home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Freaks Macintosh Archive
/
Freaks Macintosh Archive.bin
/
Freaks Macintosh Archives
/
Textfiles
/
zines
/
DNA
/
DNAV2I2.sit
/
DNAV2I2
/
DNA202.006
< prev
next >
Wrap
Text File
|
1998-03-02
|
7KB
|
115 lines
DNA Magazine
- Presents -
A Guide to Your Rights, Part 1
by axis (2/1/95)
------------
In the vast world of what most of us refer to as 'cyberspace', there
are many fine lines. Those that separate "us" from "them", "here" from
"there", and wrong from right. Most of us draw these lines in our own minds,
based on our opinions and viewpoints; but when Sergeant Slaughter and his
gang of Beastie Boy video rejects bust down your front door in full regalia,
opinions tend to hit the proverbial fan.
It's amazing how many of us go out into the streets without a basic
understanding of our civil rights. It's just plain frightening how many more
of us venture out into the electronic ether without knowing their digital
counterparts. Hopefully this article, and many more in the future, will not
only give you a basic understanding of the laws and statutes governing this
vague world, but urge you into studying the subject for yourself.
------------
PART 1: YOUR RIGHT TO PRIVACY
In a land where millions of computers are linked together, passing
data back and forth in innumerable streams of bits, it can be seen that the
need for privacy is clearly present. This right (or lack thereof) is indeed
covered by state and federal laws, which (depending on who you are) could be
of great consequence in your everyday transactions. Can a fed legally read
your mail? What about encryption? Random system monitoring and logging?
The most basic form of privacy is that of the handle. The tradition
of using handles has been around for years, and is completely legal and
legitimate, being analogous to writers using 'pen names' or someone sending
and anonymous letter to a publication. As the Right to Associate applies to
protecting private organizations, so it does to users on a BBS. Although
still lacking concrete court decisions, this right could be used to protect
sysops from revealing their users' private conversations, e-mail, or other
relevant information, even to (gasp!) law enforcement agencies. As for
"anonymous" Internet mailers and FTP sites, guess again. Though your e-mail
goes _out_ stripped of identification, there is no guarantee that the login
and transaction was not logged for reference (often illegally). There is no
assurance of private file transfers; many of these sites keep track of the
incoming e-mail address and peer-to-peer connection. Which brings us to our
first crossroad: is it illegal to monitor you in cyberspace?
Thanks to the Electronic Communications Privacy Act (ECPA), it often
is. The most important (and relevant) part of the ECPA is Chapter 119,
"Wire and Electronic Communications Interceptions and Interceptions of Oral
Communications". Within this provision, the interception and disclosure of
wire, oral, or electronic communications is explicitly prohibited. Like most
laws, this one has its loopholes. Under Title 18 of the U.S.C., subsection
2511(2)a(i), it is NOT illegal for an operator or other agent of the service
provider (Telco, AOL) to intercept the transmission, provided that it "is a
necessary incident to the rendition of his service" and/or "shall not util-
ize service observing or random monitoring EXCEPT FOR MECHANICAL OR SERVICE
QUALITY CONTROL CHECKS." (my emphasis) The chances of a hacking attempt
coinciding with a "quality control check" are pretty fucking slim...
This subsection goes on to exempt Feds with related warrants, a
recipient/sender of said message, any person with either the recipient or
sender's consent, and those transmissions which are readily available to the
public. Within the statute is a definition of the word 'interception', which
has been thrown to the wind, considering some courts require the 'intercept-
ion' to be synchronous with its _transmission_, while others do not. To sum
it up, unless warranted by law PREVIOUS to the interception, any monitoring
or logging of your transmissions could be a violation of your rights under
the ECPA.
For you avid hackers, Chapter 121 of the ECPA is the most important,
dealing specifically with unauthorized access and stored information. It is
explicit in its prohibition of "unauthorized access", yet nowhere in the
statute is 'access' defined. Is connecting to a modem or communication
service once and hanging up 'access'? What about wardialling? Logging in
to a system with no apparent authorization requests?(i.e. username and pass-
word prompts). It also cites users that have gained privileges "beyond their
authorization" (Look Ma, I got root access!) and keeping authorized users
from gaining entrance (changing someone's password or account). As usual,
there are a few loopholes. If the person 'accessing' the system has been
authorized by the service or a "...user of that service with respect to a
communication of or intended for that user.", it is not illegal. Of course,
those persons who are backed by a warrant can go wherever they please...
Punishment for such unauthorized access (assuming it's not monetary-related)
is a fine of not more than $5000, up to six months of imprisonment, or both.
Be wary...
The disclosure of private communications and/or data is also covered
in Chapter 121. This part basically says if the person isn't authorized to
access (there's that word again!) the data, they sure as hell can't give it
to anyone else. This assumes that they weren't a recipient/sender of the
data and that it wasn't available publicly (remember E911?).
Finally, we come to the topic of encryption. Whether you argue for
or against it, or somewhere in-between, the fact is it's completely legal.
With programs such as PGP appearing on the market, personal cryptology is at
an all-time high. In court, the decryption of your own mail and can be
construed as self-incrimination, and is a violation of your rights. Though
one may argue that the technology and need to unencrpyt messages is there,
it is a losing race for the guy with the cereal decoder ring. Nevertheless,
with the present debates and firings on the FBI and Clinton administration's
advocation of the Clipper Chip and other technologies, it pays to keep one
eye on this quickly-evolving area of telecommunications and privacy. Do your
reading and watch your back.
------------
This article is just the first in an entire series by DnA Magazine on
your rights as a computer abuser, so stay tuned. For those interested in
learning more about privacy on the electronic frontier, I encourage you to
pick up a copy of the Electronic Communications Privacy Act for yourself.
Questions? Comments? Mass volumes of seething hate-mail? Send the
shit to axis@superstore.com or contact me on Digital Decay(714)...
[axis]