--
COUNCIL FRAMEWORK DECISION 2005/222/JHA
on attacks against information systems
(put in effect 2007)
But here is the scary part:Illegal system interference
Each Member State shall take the necessary measures to ensure
that the intentional serious hindering or interruption of the
functioning of an information system by inputting, transmitting,
damaging, deleting, deteriorating, altering, suppressing or
rendering inaccessible computer data is punishable as a
criminal offense when committed without right,
Illegal data interference
Each Member State shall take the necessary measures to ensure
that the intentional deletion, damaging, deterioration, alteration,
suppression or rendering inaccessible of computer data on an
information system is punishable as a criminal offense when
committed without right,
The last paragraph is serious wording that says that Instigation, aiding and abetting and attempt can be classified as computer crime. This means posting, hosting and having tools for hacking is technically a crime. Wording like this sets and example for other countries to follow. When ISPs get nervous about the wording of the law - they will likely err on the side of the law and just decide not to host certain websites, or track users that browse these 'illegal sites' and give them to law enforcement.Instigation, aiding and abetting and attempt
1. Each Member State shall ensure that the instigation of
aiding and abetting an offense referred to in Articles 2, 3 and
4 (what I posted above) is punishable as a criminal offense.
2. Each Member State shall ensure that the attempt to
commit the offenses referred to in Articles 2, 3 and 4 is
punishable as a criminal offense.
Now, I know that recent articles have pointed out nothing has been done with these laws yet. I don't expect headline news on 'sweeping arrests' but I do expect that eact time ISPs get together or ask for government handouts - these 'laws' are considered for compliance.
The issue is who will decide what tools and even what OS people should have access to. If the governments have it their way, if the corporations abuse this law, it means thats they rather you didn't have any of these tools or operating systems that could allow you to learn about your computer, its software, the network and how things work.
In the United States, there are several laws forbidding the practice of hacking. Some, like 18 U.S.C. § 1029, concentrate on the creation, distribution and use of codes and devices that give hackers unauthorized access to computer systems. The language of the law only specifies using or creating such a device with the intent to defraud, so an accused hacker could argue he just used the devices to learn how security systems worked.
I know it is not so obvious to new generation of hackers - you had to have been there to see the erosion of information. Some skeptics will say - nothing has happened, yet. I say expect to see more 403 errors.
Most people will get upset when you try to take something physical from them, like guns or cars - but people will not realize information is gone.
DNR
--
http://eur-lex.europa.eu/LexUriServ/sit ... 670071.pdf
http://www.darkreading.com/security/app ... =208804698
http://www.securityfocus.com/columnists/502
http://computer.howstuffworks.com/hacker3.htm
http://www.hackingalert.com/hacking-art ... g-laws.php