Pleasant@Rutgers.ARPA (04/06/83)
HUMAN-NETS Digest Wednesday, 6 Apr 1983 Volume 6 : Issue 20
Today's Topics:
Computers and the Law - Electronic Anklet &
Texas Computer Crime Law (6 msgs)
----------------------------------------------------------------------
Date: 3 April 1983 18:21 EST
From: Robert Elton Maas <REM @ MIT-MC>
Subject: a jail cell on your foot
Hey, it's not my world where everyone would have an anklet. But I
rather like the idea of enforcing bail (a mechanism for making sure
people come to trial while allowing them access to lawyers and not
disrupting their daily life such as going to work) this way instead
of with gun-toting bail bondsmen. (Ever jump bail after getting it
from a bondsman, and try to stay alive?) An accused person shouldn't
have to report to court physically until actually convicted of a
crime serious enough to require prison. At the point of arrest the
person should be given the option of (1) immediate anklet, with no
booking procedure at all, or (2) regular booking procedure; thus the
anklet couldn't be used en masse to enslave the population, but
would be an alternative to booking. Court appearances could be done
by remote terminals or in person at the choice of the accused.
I could imagine somebody accused of murder (but not convicted yet)
having an anklet programmed to prevent access to firearms (which
would have their own transponders for that purpose), maybe. Not
sure. Anyway, with the accused sitting at work assembling widgits
while watching the trial on TV, the prosecutor would be eager to
have a speedy trial! Perhaps after the prosecution is done, if
there's a sufficient primae facie case then the accused could be
taken into custody until such time as the primae facie pendulum
swings back (if the person is really innocent). Thus open and shut
murder cases would have a very fast prosecution-half, and the
defense not having any case would not be able to delay imprisonment,
while in the case of an innocent person the imprisonment would be
from the time the prosecution ends until the time the defense has
gotten an alibi, about 10-20 minutes, hardly worth quibbling over.
Also, the jury should be able to vote at the start of deliberation
whether the case is leaning toward guilt or not, and thus whether
the accused should be confined or not while awaiting the final
verdict.
-- Just ideas, might work, might have problems, send quibbles/nits
to me...
------------------------------
Date: Sun 3 Apr 83 10:47:36-PST
From: Robert Amsler <AMSLER@SRI-AI.ARPA>
Subject: Texas Computer Crime Bill
I find nothing wrong with the definition of Operator. The bill would
be designed to protect the owners of the computer--they are in fact
the operator. The person hired to run the computer is their employee
and merely one extension of their operation of the machine.
One point which I think the bill is addressing is the ability to
prosecute for the theft of CPU cycles, or any of the other less
tangible computer resources (e.g. line time, disk space). Existing
laws would seem to have a great deal of trouble with such
intangibles and I think a new bill dealing with computer resource
theft is probably reasonable.
However, as everyone has said... These definitions aren't adequate.
An interesting problem is whether "computer system" can be
adequately defined in terms of what it DOES, rather than what it is
made of.
I tend to doubt this is entirely reasonable, as it seems to imply
that there aren't alternate means of doing the things computers can
do. Of course, defining a computer system in terms of what it
consists of is likely to last only a few years... who would venture
to say there will be silicon chips in the year 2000? I'd even be
worried about "microelectronic components" existing by then... we're
likely to have genetically engineered neural nets. But a bill that
deals with technology and lasts 10 years ought to be sufficient.
------------------------------
Date: 3 April 1983 17:48 EST
From: Robert Elton Maas <REM @ MIT-MC>
Subject: re computers and the law
If the purpose of the law is to prevent theft of money by remote
control (telling commands to a computer via a dialup port, rather
than being physically present), then that's how the law ought to be
worded. It should be worded in such a way that pressing a key on
somebody's pocket computer is a crime subject to jail or prison. It
should be an amendment to the definition of theft, to include remote
control, and to breaking&entering, to include deliberate bypassing
of security measures with attempt to use the computer in ways that
aren't unauthorized or permitted by whoever is in charge of
authorizing access (the owner or lessee, or someone such as an
operator or administrator carrying out the owner's or lessee's
access policy).
