Legislation that affects the use of Internet-connected computers
continues to grow in its reach and its complexity. To help you avoid any
infractions, we've revised this list to include new and pending laws and recent
rulings.
For many years, the Internet was the "final frontier," operating largely
unregulated - in part because of the jurisdictional nightmare involved in trying
to enforce laws when communications crossed not just state lines but also
national boundaries. That was then; this is now. Legislation that affects the
use of Internet-connected computers is springing up everywhere at the local,
state and federal levels. You might be violating one of them without even
knowing.
In this article, we'll take a look at some of the existing laws and some of
the pending legislation that can influence how we use our computers and the
Internet. Nothing in this article should be construed as legal advice; this is
merely an overview of some of the legislation that's out there, how it has been
interpreted by the courts (if applicable), and possible implications for
computer users.
Note: This article is also available as a PDF download.
1: Digital Millennium Copyright (DMCA) Act
Most computer users have heard of this law, signed in 1998 by President
Clinton, implementing two World Intellectual Property Organization (WIPO)
treaties. The DMCA makes it a criminal offense to circumvent any kind of
technological copy protection - even if you don't violate anyone's copyright in
doing so. In other words, simply disabling the copy protection is a federal
crime.
There are some exemptions, such as circumventing copy protection of programs
that are in an obsolete format for the purpose of archiving or preservation. But
in most cases, using any sort of anti-DRM program is illegal. This applies to
all sorts of copy-protected files, including music, movies, and software. You
can read a summary of the DMCA here.
If you're a techie who likes the challenge of trying to "crack" DRM, be aware
that doing so - even if you don't make or distribute illegal copies of the
copyrighted material - is against the law.
2: No Electronic Theft (NET) Act
This is another U.S. federal law that was passed during the Clinton
administration. Prior to this act, copyright violations were generally treated
as civil matters and could not be prosecuted criminally unless it was done for
commercial purposes. The NET Act made copyright infringement itself a federal
criminal offense, regardless of whether you circumvent copy-protection
technology and whether you derive any commercial benefit or monetary gain. Thus,
just making a copy of a copyrighted work for a friend now makes you subject to
up to five years in prison and/or up to $250,000 in fines. This is the law
referred to in the familiar "FBI Warning" that appears at the beginning of most
DVD movies. You can read more about the NET Act here.
Many people who consider themselves upstanding citizens and who would never
post music and movies to a P2P site think nothing of burning a copy of a song or
TV show for a friend. Unfortunately, by the letter of the law, the latter is
just as illegal as the former.
3: Anti-Counterfeiting Trade Agreement (ACTA)
This treaty is still in negotiation between the United States, European
Commission, Switzerland, Japan, Australia, Canada, Jordan, Mexico, Morocco, New
Zealand, the Republic of Korea, Singapore, and the United Arab Emirates. The
most recent round of negotiations took place in Mexico in January 2010, and the
next is scheduled for April 2010 in New Zealand.
As with the DMCA, many regard the ACTA as a workaround for governments to
impose regulations and penalties through international treaties that they would
not be able to pass into law through their regular legislative processes. ACTA
covers a number of areas, including counterfeit products and generic medicines,
but the part that affects computer users is the chapter titled "Enforcement of
Intellectual Property Rights."
Although the treaty negotiations are conducted in secret, a leaked document
indicated that one provision in the treaty would force ISPs to give information
about customers suspected of copyright infringement without requiring a warrant.
According to reports, another provision would allow customs agents to conduct
random searches of laptops, MP3 players, and cell phones for illegally
downloaded or ripped music and movies. Not surprisingly, the Recording Industry
Association of America (RIAA) is a supporter of the treaty. The Electronic
Frontier Foundation (EFF) opposes it, as does the Free Software Foundation. You
can read the EFF's stance on ACTA here.
4: Court rulings regarding border searches
Most Americans are aware of the protections afforded by the U.S.
Constitution's fourth amendment against unreasonable searches and seizures. In
general, this means that the government cannot search your person, home,
vehicle, or computer without probable cause to believe that you've
engaged in some criminal act.
