cyberlaw informer #53

Welcome to the 53rd issue of the weekly Mishpat Cyberlaw Informer - 
Law on the net newsletter from http://mishpat.net

This newsletter is sent only to subscribers. If you no longer 
wish to receive the Cyberlaw Informer, follow the unsubscribe 
instructions at the bottom of this newsletter.

--------------------------------------------------------
 
In this issue:

1. Introduction
2. ICANN elections move forward
3. Cyber crime Part I - defining online crime
4. Cyberlaw resource review

--------------------------------------------------------

################
1. Introduction
################

I would like to welcome the many new subscribers who joined the
Cyberlaw Informer since the previous issue. 
 
This issue features the first of a four part series highlighting the
new challenges law enforcement faces in an era of high-tech crime. The
first article defines the ways in which computers can be involved in
criminal activities. 
In the next few weeks we will take a look at law enforcement agencies
new needs, at international law enforcement cooperation and
jurisdictional challenges, and at alternatives to traditional law
enforcement.

This issue also includes a short review of the ICANN elections
nomination procedure which ends next Monday (so hurry if you want to
nominate any one), and the regular resource review section. The
cyberlaw news section will be back next week.

I hope you enjoy reading the newsletter. Comments, tips, and articles
are always welcome. Send them to mailto:editor@mishpat.net

The Mishpat Cyberlaw Informer Archive (issues 1-51) is located at:
http://mishpat.net/cyberlaw/archive

Feel free to use any of the material, or forward the newsletter to a
friend. Just don't forget to mention that they can subscribe to the
Cyberlaw Informer by visiting http://CyberlawInformer.com


--------- sponsor message ----------

The Complete Internet Handbook for Lawyers

The Complete Internet Handbook for Lawyers is intended to 
help make lawyers using the Internet more productive. 
Law librarians, paralegals and other legal professionals, as 
well as law students should also find much of interest in the book.

The book covers general Internet usage, legal research, law 
firm marketing on the Internet, online ethics and security

Get the Internet Handbook for Lawyers from Amazon.com
at 20% discount!

http://mishpat.net/ads/handbook


--------- sponsor message ----------



#############################
2. ICANN elections move forward
#############################


As reported here a few month ago, the Internet Corporation for
Assigned Names and Numbers (ICANN), the non-profit, international
corporation that oversees the management of the domain name system
(DNS) and the allocation of IP address, started the "at-large"
program. 
The program was created as a new way for Internet users from all over
the globe to participate directly in the ICANN process and help ensure
the smooth coordination of the Internet's technical infrastructure. 


Later this year, five ICANN Directors will be selected by ICANN's At
Large Members in a worldwide online election. As the first step of the
election process, ICANN has chartered a Nominating Committee to
nominate a set of candidates for the consideration of the At Large
Members. 

The ICANN Nominating Committee seeks recommendations and expressions
of interest from members of the Internet community. Nomination by the
Nominating Committee,  along with self nomination, are the two avenues
for candidates to appear on the final ballot. 

Recommendations and expressions of interest should contain the
information set out on ICANN's nomination page at:
http://www.icann.org/nomcom/call.htm and should be sent to
nominations@icann.org no later than July 10, 2000 (next Monday). 

The Nominating Committee intends to complete its work by the end of
July, after which the election process will proceed to: a
self-nomination phase, in which candidates who were not nominated by
the committee can seek a place on the ballot by attracting a minimum
threshold of support from members in her/his region; a campaign
period; and  the vote of the At Large members. 


The Nominating Committee set out the following factors to consider in
making its nominations: 
1. Reputation for integrity and hard work;
2. Ability to exercise independent judgment; willingness to disclose
obligations and potential conflicts of interest;
3. Professional/volunteer roles and accomplishments;
4. Understanding of the Internet's architecture and history;
5. Experience with the Internet's architecture;
6. Specific experience with the domain name and IP address systems;
7. Experience in international and/or multicultural environments;
8. Educational background;
9. The extent to which the individual would bring relevant skills or
experience that are otherwise absent from the ICANN Board 
10. Commitment: available time, energy, and interest;
11. Indications that the individual will find broad support in the At
Large Membership;

 
The ICANN at-large program:
http://members.icann.org 

Nominating procedure:
http://www.icann.org/nomcom/call.htm

Remember: if you want to nominate any candidate, you have only until
Monday July 10th.


--------- sponsor message ----------

FreeShop

FreeShop is the starting point for online shopping, featuring  
thousands of free and trial offers. Free samples, trial issues,  
demos, coupons, catalogs, trial periods, and  product information.

