Nmap Announce mailing list archives
Re: Draft Convention on Cybercrime
From: Jeff Simmons <jsimmons () goblin punk net>
Date: Sat, 3 Jun 2000 13:46:23 -0700 (PDT)
I've seen a lot of discussion about the specific language of such laws and proposals, both here and elsewhere. While interesting, I don't think it is of much value. Allow me to present the following highly cynical piece of flamebait describing how the process actually works. 1) A specific problem is identified, in this case the generic one of "cybercrime". Persons and organizations affected by this problem wish to remove the responsibility for solving it from themselves and place it on the taxpayers. 2) The affected parties go to Washington (substitute here the power center of your choice) to purchase a law. During negotiations, the law will balloon into a massive 'wish list' of things the purchasers would like the taxpayers to do for them. Many of these things will appear to violate previously purchased laws, or previous decisions on constitutional rights. For examples, see the DMCA and UCITA. 3) In an attempt to maximize revenues, legislators will allow other interested parties to either purchase related/contravening laws, or purchase alterations to the proposed law. The final package will be totally incomprehensible to anyone, even the highly paid lawyers who wrote it. 4) A few of these laws actually get enacted. Most will die somewhere along the way. Once enacted, nobody will have a clue as to what the actual consequences of the new law will be. Despite the new law, business continues as usual. 5) In order to find out how this shiny new law actually works, a test case will be selected. This case will be carefully scrutinized by all parties concerned in order to figure out how their brand new piece of legislation will be interpreted by the only folks who matter, the courts. Note that this is the FIRST step in the process where decisions are made by people who have no vested economic interest in the effects of the new law. During this period, parties with lots of money to throw around will be able to use the threat of an expensive lawsuit/test case to stomp all over parties who cannot afford to participate in the process. 6) In the end, when the last question about the meaning of the new law has been settled by a 5 to 4 decision of the Supreme Court, the final result will be surprisingly intelligent. Various compromises will have been made, changes implemented, costs examined, funding allocated, etc. While the tax burden will increase, the economic effects will tend to benefit everyone. This of course will be small consolation to the people who's lives, businesses, and reputations were destroyed while the system slowly worked it's way to an acceptable conclusion (see Kevin Mitnik). Bottom line? Arguing about the meaning of some particular language in a proposed law ain't gonna do us any good. Getting some input into the process may. I make a pretty good living building, maintaining, and securing computer networks, and I'm perfectly willing to send some bucks to an organization like the EFF to help fight the DeCSS thing. And I've been lucky enough that on occasion I've been able to speak to various groups of people and try to explain what this computer security thing is all about, and why open disclosure works far better than security by obscurity. Those of us who are in any way involved with network security professionally need someplace where we can put our money/mouths/efforts to try and get our side of things presented during this process. Anybody got any suggestions? -- Jeff Simmons jeff () punk net Simmons Consulting - Network Engineering and Administration Punknet - what happens when a bunch of computer geeks with way too much free time and free hardware get pissed off at their ISP. "You guys, I don't hear any noise. Are you sure you're doing it right?" -- My Life With The Thrill Kill Kult
Current thread:
- Re: Draft Convention on Cybercrime, (continued)
- Re: Draft Convention on Cybercrime David Ford (Jun 02)
- Re: Draft Convention on Cybercrime Bart van Leeuwen (Jun 02)
- Re: Draft Convention on Cybercrime Mike Black (Jun 03)
- Re: Draft Convention on Cybercrime dhaag (Jun 03)
- Re: Draft Convention on Cybercrime Bart van Leeuwen (Jun 03)
- Re: Draft Convention on Cybercrime David Dennis (Jun 03)
- Re: Draft Convention on Cybercrime Mike Black (Jun 03)
- Re: Draft Convention on Cybercrime White Vampire (Jun 03)
- Re: Draft Convention on Cybercrime Tyler Allison (Jun 03)
- Re: Draft Convention on Cybercrime Matt Marnell (Jun 03)
- RE: Draft Convention on Cybercrime Marjorie Simmons (Jun 03)
- Re: Draft Convention on Cybercrime Jeff Simmons (Jun 03)
- Re: Draft Convention on Cybercrime Simple Nomad (Jun 04)
- RE: Draft Convention on Cybercrime Marjorie Simmons (Jun 05)