ACK! -- CONTINUED

Sun Apr 20 21:09:40 CDT 2003

On Sun, 20 Apr 2003, Jonathan Hutchins wrote:
> Quoting "L. Adrian Griffis" <adrian at nerds.org>:
> > It sounds like what you are really trying to say is that what
> > they did *should* be a crime, and as far as that statement goes,
> > I think most of us agree with you.  
> 
> Don't count me in that crowd.

Okay, I won't.  8-)

>       If real damage is done, yes, there's a crime.

It sound like you are trying to make a distinction between
consequences that should be punishable and those that should
not, but the language you are using seems imprecise to me.

> Let's say you leave your dayrunner on the seat of your car, and it falls open 
> to the page where your passwords and PIN numbers are.  I, having eidetic 
> memory, look in and read them.  
> 
> Have I comitted a crime?
> 
> If I find a way to use those passwords, and if in using them I do something 
> more than simply log on and write "hi mom!", then yes, THAT is a crime.

Again I think we are talking about what we think SHOULD be a
crime, rather than what is a crime.  I would say that using a
password at all when you have no reason to think you are
authorized to do so should be unlawful.

> There has to be some reason and proportionality here.

I agree.  In fact, what Oregon's law lacks is this
proportionality.

>            Just because it's a 
> computer, it shouldn't automatically be treated as a crime.

Agreed.  But computer's aren't the only places where we expect
people not to "trespass".  If someone sees you drop your
house key, recognizes you, picks up they key, uses it on
your front door while you are away, and wanders around
your home without damaging anything, it might be a crime
do so do, and I think it should be.  As a society we value
a sense of security in our own homes, and I think it is
justifiable for us to criminalize irresponsible behaviors
that tend to undermine our sense of security in our own
homes.

We also tend, more and more, to keep private information on
our computers, and I think we have good reason to value a
sense of security on our computers.  I think we have some
justification for criminalizing some irresponsible behaviors
that tend to undermine our sense of security on our computers.
This sense of proportion that you advocate is very important.
What happened to to Randal Schwartz in Oregon is a good
example of what can go wrong without such a sense of
proportion.  Randal Schwartz should have been fired, and
perhaps fined a couple of hundred dollars at most, for
what he did.  The legislators that crafted the statute
used to prosecute him, and the judge that presided over
the case should be barred for life from ever again holding
an office of public trust.

> Real damage (not "loss of potential business") is grounds
> for real [prosecution].  Yes, pranks are annoying, but
> they're pranks, not crimes.

Sometimes, even pranks are crimes.  I could at least agree
that we should be careful about criminalizing behaviors
where the probable negative consequences are not concrete.
I can even agree that we do not, as a society, think carefully
enough before criminalizing some behaviors.  But if you are
saying that only behaviors with concrete negative consequences
should be criminalized, I can't agree.

Adrian