Pleasant@Rutgers.ARPA (04/06/83)
HUMAN-NETS Digest Wednesday, 6 Apr 1983 Volume 6 : Issue 20 Today's Topics: Computers and the Law - Electronic Anklet & Texas Computer Crime Law (6 msgs) ---------------------------------------------------------------------- Date: 3 April 1983 18:21 EST From: Robert Elton Maas <REM @ MIT-MC> Subject: a jail cell on your foot Hey, it's not my world where everyone would have an anklet. But I rather like the idea of enforcing bail (a mechanism for making sure people come to trial while allowing them access to lawyers and not disrupting their daily life such as going to work) this way instead of with gun-toting bail bondsmen. (Ever jump bail after getting it from a bondsman, and try to stay alive?) An accused person shouldn't have to report to court physically until actually convicted of a crime serious enough to require prison. At the point of arrest the person should be given the option of (1) immediate anklet, with no booking procedure at all, or (2) regular booking procedure; thus the anklet couldn't be used en masse to enslave the population, but would be an alternative to booking. Court appearances could be done by remote terminals or in person at the choice of the accused. I could imagine somebody accused of murder (but not convicted yet) having an anklet programmed to prevent access to firearms (which would have their own transponders for that purpose), maybe. Not sure. Anyway, with the accused sitting at work assembling widgits while watching the trial on TV, the prosecutor would be eager to have a speedy trial! Perhaps after the prosecution is done, if there's a sufficient primae facie case then the accused could be taken into custody until such time as the primae facie pendulum swings back (if the person is really innocent). Thus open and shut murder cases would have a very fast prosecution-half, and the defense not having any case would not be able to delay imprisonment, while in the case of an innocent person the imprisonment would be from the time the prosecution ends until the time the defense has gotten an alibi, about 10-20 minutes, hardly worth quibbling over. Also, the jury should be able to vote at the start of deliberation whether the case is leaning toward guilt or not, and thus whether the accused should be confined or not while awaiting the final verdict. -- Just ideas, might work, might have problems, send quibbles/nits to me... ------------------------------ Date: Sun 3 Apr 83 10:47:36-PST From: Robert Amsler <AMSLER@SRI-AI.ARPA> Subject: Texas Computer Crime Bill I find nothing wrong with the definition of Operator. The bill would be designed to protect the owners of the computer--they are in fact the operator. The person hired to run the computer is their employee and merely one extension of their operation of the machine. One point which I think the bill is addressing is the ability to prosecute for the theft of CPU cycles, or any of the other less tangible computer resources (e.g. line time, disk space). Existing laws would seem to have a great deal of trouble with such intangibles and I think a new bill dealing with computer resource theft is probably reasonable. However, as everyone has said... These definitions aren't adequate. An interesting problem is whether "computer system" can be adequately defined in terms of what it DOES, rather than what it is made of. I tend to doubt this is entirely reasonable, as it seems to imply that there aren't alternate means of doing the things computers can do. Of course, defining a computer system in terms of what it consists of is likely to last only a few years... who would venture to say there will be silicon chips in the year 2000? I'd even be worried about "microelectronic components" existing by then... we're likely to have genetically engineered neural nets. But a bill that deals with technology and lasts 10 years ought to be sufficient. ------------------------------ Date: 3 April 1983 17:48 EST From: Robert Elton Maas <REM @ MIT-MC> Subject: re computers and the law If the purpose of the law is to prevent theft of money by remote control (telling commands to a computer via a dialup port, rather than being physically present), then that's how the law ought to be worded. It should be worded in such a way that pressing a key on somebody's pocket computer is a crime subject to jail or prison. It should be an amendment to the definition of theft, to include remote control, and to breaking&entering, to include deliberate bypassing of security measures with attempt to use the computer in ways that aren't unauthorized or permitted by whoever is in charge of authorizing access (the owner or lessee, or someone such as an operator or administrator carrying out the owner's or lessee's access policy). But it should be made clear that an unsecured system is the same as an unlocked door, an open invitation