ABSTRACT

Computer crimes seem to be an increasing problem in today's society. The main

aspect
concerning these offenses is information gained or lost. As our government tri
es to take
control of the information that travels through the digital world, and across n
etworks such
as the InterNet, they also seem to be taking away certain rights and privileges
that come
with these technological advancements. These services open a whole new doorw
ay to
communications as we know it. They offer freedom of expression, and at the sam
e time,
freedom of privacy in the highest possible form. Can the government reduce com
puter
crimes, and still allow people the right to freedom of expression and privacy?
INFORMATION CONTROL IN THE DIGITIZED WORLD
In the past decade, computer technology has expanded at an incredibly fast rate
, and the
information stored on these computers has been increasing even faster. The amo
unt of
money, military intelligence, and personal information stored on computers has
increased
far beyond expectations. Governments, the military, and the economy could not
operate
without the use of computers. Banks transfer trillions of dollars every day ov
er
inter-linking networks, and more than one billion pieces of electronic mail are
passed
through the world's networks daily. It is the age of the computer network, the
largest of
which is known as the InterNet. A complex web of communications inter-linking
millions of
computers together -- and this number is at least doubling every year. The comp
uter was
originally designed as a scientific and mathematical tool, to aid in performin
g intense
and precise calculations. However, from the large, sixty square foot ENIAC (El
ectronical
Numerical Integrator and Calculator) of 1946, to the three square foot IBM PC o
f today,
their uses have mutated and expanded far beyond this boundary. Their almost in
finite
capacity and lightning speed, which is increasing annually, and their low cost,
which is
decreasing annually, has allowed computers to stabilize at a more personal leve
l, yet
retain their position in mathematical and scientific research1 . They are now b
eing used in
almost every aspect of life, as we know it, today. The greatest effect of comp
uters on
life at this present time seems to be the InterNet. What we know now as the
InterNet
began in 1969 as a network then named ArpaNet. ArpaNet, under control by the p
entagon's
Defense Advanced Research Projects Agency, was first introduced as an answer to
a problem
 concerning the government question of how they would communicate during war. T
hey needed a
network with no central authority, unlike those subsequent to this project. A
main
computer controlling the network would definitely be an immediate target for en
emies. The
first test node of ArpaNet was installed at UCLA in the Fall of 1969. By Decem
ber of the
same year, three more nodes were added, and within two years, there was a total
of fifteen
nodes within the system. However, by this time, something seemed to be changin
g concerning
the information traveling across the nodes. By 1971, government employees bega
n to obtain
their own personal mail addresses, and the main traffic over the net shifted fr
om
scientific information to personal mail and gossip. Mailing lists were used to
send mass
quantities of mail to hundreds of people, and the first newsgroup was created f
or
discussing views and opinions in the science fiction world. The networks decen
tralized
structure made the addition of more machines, and the use of different types of
machines
very simple. As computer technology increased, interest in ArpaNet seemed only
to expand.
In 1977, a new method of transmission was put into effect, called TCP/IP. The
transmission
control protocol (TCP) would convert messages into smaller packets of informati
on at their
source, then reassemble them at their destination, while the InterNet protocol
(IP) would
control the addressing of these packets to assure their transmission to their c
orrect
destinations. This newer method of transmission was much more efficient then t
he previous
network control protocol (NCP), and became very popular. Corporations such as
IBM and DEC
began to develop TCP/IP software for numerous different platforms, and the dema
nd for such
software grew rapidly. This availability of software allowed more corporations
and
businesses to join the network very easily, and by 1985, ArpaNet was only a tin
y portion of
the newly created InterNet. Other smaller networks are also very widely used to
day, such as
FidoNet. These networks serve the same purpose as the InterNet, but are on a m
uch smaller
scale, as they have less efficient means of transferring message packets. They
are more
localized, in the sense that the information travels much more slowly when furt
her
distances are involved. However, the ease of access to these networks and vari
ous
computers has allowed computer crimes to increase to a much higher scale. These
computers
and networks store and transfer one thing -- information. The problem occurs w
hen we want
to determine the value of such information. Information lacks physical propert
ies, and
 this intangible aspect of data creates problems when developing laws to protect
it. The
structure of our current legal system has, to this point, been based on ascerta
inable
limits. Physical properties have always been at its main core2 . In the past,
this
information, or data, has been 'converted' into tangible form to accommodate ou
r system. A
prime example is the patent, which is written out on paper. Today, however, it
is becoming
much more difficult to 'convert' this data into a physical form, as the quantit
y is
increasing so rapidly, and this quantity of information is being stored in a vi
rtual,
digitized space3 . It is very important to realize and emphasize that compute
rs and
networks store and transfer only information, and that most all of this informa
tion can be
altered, in some way, undetectably. For example, when a file is stored in the
popular DOS
environment (and also in environments such as Windows, OS/2, and in similar way
s, UNIX), it
is also stored with the date, time, size, and four attributes -- read-only, sys
tem, hidden,
and archive. One may consider checking the date at which the document, or info
rmation
stored on the computer, was saved to determine if it was modified. However, th
is is also
digital information, and easily changed to whatever date or time the operator p
refers. One
may also consider the attributes stored with the file. If a file is flagged as
'read-only,' then perhaps it cannot be overwritten. This is surely the case --
however,
this attribute is easily turned off and on, as it is also information in a digi
tized sense,
and therefore very easily changed. This is the same case when a file is 'hidde
n'. It may
very well be hidden to the novice user, but it is easily seen to anyone who has
even a
slight knowledge of the commands of the system. One may also consider moving t
his
information to a floppy disk in order to preserve its originality; but we are o
