[LINK] "Good Samaritan" hacker pleads guilty to breaking and
Fri, 28 Sep 2001 11:32:59 +1000
The disturbing bit is the charge, which is "intentionally access a
protected computer without authorization through the use of an interstate
communication, and did thereby obtain information from a protected
computer; to wit: the defendant ... downloaded proprietary
Practical Extraction Report Language scripts and password files from the
The charge fails to mention intention to cause harm, or even harm resulting.
The prosecutor explained that " ... we don't prioritize unauthorized
computer access where there is no consequence. This matter was
pursued because the defendant downloaded files and intended to derive
a financial benefit from the unauthorized access. ... the defendant
the files he downloaded, planned to distribute his rewrite, added another
page to the website, modified the password file, and misled sympathizers
and others as to both the character and scope of what he had done."
Given the agreed facts, I don't have a problem with him being prosecuted.
I *do* have a problem with the fact that the discretion on whether or
not to prosecute lies with the prosecutor. The crime should be
defined such that no crime exists unless intent ('mens rea') is
proven. Otherwise the crime becomes available to a prosecutor as a
weapon of repression.
I need to qualify the previous sentence in some way, to make
allowance for 'criminal negligence', i.e. no intent, but significant
Roger Clarke http://www.anu.edu.au/people/Roger.Clarke/
Xamax Consultancy Pty Ltd, 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, and 6288 6916
Visiting Fellow Department of Computer Science
The Australian National University Canberra ACT 0200 AUSTRALIA
Information Sciences Building Room 211 Tel: +61 2 6125 3666