Tuesday, January 22

Law, Privacy, Copyright, Justice, Responsibility


Recently, Aaron Swartz killed himself and Andrew Auernheimer is being sent to jail, and once upon a time, Randall Schwartz had a criminal record.  And, I'm sure that there's other such activities billowing through the courts. in part because of 18 USC 1030 (aka CFAA).

So... what's going on here?

Historically, we have copyright law, which is based on social and community norms which in turn were originally based on the economics of the printing press.  Over time, copyright law has been extended in various ways which I'd summarize as "when somebody gets unhappy and can convey this unhappiness to a large enough of a group of people, we change the laws to minimize [but not eliminate] that unhappiness".  Copyright on a theatrical performance, for example, is different from copyright on a faucet (and, in fact, the latter -- design copyright -- almost seems more like trademark, rather than copyright, when we look at the way it gets handled in court).

We also have legal theorists who claim that copyright laws (along with trademark laws and patent laws) are property laws.  Generally speaking, people call these laws "Intellectual Property Laws".  In other words, the basic idea is that someone can own a thought.  Except, not really.  One issue here, from a legal standpoint, is that no court has ever supported the idea that Nuisance is relevant in the context of Intellectual Property.  (Nuisance is the idea that the person that owns a piece of property has some responsibility towards people outside that property.)

Why is this?

In the context of the people mentioned in the opening paragraph, the issue has been "access to information has been criminalized".  Here, someone published something and then someone looked at the thing that was published, and then the person that read the information was hit with legal charges (felony charges).  And, apparently with the best of intentions...

But internet publishing is a bit different from publishing a book.  I can sit in my bedroom and read content which is sitting on a server on the other side of the world.  I could do this with a book, also, but the internet makes the process trivially cheap, and trivially fast -- trivially easy.  So how do we deal with this all being so easy?

One thing we can do, of course, is criminalize the act of reading or the act of requesting something to read.  And, sometimes there might be good reasons for imposing access restrictions (banks, power grids, medical care records, ...).  However, there are potentially billions of readers, and if there's any valid reason for restricting access then penalizing individual readers isn't going to address the reasons for imposing the access restrictions.  So in my opinion, if gaining access is a criminal matter, then granting access to that person should carry the same penalties.

So, what is "access"?

For now, I imagine it involves some sort of cryptographic protocol.  I'm a bit dubious about the security of such things, but in general if you have restrictive access requirements, you should also have keys (very large numbers -- more than 600 digits, for example), where only specific keys grant access, and where each number that grants access is known.

This kind of system is not ideal, but it's at least unwieldy enough that it's mostly possible to identify who is responsible for someone having access when they "should not have access".

That's if it belongs on the internet at all.  If accessing the information is a criminal issue, then why is it available on a collection of network which can be accessed by anyone?

No comments:

Post a Comment