nce again
giving it a physical aspect, which we earlier addressed as being a close to imp
ossible task
when involved with the amount of information involved in this area today. Digi
tal
information is infinitely mutable, and the information that protects this infor
mation is
infinitely mutable4 . In order to understand how to control this information, w
e must first
understand what information and it's value -- especially that of a digital natu
re -- is.
One cannot specifically define information in a whole. In today's society, 'kn
owledge is
power' seems to be a common phrase, and a quite true one. It would be even mor
e true to
say 'knowledge can be power.' It's how we use this knowledge that determines i
t's power.
In the same sense, it is how we use and distribute this knowledge that determin
es it's
value. Information can be used in so many ways that it is virtually impossible
to value
it. What information is of value to one person may be completely worthless to
another.
The availability of this knowledge also determines it's worth. If information
is as free
as air, it has virtually no worth5 . Therefore, it is also a privacy issue. W
e can now
base the value of information on three things: it's availability, it's use, an
d it's user.
In order to protect information in our current government, we must first va
lue it.
Those three aspects of information can be so differentiated, that this is close
to
impossible to do so. In addition to this, how do we determine who "owns" the i
nformation?
Information itself is not a physical thing which only one person has in their p
ossession at
any time. If information is given away, it is still held by the giver, as well
as the
taker. It is impossible to determine exactly who has this information. If som
eone steals
information, we cannot take it away from them -- it is intangible in almost eve
ry aspect.
We must also understand the way in which our government, and most governments,
create laws
and attempt to desist illegal actions. As stated earlier, the American governm
ent, and
many other governments, are based on a physical center, which I exemplified wit
h the case
of the US patent. When our government creates laws, the subjects of the laws a
re given a
definable, ascertainable limit. When someone commits grand theft auto, breakin
g and
entering, or murder, we understand what has occurred and have definite ways to
prove what
has occurred, where and when it has occurred, how it has occurred, and, if appl
icable, what
has been harmed and what is its value. However, when we look at computer crime
s, such as
unauthorized access, we cannot be as clear on these aspects, and we do not have
definite
ways to prove the crime, or who committed it, nor do we have a way in which to
define the
value of anything damaged, if it had even been damaged. It is hard to convict
a person
when all they did was slow down a computer network for a few days, or look at a
credit
profile on John Doe. Problems also occur because people, including those in the
legal
profession as well as jurors, do not always understand technology. They do not
always
understand how mutable digital information can be, and how easily accessible an
d
distributed it can be. When a jury does not understand, one cannot truly be de
clared
guilty "beyond a reasonable doubt". "Technically, I didn't commit a crime. Al
l I did was
destroy data. I didn't steal anything.6 " How can this be argued? Crimes com
mitted in
the computer world do not exactly adhere with current laws that address physica
l crimes.
We cannot adapt current laws to those involving information crimes, and trying
to do that
will cause too many problems and confusions because of the variety, extent, and
value of
information as a whole. However, this is exactly what the government is trying
to do. It
must also be considered that this information is not strictly a US problem, nor
is it more
geared towards the US. Although started by the United States government, the In
terNet has
grown world wide, reaching over seventy countries. Since the InterNet has such
a
decentralized structure, one cannot say that the US is "in charge" of the netwo
rk. The
problem is, the US government does not see this themselves. The United States
government
wants to censor the information traveling across the InterNet and other telecom
munication
services, but this cannot be the case any longer because of this situation. We
cannot
expect other countries to adhere to the laws of the United States, just as most
Americans
would not expect to have to agree to laws set by other countries. Therefore, i
t could be
easily said that the government would be invading privacy if they were to attem
pt to censor
the information which travels these networks. Individual computers, are, of co
urse, an
individuals property, and it would, without a doubt, be an invasion of privacy
if the
government wanted to, at any given time, search your hard drive without just ca
use. I feel
that the government wants too much power this time. It would seem that they wa
nt to have
access to and control all digital information in America for their own benefit.
The US
government created an encryption device called the Clipper chip, which was to i
nsure
digital privacy among it's users. However, our government seems to only define
privacy to
an extent. They had also planned to keep, in their possession, a duplicate of
each chip.
So much for total privacy. The government seems to be on a quest for total con
trol over
it's citizens, and the citizens of the world. This may seem extreme at the pre
sent time,
but our current legal system does not allow for the undefinable limits that inf
ormation
control presents, especially on a world wide basis. If the government tries to
gain too
much control, it could very well lead to it's failure. Control -- the control w
e need -- is
not a legal problem at all. It is a social, moral, and technological problem7
. What is
needed is a type of 'information ethics'. A set of morals and customs must be
slowly
adapted, and not pounded into the digital world by the government. Virtual law
s must be
formed by a virtual government. Information cannot be controlled by our govern
ment in it's
current form. In order to control information, the government would have to in
duce a
drastic change. The first amendment, in reality, is the foundation of the righ
ts of the
citizens of this country. This amendment, in it's most basic form, guarantees
our right to
inform and be informed. The government can not and will not be able to control
digital
information as a whole, or govern the right to this information without sacrifi
cing the
keystone of our nation and of our rights as Americans.
1 We see about 50-70% more computing power per year, and hardware prices drop ab
out 25-50%
per year. Since 1978, raw computing power has increased by over 500 times. "80x
86
Evolution," Byte, June 1994, pp. 19. 2 Curtis E.A. Karnow, Recombinant Culture
: Crime In
The Digital Network. (Speech, Defcon II, Los Vegas), 1994.

