Sunday, 28 December 2008
"Vietnam Continues Online Censorship; Outlaws 'Subversive' Blogs; Puts Liability On ISPs" (TechDirt, 24 December 2008)
"Australian Filtering Boss: Turning Off Blog And Comments" (TechDirt, 24 December 2008) and Australia delaying filtering due to technical and organisational problems "Australian Net Censorship Plan Delayed Temporarily" (TechDirt, 29 December 2008)
That mechanisms to report abuse also exist is the least that can be done...
"What's The Goal Of Anti-Cyberbullying Moves?" (TechDirt, 19 December 2008)
"Missouri Prosecutors Going Overboard In Bringing Cyberbullying Cases" (TechDirt, 22 December 2008) and on the legislation previously passed, "Missouri Makes Online Harassment A Felony" (TechDirt, 2 July 2008)
"Reporting Bullies Online: Helpful Or Not?" (TechDirt, 15 October 2008)
For an example which escaladated to criminal damage and fear of violence, see the chinese online version of mobbing... "Man Wins Lawsuit Against Online Vigilante Mob In China" (TechDirt, 22 December 2008)
But for misuse of legislation... "How Is It Cyberbullying When Students Are Exposing Teacher Abuses?" (TechDirt, 31 December 2008)
Thursday, 18 December 2008
"Man Who Re-Uploaded Viral Baby Swinging Video Charged With Child Abuse?" (12 December 2008, TechDirt)
"La Chine reconnaît officiellement la censure du Web" (Journal du Net, 16 Decembre 2008)
"L'intranet de la SNCF piraté par son concurrent allemand" (Journal du net, 16 December 2008)
Tuesday, 16 December 2008
"Chill Out On The Texting While Walking Bans, Says Professor" (December 15th, 2008)
Read also in the same line the work on Overcriminalisation: the limits of criminal law, from D. Husak.
On the other hand, it could be argued that resorting to criminal law cannot be measured simply by effectiveness and that its symbolic results can be more important than its actual use by prosecution and courts.
The interesting feature is the take down notice feature. Social networking like Dailymotion (videos like YouTube) was condemned to pay damages for not having removed contents before three months have ellapsed since given notice.
Lafesse lost another case, but on procedural grounds rather on the issue of whether MySpace is responsible as content provider or host.
"La cour d'appel annule la condamnation de MySpace par Jean-Yves Lafesse" (3 November 2008)
Friday, 12 December 2008
"Indian Court Wants To Ban Google Earth In The Wake Of Mumbai Attacks" (10 December 2008)
"Yet Another State Court Explores Right To Anonymity In Online Posting" (10 December 2008)
"Student Sues School For Suspending Her Over Facebook Group" (10 December 2008) I wonder to which extent the article confuses legal issues and factual issues (whether there was bullying or not)
"Internet Filtering Appearing On Various Wishlists For Obama" (11 December 2008)
"Australian ISPs Refuse To Censor The Internet" (10 December 2008)
In comparison, I found the private filtering (by non ISPs; by private companies such as a shop or a newspapers) much more troubling and scary. "Online Video Sites Harming Themselves With Geographic Restrictions" (8 December 2008)
The help of the ISPs and other internet censors is crucial, so yes they should be responsible, but maybe in different terms, by analogy to public institutions' liability?
"Should Internet Censors Be Responsible For Breaking Stuff?" (10 December 2008)
A call for a new White House office to tackle cybersecurity, i.e. accessing and stealing vital information about the US. The fact that both Obama and McCain's e-mail accounts were hacked during the campaign does not help dispelling the threat. For the report by the CSIS http://www.csis.org/media/csis/pubs/081208_securingcyberspace_44.pdf
for the ZDnet article "Obama urged to appoint cybersecurity chief " (10 December 2008) and CCRN "Panel urges Obama to consider hacker-response plan" (7 December 2008)
But the cybersecurity threat should not shade away the cybereconomy threat "Forget The Economy, Security Vendor Says Cybercrime Is The Real Threat" (11 December 2008) although I am not sure it deserves the hype it is given
Friday, 5 December 2008
"The European Court of Human Rights has today notified in writing its Chamber judgment1 in the case of K.U. v. Finland (application no. 2872/02).
The Court held unanimously that there had been a violation of Article 8 (right to respect for private and family life) of the European Convention on Human Rights concerning the Finnish authorities’ failure to protect a child’s right to respect for private life following an advertisement of a sexual nature being posted about him on an Internet dating site." (statewatch)
And yes, ISPs are policemen. Not such a bad thing as long as the courts are involved and criminal procedure respected, which is not always the case.
