Computer Crimes 2

ABSTRACT
Computer crimes seem to be an increasing problem in today's society. The main aspect
concerning these offenses is information gained or lost. As our government tries to take
control of the information that travels through the digital world, and across networks such
as the InterNet, they also seem to be taking away certain rights and privileges that come
with these technological advancements. These services open a whole new doorway to
communications as we know it. They offer freedom of expression, and at the same time,
freedom of privacy in the highest possible form. Can the government reduce computer
crimes, and still allow people the right to freedom of expression and privacy?

INFORMATION CONTROL IN THE DIGITIZED WORLD

In the past decade, computer technology has expanded at an incredibly fast rate, and the
information stored on these computers has been increasing even faster. The amount of
money, military intelligence, and personal information stored on computers has increased
far beyond expectations. Governments, the military, and the economy could not operate
without the use of computers. Banks transfer trillions of dollars every day over
inter-linking networks, and more than one billion pieces of electronic mail are passed
through the world's networks daily. It is the age of the computer network, the largest of
which is known as the InterNet. A complex web of communications inter-linking millions of
computers together -- and this number is at least doubling every year. The computer was
originally designed as a scientific and mathematical tool, to aid in performing intense
and precise calculations. However, from the large, sixty square foot ENIAC (Electronical
Numerical Integrator and Calculator) of 1946, to the three square foot IBM PC of today,
their uses have mutated and expanded far beyond this boundary. Their almost infinite
capacity and lightning speed, which is increasing annually, and their low cost, which is
decreasing annually, has allowed computers to stabilize at a more personal level, yet
retain their position in mathematical and scientific research1 . They are now being used in
almost every aspect of life, as we know it, today. The greatest effect of computers on
life at this present time seems to be the InterNet. What we know now as the InterNet
began in 1969 as a network then named ArpaNet. ArpaNet, under control by the pentagon's
Defense Advanced Research Projects Agency, was first introduced as an answer to a problem
concerning the government question of how they would communicate during war. They needed a
network with no central authority, unlike those subsequent to this project. A main
computer controlling the network would definitely be an immediate target for enemies. The
first test node of ArpaNet was installed at UCLA in the Fall of 1969. By December of the
same year, three more nodes were added, and within two years, there was a total of fifteen
nodes within the system. However, by this time, something seemed to be changing concerning
the information traveling across the nodes. By 1971, government employees began to obtain
their own personal mail addresses, and the main traffic over the net shifted from
scientific information to personal mail and gossip. Mailing lists were used to send mass
quantities of mail to hundreds of people, and the first newsgroup was created for
discussing views and opinions in the science fiction world. The networks decentralized
structure made the addition of more machines, and the use of different types of machines
very simple. As computer technology increased, interest in ArpaNet seemed only to expand.
In 1977, a new method of transmission was put into effect, called TCP/IP. The transmission
control protocol (TCP) would convert messages into smaller packets of information at their
source, then reassemble them at their destination, while the InterNet protocol (IP) would
control the addressing of these packets to assure their transmission to their correct
destinations. This newer method of transmission was much more efficient then the previous
network control protocol (NCP), and became very popular. Corporations such as IBM and DEC
began to develop TCP/IP software for numerous different platforms, and the demand for such
software grew rapidly. This availability of software allowed more corporations and
businesses to join the network very easily, and by 1985, ArpaNet was only a tiny portion of
the newly created InterNet. Other smaller networks are also very widely used today, such as
FidoNet. These networks serve the same purpose as the InterNet, but are on a much smaller
scale, as they have less efficient means of transferring message packets. They are more
localized, in the sense that the information travels much more slowly when further
distances are involved. However, the ease of access to these networks and various
computers has allowed computer crimes to increase to a much higher scale. These computers
and networks store and transfer one thing -- information. The problem occurs when we want
to determine the value of such information. Information lacks physical properties, and
this intangible aspect of data creates problems when developing laws to protect it. The
structure of our current legal system has, to this point, been based on ascertainable
limits. Physical properties have always been at its main core2 . In the past, this
information, or data, has been 'converted' into tangible form to accommodate our system. A
prime example is the patent, which is written out on paper. Today, however, it is becoming
much more difficult to 'convert' this data into a physical form, as the quantity is
increasing so rapidly, and this quantity of information is being stored in a virtual,
digitized space3 . It is very important to realize and emphasize that computers and
networks store and transfer only information, and that most all of this information can be
altered, in some way, undetectably. For example, when a file is stored in the popular DOS
environment (and also in environments such as Windows, OS/2, and in similar ways, UNIX), it
is also stored with the date, time, size, and four attributes -- read-only, system, hidden,
and archive. One may consider checking the date at which the document, or information
stored on the computer, was saved to determine if it was modified. However, this is also
digital information, and easily changed to whatever date or time the operator prefers. One
may also consider the attributes stored with the file. If a file is flagged as
'read-only,' then perhaps it cannot be overwritten. This is surely the case -- however,
this attribute is easily turned off and on, as it is also information in a digitized sense,
and therefore very easily changed. This is the same case when a file is 'hidden'. It may
very well be hidden to the novice user, but it is easily seen to anyone who has even a
slight knowledge of the commands of the system. One may also consider moving this