FreeShop.com is a leading online direct marketing network. Learn about
or try new products, and choose from a variety of free, trial and
promotional offers from hundreds of well-known companies.

http://mishpat.net/ads/freeshop

--------- sponsor message ----------



####################################
3. Cybercrime Part I - defining online crime 
####################################

This is the first article in a four part series about cyber crime.

As the Internet's potential to provide benefits to society continues
to expand its potential to serve as a powerful new medium for those
who wish to commit unlawful acts has also grown. 

Recent attacks against commercial web sites, such as Amazon.com, and
other major Internet players such as Yahoo! CNN.com and ZDNet drew
international attention to the dangers that the Internet and other
computer networks need to face:
Cyber-criminals and cyber-terrorists threaten business and government
interests and may cause colossal damages. Online criminal activities
target government agencies, commercial entities, and consumers, and
employ various tactics including hacking, fraud, data interception,
spreading computer viruses, and other methods.

The use of new technology to commit traditional crimes, such as
securities fraud, is not new. Advances in technology - the advent of
the telephone, for instance - have always given wrongdoers new means
for engaging in unlawful conduct. The Internet is no different: it is
simply a new medium through which traditional crimes can now be
committed, albeit through the use of inexpensive and widely available
computer and telecommunications systems, and with unprecedented speed
and on a far-reaching scale. At the same time the tools and
capabilities associated with new technologies can in many instances
help law enforcement agencies solve such crimes. 

Individuals who wish to use a computer as a tool to facilitate
unlawful activity may find that the Internet provides a vast,
inexpensive, and potentially anonymous way to commit International
unlawful acts, such as fraud, the sale or distribution of child
pornography, the sale of guns or drugs or other regulated substances
without regulatory protections, and the unlawful distribution of
computer software or other creative material protected by intellectual
property rights. 

Hi-tech crime is different then other crimes since it is many times
international in nature, uses new technological tools that might make
it more difficult for law enforcement authorities to trace and locate
the cyber criminals.
National measures need to be supplemented by international
co-operation including various forms of assistance such as preserving
evidence and locating online suspects. 


As mentioned, this is the first of a four-parts series on cyber crime.
The four articles are based on two recent initiatives to fight
cybercrime:

* The first is "The Electronic Frontier: The Challenge of Unlawful
Conduct Involving the Use of the Internet", a Report by the U.S.
President's Working Group on Unlawful Conduct on the Internet. The
working group, chaired by the U.S. Attorney General, considered (1)
the extent to which existing federal laws are sufficient to address
unlawful conduct involving the use of the Internet; (2) the extent to
which new tools, capabilities, or legal authorities may be needed for
effective investigation and prosecution of such conduct; and (3) the
potential for using education and empowerment tools to minimize the
risks from such conduct. 

* The second is a draft released by the 41-nation Council of Europe
for a Convention on crime in cyberspace. If adopted, this will be the
first international treaty to address criminal law and procedural
aspects of offending behavior directed against computer systems,
networks or data as well as other similar abuses. The convention aims
to harmonize national legislation in this field, facilitate
investigations and allow efficient levels of cooperation between the
authorities of different countries. 
Given the importance of the subject, non-member states, such as
Canada, Japan, South Africa and the U.S., also participate in the
negotiations.


This part describes the different aspect of what constitutes cyber
crime, and standards in evaluating online illegal activity. The next
articles in this series will deal with the specific issues of fighting
cyber crime such as the challenges law enforcement agencies face in
light of cyber crime, and empowering Internet users.



A. Unlawful Conduct Involving Computers  
================================

Broadly speaking, computers can play three distinct roles in a
criminal case.

1.  A computer can be the target of an offense. 
One obvious way in which a computer can be involved in unlawful
conduct is when the confidentiality, integrity, or availability of a
computer's information or services is attacked. 

This form of crime targets a computer system, generally to acquire
information stored on that computer system, to control the target
system without authorization or payment, or to alter the integrity of
data or interfere with the availability of the computer or server.
Many of these violations involve gaining unauthorized access to the
target system (i.e. "hacking" into it). Other cases may fall into the
broad category of intellectual property theft. This includes not only
the theft of trade secrets, but also much more common offenses
involving the unauthorized duplication of copyrighted materials,
especially software programs. Other cases may involve a perpetrator
who seeks private information about another individual. 
The theft-of-service offenses are often associated with the practice
of "weaving," in which a hacker traverses multiple systems to conceal
his true identity and location. In this scenario, the sole reason for
breaking into a given computer may be to use it as a stepping-stone
for attacks on other systems. 