for anyone to enter for a visit (but not to steal something); someone must either break through security measures, or steal something whether secured or not, to commit a crime. -- So how come the lawmakers can't hit the nail on the head? Or they only pretending to be after theft, really they hate computers and want them not to be usable at all? ------------------------------ Date: 3 April 1983 17:56 EST From: Robert Elton Maas <REM @ MIT-MC> Subject: Computer Laws Hear! Hear! I agree with you almost completely (see amended paraphrase following). The basic outline of laws should be easy enough for everyone to understand, with clear pointers to all special laws for special groups of people, such as regulations for driving, regulations for installing electrical conduits, regulations for nuclear power plants, ... The total laws that anyone has to learn should be n+1 paperback books, where n is the number of special professions the person is in. We shouldn't have to make up a new law for each way of committing the same crime. Is it possible? ------------------------------ Date: Tue, 5 Apr 83 11:07:17 EST From: Jerry Leichter <Leichter@YALE.ARPA> Subject: Do we need new laws to deal with computers? It's contended that we don't need new laws, only protection of property rights that happen to be embodied in computers. This is naive. "Property rights" are exactly what the law DEFINES. You have a property right exactly when the law is willing to protect some "thing". Consider patents and copyrights. These are specific legally constructed property rights. They've been around so long that they now seem natural to us; but they are only a couple of hundred years old. Note that the Constitution contains an explicit statement that the Congress may create, if it wishes, patent and copyrights. The authors did not think this was inherent in anything else they said. If I am a sculptor, do I have some sort of property right in my artistic work even after I sell it? Certainly I have some copyright protection; but what about the work itself? Well, in France I DO have a property right. I have some control over what the purchaser can do with my work; he can't destroy it, for example, if I don't give him permission. If he resells at a profit, I am entitled to a certain percentage. I believe California is experimenting with a similar law, at least with regards to sharing profits. These are new (about 20 years old) property rights that never existed before. Technology often creates new property rights, or changes how we view old ones. Probably the oldest property laws deal with real estate. Does my control of land I own extend upward arbitrarily? No; airplanes can fly by all they like, and I have no say in the matter. With interest in solar heating, all sorts of new "property rights" issues have appeared. Can you build a house on your land that puts my solar collecter in the shade? Can you cut down trees on your land that provide me with a wind-break? New law - new property rights - are being created right now in these areas. Computer technology is full of such issues. Example: I maintain a data-base of Federal government publications (which anyone is entitled to copies of). What makes my data-base valuable is the selection and indexing. Can you use or copy my data-base without my permission? The actual data you see is all public-domain...clearly there is something there we would like to protect, but what exactly is it? Suppose I break your encryption key and read your private files. What "property" have I stolen from you? The analogue would be my looking through your window with a telescope and reading papers on your desk. While I could probably be prosecuted for SOMETHING, it most likely would not be theft or anything particularly serious. Again, in asking for legal protection in a case like this, you are asking for a definition of a new kind of property. -- Jerry decvax!yale-comix!leichter leichter @ yale ------------------------------ Date: Tue, 5 Apr 1983 19:46 EST From: SJOBRG.ANDY%MIT-OZ@MIT-MC Subject: HUMAN-NETS Digest V6 #19 Golly, a microwave oven with a memory that's used to start cooking at a pre determined time is a computer... (it manipulates information... and produces a result (like an atm does..)) Would this mean that it is a crime for the electric co to interrupt service? ------------------------------ Date: 1 Apr 1983 0212-CST From: Clive Dawson <CC.Clive@UTEXAS-20> Subject: Latest Status of Texas Computer Crime Bill Well, I take it all back. I was going to send a message chastizing everybody for non-constructive responses, but the latest Digest arrived with quite a few well thought out replies and good suggestions. Somebody mentioned that HN should be used as a sounding board for laws like this. That is precisely what's happening, in an unofficial way, of course. Some of us here at UTexas (just up the street