Protesters vs. Hackers

|

A New York Times story about E.U. anti-hacker legislation raises more questions than it answers.

The agreement [among E.U. justice ministers], reached last week, obliges all 15 member states to adopt a new criminal offense: illegal access to, and illegal interference with an information system. It calls on national courts to impose jail terms of at least two years in serious cases.

Critics from the legal profession say the agreement makes no legal distinction between an online protester and terrorists, hackers and spreaders of computer viruses that the new laws are intended to trap.

Thus, the Times reports, an effort like last week's "virtual protest march" against war in Iraq, which involved sending thousands of e-mail messages to the White House and Senate, could be construed as "illegal interference with an information system" if it occurred within the E.U. According to one critic, the legislation "criminalizes behavior which, until now, has been seen as lawful civil disobedience."

"Lawful civil disobedience"? Isn't that a contradiction in terms? Maybe he means "nonviolent"?

The issue is not clarified by the European Parliament deputy from Italy who "said he failed to persuade the ministers to insert wording that differentiates between the online equivalent of trespassing and someone breaking and entering." In what sense is sending an e-mail message "the online equivalent of trespassing"? And if it is, shouldn't it be criminal? Is the point just that the penalty should not be as severe? Or that it should be legal, provided you have a good motive?

The headline–"Europe Hacker Laws Could Make Protest a Crime"–had me primed to be outraged. After reading the article, I'm merely annoyed–and not at the E.U.

NEXT: Pro-War France

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. I keep having flashbacks to High School History lessons and the discussion of Nazi Germany. It scares me that we seem to be headed in that direction.

  2. Jessica-

    Can you be more vague?

    Do you feel the same way about Chickens? 😉

  3. I’m not so sure I’m comfortable with the concept that unwanted email is trespassing, but I’m not sure why. I guess it depends on who actually owns the email account – it probably technically belongs to your ISP, you’re just ‘renting’ it from them. In any case perhaps the problem is that email is not currently configured to put up the equivalent of a ‘no solicitors’ sign. Currently the only thing that keeps hundreds of folks from knocking on your door every day to sell something is the relative cost inefficiency of door-to-door sales vs. telemarketing and spamming. I do not know if you can prosecute a salesman for trespass if you put up such a sign, but it would make sense since it is your property.

    There could be a solution to the spam problem provided by market mechanisms – what about a secure email system that only accepts email from known sources? You have to send a note to that person first or manually add their address in order to recieve mail. Seems simple enough, perhaps such an email program already exists?

  4. The “virtual protest” was designed as a sort of distributed denial-of-service attack; the purpose was to overwhelm the email and phone systems of Congress. It wasn’t about speech — it was about harassment.

    Coordinating an effort to send messages to Congress should definitely not be illegal. But I don’t really have a problem with making it a crime to deliberately try to screw up someone’s email and/or phone.

  5. You people think the giving the government the power to regulate email is a GOOD thing? And of course they would only use this power to rid us of the inconvenience of deleting the spam from our email boxes. Oh yeah there’s a necessary function of the federal government. Something that positively requires congressional oversight, right?

    Say here’s a thought; how bout the Feds keep their power-lusting fingers out of it all together and allow private enterprise to provide solutions.

  6. Whether you “own” or “rent” your email account is irrelevant. Renters have just as much of a right to exclude solicitors from their homes as homeowners do. If the original owner had the right to exclude solicitors, why can’t he rent out that right along with the unit? The answer, of course, is that he can do so, and in most cases, does.

    It would be different if your ISP “rents” you an email account at a discount, while expressly reserving the right to allow others to spam you to Kingdom Come. Even then, however, you would have every right to exclude all spammers who did not obtain your ISP’s prior consent.

  7. In response to Xrlq:

    I think the situation you describe does exist. I get very little spam on my work or home email account. Most of it is stuff I expect to get based on the organizations I’ve volutarily had business contacts with. I suspect, however, that if you have a ‘free’ hotmail or yahoo account, you probably are one of those people who gets inundated with spam. Why on earth would anyone provide you a ‘free’ email account unless they were planning to use it to subject you to advertisements? It’s the same reason you can get broadcast radio and TV for free.

    In my post above, I puzzled over the ownership issue because, unlike an apartment or rental house, there is no explicit contract or legal regulation stating you have a ‘no trespass’ right included with your email account. I followed that with ‘In any case…’ because to the extent that the ISP provider is considered the ‘owner’ they can choose to sell or not sell that ‘no trespass’ right to you. My main point however is that the nature of email makes it difficult to indicate to unwanted solicitors that their solicitations are unwelcome. Even your home phone is not analogous to this situation, because you can refuse to answer it. However every spam you get takes up a certain amount of your rented email storage space and is therefore a potentially unauthorized use of property that does not belong to the sender.

    I do agree however with the sentiments also expressed by other posters that this should be a matter left to private individuals to work out – if we let the government regulate it they will find a way to either screw it up or invade or privacy unnecessarily, or both.