What many don't know is that there are quite a few circumstances that the
Courts, over the years, have deemed to be exempt from this requirement. One of
those occurs when you enter the United States at the border. In April 2008, the
Ninth Circuit Court of Appeals upheld the right of Customs officers to search
laptops and other digital devices at the border (the definition of which extends
to any international airport when you are coming into the country) without
probable cause or even the lesser standard of reasonable suspicion. The
Electronic Frontier Foundation (EFF) and other groups strongly disagree with the
ruling. You can read more on the EFF Web site.
Meanwhile, be aware that even though you've done nothing illegal and are not
even suspected of such, the entire contents of your portable computer, PDA, or
smart phone can be accessed by government agents when you enter the Unites
States. So if you have anything on your hard drive that could be embarrassing,
you might want to delete it before crossing the border.
5: State and federal laws regarding access to networks
Many states have criminal laws that prohibit accessing any computer or
network without the owner's permission. For example, in Texas, the statute is
Penal Code section 33.02, Breach of Computer Security. It says, "A person
commits an offense if the person knowingly accesses a computer, computer network
or computer system without the effective consent of the owner." The penalty
grade ranges from misdemeanor to first degree felony (which is the same grade as
murder), depending on whether the person obtains benefit, harms or defrauds
someone, or alters, damages, or deletes files.
The wording of most such laws encompass connecting to a wireless network
without explicit permission, even if the Wi-Fi network is unsecured. The
inclusion of the culpable mental state of "knowing" as an element of the offense
means that if your computer automatically connects to your neighbor's wireless
network instead of your own and you aren't aware of it, you haven't committed a
crime. But if you decide to hop onto the nearest unencrypted Wi-Fi network to
surf the Internet, knowing full well that it doesn't belong to you and no one
has given you permission, you could be prosecuted under these laws.
A Michigan man was arrested for using a café's Wi-Fi network
(which was reserved for customers) from his car in 2007. Similar arrests have
been made in Florida, Illinois, Washington, and Alaska.
The federal law that covers unauthorized access is Title 18 U.S.C. Section
1030, which prohibits intentionally accessing a computer without authorization
or exceeding authorized access. But it applies to "protected computers," which
are defined as those used by the U.S. government, by a financial institution, or
used in or affecting interstate or foreign commerce. In addition to fines and
imprisonment, penalties include forfeiture of any personal property used to
commit the crime or derived from proceeds traceable to any violation. You can
read the text of that section here.
In a recent case regarding unauthorized access, a high profile
lawsuit was filed against a school district in Pennsylvania by students who
alleged that district personnel activated their school-issued laptops in their
homes and spied on them with the laptops' webcams. The FBI is investigating to
determine whether any criminal laws were broken. Because the school district
owned the computers, there is controversy over whether they had the right to
remotely access them without the permission of the users.
6: "Tools of a crime" laws
Some states have laws that make it a crime to possess a "criminal instrument"
or the "tool of a crime." Depending on the wording of the law, this can be
construed to mean any device that is designed or adapted for use in the
commission of an offense. This means you could be arrested and prosecuted, for
example, for constructing a high gain wireless antenna for the purpose of
tapping into someone else's Wi-Fi network, even if you never did in fact access
a network. Several years ago, a California sheriff's deputy made the news when
he declared Pringles can antennas illegal under such a statute.
7: Cyberstalking and Cyberbullying laws
Stalking is a serious crime and certainly all of us are in favor of laws that
punish stalkers. As Internet connectivity has become ubiquitous, legislatures
have recognized that it's possible to stalk someone from afar using modern
technology. Some of the "cyberstalking" laws enacted by the states, however,
contain some pretty broad language.