"Danish High Court Says ISPs Must Be Internet Policemen; Have To Block The Pirate Bay" (26 November 2008)
The issues have been partially adressed with the new offences of extreme porn (rather than modification of child porn) in s. 63 to 67 Criminal Justice and Immigration Act 2008. Contrary to what everybody says, there is no defence if one deletes the materials. One has to prove that one did not solicit to receive the materials and that is much harder to do than it appears at first sight. The official guidelines are clear as long as one does not read only para. 21, but also read para. 19 and 20. The test is in line with the French courts' approach
"UK.gov says extreme porn isn't illegal if you delete it..." (The register - 28 November 2008)
"UK Says You Can't Have Some Kinds Of Porn, But It Determines What Kinds" (Tech Dirt - 2 December 2008)
with the official guidelines available at the Ministry of Justice website http://www.justice.gov.uk/news/announcement261108a.htm
"Small Business Owners Track Down Dumb Criminals Online" (3 December 2008) - with one warning: criminal procedure does apply to investigations if they lead to criminal prosecutions. Thus, companies engaging in that type of activities should be warry of falling fool of the law
"Canadian Cops Seek To Solve Murder Cases With Online Tips" (1 December 2008)
and for a European approach "EU fights cybercrime with 'remote search' strategy" (28 November 2008)
Tuesday, 25 November 2008
and by the way, not all charges were dropped as PB done
"Connecticut Finally Drops Charges Against Julie Amero" (24 November 2008)
"US easy target for Chinese cyber-spies, says report " (25 November 2008)
For the report itself, see US Congress report especially p. 291 et s.
Thus that the two former candidates to the White House may have been targeted by CHina, is far from impossible. "Obama, McCain Cyber-attacks have Chinese Origins?" (17 November 2008)
"China denies hacking US politicians' computers" (ZDNet.uk, 13 June 2008)
on the other hand, the message that on the net you cannot know who the other person is really and that one should be more wary about one's privacy, may start to come through?
"As Internet Usage Grows, Sexual Offenses Against Kids Have Decreased" (21 Novembre 2008)
Thursday, 20 November 2008
"Other Tools Terrrorists Might Use: Voice, Pencils, Fax Machines, Email, Mobile Phones, Etc." (27 October 2008)
"That Was Fast: Woman Arrested For Virtual Murder Of Virtual Husband" (23rd October 2008)
"Well, At Least Second Life Won't Need A Gov't Bailout" (20 October 2008) because it has already crashed? "No, Second Life's Bank Crash Did Not Predict Real World Bank Crash" (26 November 2008)
"UK Police Worried About Online Crime Maps" (24 Otober 2008)
"Why ISPs Shouldn't Be Copyright Cops" (20 October 2008)
"Belgian Court Realizes That ISPs Shouldn't Be Forced To Block File Sharing" (27 October 2008)
"Woman Sues MySpace For Taking Down Her Page" (27 October 2008)
White House email archives targeted by hackers (10 November 2008)
Sarkozy falls prey to bank hacker (France) (21 October 2008)
Online Criminals Move On To Corporate Espionage (13 November 2008)
DoS and distributed hacking tools finally criminalised (14 November 2008)
For the official text, http://www.opsi.gov.uk/si/si2008/uksi_20082503_en_1
Australian ISP Agrees To Filter... Just To Show How Stupid It Is (19 November 2008)
Perhaps Turkey Should Just Ban The Entire Internet (27 October 2008)
Saudis Crowdsourcing Internet Censorship (17 November 2008) - only 25 people to filter)
and the ironic result of what filtering can mean in terms of economic gain: how China is making some profits by reorientating searches in Google to its own website. "China Says: If You Must Infringe On Copyrights, Use Baidu" (10 November 2008)
Internet Censorship -- Whether By Gov't Or Parents -- Has Downsides (12 November 2008)
and the funny interdiction to search about some Argentian celebreties, funny and scary though "Argentinian Celebrities Succeed In Forcing Search Engines To Block Search Results On Their Name" (November 2008)
For something slightly different:
German Politician's Plan To Block Wikipedia Backfires... Badly (17 November 2008)
Sunday, 16 November 2008
"Cyber-terrorism will be punishable by death" (7 November 2008)
The fact of listening with no writing is an intrinsic part of an adversarial trial; it is viewed as being the only way to arrive to a fair decision. Introducing writing would certainly modify the process of reaching a decision. But that does not mean the adversarial trial would sell its soul to the devil. Financial trials (complex frauds) are actually hindered by this traditional process and a fair decision cannot be reached. So time for a change? Work from criminologists and linguistics could help understand the impact writing could have.
"Web-savvy young make bad jurors because they cannot listen, says Lord Chief Justice" (7 November 2008) and TechDirt on the same day
I can't understand on which grounds the prosecution was thinking of charging four executives of Google. Complicity? impossible there is no mens rea and the actus reus is abstention because Google did not download the video but the kids authors of the offences. Conspiracy? impossible as no agreement... Corporate liability in criminal law? again makes no sense.
Thus the initial magistrate who rejected the case (not a trial decision if I understood well) is probably right. I wish I could speak Italian better to research a bit on this
"Italy Moves Forward With Plan To Prosecute Google Execs Over Online Video" (7 November 2008)
Friday, 7 November 2008
On a reassuring outcome, thanks to traditional methods of detecting crime, "Yet Another WiFi-Borrowing Criminal Caught" (7 November 2008)
and Craigslist Pressured Into Policing Ads For Prostitution (6 November 2008) which I personally find problematic because Attorneys Generals are not the judiciary.