But it should be made clear that an unsecured system is the same as
an unlocked door, an open invitation for anyone to enter for a visit
(but not to steal something); someone must either break through
security measures, or steal something whether secured or not, to
commit a crime. -- So how come the lawmakers can't hit the nail on
the head? Or they only pretending to be after theft, really they
hate computers and want them not to be usable at all?
------------------------------
Date: 3 April 1983 17:56 EST
From: Robert Elton Maas <REM @ MIT-MC>
Subject: Computer Laws
Hear! Hear!
I agree with you almost completely (see amended paraphrase
following). The basic outline of laws should be easy enough for
everyone to understand, with clear pointers to all special laws for
special groups of people, such as regulations for driving,
regulations for installing electrical conduits, regulations for
nuclear power plants, ... The total laws that anyone has to learn
should be n+1 paperback books, where n is the number of special
professions the person is in. We shouldn't have to make up a new law
for each way of committing the same crime.
Is it possible?
------------------------------
Date: Tue, 5 Apr 83 11:07:17 EST
From: Jerry Leichter <Leichter@YALE.ARPA>
Subject: Do we need new laws to deal with computers?
It's contended that we don't need new laws, only protection of
property rights that happen to be embodied in computers.
This is naive. "Property rights" are exactly what the law DEFINES.
You have a property right exactly when the law is willing to protect
some "thing". Consider patents and copyrights. These are specific
legally constructed property rights. They've been around so long
that they now seem natural to us; but they are only a couple of
hundred years old. Note that the Constitution contains an explicit
statement that the Congress may create, if it wishes, patent and
copyrights. The authors did not think this was inherent in anything
else they said.
If I am a sculptor, do I have some sort of property right in my
artistic work even after I sell it? Certainly I have some copyright
protection; but what about the work itself? Well, in France I DO
have a property right. I have some control over what the purchaser
can do with my work; he can't destroy it, for example, if I don't
give him permission. If he resells at a profit, I am entitled to a
certain percentage. I believe California is experimenting with a
similar law, at least with regards to sharing profits. These are
new (about 20 years old) property rights that never existed before.
Technology often creates new property rights, or changes how we view
old ones. Probably the oldest property laws deal with real estate.
Does my control of land I own extend upward arbitrarily? No;
airplanes can fly by all they like, and I have no say in the matter.
With interest in solar heating, all sorts of new "property rights"
issues have appeared. Can you build a house on your land that puts
my solar collecter in the shade? Can you cut down trees on your
land that provide me with a wind-break? New law - new property
rights - are being created right now in these areas.
Computer technology is full of such issues. Example: I maintain a
data-base of Federal government publications (which anyone is
entitled to copies of). What makes my data-base valuable is the
selection and indexing. Can you use or copy my data-base without my
permission? The actual data you see is all public-domain...clearly
there is something there we would like to protect, but what exactly
is it? Suppose I break your encryption key and read your private
files. What "property" have I stolen from you? The analogue would
be my looking through your window with a telescope and reading
papers on your desk. While I could probably be prosecuted for
SOMETHING, it most likely would not be theft or anything
particularly serious. Again, in asking for legal protection in a
case like this, you are asking for a definition of a new kind of
property.
-- Jerry
decvax!yale-comix!leichter
leichter @ yale
------------------------------
Date: Tue, 5 Apr 1983 19:46 EST
From: SJOBRG.ANDY%MIT-OZ@MIT-MC
Subject: HUMAN-NETS Digest V6 #19
Golly, a microwave oven with a memory that's used to start cooking
at a pre determined time is a computer... (it manipulates
information... and produces a result (like an atm does..)) Would
this mean that it is a crime for the electric co to interrupt
service?
------------------------------
Date: 1 Apr 1983 0212-CST
From: Clive Dawson <CC.Clive@UTEXAS-20>
Subject: Latest Status of Texas Computer Crime Bill
Well, I take it all back. I was going to send a message chastizing
everybody for non-constructive responses, but the latest Digest
arrived with quite a few well thought out replies and good
suggestions.