For example, the Arkansas law contains a section titled "Unlawful
computerized communications" that makes it a crime to send a message via email
or other computerized communication system (Instant Messenger, Web chat, IRC,
etc.) that uses obscene, lewd, or profane language, with the intent to frighten,
intimidate, threaten, abuse, or harass another person. Some of the lively
discussions on mailing lists and Web boards that deteriorate into flame wars
could easily fall under that definition. Or how about the furious email letter
you sent to the company that refused to refund your money for the shoddy product
you bought?
Closely related are the laws against cyberbullying. Such laws have been passed by some
states and local governments. In April 2009, the Megan Meier Cyberbullying Prevention Act (H.R. 1966) was
introduced in the U.S. Congress. The act would make it a federal crime to
"intimidate, harass, or cause substantial emotional distress to another person,
using electronic means to support severe, repeated and hostile behavior."
Subcommittee hearings have been held and the bill is continuing through the
legislative process.
Opponents of the proposed law point out that the language is open to
interpretation, and could be construed to apply to someone who merely gets into
heated discussions on a web board or email list. The best policy is to watch
your language when sending any type of electronic communications. Not only can a
loss of temper when you're online come back to embarrass you, it could even get
you thrown in jail.
8: Internet gambling laws
Like to play poker online or bet on the horse races from the comfort of your
home? The federal Unlawful Internet Gambling Enforcement Act of 2006
criminalizes acceptance of funds from bettors - but what about the bettors
themselves? Are they committing a crime?
Under this federal law, the answer is no, but some state laws do apply to the
person placing the bet. For example, a Washington law passed in 2006 makes
gambling on the Internet a felony. The King County Superior Court just recently upheld that law, although challengers have vowed to
take it to the Supreme Court. Be sure to check out the state and local laws
before you make that friendly online bet.
9: Child pornography laws
We all want to protect children and keep pedophiles away from them, but could
you be arrested for possession of child pornography or for exposing children to
pornography even though you would never voluntarily indulge in such a thing?
Unfortunately, as the laws are written and enforced, the answer is "yes." In
January 2007, a substitute teacher in Norwich, CT, was convicted of four felony
pornography charges, although she claimed the offending pictures were the result
of pop-ups and that she did not knowingly access the Web sites in question. The
conviction was set aside after forensics and security experts
examined her hard drive and found the school's antivirus software was out of
date and the computer had no anti-spyware, firewall, or pop-up blocking
technology. The teacher ended up pleading guilty to a misdemeanor charge.
Pornographic images of children are illegal to possess. This includes not
just photographs of actual children, but also computer-generated pictures and
drawings in which no real people are involved and photos of models who are of
adult age but look like children. There are many ways such images can get on a
computer. Viruses can infect your system and allow another person to remotely
access your hard drive. Your computer can be taken over to become a bot,
controlled by someone else without your knowledge. Someone can email you an
illegal image. You can click a link on a non-pornographic Web site that takes
you to a site where the illegal images are displayed, and they're then
downloaded into your Web cache on your hard drive.
In another 2007 case, a
16-year-old was charged with possession of child pornography and got 18
months probation and over a quarter of a million dollars in legal fees, even
though he passed polygraph tests in which he denied knowledge of the images and
an examination of the hard drive found more than 200 infected files and no
firewall.
10: Pro IP Act
Returning to the copyright front, the Prioritizing Resources and Organization
for Intellectual Property Act (Pro IP Act), which was signed into law in 2008,
imposes stricter penalties for copyright infringement. It created a new position
of "copyright enforcement czar" (formally called the Intellectual Property
Enforcement Coordinator) in the federal bureaucracy and gives law enforcement
agents the right to seize property from copyright infringers.
This may all sound fine in theory, but when you look at the way other seizure
and forfeiture laws have been applied (for instance, the ability of drug
enforcement officers to seize houses, computers, cars, cash, and just about
everything else that belongs to someone tagged as a suspected drug dealer - and
in some cases, not returning the property even when the person is acquitted or
not prosecuted), it makes many people wary. Read more about the bill here.
Some local jurisdictions have also established seizure authority for piracy. In September 2009, Victoria
Espinel was appointed as the first copyright czar. She has asked for public input by March
24, 2010.
