[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] (Fwd) FC: U.S. wants to be the world's cyber police, from SecurityFocus


------- Forwarded message follows -------
Date sent:      	Tue, 27 Nov 2001 09:26:32 -0500
To:             	politech@politechbot.com
From:           	Declan McCullagh <declan@well.com>
Subject:        	FC: U.S. wants to be the world's cyber police, from SecurityFocus
Send reply to:  	declan@well.com


---

From: "Kevin L. Poulsen" <klp@securityfocus.com>
To: "Declan McCullagh" <declan@well.com>
Subject: U.S as the world's cyber police
Date: Mon, 26 Nov 2001 12:23:46 -0500


http://www.securityfocus.com/columnists/39

Ashcroft's Global Internet Power-Grab

A little-noticed provision in the new anti-terrorism act imposes U.S.
cyber crime laws on other nations, whether they like it or not

By Mark Rasch

Much has been written about the new anti-terrorism legislation passed
by Congress and signed by President Bush, particularly as it respects
the ability of the government to conduct surveillance on email,
voice-mail, and other electronic communications. However, too little
attention has been paid to other provisions of the legislation,
particularly a significant change to the definition of the types of
computers protected under federal law.

An amendment to the definition of a "protected computer" for the first
time explicitly enables U.S. law enforcement to prosecute computer
hackers outside the United States in cases where neither the hackers
nor their victims are in the U.S., provided only that packets related
to that activity traveled through U.S. computers or routers.

[...]

The new statute requires no threshold of damage or even effect on U.S.
computers to trigger U.S. sovereignty. The vast majority of Internet
traffic travels through the United States, with more than half of the
traffic traveling through Northern Virginia alone. The mere fact that
packets relating to the criminal activity travel through the United
States should not be enough to trigger U.S. jurisdiction, even though
such traffic would "affect" international commerce, albeit
infinitesimally.

The expanded statute, and the DOJ policy guidance, would permit the
U.S. to impose its law on the Internet generally, without the need to
show damage or trespass to a U.S. computer, merely on the basis of
packets being inadvertently routed through U.S. computers. This
represents and unwarranted and dangerous expansion of U.S.
sovereignty, and will invariably result in more turf battles with
foreign law enforcement agencies, rather than fewer.

Under the Department of Justice's interpretation of this legislation,
a computer hacker in Frankfurt Germany who hacks into a computer in
Cologne Germany could be prosecuted in the Eastern District of
Virginia in Alexandria if the packet of related to the attack traveled
through America Online's computers. Moreover, the United States would
reserve the right to demand that the extradition of the hacker even if
the conduct would not have violated German law, or to, as it has in
other kinds of cases, simply remove the offender forcibly for trial.

<snip>




----------------------------------------------------------------------
--- POLITECH -- Declan McCullagh's politics and technology mailing
list You may redistribute this message freely if you include this
notice. Declan McCullagh's photographs are at
http://www.mccullagh.org/ To subscribe to Politech:
http://www.politechbot.com/info/subscribe.html This message is
archived at http://www.politechbot.com/
----------------------------------------------------------------------
---

------- End of forwarded message -------

-- 
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de