Thursday, 6 November 2008
Artist Demands $500 From Guy For Using His Image As An Avatar (November 2008)
Tuesday, 4 November 2008
Facebook Using DMCA Notices To Takedown Private Videos? (30th October 2008)
On Second Thought, Maybe Second Life Does Need A Bailout, (30th October 2008 - Tech Dirt)
Cybercrime takes to the cloud (3 November 2008)
French Senate Approves 3 Strikes Law (3 November 2008)
The French website Juriscom explains a bit more the details of the Bill, although sorry it is all in French. "Lecture au Sénat du projet ''Création et Internet'' le 29 octobre : risposte attendue contre la réponse graduée" 21 October 2008 on Juriscom.net http://www.juriscom.net
The comments from J-L. Fandiari are as follow: the European Commission just voted that no restriction should be imposed regarding rights and liberties without a decision from the judiciary, in compliance with ARticle 11 of the Charter on Fundamental Rights. The French Bill seems to do all the contrary: no judicial decision, only the administrative authority or quango type called HADOPI will serve the notice to offenders; no clear criminal offence refered to by the text; constitutional issues. The latter is definitely interesting as Article 55 of the Constitution forbids an Act to be contrary to European law or any other treaties; thus the judiciary has the right to strike the law down; but then no judiciary is at first instance competent in the Bill; so it will fall upon the Conseil d'ETat the French supreme court for administrative law to decide on appeal/judicial review to settle the issue.
For the Parliamentary procedure, see the Senat website: http://www.senat.fr/dossierleg/pjl07-405.html The Bill has been declared urgent and strangely enough, it is called the "little Act" (petite loi). Is it because it is controversial?
UK ISP Claims It Will Disconnect Any Customers With Open WiFi (3 November 2008)
Friday, 24 October 2008
there is however another parallel: the IP address is not your address but also the "image" of you on the internet. In that case can it either be private? Difficult to see.
THe whole debate has an incidence for crime: what is private can be stolen; what is public cannot be.
"German Court Rules That IP Addresses Are Not Personal Info" (21 October 2008)
Tuesday, 14 October 2008
My answer will be: not long. And the issue is exactly the same as usual with social networking sites: sharing of private information people don't realise are a delicacy for criminals.
"Australian Internet Filters Have No Real Opt-Out; Only Opt-In To Fewer Filters" (13 October 2008)
"NSA Abused Wiretap Rights: Intercepted, Shared Private Calls Of Americans" (9 October 2008)
"What Are 'Community Standards' When It Comes To Obscenity Online?" (13 October 2008)
Thursday, 9 October 2008
Several posts pointed out the issue of ISPs acting like censor for fear of loosing market shares or being sued for not acting promptly. However to expect private organisations to do the job of Government threatens rights if there are not strong counterparts, like guaranteing privacy.
"Why Did ISPs Take Down Ronald Riley's Sites?" (8 October 2008)
"Forget Net Neutrality Laws; Just Strengthen Privacy Laws" (7 October 2008) and the refered article "Privacy laws will guarantee net neutrality, says legal expert" (2 October 2008)
"Lords to debate gov't progress on internet security" (6 October 2008)
Man cleared in YouTube speed case (8 October 2008)
Let's hope the US Supreme Court will conform to the rules and not allow some exceptions "Is A Conviction Constitutional If It's Based On Evidence From An Unconstitutional Search?" (6 October 2008)
Friday, 3 October 2008
"Researcher details Dutch e-passport hack" (2 October 2008)
Meanwhile the City of London decided to take action "City of London pilots cybercrime scheme" (ZDNet.uk, 6 June 2008)
and Government hesitates "E-crime unit 'on track' despite funding delay" (ZDNet.uk, 16 June 2008)
Actually I wonder to which extend Skype's responsibility should not be engaged. But under which laws, may you reply?
(09 october 2008): the new episode of the affair is that Skype was apparently sub-contracting to a company that was spying. This is a typical case of vicarious liability both in contract law and criminal law.
To which extend tracking data by ISPs is also interception of communication I wonder... "Most People Don't Realize Their ISPs Are Already Spying On Them" (2 October 2008)
Thursday, 2 October 2008
No problem with that, but training in law and criminal law should not be forgotten ..."Police e-crime unit seeks industry recruits" (2 October 2008).
And in the US, it's the Homeland Security which helps out the businesses (1 October 2008)
Tuesday, 30 September 2008
This issue is however different, I think, from the claim that ebay drives people to shoplift! "Retailers Blame eBay For Driving Good People To Shoplift" (24 September 2008)
See https://nodpi.org/2008/09/22/city-of-london-police-to-complex-to-spend-public-money/ and "UK Says Phorm Clickstream Tracking Is Okay... If Clearly Explained To Customers" (19 September 2008) - well I think it is slightly different but...
