cyberspace and the legal matrix- laws or confusion.txt

黑客培训教程

From: elrose@well.sf.ca.us (Lance Rose)

         Cyberspace and the Legal Matrix: Laws or Confusion?

Cyberspace, the "digital world", is emerging as a global arena of
social, commercial and political relations.  By "Cyberspace", I mean
the sum total of all electronic messaging and information systems,
including BBS's, commercial data services, research data networks,
electronic publishing, networks and network nodes, e-mail systems,
electronic data interchange systems, and electronic funds transfer
systems.

Many like to view life in the electronic networks as a "new frontier",
and in certain ways that remains true.  Nonetheless, people remain
people, even behind the high tech shimmer.  Not surprisingly, a vast
matrix of laws and regulations has trailed people right into
cyberspace.

Most of these laws are still under construction for the new electronic
environment.  Nobody is quite sure of exactly how they actually apply
to electronic network situations.  Nonetheless, the major subjects of
legal concern can now be mapped out fairly well, which we will do in
this section of the article.  In the second section, we will look at
some of the ways in which the old laws have trouble fitting together
in cyberspace, and suggest general directions for improvement.

LAWS ON PARADE

-  Privacy laws.  These include the federal Electronic Communications
Privacy Act ("ECPA"), originally enacted in response to Watergate, and
which now prohibits many electronic variations on wiretapping by both
government and private parties.  There are also many other federal and
state privacy laws and, of course, Constitutional protections against
unreasonable search and seizure.

-  1st Amendment.  The Constitutional rights to freedom of speech and
freedom of the press apply fully to electronic messaging operations of
all kinds.

-  Criminal laws.  There are two major kinds of criminal laws.  First,
the "substantive" laws that define and outlaw certain activities.
These include computer-specific laws, like the Computer Fraud and
Abuse Act and Counterfeit Access Device Act on the federal level, and
many computer crime laws on the state level.  Many criminal laws not
specific to "computer crime" can also apply in a network context,
including laws against stealing credit card codes, laws against
obscenity, wire fraud laws, RICO, drug laws, gambling laws, etc.

The other major set of legal rules, "procedural" rules, puts limits on
law enforcement activities.  These are found both in statutes, and in
rulings of the Supreme Court and other high courts on the permissible
conduct of government agents.  Such rules include the ECPA, which
prohibits wiretapping without a proper warrant; and federal and state
rules and laws spelling out warrant requirements, arrest requirements,
and evidence seizure and retention requirements.

-  Copyrights.  Much of the material found in on-line systems and in
networks is copyrightable, including text files, image files, audio
files, and software.

-  Moral Rights.  Closely related to copyrights, they include the
rights of paternity (choosing to have your name associated or not
associated with your "work") and integrity (the right not to have your
"work" altered or mutilated).  These rights are brand new in U.S. law
(they originated in Europe), and their shape in electronic networks
will not be settled for quite a while.

-  Trademarks.  Anything used as a "brand name" in a network context
can be a trademark.  This includes all BBS names, and names for
on-line services of all kinds.  Materials other than names might also
be protected under trademark law as "trade dress": distinctive sign-on
screen displays for BBS's, the recurring visual motifs used throughout
videotext services, etc.

-  Right of Publicity.  Similar to trademarks, it gives people the
right to stop others from using their name to make money.  Someone
with a famous on-line name or handle has a property right in that
name.

-  Confidential Information.  Information that is held in secrecy by
the owner, transferred only under non-disclosure agreements, and
preferably handled only in encrypted form, can be owned as a trade
secret or other confidential property.  This type of legal protection
is used as a means of asserting ownership in confidential databases,
>from mailing lists to industrial research.

-  Contracts.  Contracts account for as much of the regulation of
network operations as all of the other laws put together.

The contract between an on-line service user and the service provider
is the basic source of rights between them.  You can use contracts to
create new rights, and to alter or surrender your existing rights
under state and federal laws.

For example, if a bulletin board system operator "censors" a user by
removing a public posting, that user will have a hard time showing his
freedom of speech was violated.  Private system operators are not
subject to the First Amendment (which is focused on government, not
private, action).  However, the user may have rights to prevent
censorship under his direct contract with the BBS or system operators.

