[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [dvd-discuss] Two articles

To: dvd-discuss(at)cyber.law.harvard.edu
Subject: RE: [dvd-discuss] Two articles
From: Wendy Seltzer <wendy(at)seltzer.com>
Date: Tue, 16 Oct 2001 14:10:43 -0400
In-Reply-To: <Pine.LNX.4.21.0110161206400.14486-100000@sparcy.internal.lan>
References: <E06ADA0073926048AD304115DD8AB6BC9D6798@mail.onetouch.com>
Reply-To: dvd-discuss(at)cyber.law.harvard.edu
Sender: owner-dvd-discuss(at)cyber.law.harvard.edu

At 12:17 PM 10/16/01 -0400, Noah silva wrote:

> > The RIAA believes that this kind of technological "self-help" against 
> online
> > pirates, if done carefully, is legal under current federal law.
>
>I really doubt this, given how strict the FBI and others have helped
>online "hacking" laws to become.  IIRC, it is illegal to:
>
>"connect to or transmit any data to any port of any computer without prior
>permission from the owner".
>
>I assume permission = written permission.

If you're referring to the Computer Fraud and Abuse Act, 18 USC 1030, I 
don't think that's a correct assumption.  As a criminal statute, the CFAA 
requires intent or knowledge, and damage over $5000.  (Damage means "any 
impairment to the integrity or availability of data, a program, a system, 
or information," so it could include the denial of access to data or the 
loss of business from inability to communicate with customers. )

So no, you couldn't be thrown in jail for sending a GET request to 
www.yahoo.com, though you might be liable if you intentionally sent 
hundreds of thousands of malformed requests to cause a denial of 
service.   In the ordinary case, you likely have an implied authorization 
to access a machine to view an unprotected website it is serving, at least 
if you're not a bot disobeying robot exclusion standards.   The implication 
is stronger if the URL has been publicized as widely as http://www.yahoo.com.

>While I think that law is a bit unreasonable, as ICMP pings, etc. fly
>around all the time, and I don't think port scanning should be illegal...

Nor have the courts that have currently examined port scans found them 
illegal, so far as I'm aware.

Finally, the Ninth Circuit recently withdrew its decision in Konop, in 
which it had held that an airline official's access to a password-protected 
union site violated the Wiretap Act or Stored Communications Act.

--Wendy

>As it currently stands, you could technically be thrown in jail for going
>to www.yahoo.com without a prior invitation.
>
> > (Where "current federal law" is a link to
> > http://www4.law.cornell.edu/uscode/18/1030.html,
> > which would be US Code Title 18, Part I, Chapter 47, Sec. 1030)
> >
> > I haven't read that yet ... but they seem to think that it _already_ gives
> > them permission to "self help" when they think somebody is infringing 
> rather
>
>It doesn't seem to "give" them anything, it just doesn't specifically
>mention anything about RIAA, or music (or entertainment) at all.
>
>I think they are saying that what they are doing is not
>specifically illegal in THAT particular section of the law, unless they
>cause damages.
>
>   -- noah silva

--
Wendy Seltzer -- wendy@seltzer.com
Fellow, Berkman Center for Internet & Society at Harvard Law School
http://cyber.law.harvard.edu/seltzer.html

References:
- RE: [dvd-discuss] Two articals
  - From: Richard Hartman <hartman@onetouch.com>
- RE: [dvd-discuss] Two articals
  - From: Noah silva <nsilva@atari-source.com>

Prev by Date: RE: [dvd-discuss] Two articals
Next by Date: RE: [dvd-discuss] Two articals
Previous by thread: RE: [dvd-discuss] Two articals
Next by thread: Re: [dvd-discuss] Two articals
Index(es):
- Date
- Thread