Addition: obviously BT has not been detered to reuse the technology (29 September 2008) but at least customers will be asked their consent
See also “Cybercrime expert to educate MSU engineers on "Gen Next Terror" (23 September 2008)
Comp with “Second TJX hacker pleads guilty” (24 September 2008) (also under "Second alleged hacker pleads guilty in TJX case") and maybe the silliness of the Palin’s hacker: hacking a high profile person is more likely to create a surge of investigatory reactions and actions than hacking a business, even if no real damage was done. “Palin Hacker's IP Address Linked to Tennessee College Dorm” (22 September 2008)
See the more serious issue of "Malaysia Jails Blogger For Two Years Without Trial"
Friday, 19 September 2008
Principal Loses Lawsuit Against Students and Parents Over Fake MySpace Page--Draker v. Schreiber (Eric Goldman - 22 august 2008)
Draker v. Schreiber, 2008 WL 3457023
But it does not mean disciplinary action cannot be taken. See "Judge Says School Can Suspend Student For Fake MySpace Page Of Principal" (19 September 2008)
A change of standard in the law? Sorry have not read yet the case, so can't comment much "UK High Court Recognizes That Defamation Standard Should Be Lowered For Online Forums" (11 August 2008) Judgment is available on the BBC website in PDF format
However, that is not really our point. Blocking access or asking content to be removed should go before the courts or at least an impartial body/institution/authority who could hear both sides and decide if the suspicious or litigious content is really illegal. That would save us from unregulated censorship (censorship for printed publications used to be regulated - even if nobody really agreed with the principle of censorship). After all, for movies, whether it's porn or not is the decision for most countries of accreditated bodies; why should it be different on the internet? A question of unpracticability (too much requests)? no study has been made and if nobody tries, we're just then giving up on fair trial's rights. See Thailand and China "Thailand Continues To Try To Mimic China With Internet Censorship" (4 September 2008)
in that sense, the US DMCA takedown notice is more respectful of rights than simple requests: it must meet some important conditions that, if met, compel the ISPs or host to takedown the litigious copyright material. See "But What If A Takedown Notice Isn't Actually A DMCA Takedown?" (22 August 2008) and "Judge Says Copyright Holders Must Consider Fair Use Before Sending DMCA Takedowns" (21 August 2008)
Absurd? Mr Masnik argues that the stricker laws get to be applied. Not far of the mark if we compare with the case of privacy where the European standards of privacy have overcome the American conception of privacy.
On the other hand, should the most liberal laws get the upper hand? An interesting problem of diversity and unity familiar to the comparatist
"Indian Court Demands Google Hand Over Anonymous Blogger's Identity" (15 August 2008)
The last episode is first a protest against his extradition (3 september 2008), and the last possible appeal for Mr. McKinnon before the Hight Court. The grounds of appeal is unfitness to stand trial in the US, and thus asking the trial to take place in the UK... which means applying UK laws, not US laws, thus sentencing will be much more favourable. Home office decides
see also: http://www.crime-research.org/news/29.08.2008/3542/ (29 August 2008)
Note that none of the articles seems to give an accurate account of what the US is claimins as damages suffered...
"China Blocks iTunes After Olympic Athletes Download Pro-Tibetan Music" (21 August 2008)
"So About That Plan To Drop The Great Firewall For Olympics Reporters? Yeah, Forget That..." (30 July 2008)
"GPS Device Data Increasingly Being Used By Police To Determine Where You Were" (3 September 2008)
"German Authorities Raiding Homes To Find Skype Tapping Whistleblower" (18 September 2008)
or the troublesome FBI view on searches "FBI Asks Congress To Ignore The Whole 'Probable Cause' Part Of The 4th Amendment" (22 August 2008) and "DHS: Laptop Border Searches Are Bad... Except When We Do It" (17 September 2008)and our previous posthttp://cybercrimeatessex.blogspot.com/2008/07/cyber-investigations-and-human-rights.html (13 July 2008)
Thursday, 18 September 2008
Hopefully a Bill is being introduced since then (1 October 2008), the Senators not being kin of the searches "Senators Not Thrilled About Laptop Searches At The Border" (ZDnet.uk, June 2008)
and our previous post
http://cybercrimeatessex.blogspot.com/2008/07/cyber-investigations-and-human-rights.html (13 July 2008)
http://www.crime-research.org/news/10.09.2008/3565/ (10 sept 2008) "Carleton collars hacker"
By the way, the clarity with which Gartner describes the system of authentication is chilling and I still can't understand why it's there and has not been replaced by something better.
and refers back to a post in july 2008 http://cybercrimeatessex.blogspot.com/2008/07/social-networking-privacy-and.html
- It's a behaviour not peculiar to criminal law issues, but it is certainly troublesome when it comes to criminal law. Again, ISPs take action before any judgment has been passed, before any court involvement and the like. Such blocking of content by physically removing the materials does not comply with international standards of presumption of innocence; plus it means that the ISPs act as judges, especially if nobody challenges their decision, a route that could be explained for purely financial reasons.
"Will YouTube Ban Videos Of Putting Your Head In The Sand Next?" http://www.techdirt.com/articles/20080917/1401402295.shtml (17 septembre 2008)
"Thousands Of Anti-Scientology Videos Taken Down From YouTube Via DMCA Takedowns" (8 september 2008) http://www.techdirt.com/articles/20080908/0221022195.shtml
"Google Taking Down Private Videos For Copyright Infringement?" http://www.techdirt.com/articles/20080904/0301492164.shtml (8 September 2008)
- The dangers underlined above appear in the following case. A grandfather posting on windows live the images of his family, with no possible access by outsiders, was ordered to withdraw some photographs within 48 hours or the site would be shut down. Having no clue of what the problem was, he went to see which pictures were so problematic and it was his grandson taking the bath with his dad, so obviously child naked with adult (male - because if female, I am pretty sure the host would not have raised an eyebrow). Had the case been refered to the court, the ISP/host would have lost: impossibility to prove the mens rea of putting child porn images (the family context with restricted access to family members whose identity can be easily verified); impossibility for the pictures to be found constituting child porn given that the adult was not engaging in any indecent act.