You can use contracts to create entire on-line legal regimes.  For
example, banks use contracts to create private electronic funds
transfer networks, with sets of rules that apply only within those
networks.  These rules specify on a global level which activities are
permitted and which are not, the terms of access to nearby systems and
(sometimes) to remote systems, and how to resolve problems between
network members.

Beyond the basic contract between system and user, there are many
other contracts made on-line.  These include the services you find in
a CompuServe, GEnie or Prodigy, such as stock quote services, airline
reservation services, trademark search services, and on-line stores.
They also include user-to-user contracts formed through e-mail.  In
fact, there is a billion-dollar "industry" referred to as "EDI" (for
Electronic Data Interchange), in which companies exchange purchase
orders for goods and services directly via computers and computer
networks.

-  Peoples' Rights Not to be Injured.  People have the right not to be
injured when they venture into cyberspace.  These rights include the
right not to be libelled or defamed by others on-line, rights against
having your on-line materials stolen or damaged, rights against having
your computer damaged by intentionally harmful files that you have
downloaded (such as files containing computer "viruses"), and so on.

There is no question these rights exist and can be enforced against
other users who cause such injuries.  Currently, it is uncertain
whether system operators who oversee the systems can also be held
responsible for such user injuries.

-  Financial Laws.  These include laws like Regulations E & Z of the
Federal Reserve Board, which are consumer protection laws that apply
to credit cards, cash cards, and all other forms of electronic
banking.

-  Securities Laws.  The federal and state securities laws apply to
various kinds of on-line investment related activities, such as
trading in securities and other investment vehicles, investment
advisory services, market information services and investment
management services.

-  Education Laws.  Some organizations are starting to offer on-line
degree programs.  State education laws and regulations come into play
on all aspects of such services.

The list goes on, but we have to end it somewhere.  As it stands, this
list should give the reader a good idea of just how regulated
cyberspace already is.


LAWS OR CONFUSION?

The legal picture in cyberspace is very confused, for several reasons.

First, the sheer number of laws in cyberspace, in itself, can create a
great deal of confusion.  Second, there can be several different kinds
of laws relating to a single activity, with each law pointing to a
different result.

Third, conflicts can arise in networks between different laws on the
same subject.  These include conflicts between federal and state laws,
as in the areas of criminal laws and the right to privacy; conflicts
between the laws of two or more states, which will inevitably arise
for networks whose user base crosses state lines; and even conflicts
between laws from the same governmental authority where two or more
different laws overlap.  The last is very common, especially in laws
relating to networks and computer law.

Some examples of the interactions between conflicting laws are
considered below, from the viewpoint of an on-line system operator.

1.  System operators Liability for "Criminal" Activities.

Many different activities can create criminal liabilities for service
providers, including:

-  distributing viruses and other dangerous program code;

-  publishing "obscene" materials;

-  trafficking in stolen credit card numbers and other unauthorized
access data;

-  trafficking in pirated software;

-  and acting as an accomplice, accessory or conspirator in these and
other activities.

The acts comprising these different violations are separately defined
in statutes and court cases on both the state and federal levels.

For prosecutors and law enforcers, this is a vast array of options for
pursuing wrongdoers.  For service providers, it's a roulette wheel of
risk.

Faced with such a huge diversity of criminal possibilities, few
service providers will carefully analyze the exact laws that may
apply, nor the latest case law developments for each type of criminal
activity.  Who has the time?  For system operators who just want to
"play it safe", there is a strong incentive to do something much
simpler: Figure out ways to restrict user conduct on their systems
that will minimize their risk under *any* criminal law.

The system operator that chooses this highly restrictive route may not
allow any e-mail, for fear that he might be liable for the activities
of some secret drug ring, kiddie porn ring or stolen credit card code
ring.  The system operator may ban all sexually suggestive materials,
for fear that the extreme anti-obscenity laws of some user's home town
might apply to his system.  The system operator may not permit
transfer of program files through his system, except for files he