information to a floppy disk in order to preserve its originality; but we are once again
giving it a physical aspect, which we earlier addressed as being a close to impossible task
when involved with the amount of information involved in this area today. Digital
information is infinitely mutable, and the information that protects this information is
infinitely mutable4 . In order to understand how to control this information, we must first
understand what information and it's value -- especially that of a digital nature -- is.
One cannot specifically define information in a whole. In today's society, 'knowledge is
power' seems to be a common phrase, and a quite true one. It would be even more true to
say 'knowledge can be power.' It's how we use this knowledge that determines it's power.
In the same sense, it is how we use and distribute this knowledge that determines it's
value. Information can be used in so many ways that it is virtually impossible to value
it. What information is of value to one person may be completely worthless to another.
The availability of this knowledge also determines it's worth. If information is as free
as air, it has virtually no worth5 . Therefore, it is also a privacy issue. We can now
base the value of information on three things: it's availability, it's use, and it's user.
In order to protect information in our current government, we must first value it.
Those three aspects of information can be so differentiated, that this is close to
impossible to do so. In addition to this, how do we determine who "owns" the information?
Information itself is not a physical thing which only one person has in their possession at
any time. If information is given away, it is still held by the giver, as well as the
taker. It is impossible to determine exactly who has this information. If someone steals
information, we cannot take it away from them -- it is intangible in almost every aspect.
We must also understand the way in which our government, and most governments, create laws
and attempt to desist illegal actions. As stated earlier, the American government, and
many other governments, are based on a physical center, which I exemplified with the case
of the US patent. When our government creates laws, the subjects of the laws are given a
definable, ascertainable limit. When someone commits grand theft auto, breaking and
entering, or murder, we understand what has occurred and have definite ways to prove what
has occurred, where and when it has occurred, how it has occurred, and, if applicable, what
has been harmed and what is its value. However, when we look at computer crimes, such as
unauthorized access, we cannot be as clear on these aspects, and we do not have definite
ways to prove the crime, or who committed it, nor do we have a way in which to define the
value of anything damaged, if it had even been damaged. It is hard to convict a person
when all they did was slow down a computer network for a few days, or look at a credit
profile on John Doe. Problems also occur because people, including those in the legal
profession as well as jurors, do not always understand technology. They do not always
understand how mutable digital information can be, and how easily accessible and
distributed it can be. When a jury does not understand, one cannot truly be declared
guilty "beyond a reasonable doubt". "Technically, I didn't commit a crime. All I did was
destroy data. I didn't steal anything.6 " How can this be argued? Crimes committed in
the computer world do not exactly adhere with current laws that address physical crimes.
We cannot adapt current laws to those involving information crimes, and trying to do that
will cause too many problems and confusions because of the variety, extent, and value of
information as a whole. However, this is exactly what the government is trying to do. It
must also be considered that this information is not strictly a US problem, nor is it more
geared towards the US. Although started by the United States government, the InterNet has
grown world wide, reaching over seventy countries. Since the InterNet has such a
decentralized structure, one cannot say that the US is "in charge" of the network. The
problem is, the US government does not see this themselves. The United States government
wants to censor the information traveling across the InterNet and other telecommunication
services, but this cannot be the case any longer because of this situation. We cannot
expect other countries to adhere to the laws of the United States, just as most Americans
would not expect to have to agree to laws set by other countries. Therefore, it could be
easily said that the government would be invading privacy if they were to attempt to censor
the information which travels these networks. Individual computers, are, of course, an
individuals property, and it would, without a doubt, be an invasion of privacy if the
government wanted to, at any given time, search your hard drive without just cause. I feel
that the government wants too much power this time. It would seem that they want to have
access to and control all digital information in America for their own benefit. The US
government created an encryption device called the Clipper chip, which was to insure
digital privacy among it's users. However, our government seems to only define privacy to
an extent. They had also planned to keep, in their possession, a duplicate of each chip.
So much for total privacy. The government seems to be on a quest for total control over
it's citizens, and the citizens of the world. This may seem extreme at the present time,
but our current legal system does not allow for the undefinable limits that information
control presents, especially on a world wide basis. If the government tries to gain too
much control, it could very well lead to it's failure. Control -- the control we need -- is
not a legal problem at all. It is a social, moral, and technological problem7 . What is
needed is a type of 'information ethics'. A set of morals and customs must be slowly
adapted, and not pounded into the digital world by the government. Virtual laws must be
formed by a virtual government. Information cannot be controlled by our government in it's
current form. In order to control information, the government would have to induce a
drastic change. The first amendment, in reality, is the foundation of the rights of the
citizens of this country. This amendment, in it's most basic form, guarantees our right to
inform and be informed. The government can not and will not be able to control digital
information as a whole, or govern the right to this information without sacrificing the
keystone of our nation and of our rights as Americans.
1 We see about 50-70% more computing power per year, and hardware prices drop about 25-50%
per year. Since 1978, raw computing power has increased by over 500 times. "80x86
Evolution," Byte, June 1994, pp. 19. 2 Curtis E.A. Karnow, Recombinant Culture: Crime In
The Digital Network. (Speech, Defcon II, Los Vegas), 1994.