- and at the end, I think this is an infringement on privacy which is too great not to be noticed
Wednesday, 17 September 2008
Overall, the article highlights the main difficulty of cybercrime: tracking down the authors.
Comp. with "Cybercrime expert to educate MSU engineers on "Gen Next Terror" "(23 September 2008)
See in comparison "Second TJX hacker pleads guilty" (24 Septembre 2008) and the track for Palin's hacker which seems quite disproportionate in comparison with more damaging cybercrimes that just this one, "FBI Closing In On Palin Hacker " (22 September 2008)
"FBI on the trail of hackers after Palin's emails made public" (The Guardian, 19 September 2008)
and for statistics by DOJ (US) in september 2008
"New Zealand Hacker Released As Police, Judge, Prosecutors All Praise His Mad Hacking Skillz"(16 July 2008)
as the charge was dropped "NZ teenage hacker charges dropped " (BBC, 16 July 2008)
see also my post of 14 March 2008
Saturday, 30 August 2008
http://www.techdirt.com/articles/20080825/2320012094.shtml (26 August 2008)
In the same line of thought is the comment of a Nigerian official who points out that victims of 419 scams should be held responsible "Nigerian Official Blames The Victims Of Nigerian 419 Advance Fee Scams" http://www.techdirt.com/articles/20080822/0315012062.shtml (22 August 2008)
And earlier, "Banks slip through virus loophole" (TheGuardian, 12 June 208): "A quiet rule change allows British banks to refuse to compensate the victims of online fraud if they do not have "up-to-date" anti-virus protection, says Danny Bradbury"
- The employee does not work for Lloyds anymore. Has disciplinary action been taken? Concerning criminal proceedings, the behaviour falls under the CMAct 1990, for the employee modified computer data without authorisation
- Althought there has been no harm here (just a change of password without taking money or the like), the facts illustrate that crime can be generated from the inside. Security policies must be stronger to avoid this type of situation, despite a survey stating that insider crimes diminish "Insiders No Longer The Biggest Threat To Computer Networks" (TechDirt, 17 June 2008)
http://www.crime-research.org/news/27.08.2008/3537/ (27 August 2008)
although one can validly argue that victims are now really fools to fall for 419 scams after all the publicity surronding them for the past few years. http://www.techdirt.com/articles/20080822/0315012062.shtml (22 August 2008) "Nigerian Official Blames The Victims Of Nigerian 419 Advance Fee Scams"
Friday, 29 August 2008
Three things here interest me:
- First, Mr McKinnon's admission that he hacked but to find documents on UFOs. In strict terms of criminal law, his motive (UFOs, pure fun, or terrorism) bears no influence on the existing offence. Mens rea, the mental component of an offence, discards motives which cannot be its component. Motives may come into play later, as an excuse (insanity for example) or justification. This is why the Asperger's syndrome argument becomes important as a ground for an excuse (constraint? barely insanity in today's understanding of the defence)
- Second, the procedural aspect of the case. 95% of criminal cases end up in a plea; plea bargaining is supposed to be a transaction between two parties and a minimum of fairness is supposed to exist, rules of the Supreme Court. But the conception of fairness is relative, especially in the eyes of Europeans: American fairness in relation to plea bargaining is not often perceived, rightly or wrongly, as fairness in the sense of ENglish law or European Human Rights. Pressures are great to accept the plea and not to do so is taking a huge risk.
- It is unclear what has been the attitude of the authorities. Pressure was claimed to have been exercised. Mistatements were supposedly made about the extent of the hack and its threat...
Overall, let's hope one thing: that Mr McKinnon's misapprehensions of his original actions does not cost him more than it is necessary. He should not be sanctioned for the symbol that some may want to see of him in the fight against cybercrime; he should be sanctioned for his actions only, not for political or policies reasons. He hacked into the computers; this is an offence. If hacking into governmental networks is an aggravating circomstance, fine; it is not, then he should be left alone.
"US: tackling cyber-crime" (22 August 2008)
http://news.zdnet.co.uk/security/0,1000000189,39475039,00.htm (28 August 2008)
http://www.crime-research.org/news/29.08.2008/3542/ (29 August 2008)
Earlier, "Nasa hacker to fight US extradition on Monday" (ZDNet.uk, 13 June 2008)
Monday, 21 July 2008
whether fake profiles on facebook are illegal depends on the offences looked at. Defamation/libel could be constituted providing the contents fit the description of libel and are not merely a joke. they could also be an instrument to fraud if they help attracting potential victims to depart with money "Is A Fake Facebook Profile Illegal?" http://www.techdirt.com/articles/20080604/0152031306.shtml (5th June 2008)
Saturday, 19 July 2008
But a more direct move from a social networking site is not funny at all: people have been banned because of their age (over 36) for fear of porn and sex abuse. Apart from the ridicule of the situation (how on earth all over 36 can be suspected?), it is a pretty dangerous move: it's called private justice for fear of prosecution. "Social Networking Site Bans Anyone Over Age 36 To (Sorta) Deal With Sex Offender Law" http://www.techdirt.com/articles/20080522/2356201207.shtml (23 May 2008)
Tuesday, 15 July 2008
although the old way remains profitable "Stark warning as UK faces cybercrime boom" http://news.zdnet.co.uk/security/0,1000000189,39431415,00.htm?r=1 (9 june 2008)
A study is expected: http://www.crime-research.org/news/02.05.2008/3344/ (2 May 2008)
and the Commission recently took a Framework Decision about cyber attacks in order to clarify legal issues to facilitate responses to crime http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2008:0448:FIN:EN:PDF (14 July 2008)
Sunday, 13 July 2008
- practical objection: is it realistic to consider being able to control the internet? It's like wanting to monitor the mail correspondance of users throughout the world. Can we imagine the FBI or Europol controlling data held by post offices? Inachievable and therefore a pretence. I don't see how the physical world of letters could be much different from the cyberworld.
