Making new crimes out of thin air

[Jim Hart <hart@chaos.bsu.edu>]

Steve Bellovin writes:
> I'm not defending a 15 year sentence; it's far too harsh.  But I
> strongly disagree with ``why outlawing it in the first place? What is
> crypto for?''  By analogy, why outlaw burglary?  After all, what are
> safes and alarms for?

I concur with Tim May's comments that a service is not the
same thing as property.  Nor, going further, is physical property
the same as intellectual property.  We have a long legal tradition
of protecting physical property.   It's the kind of thing people 
can clearly understand, morally and legally.  Intellectual property 
is often more nebulous.  Protecting new kinds of services at the whim of
a business (such as, for example, defining some string of bits
as an "access code" and instituting stiff penalties for "unauthorized
use" of that code, which ends up meaning whatever the offended party
wants it to mean) is a going way too far, putting all of us at risk 
of extreme legal jeoapady at the whim of bureaucrats, lawyers, and
jurors who couldn't tell an access code from a mail header.

For a business to lobby that some new and flawed system be 
protected at taxpayer expense is a gross abuse of the law.
To criminalize an entire group of people, such as hackers,
is morally bankrupt and turns the law into an illegitimate
farce.  We have quite enough crimes on the books that are hardly
being enforced right now; the last thing we need is to 
define new crimes out of thin air because some jerks 
couldn't be bothered to take the precautions necessary for 
the success of their business.   Criminalization of business
intelligence is a great recipe for destroying our civil
rights and bankrupting the government.

Jim Hart
chaos.bsu.edu