[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Leahy bill nightmare scenario?



-----BEGIN PGP SIGNED MESSAGE-----

At 06:14 AM 3/8/96 GMT, Dan Weinstein wrote:
>On Wed, 06 Mar 1996 16:59:36 -0800, you wrote:
>
>>At that point, Bob is GUILTY of violation of the Leahy bill, because his
>>encrypted anonymous remailer:
>>
>>1.  Uses encryption to thwart message tracing, and thus the "criminal
>>investigation."
>>
>>2.  Bob has already been informed that his system will be used for illegal
>>purposes; the cops have the messages to prove he has been told.  He's GUILTY
>>GUILTY GUILTY, he will definitely lose the system and possibly whatever
>>residence it runs in, and will probably have to pay a huge fine to boot.
>
>This is not my understanding.  I believe that Bob has to be commiting
>a felony himself before they can get him under the current phrasing.

Well, first, the section's phrasing is screwed up.  Whether this is the 
fault of VTW, who posted the text, or the original bill I do not know.  
Second, if what they're charging is the hindrance of an felony 
investigation, it isn't clear to me why they would be limiting the charging 
of that "crime" to only those actually who have committed a felony. (logic 
isn't the normal mode of thought for a government employee, you realize.)  

 Third, all they have to do is to "suspect" the person of a felony, and a 
"felony investigation" starts.  That would presumably make him guilty of the 
Leahy bill's provision, regardless of whether he is actually participating 
in the crime supposedly being investigated.

Fourth, I gave what I considered to be a clear example of the hypothetical 
misuse of an 
encrypted remailer by the cops, one that would arguably make the remailer 
operator guilty of some "reasonable" anti-kiddie-porn statute.  At that 
point, _he_is_ the target of the investigation.  Unless you can show that 
this kind of action by the government is impossible, I consider it to be not 
merely possible but almost certain to occur.

Fifth, it isn't clear what amount of knowledge is necessary to "trigger" 
this clause, especially in its current flawed state.  Since ISP's and 
encrypted remailers might know, in general, that their systems can and 
probably are being used for SOME criminal activity, even if they can't 
identify it or the user, or decrypt it, etc, a broad interpretation of the 
resulting law could easily de-facto prohibit any business practices (i.e., 
allowing users to use encryption) that prevents full-scale monitoring and/or 
tracing.

This is only the beginning of the problems with this section.  If you can 
explain why nothing I've described could possibly occur, I welcome a 
contrary explanation.  

But I would also ask this:  Why, exactly, do we need this section?  We've 
already been told that the opponents of this bill will fight it 
tooth-and-nail under its current wording; if that's the case then the 
presence of this section is inadequate to appease their unhappiness.  
Therefore, we shouldn't include it in the bill at all; it does no good.

Any explanations, Dan?

BTW, I'm not the source of those recent anonymous notes on Cypherpunks 
criticizing you for the support of this bill.  As you by now have guessed, 
I'm not at all reticent about standing up and being counted and identified.

Jim Bell
[email protected]

Klaatu Burada Nikto
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMUBjH/qHVDBboB2dAQEeEAQAm5V7jTZWZo1MIIaL1WlQjQHdSlAOCMNJ
7j7tfpH6peWM23T7iGhZT3AckqPYwLxV8u6N96SFxaQDJ+IiCRyBRO+5qxr6sxXk
A9BCkmRxzorsqeViyIVev9lzMcljtTiZmTQ7KIAToSZD4+12xQgROLZRYtf1/tlv
E7ypJHLtsFM=
=2MNi
-----END PGP SIGNATURE-----