- second practical objection: how on earth can you succesfully detect crime when faced with a mass of information? the old fashioned way of doing detective work (on the web understandibly) is a much more efficient than trying to cast a net so vast it would take centuries to find the problematic fish.
- theoritical objection: again, parallels with the so-called physical world enlighten thoughts. Data "held" by post offices are private even when their contents are terrorist or criminal; why should data on the web not considered as private and thus submitted to the same regulations as for obtaining private correspondance? Where are the human rights?
And yet the FBI seriously considers asking the ISPs retention of data http://www.techdirt.com/articles/20080423/184451932.shtml (23rd April 2008)
as well as Russia's authorities who would even go further by blocking traffic like China does http://www.techdirt.com/articles/20080423/185834933.shtml (24th April 2008)
Similar problem with the 9th U.S. Circuit Court of Appeals (so federal law) agreed to let searches of laptop with no specific purposes that looking in the hard drive. Why should we set up conditions for the search of a house, but not the search of a computer when nowadays the computer is like a portable home with sometimes all the documents one needs? Where are the human rights of the accused here? Gone with the wind of fear of crime...
"Is This The Best Homeland Security Can Do In Defending Laptop Searches At The Border?" (TechDirt, 10 July 2008)
http://www.techdirt.com/articles/20080422/235343924.shtml (23rd April 2008) with an update for the Electronic Frontier Foundation asks for Congress to intervene http://www.eff.org/press/archives/2008/05/01 (1 May 2008)
I wonder how effective it is and if privacy, which is the biggest problem on social networking, can be maintained. I would be curious to see the results of any study made on this matter.
http://www.techdirt.com/articles/20080418/164250892.shtml (21st April 2008)
As an illustration of privacy issues, see this acknowledgment by Facebook that spammers' attacks increased, notably because the users' contact details such as e-mail adresses are available even if the users have not opted for such "transparency". "Facebook admits to increased attacks by spammers" http://news.zdnet.co.uk/security/0,1000000189,39397448,00.htm (22 April 2008)
And this is without counting on the fact that users often do not realise Facebook is about publicity not keeping details private. See this story about a US military who published photographs of his base!! http://www.techdirt.com/articles/20080423/183304931.shtml (23rd April 2008) or those Oxford students the University disciplined after scrolling Facebook postings http://www.techdirt.com/articles/20080504/2148451026.shtml (6 May 2008)
So it's not surprising that the University of Wales launches academic studies of the social networking phenomenon in relation to cyber security http://www.crime-research.org/news/09.05.2008/3355/ (9 May 2008)
Yet the reaction from N-Y to punish those incriminating themselves on YouTube (I agree, it's not social networking in the proper sense- but its audience makes it similar to social networking) is quite surprising . How can such crime deter people to put videos of illegal activities? What is the purpose of such potential legislation? "New York Wants To Punish Criminals For Incriminating Selves On YouTube" (13 May 2008)http://www.techdirt.com/articles/20080512/1802591092.shtml
Monday, 23 June 2008
http://www.crime-research.org/news/17.04.2008/3316/ (16 April 2008)
compare with the FBI assertion that the internet is used by terrorists groups to communicate, which seems to suggest that it is rarely used to attack institutions: http://www.crime-research.org/news/16.04.2008/3312/ (16 April 2008)
Related to terrorism is the question of national security. The US, or at least some US MPs, seem to have a broad vision of security and include governmental websites. Timothee Lee, from Techdirt, disagrees on the basis that those websites are not linked with the military's protocols on the net. Well, I would argue that it depends of what those websites are supposed to do. If they are the main portal to a wide range of services less and less available in the "physical" world, they may be considered as primary and integrated part of the life of a nation. The building of a city hall or city council where Government offers a range of services could be classified as national security; why not the websites? Maybe the question is linked with what we mean by national security: military or beyond?
Keeping Defense.gov Up Isn't A National Security Issue http://www.techdirt.com/articles/20080518/1934151159.shtml (21 May 2008)
Tuesday, 15 April 2008
"California Lawmaker Wants To Change Law To Tax iTunes; Pretending Infinite Goods Are Tangible" (9 April 2008) http://www.techdirt.com/articles/20080408/152311789.shtml
"UK nears US in cyber-crime, ahead of Nigeria, Romania" (10 April 2008)
"UK a hotbed of cybercriminal activity" (9 April 2008)
Will that make the Government think a bit more about establishing a specific task force? or at least give money to tackle more efficiently the problem? Or at least the police? See this article about what seems to be the US:
"Cyber crime: Police not taking it seriously" (8 April 2008)
For more statistics: "Cybercrime Losses Decline for Third Consecutive Year " (31 March 2008) http://www.crime-research.org/news/31.03.2008/3282/
"International cyberattack drill tests nations' responses " (10 April 2008) http://news.zdnet.co.uk/security/0,1000000189,39383325,00.htm
The second is about the response to an attack, i.e. an early-warning system, a bit like for tsunamis in the pacific?
