Gary McKinnon and Joel Tenenbaum
It's been an interesting week for technology related court cases on both sides of the Special Relationship pond, with both the Gary McKinnon extradition trial coming to a close, and the less publicised fight by Joel Tenenbaum to protect himself against a massive fine by the RIAA. Each of these cases highlights for me a different issue with modern law in regard to the internet and how it could be dangerously out of date.
Gary McKinnon
Gary is a hacker. Depending on who you listen to he's either a computer security expert or a script kiddie who got lucky, however he managed to find a way into the Pentagons computer system and, according to the US officials, cause $700,000 worth of damage to it by deleting missile records and the like. Gary has always claimed he was merely looking for evidence that UFO's exist and were being covered up. The Guardian have a great piece on it here.
This case has a number of interesting facets to it. Firstly, McKinnon has admitted that he breached the computer system. However he has also commented on how easy it was to do. This, in my opinion, has lead to a very knee-jerk reaction by the Americans to make an example of the guy who made them look a bit foolish. They're using the 2003 extradition treaty setup by Tony Blair and George Bush which was intended to allow terrorists to quickly be brought to trial, however to almost everyone involved in the case, it seems quite obvious that McKinnon is not a terrorist, merely inquisitive. There is also question marks as to whether the damage he caused actually even happened, since the US Security services wouldn't allow anyone independent to go in and verify the damage, citing it being a security risk.
And so here we have the problem. The US is still a very young country, and it acts like it too. They were embarrassed that someone has managed to breach their security systems and now want to show the world they're still tough by kicking the crap out of McKinnon to the tune of 60 years jail-time.
Yesterday, McKinnon lost his appeal against extradition and has only one more shot at appealing to the British High Court later this year.
Joel Tenenbaum
Joel is a file sharer. He's one of the select few who were lucky enough to get snared in the RIAA's clampdown on file sharers, however instead of accepting their threats (some of which are pushing the boundaries of legal) he decided to resist and take them to court over it. Like McKinnon, he admitted doing what he did, the case was never about that, it was mainly to highlight the frankly witch-hunt like mentality that the RIAA is using to pursue offenders with. By the time the case came to trial, the RIAA had decided that Joel owed them $4.5 million.
Joel also lost his case yesterday, when the jury ruled that he should pay $22,500 for every thirty tracks that he shared, totally to a £675,000 fine.
What's interesting about both of these cases is that both admit wrongdoing from the start. They aren't questioning the outcome, they're questioning the means, and in both cases we're seeing grossly unfair practices being put into place. Here in the UK, there's now a massive debate over the extradition treaty which unfairly advantages UK to US deportation but not the other way around. The file sharing debate has been boiling for a while now, with record companies continuing to 'make examples of' individuals, and continuing to hunt down, threaten and intimidate those who they catch.
No-one is arguing the ends, but we're sure as hell questioning the means, and these two cases have highlighted that. The law needs to catch up with the twenty-first century, and quick, because it's being exploited to personal ends, with laws being used incorrectly or in the case of the RIAA simply ignored.
These men are not dangerous criminals and surely they do not deserve to be treated as such?
A criminal still has rights, but should they?
Let us know what you think to these two cases in the comments.
Comments (5)
Sorry, you must be logged in to comment.
- Hi Guest!
It's very quiet in here...
I love how in the case of Gary McKinnon the US officials are in effect claiming for compensation, $700.000 dollars worth of 'damage' for allegedly destroying missile reports, surely they've heard of using backups? Next time XP nukes a folder or directory and I have to make us of a backup, I'll sure as hell being writing / phoning Microsoft asking for my $700.000. Pssh its all nonsense.
If you look at the UK computer laws, they are actually much more draconian then their US equivalents.
@Finn Backups cost money. Paying a staff (likely overtime) to restore the backups, rebuild any computers that have been compromised (standard operating procedure when a system is compromised. You can never been 100% sure what was done), and investigate the extent of the damage, $700K can be reached pretty quickly.
@Innismir: The cost of actually backing up data and restoring it is at most negligible, in man hours and actual mechanics, the true cost comes down to the storage of it. Should the company charge a 'hacker' that cost on top of the usual fine / imprisonment, When they'd have been more than happy to keep up the costs of storing it before the incident?
Now granted finding the route cause of how it happened is bound to cost money, exponentially so in terms of server and network complexity.
But I'll maintain that $700k is somewhat absurd for recovery of allegedly deleted files, And we won't ever find out what actually went on because the US have locked down and outside investigation due to security.
@Finn The storage and restoring the data is the cheapest part of it. It's the man hours for the investigation and incident response, which adds up quickly (It's what I do for a living). Plus, I forgot this: He caused a network to shut down for a day consisting of 2000 users. 2000 people's day's wages for doing little to nothing? $700K, easy.
Similar things happen in the US when a contractor digging someplace severs a fiber cable. They get stuck with a bill for the repair. I don't see what's so different in this case.
Ah there we go, Will teach me to read more than one article and read them far more thoroughly. Certainly 2000 people being paid wages for nothing could very well add up to a lot!
I still maintain that man hours are cheap, albeit if said person is on site, other wise call out costs and what not sure add up, probably making it less so.
Storing Backup data, while the technology may not be all that expensive, the backed up data remains inert and as such no use to anyone until its actually needed. It needs powered, it generaly needs to have a person to look over it, automation only goes so far. I find the human eye and a screen / print out is far more effective at checking if everything is being backed up and more importantly properly. Again we come to the onsite-offsite debate. Each costs money. And again the concern of micro vs macro environments.
The cost encured by backing up and restoring is mainly a matter of training and man hours.
I'm pretty sure I haven't missed anything.
Interesting analogie about the contractors and I can somewhat agree with that.
Ahwell maybe I've not got this right, Its been a while since I actually worked in the industry and again only as a lowely technician at a school. At anyrate interesting points brought up and I thank you for posting on Just a Day.