Report Exposes Need For New Laws On Cyber Protection

Legal Adviser January 16, 2015
0 people like this post

ComputerHaving the processing power of a desktop computer in the palm of your hands was considered impossible at the turn of the most recent century, and that was just fifteen years ago. These days, remote technology is taking humanity into worlds with exciting new possibilities that people can use to cause considerable benefit and limitless harm.

According to reports from the Institute of Science, Law, and Technology of the IIT-Chicago-Kent College of Law, the entire American population is legally vulnerable to cyber-attack. Specifically, the remote activation of a personal webcam by a third party.

Ratters and Internet Underworld

The people who perform this type of cyber-attack are known as ratters. They operate user-friendly software that they can take control of a victim’s computer and activate the webcam without the owner’s knowledge. Ratters are commonly young men who capture photos of victims – often, young women – nude, or having sex, and extorting them for more images.

There currently exists an underground economy of those who trade and sell such images where thousands of women have been victimized, including minors. There have been cases that successfully prosecuted prominent ratters, but most of them hung on technicalities such as copyright laws. There are no laws currently existing that specifically addresses ratters and their online activities.

The report asserts that that the language of the Electronic Privacy Communications Act (ECPA), originally written in 1986, is outdated, and doesn’t provide the necessary protection to counter modern threats.

The Wiretapping Act

Title I of the ECPA, known as the amendment to the Wiretapping Act extensively discuss the violations against interceptions, use, or disclosure of disclosure without the consent of at least one of the concerned parties.

According to Title 18, Part I, Chapter 119, § 2511 of the U.S. Code any person who:

  • intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication;
  • intentionally uses, endeavors to use, or procures any other person to use or endeavor to use any electronic, mechanical, or other device to intercept any oral communication
  • intentionally discloses, or endeavors to disclose, to any other person the contents of any wire, oral, or electronic communication, knowing or having reason to know that the information was obtained through the interception of a wire, oral, or electronic communication in violation of this subsection;
  • intentionally uses, or endeavors to use, the contents of any wire, oral, or electronic communication, knowing or having reason to know that the information was obtained through the interception of a wire, oral, or electronic communication in violation of this subsection;shall be punished as provided in subsection (4) or subject to suit as provided by subsection (5) of this section.

Take note that the often-repeated term in these provisions is interceptor. This law only punishes people found to intercept electronic information while in transit from one party to another. Ratters don’t necessarily qualify under these circumstances, because they’re not intercepting anything when they remotely activate a webcam. They’re the ones initiating contact with their victims, and become qualified recipients of the images.

The Stored Communications Act

The other titles of the law don’t do much better in this regard, since they only focus on specific, relatively low-tech concerns. When describing what constitutes as an electronic offense in Title II of the ECPA, also known as the Stored Communications Act (SCA), refers to Title 18, Part I, Chapter 121, §2701(a) of the U.S. Code.

This provision states that an electronic offense is:

  • The intentional access without authorization a facility through which an electronic service is provided; or
  • Intentionally exceeds an authorization to access that facility.

This provision also fails victims of remote webcam access, because they only protect the owners of electronic storage facilities and services. If a ratter remotely accesses a webcam and saves all of the data on his own servers, they effectively evade this provision since no unauthorized access to storage facilities occurred.

Legal Relief Falls Short

The closest law that can provide relief to remote webcam activation is the Computer Fraud and Abuse Act (CFAA). Unfortunately, the provisions of this act are primarily for the protection of businesses and the financial security of private individuals, as well as national security. Title 18, Part I, Chapter 47, §1030(4) requires that the unauthorized activation must incur monetary damages valuing at least five thousand dollars before it can be brought before a court as a civil claim.

All fifty states have privacy laws that may help victims of remote webcam activation get relief from ratters. But, the broad scope of some of these laws can provide just enough wiggle room for ratters to escape. Unless legislators create laws that specifically address ratter activities, the status of privacy will always be in troubling doubt as technology continues to advance.

Category: Expert's Vision
  • 0
  • 271