"US plans cyberattack early-warning system" (video- 10 April 2008) http://news.zdnet.co.uk/security/0,1000000189,39383335,00.htm
With the European COmmission (EU) urging Europe to strengthen its cyber defences "Commission eyes common cyber defences " (9 April 2008) http://www.euractiv.com/en/infosociety/commission-eyes-common-cyber-defences/article-171476
and finally NATO! "NATO agrees common approach to cyber defence" (4 April 2008) http://www.euractiv.com/en/infosociety/nato-agrees-common-approach-cyber-defence/article-171377
"Nato creates cyber-defence command" (9 April 2008)http://news.zdnet.co.uk/security/0,1000000189,39382597,00.htm, with the irony of creating a centre in Estonia! http://www.crime-research.org/news/16.05.2008/3368/ (16 May 2008)
The only liability could be if YouTube did not remove the video once informed of it...
"Video of teen beating raises questions" (11 April 2008)
Monday, 14 April 2008
http://www.techdirt.com/articles/20080410/010534808.shtml (11 April 2008)
and the NY Times http://www.nytimes.com/2008/04/10/nyregion/10indict.html (10 April 2008)
the PDF version (and full decision) is available on http://www.circleid.com/pdf/come360-counterclaim.pdf
From "Court Tells Spammer That It's Not Illegal For An ISP To Filter Its Emails" (11 April 2008) http://www.techdirt.com/articles/20080411/150256827.shtml
Friday, 4 April 2008
"Mother And Daughter Still Blame MySpace For Not Protecting Her From Sexual Assault" (1 April 2008) http://www.techdirt.com/articles/20080331/172442708.shtml
Since then it has been dropped "MySpace Still Not Liable For Sexual Assault Between Two MySpace Users" http://www.techdirt.com/articles/20080517/1524041148.shtml (19 May 2008)
This one is interesting: the Olympic Committee has asked China to lift its Firewall. Put aside (momentarily) the cynism of the request, I love what the request stands for: the fact that China could well acknowledge it has a firewall, which it never did up to now (even denied it if I remember well).
Going to the request itself, well, two interpretations which actually can be found in the comments attached to the post on TechDirt: the request does not engage much more the Committee nor China, for what matters is.... making money. Better to lift the veil temporarily to get the maximum profits both for the West ... and for China! Or else the Committee would have a change of heart? well in that case, why not ask for lifting of censorship indefinitely, not simply while the games are there? Plus, is the COmmittee really serious about human rights when it has allowed games in a country not only reknown for its continuous violations of basic human rights but also for its constant refusal to improve (see Tibet as the latest example...) and make the slightest concession
"IOC: No Chinese Internet Filters During Olympics; All Other Times It's Fine" (1 April 2008)http://www.techdirt.com/articles/20080401/105659717.shtml
Similar issue with iTunes http://www.techdirt.com/articles/20080825/2219562089.shtml (26 August2008)
The documentary should undoubtedly raise awareness about ID fraud online and how to protect oneself efficiently
One thing that always buggers me is the fact that details of the civil registry and electoral rolls are freely available (date of birth...). At a time when ID fraud is thriving and difficult to detect before it is too late, I can't understand why these personal information databases remain accessible to anyone.
Lastly, it is astonishing to realise that some do not see the threat caused by ID fraud and do not want to criminalise the use of stolen personal information! "ICO urges gov't to retain data-theft laws" (2 April 2008) http://news.zdnet.co.uk/security/0,1000000189,39378353,00.htm
"US reveals plans to hit back at cyber threats " (2 April 2008) http://news.zdnet.co.uk/security/0,1000000189,39378374,00.htm
"Army Sets Up Phishing Scam To See How Gullible Service Members Are" (3 April 2008) http://www.techdirt.com/articles/20080402/194347734.shtml
and businesses also take the threat seriously "Accenture and Sun aim to widen security scope" (2 April 2008) http://news.zdnet.co.uk/security/0,1000000189,39378365,00.htm
"Yahoo CEO: Business overseas fraught with 'grey areas' " (4 April 2008)
Monday, 31 March 2008
"FOR the purpose of prohibiting a person from intentionally, willfully, and without
authorization accessing, attempting to access, causing to be accessed, or
exceeding the person’s authorized access to wireless Internet service with a
certain knowledge; applying certain penalties; and generally relating to
unauthorized access to computers and related material."
Wonder if any similar proposal would be of any use? CMA 1990 section 1 cirminalised unauthorised access to computer; can the interpretation be extended to Wi-Fi (which after all requires access to computers?)