3 S. Zuboff, In the Age of the Smart Machine, New York; 1992.Michael Gemignani, Viruses And
Criminal Law. Reprinted in Lance Hoffman, Rogue Programs: Viruses, Worms and Trojan Horses,
New York, 1990.4 Lauren Wiener, Digital Woes, 1993.5 John Perry Barlow, "The Economy of
Ideas", Wired, March 1994.6 Martin Sprouse, "Sabotage in the American Workplace: Anecdotes
of Dissatisfaction, Mischief, and Revenge", New York; 1992. (Bank of America Employee who
planted a logic bomb in the company computer system).


7 Curtis E.A. Karnow, Recombinant Culture: Crime In The Digital Network. (Speech, Defcon
II, Los Vegas), 1994.


------------------

Works Cited

Addison-Wesley, Bernard. How the Internet Came to Be. New York: Vinton Cerf, 1993.

Communications Decency Act. Enacted by the U.S. Congress on February 1, 1996.

Computer Fraud and Abuse Statute. Section 1030: Fraud and related activity in connection
with computers.

Denning, Dorothy. "Concerning Hackers Who Break into Computer Systems". Speech presented
at the 13th National Computer Security Conference, Washington, DC, 1990.

Gates, Bill. The Road Ahead. New York: Penguin Books USA, inc, 1995.

The Gatsby. "A Hackers Guide to the Internet". Phrack. Issue 33, File 7; 15 September
1991.

Icove, David, Karl Seger, and William VonStorch. Fighting Computer Crime. USA: O'Reilly
Books, 1996.

Time Life Books. Revolution in Science. Virginia: Time Life Books, inc., 1987.

Wallich, Paul. "A Rouge's Routing." Scientific American. May 1995, pp. 31.