jim.shamlin.com

Preface

INTRUSION INTO PRIVACY AND INTO INFORMATION SYSTEMS

The editors define "intrusion" from both the perspective of the site owner (unauthorized individuals gaining access to information systems) as well as of the site visitor (intrusion into areas they consider private and off-limits). From a legal perspective, conflict over the degree of access each group is willing to allow the other impact both civil and criminal law.

Defining crime in the electronic media is a challenge to legislation and law enforcement. Presently, "e-crime" is generally classified into four categories:

  1. Direct threat to information systems - Including gaining unauthorized access, damaging systems or data, or unauthorized surveillance
  2. Unwanted or undesirable material - Using the medium to push information that the recipient considers offensive, misleading, or intrusive
  3. Fraud - Exploiting electronic transactions to wrongfully obtain something (usually money)
  4. Data Violation - Unauthorized access to information (such as confidential corporate data or personal information) and unauthorized dissemination or use of same.

The use of information systems by business for purposes of communication and commerce has given rise to these concerns, and the expansion of the medium into use by government, healthcare, education, and other aspects of human interaction will make the need for privacy and security all the more acute.

In general, e-crime has been characterized by a financial motive: whether the results are immediate (theft) or eventual (phishing), the goal of the perpetrator is to gain money (or merchandise). The impact of intrusion is therefore chiefly economic. Measures taken in defense of this intrusion also have a significant economic impact: the cost to secure systems against intrusion. It has also had a profound social impact, in the willingness of people and organizations to interact with and share information with one another freely.

The impact is amplified by the emergence of "Web 2.0," in the sense that recent changes in the medium have encouraged users to act as aggregators and publishers of information rather than mere passive receivers.

REGULATING THE BATTLEFIELD: THE LEGAL LIMITATIONS

The global reach of the Internet is a challenge to regulating the medium: local, state, and national legislation to protect data systems is ineffective since the Internet has no borders, and differences in legislation among territorial governments leads to jurisdictional conflict.

There is also a challenge to provide a clear distinction between what is permitted or permissible in order to create legislation that proscribes and responds to acts of a criminal nature that, at the same time, does not place undue restriction on acts of a benign, desirable, and beneficial nature.

Technical progress is another challenge. As new technology emerges, existing legislation is often rendered moot. At the same time, any attempt to regulate future technology is feckless and potentially damaging to progress.

In a similar nature, there is the innovation of the criminal element. Those who secure systems are always a step behind those who wish to intrude upon them, and the former generally react to the actions of the latter.

The book is a collection of chapters written by various authors on the topics described above.


Contents