.

Cybercrime Treaty: What it Means to You

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Thu Mar 08, 2007 11:11 am

Cybercrime Treaty: What it Means to You

By Larry Downes of CIO Insight

A new global treaty could put the responsibility—and potentially enormous cost—of fighting cybercriminals squarely on your shoulders.

Cybercrime is getting cheaper all the time, as shady characters sell tools to help criminals spam, phish, hack and crash. And a new treaty ratified by the U.S. Senate could wind up passing the costs of combating cybercrime directly to American businesses.

From an economic standpoint, when the cost of crime goes down, frequency goes up. How does the legal system fight back? One way is to increase enforcement and catch more people. But when it comes to cybercrime, no one really expects law enforcement to keep up technologically with criminals—it's an arms race the criminals keep winning. An alternative is to raise the penalties, in hopes of deterring criminals who weigh the benefits of committing their crimes against the risk of getting caught.

In that vein, in August the Senate ratified the Convention on Cybercrime, drafted by the Council of Europe with considerable input from the United States. So far, 43 nations have signed on. The Convention includes many sensible provisions aimed at unifying global computer-crime laws, and closes loopholes that make it possible for criminals to escape prosecution by locating their activities offshore.

But civil libertarians, along with leading telecommunications companies, strongly oppose the treaty. Civil libertarians are especially concerned about the sweeping authority given to participating countries to seize information from private parties as they investigate cybercrimes, even when the activity being investigated isn't a crime in the country where the data is located. If France is investigating a sale of Nazi memorabilia on eBay, the U.S. must cooperate, even though such transactions are not illegal in the U.S.

Telecommunications companies object to provisions that require member countries to establish and enforce potent data-retention policies for network traffic, and require any operator of a computer network to respond to requests for information from any participating country without compensation of any kind.


These are potentially serious problems, especially given that the Convention is open to any country that wants to join. But there are more practical reasons U.S. businesses should be concerned. The provisions for data retention and production apply to any operator of a computer network, not just telecoms. Worse, Article 12 attaches liability to businesses for "lack of supervision or control" of employees who commit criminal offenses covered by the Convention. Businesses must worry about employee activities that may be legal here, but illegal elsewhere, risking administrative, civil, or even criminal penalties.

These investigative and supervision costs will invariably be imposed on businesses without any real controls. Worldwide law-enforcement agencies, in other words, may now avail themselves of the opportunity to outsource their most expensive problems to you.

The Convention may improve the cybercrime-and-punishment equation in favor of deterrence. But it's also added some new variables and possibly irrational numbers. Of the economic, not mathematical, kind.


For original story:
http://www.cioinsight.com/article2/0,15 ... 916,00.asp

Don
CISSP, MCSE, CSTA, Security+ SME
<<

linuxstarved

EH-Net Columnist
EH-Net Columnist

Posts: 49

Joined: Sat Sep 23, 2006 9:55 am

Post Sat Apr 07, 2007 7:52 pm

Re: Cybercrime Treaty: What it Means to You

I fail to see how this is enforceable.  I can guarantee that each one of us have at least 10% of all our users downloading illegal music and video.  I don't know about anyone else but I don't have time to deal with the scourge of the RIAA.  I am dealing with real issues and as long as they focus their attention on d/l files and not hacking my network/installing malware, I am a happy camper.

I am not a deputized member of the law and as such cannot be expected to police my users actions, there simply is not enough time in the day (or night).
<<

gqblue2003

User avatar

Newbie
Newbie

Posts: 35

Joined: Tue Mar 20, 2007 2:20 am

Location: DC for now.

Post Sun Apr 08, 2007 12:29 am

Re: Cybercrime Treaty: What it Means to You

My concern is actually more about our civil liberties. The article gave a legitimate example. An organisation called LICRA I think tried sueing yahoo because one of their auction sites was selling NAZI collectables. While this is illegal in France it is not illegal here. They demanded that the items be removed and requested almost impossible restriction be put in place to prevent the sites from being accessed. Of cours LICRA won in france and the judge tried to rule that Yahoo.Fr would not be penalized but the Yahoo corp take the hit. Afterwards LICRA filed for suit here in the states but thanks to our civil rights, were unable to push the issue.

Of cours I am sure BUSH has thought this one out.
"A man who finds no satisfaction in himself will seek for it in vain elsewhere."
        
                                   La Rochefoucauld

Return to Opinions

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software