See "A Public Official Actually Shows Common Sense in Wireless 'Piggybacking' Debate" (21 March 2008) http://www.techdirt.com/articles/20080320/172759602.shtml
Reading the article, I was interested in the plaintiff's argument that the legal rules of the real world apply to online universe like Second Life. And the contrast to M. Leatherwood's approach to the breach: "I did it in private," he said. "I wasn't out to do a huge market thing. I was doing it for a little bit of money." In other words, breach was implicitly acknowledged; motive (=money) was at the heart of the action, like most copyrights infringment by the way; defendant did not really challenge the fact that real world rules could be transplanted to virtual worlds. Is it because money is at stake? Second Life currency being exhangeable against real dollars?
See TEchDirt 27 March 2008 http://www.techdirt.com/articles/20080326/164522658.shtml refering to
26 March 2008 on SignOnSanDiego http://hosted.ap.org/dynamic/stories/T/TECHBIT_VIRTUAL_SEX_MACHINE?SITE=CADIU&SECTION=HOME&TEMPLATE=DEFAULT
and even the Forbes newspaper mentioned it : "Lawsuit over online sex toys settled" (26 March 2006) http://www.forbes.com/markets/feeds/afx/2008/03/26/afx4817411.html
See "First 'Facebook harassment' defendant cleared" (27 March 2008)http://www.theregister.co.uk/2008/03/27/facebook_birmingham_harassment_cleared/
and with more details, the Birmingham Post (27 March 2008) http://www.birminghampost.net/news/west-midlands-news/2008/03/27/ex-boyfriend-cleared-of-facebook-harassment-65233-20681245/
Friday, 21 March 2008
The facts are the following: honeypot (= fake website or similar created by law enforcement forces like the FBI here, to attract illegal behaviours) on child porn; Mr Vosburgh clicked on a link, did not look any further on the website, and found himself arrested by the FBI. Guilty verdict returned by jury; his lawyer tries to overturn the verdict, but chances of success are small.
I have several issues with the case:
1) in itself setting up a honeypot is not "kind of sad", contrary to what is said in the McCullagh's article. Entrapment always existed, especially for serious crime which detection causes difficulties. Nothing new here
2) entrapment is however regulated, for the obvious reason that innocent people may fall in the trap without knowingly engaging into illegal behaviours. And that's where the difficulties start. To click to a porn website cannot constitute a crime in itself if mens rea, intent to go to a porn website, does not exist. Mens rea cannot be deducted from the simple action of clicking. Anybody who used the internet knows how sometimes we end up on a website we surely never intended to go, for its contents does not reflect our original search. Therefore, I found it troublesome that the FBI relied on evidence based solely on clicking. The least that we can say is that evidence gathered by entrapment is never sufficient; other corroborative evidence must be brought. According to the article, it does not seem the case. In other words, by not engaging into other investigations that could corrobate the clicking action as proof of looking at child porn, the FBI simply did not investigate the case of the alleged offender. And this is more than troublesome. The life of this person found guilty is shattered until his death: if the conviction is not overturned, he will never find employment again in academia (and he is a PhD student; think of the amount of money one has to pay to do a 3 to 4 years PhD - you have to be wealthy or borrow a lot of money), and will be systematically stigmatised for something that looks like he has never done.
Last thing, even if he was interested in child porn, that simple fact NEVER discharges the prosecution to prove beyond reasonable doubt that the person engaged in the illegal activity. If it were, we would simply live in a dictatorship, like it used to be in the USSR where one could be found guilty and send to the goulag for "unauthorised thoughts". Criminal procedure is far too serious a matter to be played with simply because we think we are morally on the right side. Reading this article on Good Friday just reminds me that whether one believes or not in Jesus Christ, the story of Good Friday is there to remind us of our "dark side", what we tend to do when we think we are right. Agree: striking the balance is not easy; but criminal procedure is about finding that balance, not denying it per se.
M. Masnick "Click This Link, Go To Jail" (20 March 2008)
D. McCullagh "FBI posts fake hyperlinks to snare child porn suspects" (20 March 2008)
Thursday, 20 March 2008
I can't disagree that three years, when there is no money gain and no defamatory statements, is harsh. But on the principle of prosecuting, sorry, I wholly agree. A fake profile in a CV or a newspaper would certainly have attracted prosecution, so why not when it's on the web? The public interest defended here is that of integrity of information. In that sense, resorting to a take down notice, as suggested in the article, does not seem appropriate. Moreover, this idea of constantly using take down notices is not particularly protective of freedom of speech, for there is absolutely no impartial control on who says what; the procedure actually bypasses completely judicial proceedings and as such attracts the same criticisms as it does for defamatory statements. "Moroccan Man Pardoned For Fake Facebook Profile" (19 March 2008)
Wednesday, 19 March 2008
1) although a virtual world in theory, its impact on the real world exists simply because the currency in Second Life can be exchanged againts... real dollars. Hence a lawyer (!) suing the publisher LInden Lab for loss of 8000 dollars because he was evicted when buying property (he did not comply with some rules). What I have not investigated and is unclear from the article is whether the eviction was based on virtual rules designed to prevent fraud...
2) the charity Familles de France (literally Families of France) is suing the publisher ... because the contents on Second Life give easy access to children to violence and pornography. The First Instance Tribunal rejected the claim on the basis the evidence presented was not tangible enough. But what if it becomes? What about the other violent games available on the market whether through or outside the internet?
By the way the article is an interview first published in December 2007, Michael Malka "Le droit dans «Second Life» (interview) " http://www.juriscom.net/pro/visu.php?ID=1039