained access to the codes by entering computers, such as one at EquiFax Information Services, which contain huge databases of over 170 million credit files. Master Card reports an annual loss of $381 million due to fraud ("Police Undercover National Fraud Ring of Computer Hackers" 3).
The 1st Amendment rights of free speech and freedom of the press fully apply to electronic messaging operations of all kinds. Anything that is used as a "brand name" in a network can be considered a trademark. These can include system names and login screens.
eople have the right not to let others use their on-line pseudonym to make money, as people have the right not to let others user their real name to make money without the person's permission.
People have the right not to be injured when they venture into cyberspace. These rights include the right not to have one's on-line material destroyed or damaged and the right not to be libeled or defamed. These are the same as their conventional counterparts (Rose 2). It is difficult to prove fault and enforce these rights in cyberspace.
Contracts between system operators and users can also account for much of the regulation in cyberspace. An example would be for a user to pay the operator to provide private mail services; the operator would then have to make sure that the mail was private.
The copyright laws concerning electronic systems are a little different than its conventional counterpart. Any message which is posted on a system is considered to be published and therefor is automatically copyrighted by the author. Text files, images, and sound files can also be copyrighted (Rose 2). For conventional paper works to be copyrighted, they must be actually published physically.
During the development of computer communities, people were more interested in exploring this new frontier than in the law governing it. These programmers followed an ethic called the "hacker ethic." This defined their views on computers and data. They believed: access to computers should be unlimited and total; all information should be free; one should mistrust authority and promote decentralization; hackers should be judged by their programming and use of computer systems; one can create art and beauty on a computer; and computers can change one's life for the better. This ethic was not based on monetary gains, it was based on personal growth through the free access to computers and information, and a respect for technology. These pioneers, for the most part, had strict moral values which kept them from doing any damage to the systems they used. They broke into systems for the challenge and also to find information. They demonstrated that it was possible to break into some of the systems, and then other people did ("Real Hackers? Comparing the Old and New" 2).
There are many areas of law that need to be refined for the computer age. These areas include issues of personal privacy, reproduction of information, wire-tapping, breaking and entering, and operator liability.
Privacy laws include the federal Electronic Communications Privacy Act ("ECPA") which now prohibits many forms of electronic wiretapping, by both government and private parties. This act was passed as a result of Watergate (Rose 2).
Concepts of ownership based on possession are different when dealing with information than when dealing with physical objects. There are several examples of this. Len Rose was found guilty of possessing portions of AT&T's proprietary source code for the UNIX operating system ("AP Story on Len Rose" 2). The Electronic Frontier Foundation raised questions regarding the first amendment during his trial. ("Len Rose Sentenced" 3).
Craig Neidorf published an electronic newsletter he called "Phrack." The underground hacker scene was its subject matter. One of his long time friends sent him a document containing procedures for using the E911 system; he relied on people to send him articles for his newsletter. During January of 1990, the FBI agents confiscated all of his equipment along with many binders of old Phrack issues. In a statement, he put forth,
In the back of my mind, I guess I knew the file was stolen and probably shouldn't be in my possession. I just never really thought about it and never once believed the information could be used to hurt anyone. I thought it was a Freedom of Information situation, and by deleting enough of the file, no one could use what was left to bring forth any harm or damage.
Randy and I never meant to hurt anyone or cause them trouble. We always believed the newsletter was legal and covered under Freedom of Information.
I am willing to cooperate.
All charges were dropped against him when it was found out that the file was available to the general public for a small fee ("Opening comments of Sheldon Zenner in U.S. vs. Neidorf, June 1990" 3-4).
Breaking and entering is different in cyberspace than the physical world. In the physical world, when someone breaks into one's house, they actually enter a physical building. When someone logs-in to a computer, she is still sitting next to her terminal. Arguments are that simply logging into a computer and looking around is very different that breaking down someone's door and trashing the place.
Free lance writer Stuart Goldman was found guilty of breaking into the FOX TV network's computer using stolen passwords to steal gossip to sell to tabloid magazines (Kendall B-3).
Problems may arise when laws of two states conflict and users are networking between them. Service providers can be held liable for actions such as: distribution viruses, worms, and other infectious code; publishing "obscene" materials; trafficking stolen credit card numbers and other unauthorized access data; trafficking pirated software; and acting as a conspirator to any of these activities. Service providers are at a great risk of being targeted by over-zealous law enforcement officials.
There are two main types of risks that system operators have. One is that they will be criminally guilty or be liable for having illegal actions occur on her system. The other is the danger of having her system confiscated, not because she did anything wrong, but because someone else did something suspicious on her system.
The second kind of risk is more serious because the system operator does not have to do anything wrong to have it happen to them. She has to enforce a strict policy to review all information transmitted using her system, an impossible task. This could force her to either stop offering private E-Mail, or it could force her to read everyone's "private" E-Mail.
This was exactly what happened to Steve Jackson Games in 1990. Law enforcement officials seized Steve's computer, which ran a BBS (Computer Bulletin Board System), not because they thought he did anything wrong, but because they were tracking a "hacker" group called "the Legion of Doom." Apparently, they thought the group "met" and conspired on Steve's system. In 1991, the Electronic Frontier Foundation funded a lawsuit against the federal agents who seized the system (Rose 2).
Currently, system operators do not have a great deal of control over government interference with their systems. If someone went to the FBI to report suspected criminal activity, she might find a group of agents at her door the next day to confiscate her equipment while searching for an "evil computer user group."
To simplify the myriad of state and local laws, the federal government must forge all laws concerning electronic communication on a national level, overriding local laws. All laws must be designed to interface well with other laws. The goal is to create a well defined environment for system operators and users (Rose 3).