Search This Blog

A Word About Our Blog Entries

The Julie Group shares a professional interest in the area of digital and emerging technology and law. As professionals there is a rich and deep appreciation for the differences of opinion that can appear in this space. You must never assume that opinion, where it is introduced is universally shared and endorsed by all our volunteers. Nor are they necessarily the very best snapshot of a given issue.

Readers are expected to think about the issues, question everything worth discussing, and add value to the conversation by correcting what's here or broadening the understanding of the subject. This is part of the educational process between us all. Our hope is that this exercise results in better law, law enforcement, and citizen participation in forging sophisticated social understandings of the technological forces changing our lives.

Sunday, September 27, 2009

Poorly Written Law, Chemical Neurowarfare, and Hacking

The intersection of recent technological advances and law are troubling.

YouTube documentation of the treatment of college students in Pittsburgh during the G20 summit raise serious questions about legislation that allows unconstrained, maliciously cruel, and disproportionate crowd control tactics to be used against unarmed civilian populations.

If we have learned in recent months that corporate behavior that goes unregulated can lead to disastrous social and economic consequences then just as surely we are witnessing warning signs that government empowered by ambiguous law and selective prosecution can strangle, intimidate, and muzzle constitutionally protected free speech.

The Stanford Law and Biosciences blog entry called, Militarized Neurotechnology: Incapacitating Chemical Agents by Kelly Lowenburg is a siren call.

Two recent pieces in Nature, an opinion and an editorial, discuss how non-lethal neuroactive chemical agents have been used by military forces (e.g. fentanyl-induced unconsciousness) and speculate about the potential development of more non-lethal weaponized chemicals (drug-induced lack of aggression, oxytocin-induced trust). Although using these chemical agents is prohibited by the Chemical Weapons Convention, an exception allows their use by law enforcement, for example, in domestic riot control (which may or may not include intrastate military actions).

And Kelly goes on to ask:
The divergent views on policy regarding incapacitating neuroactive chemicals leads me to ask, what about these chemicals makes them more alarming than other weapons? An understanding about why incapacitating chemical agents are uniquely worrisome should inform how they will be regulated.

Is it that they are difficult to defend against and therefore more effective? Is this a problem even though these weapons create non-lethal alternatives in otherwise deadly situations? Or is our real concern that, by incapacitating, they facilitate brutality toward a defenseless prisoner? If so, then the conversation should be about illegal soldier/police abuse, not the chemical agents themselves. Or is there something inherently unacceptable about militarized neuroactive chemical agents? Is acceptability determined by the intended effect (temporary unconsciousness)? By the mechanism (manipulating the brain)? By the amount of pain (fentanyl was developed as an anesthetic, so likely none)? By the size of its therapeutic index and how safe it is (when used to end a siege in a Moscow theater, fentanyl-derived gas killed 124 of the over 750 hostages)?

Should the Chemical Weapons Convention be amended to prohibit the use of incapacitating chemical agents by law enforcement? Or to permit their use by the military? Does permitting them in either context place us at the tip of a too steep slope of biological weapons with more prolonged and devastating effects (attacking fertility or the immune system)? Or does it save lives?

The questions are both urgent and critical in light of a recent 'hacking' conviction in Ohio.

Kim Zetter authored a Wired article called, Court Upholds Hacking Conviction of Man for Uploading Porn Pics from Work Computer.

She describes the case;
An Ohio appellate court has upheld the felony hacking conviction of a man who was found guilty of unauthorized access for misusing his computer at work.

Richard Wolf acknowledged that his behavior was inappropriate when he used his work computer to upload nude photos of himself to an adult web site and view other photos on porn sites, but he didn’t think he should be convicted of hacking for doing so.

A jury disagreed and felt he exceeded his authorization on the computer, which the appellate court recently upheld (.pdf).

Mark Rasch, a former federal prosecutor of computer crimes, called the conviction a misuse of the computer hacking law.

“This goes to the whole concept . . . that violation of an internal policy on the use of a computer can be piggybacked to make a crime,” said Rasch, who now works as a consultant for Secure IT Experts. “His uploading of nude pictures is certainly inappropriate and something he could be terminated for, but it was perfectly legal. When you use the heavy hand of the criminal law to prosecute inappropriate behavior, it’s just an abuse of the criminal statutes.”

Wolf was also convicted of soliciting a dominatrix online for sexual services, a misdemeanor. Rasch says using the computer evidence for proof of this crime is appropriate, but charging him separately for felony hacking goes too far.

Rasch said the problem stems from an amendment that was made to the federal Computer Fraud and Abuse Act — the federal anti-hacking law — that states have added to their own statutes.

“The early statute only talked about unauthorized access — which is breaking into computer,” he said. “But then they amended it to say ‘or exceeding the scope of authorization to access a computer’.”

Richard Wolf may be guilty of many things but the inappropriate application of a computer hacking law targeting malicious hacking of machines is judicial malfeasance. So much so, that the courts need declare such laws unconstitutional and reject them not only for their blanket indifference to criminal behavior but for their dysfunctional effect on regulating such behaviors.

The vigilance of courts in ensuring the veracity of the claims of criminality against individuals must increasingly become a function of such prosecutions. Poorly written technology law must not be tolerated. In an age of mind-numbing technological change, the judicial branch of government must defer to and insist on clear and unambiguous language and appropriate application of law.

The concept of hacking is rapidly evolving from the quaint confines of computers and entering the realm of genetics and human self-determinism. The laws governing illegal activity concerning malicious modification to processes, machines, and human activity need to be re-examined and refined not by the politics of pornography, unbridled military industrial enthusiasms, or provincial social engineering tyrants.

Criminal behavior needs to be distinctly defined rather than broadly implied. And the governments of this world whose resources are unlimited in relative comparison to its citizenry must be constrained from loosing technology in its most punishing and draconian abuse against the inalienable rights of men and women.