2. A computer can be incidental to an offense, but still significant
for law enforcement purposes. 
For example, drug traffickers may store transactional data (such as
names, dates, and amounts) on computers, rather than in paper form.
Another example is a hacker who uses a computer to store stolen
password lists, credit card or calling card numbers, proprietary
corporate information, pornographic image files, or "warez" (pirated
commercial software). 
Computers have made it possible for law enforcement agencies to gather
some information that may not have been previously even maintained in
the physical world. For example, an unsophisticated offender, even
after "deleting" computer files (as opposed to destroying paper
records), might leave evidence of unlawful activity that a trained
computer forensic expert could recover. 

3. Computers can be a tool for committing an offense as a
communications tool. 
Many of the crimes falling within this category are simply traditional
crimes that are committed online. Online facilities may be used in the
furtherance of a broad range of traditional unlawful activity. Email
and chat sessions, for example, can be used to plan or coordinate
almost any type of unlawful act, or even to communicate threats or
extortion demands to victims. Chat rooms and online message boards are
often used to spread false information regarding securities traded on
stock exchanges around the world.

Some criminal activities employ both the product delivery and
communications features of the Internet. For example, pedophiles may
use the Internet's file transfer utilities to distribute and receive
child pornography, and use its communications features to make contact
with children. 



B. Evaluating Unlawful Conduct on the Internet 
===================================

In its assessment of the extent to which existing laws are sufficient
to address unlawful conduct involving the use of the Internet, the
U.S. working group developed four general principles to guide its
analysis. 

1. Online-Offline Consistency 
First, substantive regulation of unlawful conduct (e.g. legislation
providing civil or criminal penalties for given conduct) should, as a
rule, apply in the same way to conduct in the cyberworld as it does to
conduct in the physical world. If an activity is prohibited in the
physical world but not on the Internet, then the Internet becomes a
safe haven for that unlawful activity. Similarly, conduct that is not
prohibited in the physical world should not be subject to prohibition
merely because it is carried out in cyberspace. 
For example, fraud that is perpetrated through the use of the Internet
should not be treated any differently, as a matter of substantive
criminal law, from fraud that is perpetrated through the use of the
telephone or the mail. 


2. Appropriate Investigatory Tools 
Second, to enforce substantive laws that apply to online conduct, law
enforcement authorities need appropriate tools for detecting and
investigating unlawful conduct involving the Internet. Features of the
Internet that make it different from prior technologies may justify
the need for changes in laws and procedures that govern the detection
and investigation of computer crimes. 

* The global and boundaryless nature of the Internet means that
different law enforcement agencies in different jurisdictions will
have to cooperate and coordinate their activities. 

* Anonymity on the Internet can facilitate fraud and deception.
Misrepresentation of identity can also result in access by children to
inappropriate material and can make criminal activity on the Internet
more difficult to detect and prove.

* The potential to reach vast audiences easily means that the scale of
unlawful conduct involving the use of the Internet is often much wider
than the same conduct in the offline world. 
For example, spreading a rumor about a specific stock on a business
related online board reaches many investors simultaneously, and makes
it much easier to manipulate stock price when compared to spreading
the rumor offline. 

* The routine storage of information that can be linked to an
individual can often provide more information to law enforcement than
may be available in the offline world, if the electronic information
is handled properly by a trained investigator. 

Thus, apart from ensuring that online and offline behavior is treated
consistently as a matter of substantive law, legislators and
policymakers should examine whether law enforcement agencies have
appropriate tools to detect and investigate unlawful conduct involving
the Internet. 


3. Technology-Neutrality 
 Third, to the extent specific regulation of online activity may be
necessary, any such regulation should be drafted in a
technology-neutral way. Regulation tied to a particular technology may
quickly become obsolete and require further amendment. 
For example, regulation of "wire communications" may not account for
the fact that communications may now occur through wireless means or
by satellite. 


4. Consideration of Other Societal Interests 
Fourth, any government regulation of conduct involving the use of the
Internet requires a careful consideration of different societal
interests, such as promoting free speech, protecting children,
protecting privacy, providing broad access to public information, and
supporting legitimate commerce. 
Accordingly, rules and regulations designed to protect the safety and
security of Internet users should be carefully tailored to accomplish
their objectives without unintended consequences, such as stifling the
growth of the Internet or chilling its use as a free and open
communication medium. 
For example, the rationale behind granting ISP immunity from liability
in cases of third-party postings is that without this immunity, ISPs
will act as censors and remove any controversial postings and web
sites, thus  threatening online freedom of speech.