  8. Jim-

    You said…

    “I’m not so sure I’m comfortable with the concept that unwanted email is trespassing, but I’m not sure why. I guess it depends on who actually owns the email account – it probably technically belongs to your ISP, you’re just ‘renting’ it from them.”

    So far this year I have received 4437 messages on my primary account – that’s a little over 63 unwanted messages per day.

    I pay a monthly fee for mail service, so I am entitled to a certain amount of space on the server as well as a certain amount of bandwidth. Every unsolicited email takes up space that I could be using and when the mailbox fills up, important mail gets bounced.

    So then I download the mail to my PC so that I can read it. My PC is my property – and they are now taking up space in a very physical way – just like a trespasser.

    Also, I pay for the service, and I can’t conveniently screen each message before I download it so I am forced to wait for all of the spam to download.

    So here I sit in my rented apartment. The front door is unlocked. Can a salesperson walk inside and start taking up space? I am renting after all. What should I do if this happens? Is it wrong if I object?

    “In any case perhaps the problem is that email is not currently configured to put up the equivalent of a ‘no solicitors’ sign.”

    Spammers don’t care. If you call the cops on a solicitor they *might* show up and take a report. If you report a spammer, 90% nothing happens. And in the cases where something does happen, an account is simply terminated a week or two after the actual offending email was sent (and the payload has been delivered).

    To truly fight Spam, it must be preemptive so that it never reaches my machine.

    Only ISP’s can truly fight Spam – but they aren’t interested because spammers pay them money to stay in business.

    “You have to send a note to that person first or manually add their address in order to receive mail. Seems simple enough, perhaps such an email program already exists?”

    You are talking about whitelisting. It’s a real pain. Just about everyone I know has 5 or 6 email addresses that they send mail from. I would need to approve each. That might take more time than spam. And what about strangers? Should we all crawl into a hole just because some unemployed mental midget likes to spend his/her day bothering people?

    For what it’s worth, telemarketers are trespassing too.

    Later,
    Neb

  9. Warren-

    “You people think the giving the government the power to regulate email is a GOOD thing?”

    No. Nobody said that.

    I do think that companies should stop taking money from Spammers, and when pestilence comes from a node of the Internet, it should be shut off until the infection stops. This goes for Spam and Denial of Service Attacks as well.

    In this case the free market gets you Spammed. I’m paying to receive Spam and Spammers are paying to Send it. ISP’s just suck up the cash and laugh.

  10. Neb is correct about whitelisting: it’s easy, in the sense of not complex, but a PIA. Additionally, it means that you won’t be able to get mail from an old friend or former colleague who grabbed your email from a CC list.

    But, Neb, come on. “My PC is my property – and they are now taking up space in a very physical way – just like a trespasser.” Well, no. If this were true, then sites that create cookies are also trespassing and one would be “stealing” every time one downloaded a temp file to play a sound clip or flash cartoon.

    And, Neb, is that your real email address? No wonder you get so much spam. Someone who didn’t like you might take that and register for a few dozen online contests, just out of spite.

    Anyway, there are some pretty good smart filters out there, so the battle between people who don’t want to buy nothing and the salesmen of the world continues.

  11. Jim-

    “I get very little spam on my work or home email account. Most of it is stuff I expect to get based on the organizations I’ve voluntarily had business contacts with.”

    You must not do much on the Internet. A guy I work with was bragging about the same thing. Then he mused that he got a Spam one day. Within 30 days he was up to 30 messages per day.

    Your ISP may have Spam filtering, or they might not be on the Spammers radar. But once they find your ISP, a Spammer will fire off an email to EVERY POSSIBLE ACCOUNT on your server. Whether you respond or not, they will be able to tell that the account is active – then they will sell it to friends. It snowballs from there.

    “Why on earth would anyone provide you a ‘free’ email account unless they were planning to use it to subject you to advertisements? It’s the same reason you can get broadcast radio and TV for free.”

    The reason Spam is commonly associated with free email services is that so many users are congregated in one domain name. The method described above yields VERY rich results on domain names like hotmail.com, yahoo.com, and aol.com (in fact, AOL receives more Spam emails each day than it’s users send!).

    “In my post above, I puzzled over the ownership issue because, unlike an apartment or rental house, there is no explicit contract or legal regulation stating you have a ‘no trespass’ right included with your email account.”

    How about when you rent a Uhaul? Can anyone start loading furniture into it? The “no trespass” right isn’t transferred in that case either. Still, you’d probably object.

    “My main point however is that the nature of email makes it difficult to indicate to unwanted solicitors that their solicitations are unwelcome.”

    What is wrong with starting with the assumption that a solicitor is unwelcome when not on their own property?

    “Even your home phone is not analogous to this situation, because you can refuse to answer it.”

    The problem is that people are asserting their wishes upon me on my own property. Once I leave my property, I’m fair game for marketers. Any time someone is shifting the burden of delivering their message to a service I pay for, it is trespassing. Yes, even the phone.

