Recently in Cyberlaw Category

It takes a thief

Russell Shaw blogging on the front page of zdnet finds it hard to believe that someone who hasn't been on the Internet can be on a jury that finds someone guilty of illegally using Kazaa to share copywrite protected material.

I don't know if Russell is starting with the default assumption that all music should be free. It certainly seems as if the anti-RIAA forces believe that at their heart. I do kind of wonder if he extends that thinking to other crimes. Should I not be allowed to be on a jury that convicts a thief unless I've stolen myself? I guess I just dont feel that thieving is all that different in cyberspace. Good for them for not falling for the specious argument that "it wasn't me, it was my insecure wireless therefore I am blameless."

I also think its kind of funny that Russell thinks funeral directors are supposed to be compassionate therefore they should give light penalties during the sentencing phase of a trial.

By Roger on October 9, 2007 7:52 PM | | Comments (0) | TrackBacks (0)

Supreme Court eDiscovery rules takes effect Dec 1

According to MSNBC new rules require corporations to keep track of all the e-mails, instant messages and other electronic documents generated by their employees thanks to new federal rules that go into effect Friday.

I am not a lawyer, but I dont read it the same way. Here's the text. You're required to know where relevant data is and disclose that. Further if you are in a suit, you may need to preserve data depending on the situation. I recall a case a while back in the news where the CEO got a new computer during the course of a lawsuit. As was standard practice the old computer was wiped. The ability to discover data on that computer was lost. I think these new rules will make that sort of trick more problematic.

So I dont agree with MSNBC that you need to run out and buy an archiving server for email and IM. You do need to know what you have and that is tough enough.

By Roger on December 1, 2006 9:30 AM | | Comments (1) | TrackBacks (0)

AOL Thief Sentenced

Remember that AOL "engineer" who sold the entire AOL user list to spammers? Today the hard hammer of justice came swinging down on him.

I use that term sarcastically. He got 15 months in prison. I suspect with good behavior he'll be back online before Martha Stewart. Heck, he'll probably get a pay raise and a job teaching people that they cant trust their own employees.

Here is a link to the Yahoo! story.

It seems our friend got a pleabargain even though he doesn't have enough information to implicate anyone else. Way to send a message to the other would be criminals out there.

By Roger on August 17, 2005 10:36 PM |

When Disclaimers Attack

I'm seeing more email with disclaimers at the bottom.

This e-mail and any files transmitted with it are the property of $companyname, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender at xxx-xxx-xxxx and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited.

Lawyers gone wild. As Information Security Professionals we are supposed to yield to the domain experts. The problem is often the legal guys are in their own world.

This seems like an example of doing SOMETHING in the name of security, but not being sure of actually accomplishing anything. I feel like I should immediately delete the email, scrub my exchange server, reboot the routers to remove any possible remnants, call my lawyer and my company contracts office, and just in case stop accepting any new mail.

Do disclaimers at the bottom carry any legal weight? Its kind of doubtful. I mean to have a contract dont both sides need to have consideration? I have heard of one case where it was important for the disclaimer footer to warn that email traffic is monitored at company X. that way if Joe@companyX sends email to Jane@companyY she knows not to be sending illegal material back to Joe@companyX.

By Roger on June 29, 2005 8:11 PM |

Judge Throws Out Keystroke logger case

According to an article at Security Focus, a judge has thrown out the case against an employee that placed a hardware keystroke logger on his employers computer system. The judge ruled that the Federal Wiretap statute is in regard to interstate transmissions and this was a local logger. Since the keystroke logger collected everything including emails, I'm a bit surprised the judge wasn't willing to go along with the Federal case. It will be interesting to read the case writeup on this one.

By Roger on November 21, 2004 12:23 AM |
« Awareness | Main Index | Archives | FDE »

About this Archive

This page is a archive of recent entries in the Cyberlaw category.

Awareness is the previous category.

FDE is the next category.

Find recent content on the main index or look in the archives to find all content.

Cyberlaw: Monthly Archives

Subscribe to feed Subscribe to this blog's feed
Add to Google
Please contact me by leaving a comment where appropriate. Otherwise, you can reach me at blog...@infosecblog.org
Get Safe Online Remember Rick Rescorla Powered by Movable Type 4.1

Search