C.  Addressing illegal online activity
===========================

The U.S. working group recommended a 3-part approach for addressing
unlawful conduct on the Internet: 

* First, any regulation of unlawful conduct involving the use of the
Internet should be analyzed through a policy framework that ensures
that online conduct is treated in a manner consistent with the way
offline conduct is treated, in a technology-neutral manner, and in a
manner that takes account of other important societal interests, such
as privacy and protection of civil liberties;

* Second, law enforcement needs and challenges posed by the Internet
should be recognized as significant, particularly in the areas of
resources, training, and the need for new investigative tools and
capabilities, coordination among law enforcement agencies, and
coordination with and among international counterparts; and 

* Third, there should be continued support for private sector
leadership and the development of methods - such as cyber-ethics,
appropriate technological tools, and media and other outreach efforts
- that educate and empower Internet users to prevent and minimize the
risks of unlawful activity.

In the next part of this series we will address each of those
components.


The full text of the U.S. work group's recommendation can be found at:
http://www.usdoj.gov/criminal/cybercrime/unlawful.htm

The text of the European convention draft can be found at:
http://conventions.coe.int/treaty/en/projets/cybercrime.htm

I want to thank Cyberlaw Informer reader Boaz Guttman for sending me
these documents.



--------- Sponsor message ----------

LegalSeeker

In a single search, you can combine the knowledge base of 
40 Legal search engines with the popular Web search 
engines - pinpointing the exact info you need with LegalSeeker.
 
Designed for Internet users who desire to run highly 
comprehensive searches that combine the results of multiple 
search engines, LegalSeeker delivers a clean list of results 
that can be saved, viewed offline, easily organized, and 
updated automatically.

Get you free trial (full price $99.95) Windows only.
http://mishpat.net/ads/legalseeker


--------- sponsor message ----------



#################
4. Resource review
#################

This week's resource is the Law and Politics: Internet Guide (LPIG)
at: http://www.geocities.com/CapitolHill/Lobby/5011/

There are many online legal directories linking to other sites on the
World Wide Web. Some of them are only lists of links, with no other
content other than the links. 

LPIG is not different then many other legal links sites - it has a
nice and organized list of links, its selection of sites is good, and
the layout makes it easy to navigate. Unfortunately, the site is
hosted on a free hosting service (GeoCities), with a hard to remember
URL (the site does not have its own domain name). Another problem is
that the links database is not searchable.

However, LPIG has one unique feature that makes it stand out from the
rest of the legal links sites.

LPIG includes an automated site translation service, you can have any
page on the site translated to more than a dozen languages. 
The translation service is provided by Translation Experts' InterTran
service at http://www.tranexp.com, and any site can incorporate
Translation Experts' technology for free. It isn't a perfect or
sophisticated translation, but it does show the Internet is becoming
more global in nature.

Since the Cyberlaw Informer is international in nature (readers from
more than 60 countries) I think that online legal researchers from
different countries might find it easier to search using their
mother-tongue.
The sites listed on LPIG are all in English, so even if you use LPIG
in Dutch you will end up having to read English on the linked sites,
but this is a step in making a global community while preserving
cultural and language differences.


If you would like to recommend an Internet legal resource, please send
the details to mailto:editor@mishpat.net Full credit is given to
contributors.
You can also recommend resources at the online bulletin board
http://mishpat.net/cgi-bin/bbs/UltraBoard.pl





That is all for this week,
Yedidya (Didi) M. Melchior 
Editor 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
If you have enjoyed reading this newsletter and have found 
useful information in it, we'd appreciate your help in 
spreading the word about it. You can do this by forwarding 
a copy to your friends and telling them about it. 
  

To subscribe, please visit 
http://CyberlawInformer.com

To unsubscribe, please go to 
http://mishpat.net/cyberlaw/unsubscribe.shtml

Information on how to sponsor Mishpat Cyberlaw Informer 
mailto:advertising@mishpat.net

Send suggestions and comments to 
mailto:editor@mishpat.net

If you wish to contribute an article 
mailto:editor@mishpat.net

Online archives
http://mishpat.net/cyberlaw/archive

Copyright 1999-2000 Mishpat.Net Internet Legal Information
The Cyberlaw Informer
Back to Mishpat-Update archive