[free-sklyarov] [DMCA_discuss] CNET - Security workers: Copyright law stifles
Larry Blunk
lblunk at yahoo.com
Thu Sep 6 21:24:40 PDT 2001
I'd argue that the real threat to security tool writers and researchers
is not the DMCA, but rather the Council of Europe Draft Convention on
Cybercrime at http://conventions.coe.int/Treaty/EN/projets/FinalCybercrime.htm.
Note Article 6, which criminalizes "the production, sale, procurement
for use, import, distribution or otherwise making available of:
1. a device, including a computer program, designed or adapted
primarily for the purpose of committing any of the offences
established in accordance with Article 2 - 5;"
provided such an act is "committed intentionally and without right".
But how does determine who has the "right" to produce and distribute
such a device?
The Council of Europe attempts to clarify this in their "Explanatory
Memorandum" at
http://conventions.coe.int/Treaty/EN/projets/FinalCyberRapex.htm.
Where in article 77 we are told that "devices designed by industry" are
considered to be "with right". However, many security tools, such as
Dug Song's dsniff, are not designed by industry, but rather by individuals,
academics, and researchers. Apparently, none of these people have the
right to design and distribute such tools according to the Council of Europe.
Section 2 goes on to exempt the above acts if they are for the
purpose of "authorised testing or protection of a computer system".
This leads to the question of how one decides whether a device is
being produced or distributed for authorized testing, or instead
for purposes of illegal access. If Dug has a disclaimer on his site
that the dsniff tool is intended only for testing purposes, is that
sufficient? What if 2600.com has a web link to Dug's tool, but
refuses to include such a disclaimer. Does
that magically make Dug's tool illegal? Or rather is it 2600.com's
web link that is illegal?
Note that the US Department of Justice had a significant hand in
developing this draft. You can see just how proud they are of their
work at http://www.cybercrime.gov/intl.html#Va
--- "Jon O ." <jono at microshaft.org> wrote:
> ----- Forwarded message -----
>
> To: dmca_discuss at lists.microshaft.org
> Subject: [DMCA_discuss] CNET - Security workers: Copyright law stifles
> Date: Thu, 6 Sep 2001 12:30:08 -0700
>
>
> http://news.cnet.com/news/0-1003-200-7079519.html?tag=tp_pr
>
> Two well-known computer security experts pulled down their works from the
> Internet
> this week for fear of being prosecuted under 1998's Digital Millennium
> Copyright Act.
>
> Along with the threatened lawsuit of Princeton computer-science professor
> Edward Felten, and
> the arrest of Russian encryption expert Dmitry Sklyarov, the incidents are
> the latest to point at
> what is quickly becoming a touchy environment for security experts.
>
> ...
>
> Dug Song, a security expert at network-protection company Arbor Networks,
> pulled his own
> site down in protest as well. Now the only text on the site, "Censored by the
> Digital Millennium
> Copyright Act," links to a DMCA protest site, Anti-DMCA.org.
>
__________________________________________________
Do You Yahoo!?
Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger
http://im.yahoo.com
More information about the Free-sklyarov
mailing list