3 S. Zuboff, In the Age of the Smart Machine, New York; 1992.Michael Gemignani,
Viruses And
Criminal Law. Reprinted in Lance Hoffman, Rogue Programs: Viruses, Worms and Tr
ojan Horses,
New York, 1990.4 Lauren Wiener, Digital Woes, 1993.5 John Perry Barlow, "The Eco
nomy of
Ideas", Wired, March 1994.6 Martin Sprouse, "Sabotage in the American Workplace:
Anecdotes
of Dissatisfaction, Mischief, and Revenge", New York; 1992. (Bank of America Em
ployee who
planted a logic bomb in the company computer system).

7 Curtis E.A. Karnow, Recombinant Culture: Crime In The Digital Network. (Speec
h, Defcon
II, Los Vegas), 1994.

------------------
Works Cited
Addison-Wesley, Bernard. How the Internet Came to Be. New York: Vinton Cer
f, 1993.
Communications Decency Act. Enacted by the U.S. Congress on February 1, 199
6.
Computer Fraud and Abuse Statute. Section 1030: Fraud and related activity i
n connection
with computers.
Denning, Dorothy. "Concerning Hackers Who Break into Computer Systems". Speec
h presented
at the 13th National Computer Security Conference, Washington, DC, 1990.
Gates, Bill. The Road Ahead. New York: Penguin Books USA, inc, 1995.
The Gatsby. "A Hackers Guide to the Internet". Phrack. Issue 33, File 7; 15
September
1991.
Icove, David, Karl Seger, and William VonStorch. Fighting Computer Crime. USA
: O'Reilly
Books, 1996.
Time Life Books. Revolution in Science. Virginia: Time Life Books, inc., 19
87.
Wallich, Paul. "A Rouge's Routing." Scientific American. May 1995, pp. 31.