brad@looking.on.ca (Brad Templeton) (12/18/90)
In article <1990Dec10.211625.9536@eff.org> mkapor@eff.org (Mitch Kapor) writes: >The preamble of the new bill explicitly recognizes that the integrity >of computer systems must be protected in a way that does not infringe on >the rights of users of computer technology, including freedoms of >speech, association, and privacy. > .... > We need to >make appropriate distinctions in the legal code among various forms of >computer crime based on such factors as intent and the degree of actual >damage. I agree with that principle, but I would like to bring up an issue that is not discussed as frequently. Most computer break-ins are indeed of variety that Douglas Adams might call "mostly harmless." And as such, we see public reaction as excessive at times. But at the same time, those of us interested in privacy rights must consider that many harmless break-ins are a fairly serious invasion of privacy. Unless you're breaking into the public areas of a public system (for example, merely to steal some online time on a system like CompuServe) then your actions clearly have a strong intent to invade privacy. I have a lot of personal information stored in files -- non publicly readable files -- on my computers. Not just financial stuff, but private E-mail logs, formatter source for all my personal letters, etc. The mere knowledge that somebody broke into my system to "look around" (say with root perms) would be highly disconcerting, regardless of whether they looked at the private stuff or not. It's like how you would feel if somebody opened your filing cabinet or desk drawers to "look around," not necessarily taking anything, destroying anything or altering anything. We all react strongly to the break-ins that involve file alterations, copying and erasure. How should we react to those who enter our system to look around? How should the law react? -- Brad Templeton, ClariNet Communications Corp. -- Waterloo, Ontario 519/884-7473
mnemonic@eff.org (Mike Godwin) (12/18/90)
In article <1990Dec17.193830.6156@looking.on.ca> brad@looking.on.ca (Brad Templeton) writes: > >But at the same time, those of us interested in privacy rights must >consider that many harmless break-ins are a fairly serious invasion of >privacy. Unless you're breaking into the public areas of a public >system (for example, merely to steal some online time on a system like >CompuServe) then your actions clearly have a strong intent to invade >privacy. >[text deleted] >We all react strongly to the break-ins that involve file alterations, copying >and erasure. How should we react to those who enter our system to >look around? How should the law react? It's worth remembering how the law has dealt with non-computer-based invasions of privacy. It has prescribed a scheme under which such invasions are remediable through (and deterred by) civil law rather than criminal law. --Mike -- Mike Godwin, (617) 864-0665 |"If the doors of perception were cleansed mnemonic@eff.org | every thing would appear to man as it is, Electronic Frontier | infinite." Foundation | --Blake
peterm@sumax.seattleu.edu (Peter Marshall) (12/20/90)
Mike Godwin's reply to Brad Templeton makes a good point via pointing out the tendency to civil remedies for so-called invasions of privacy. But is this really always the case? E.g., seems not to be with some statutes dealing with, of all things, such "invasions" via telecom. In fact, humble memory says WA's "interception" statute, often referred to as a "privacy act," does prescribe some criminal sanctions, and, interestingly, has come up in the "CallerID" context, speaking of privacy.