    How about those “TeleZappers”? Telemarketers have now found a way around them. What more obvious “NO SOLICITING” statement is there than a faked “Line is Disconnected” tone?

    The enemy here is the Direct Marketing Association. Their entire industry is based on me paying for them to advertise.

  12. First off, the amount of disk space that email takes up is freaken trivial. I archive *every* message that comes in to my primary email account, and from 30 January to 5 March (right now) that is *UNCOMPRESSED* 28MiB. This includes HTML mail, mail with pictures attached (none this month I believe) spam and everything. Compressed (bz2, not zip) it’s only 12 meg.

    And yes, that’s still usage, but you can always reclaim that space by hitting the key, just as you can throw junk mail away.

    Oh, and I get somewhere in the neighborhood of 100 -200 messages a day. I’ve had that particular address since 1996, used it to post to Usenet, etc. It probably gets about 5-10 peices of spam (to me, not including what comes in through mailing lists) a day.

    Trivial. Part of the cost of being on line.

    There are services (for larger providers) that do spam tagging and filtering. We’re using one at work. It puts stuff in header lines that one can use procmail, maildrop or your mailers filtering tools on.

    As far as the EU passing laws that criminalize certain forms of protest, what do you expect? Euroweenies will probably spin this as a “freedom” from something or other.

  13. j.c.-

    You said…

    “But, Neb, come on. ‘My PC is my property – and they are now taking up space in a very physical way – just like a trespasser.’ Well, no. If this were true, then sites that create cookies are also trespassing and one would be ‘stealing’ every time one downloaded a temp file to play a sound clip or flash cartoon. ”

    There are some important differences here.

    1) You can turn cookies off.
    2) Cookies store information about you for your benefit (generally).
    3) Every time you click on a site, technically you are soliciting them by requesting info.

    “And, Neb, is that your real email address? No wonder you get so much spam. Someone who didn’t like you might take that and register for a few dozen online contests, just out of spite.”

    No, it’s not my real email address. The statistics mentioned before *were* from my real email address though. I accept that this account is Spamfodder, so if you want to send me hate mail, please understand that I have to wade through a few hundred Spam messages before I see yours.

    “Anyway, there are some pretty good smart filters out there, so the battle between people who don’t want to buy nothing and the salesmen of the world continues.”

    So now I have to pay a programmer money to stop Spam.

    Yeah, right, and I should have to pay the phone company to stop telemarketers.

    Maybe I could pay the post office to not deliver the junk mail (litter in my mailbox).

    And I’m sure the Mafia would like me to pay them so they don’t break my legs too.

  14. “In what sense is sending an e-mail message ‘the online equivalent of trespassing’?”

    How about Spam?

    It is the online eqivalent of a couple hundred people trudging through my yard every day.

    Worse yet, they are solicitors.

  15. Neb,

    your point is that you are ‘paying for a service’ that other people are using. What is important here is that it is something you’ve agreed to use, voluntarily, that may or may not come with some strings attached. It’s part of the environment of the internet (or of the phone lines) and you can either choose to tolerate it, ignore it, or pay extra for a service to get rid of it (unwanted solicitation, that is).

    With regards to the Uhaul example, not only would I have a problem with it but so would Uhaul, since the person using it, even if I gave them my consent, did not sign paperwork to agree to be responsible for it (although they would hold me responsible in any case). It all boils down to customer expectations. It may not be explicit in any contract but I expect when renting such a thing that I alone will be using it and that Uhaul wouldn’t rent that right out to someone else at the same time. Same goes with renting an apartment; it’s expected that you will be allowed by the landlord to use the space privately as any residence would be used. These things can all be arranged between private individuals via contract but in most cases companies and their customers usually figure out what is mutually agreeable without having to go into that detail.

    In your case you feel the telephone companies and the internet provides have ignored your expectation not to recieve unsolicited advertizing. Perhaps this is true. On the other hand, both internet providers and the phone company offer services to filter the junk out, which they charge extra for. However if they went to this extra trouble for everyone the costs of phone service and internet service would be higher across the board. Shouldn’t those of us who don’t mind dealing with it be allowed lower cost service if we’re willing to fend for ourselves? They are really only in the business of providing you a two-way means of communication; how you and others choose to use it isn’t something they have an obligation to control.

    I think internet providers do recognize in some cases that their customers do not want spam, hence the reason some providers do their own spam filtering.

    BTW, I noticed myself that the ‘Telezapper’ does not work in all cases (I’ve got one at home) and I read an article about it recently – apparently bill collectors wanted a way around it. I guess if you own them money… Anyhow the same software allows random dialers to display the company name (which they couldn’t do beforehand) so you can still choose to ignore the call if it’s not someone you want to talk to.

  16. EMAIL: draime2000@yahoo.com
    IP: 62.213.67.122
    URL: http://www.enlargement-for-penis.com
    DATE: 01/26/2004 12:22:38
    An ideal person is not a tool.

Please to post comments

Comments are closed.