from the state capitol) have been invited to meet with the sub-committee and present our views on this bill. Some of the points we brought out in the first public hearing have already resulted in changes to the bill. It turns out that the Bill has now made it through one pass of sub-committees, and has been simplified considerably. There are still some problems with the definition section, including the fact that "software" is defined but never used! There is also some awkward wording which needs to be fixed. But probably the main improvement is that the section which mentioned the use of computers for fraudulent purposes has been removed. Fraud is fraud, regardless of whether a computer is used or not. I thought of a good guideline that sums up my views pretty well: I would be against a law which put a crime into a special category just because a computer is used to help commit it. But I'd be in favor of a law which provided more protection for computers themselves (or their users) as VICTIMS of crimes. Breaking into a computer should be at least as serious as breaking into a house. (Hmmm...does anybody know if any laws exist to prevent somebody from handing out keys to my front door?!) Here, by the way, is a definition used in a federal Computer Fraud and Abuse bill: 'computer' means a device that performs logical, arithmetic, and storage functions by electronic manipulation, and includes any property and communication facility directly related to or operating in conjunction with such a device; but does not include an automated typewriter or typesetter, or any computer designed and manufactured for, and which is used exclusively for routine personal, family, or household purposes including a portable hand-held electronic calculator. I think this definition may go too far in the other direction, by excluding too much. What kind of protection do I want or expect for my personal home computer? It's unclear what "routine personal purposes" are. What if I'm running a business with it? Anyway, here is the revised text of the bill. It is also available by anonymous FTP from UTexas in <CC.Clive>NEWBILL.193. (The old text is OLDBILL.193.) If anybody has further comments, please send them to me and/or the digest. I'll certainly do my best to see that they do some good. (By the way, Section 3 is apparently a routine clause which gets put onto just about every bill these days...) [*** Editor's note: For ease of access, the files mentioned above have been moved to local machines on the following networks: PARC-MAXC: [Maxc]<Weissman>Bill193.new [Maxc]<Weissman>Bill193.old MIT [MIT-AI]duffey;humnet oldbil [MIT-AI]duffey;humnet newbil ***] ------------------------ A BILL TO BE ENTITLED AN ACT relating to the creation of offenses involving computers. BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS: SECTION 1. Title 7, Texas Penal Code, as amended, is amended by adding Subsection 31.14 to Chapter 31. Subsection 31.14. Computer Crimes (a) For purposes of this Section: (1) "Computer system" means a device, or a set of devices, that stores data in an intangible form, or that, in response to instructions given to it, analyzes data, converts data from one form into another, or produces new data. "Computer system" includes a network of two or more computer systems that are interconnected to function or communicate together. (2) "Computer software" means an ordered set of instructions or statements that permits a computer system to perform a specified function. (3) "Computer security system" means the design, procedures, or other measures that an owner has taken to restrict the use of a computer system to persons the owner has selected to have access for limited purposes. (b) A person commits an offense if, without the effective consent of the owner, and with intent to harm the owner or some other person he intentionally or knowingly: (1) uses a computer system with intent to harm the owner; (2) breaches a computer security system; (3) gives information regarding a computer security system to another; or (4) interferes with or interrupts the service of a computer system to a person authorized to receive the service. (c) An offense under this Section is a Class A misdemeanor. (d) The attorney general, may, upon request, assist state and local law enforcement and prosecuting agencies in investigating and prosecuting violations of Chapter 31, Subsection 31.14, Penal Code. SECTION 2. This Act takes effect September 1, 1983. SECTION 3. The importance of this legislation and the crowded condition of the calendars in both houses create an emergency and an imperative public necessity that the constitutional rule requiring bills to be read on three several days in each house be suspended, and this rule is hereby suspended, and it is so enacted. ------------------------------ End of HUMAN-NETS Digest ************************