Somebody mentioned that HN should be used as a sounding board for
laws like this. That is precisely what's happening, in an
unofficial way, of course. Some of us here at UTexas (just up the
street from the state capitol) have been invited to meet with the
sub-committee and present our views on this bill. Some of the
points we brought out in the first public hearing have already
resulted in changes to the bill.
It turns out that the Bill has now made it through one pass of
sub-committees, and has been simplified considerably. There are
still some problems with the definition section, including the fact
that "software" is defined but never used! There is also some
awkward wording which needs to be fixed. But probably the main
improvement is that the section which mentioned the use of computers
for fraudulent purposes has been removed. Fraud is fraud,
regardless of whether a computer is used or not.
I thought of a good guideline that sums up my views pretty well: I
would be against a law which put a crime into a special category
just because a computer is used to help commit it. But I'd be in
favor of a law which provided more protection for computers
themselves (or their users) as VICTIMS of crimes. Breaking into a
computer should be at least as serious as breaking into a house.
(Hmmm...does anybody know if any laws exist to prevent somebody from
handing out keys to my front door?!)
Here, by the way, is a definition used in a federal Computer Fraud
and Abuse bill:
'computer' means a device that performs logical, arithmetic,
and storage functions by electronic manipulation, and
includes any property and communication facility directly
related to or operating in conjunction with such a device;
but does not include an automated typewriter or typesetter,
or any computer designed and manufactured for, and which is
used exclusively for routine personal, family, or household
purposes including a portable hand-held electronic
calculator.
I think this definition may go too far in the other direction, by
excluding too much. What kind of protection do I want or expect for
my personal home computer? It's unclear what "routine personal
purposes" are. What if I'm running a business with it?
Anyway, here is the revised text of the bill. It is also available
by anonymous FTP from UTexas in <CC.Clive>NEWBILL.193. (The old
text is OLDBILL.193.) If anybody has further comments, please send
them to me and/or the digest. I'll certainly do my best to see that
they do some good. (By the way, Section 3 is apparently a routine
clause which gets put onto just about every bill these days...)
[***
Editor's note: For ease of access, the files mentioned above have
been moved to local machines on the following networks:
PARC-MAXC:
[Maxc]<Weissman>Bill193.new
[Maxc]<Weissman>Bill193.old
MIT
[MIT-AI]duffey;humnet oldbil
[MIT-AI]duffey;humnet newbil
***]
------------------------
A BILL TO BE ENTITLED
AN ACT
relating to the creation of offenses involving computers.
BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF TEXAS:
SECTION 1. Title 7, Texas Penal Code, as amended, is
amended by adding Subsection 31.14 to Chapter 31.
Subsection 31.14. Computer Crimes
(a) For purposes of this Section:
(1) "Computer system" means a device, or a set of
devices, that stores data in an intangible form, or that, in
response to instructions given to it, analyzes data, converts data
from one form into another, or produces new data. "Computer system"
includes a network of two or more computer systems that are
interconnected to function or communicate together.
(2) "Computer software" means an ordered set of
instructions or statements that permits a computer system to perform
a specified function.
(3) "Computer security system" means the design,
procedures, or other measures that an owner has taken to restrict
the use of a computer system to persons the owner has selected to
have access for limited purposes.
(b) A person commits an offense if, without the effective
consent of the owner, and with intent to harm the owner or some
other person he intentionally or knowingly:
(1) uses a computer system with intent to harm the
owner;
(2) breaches a computer security system;
(3) gives information regarding a computer security
system to another; or
(4) interferes with or interrupts the service of a
computer system to a person authorized to receive the service.
(c) An offense under this Section is a Class A misdemeanor.
(d) The attorney general, may, upon request, assist state
and local law enforcement and prosecuting agencies in investigating
and prosecuting violations of Chapter 31, Subsection 31.14, Penal
Code.
SECTION 2. This Act takes effect September 1, 1983.
SECTION 3. The importance of this legislation and the
crowded condition of the calendars in both houses create an
emergency and an imperative public necessity that the constitutional
rule requiring bills to be read on three several days in each house
be suspended, and this rule is hereby suspended, and it is so
enacted.
------------------------------
End of HUMAN-NETS Digest
************************