Unacceptable Reality of Email Communication
I remember reading Zbigniew Brzezinski years back in the Foreign Affairs journal I believe berating politicians for talking of crises. There have been crises ever since the big bang, but of course in the context of our present time, there are dangers. One of the greatest dangers facing us today, is the fact we are able to accept the reality of our situation. For example, my email which if it were real mail would come under the following law:
84 Interfering with the mail: .This section has no associated Explanatory Notes(1)A person commits an offence if, without reasonable excuse, he—
(a)intentionally delays or opens a postal packet in the course of its transmission by post, or
(b)intentionally opens a mail-bag.
(2)Subsections (2) to (5) of section 83 apply to subsection (1) above as they apply to subsection (1) of that section.
(3)A person commits an offence if, intending to act to a person’s detriment and without reasonable excuse, he opens a postal packet which he knows or reasonably suspects has been incorrectly delivered to him.
(4)Subsections (2) and (3) of section 83 (so far as they relate to the opening of postal packets) apply to subsection (3) above as they apply to subsection (1) of that section.
(5)A person who commits an offence under subsection (1) or (3) shall be liable on summary conviction to a fine not exceeding level 5 on the standard scale or to imprisonment for a term not exceeding six months or to both.
Tell me what happened to the person who hacked into my Yahoo account? Nothing. Who hacked into my Yahoo and changed my passwords? I have no idea. However, someone has a good idea, and that might be the very organizations which are supposed to protect individuals, namely the intelligence services. They will not divulge the names or location. Why not? Because they are doing exactly the same! They are scanning my emails and to do so they must "open" my email which constitutes a criminal offence. In addition to the hackers, there are those working for foreign states which have hacked into my account and have taken personal records and financial data. This constitutes theft. There is the Computer Misuse Act 1990 which looks at the first part of the offence. The hacking with view to the commission of other offences.
2 Unauthorised access with intent to commit or facilitate commission of further offences.
(1)A person is guilty of an offence under this section if he commits an offence under section 1 above (“the unauthorised access offence”) with intent—
(a)to commit an offence to which this section applies; or
(b)to facilitate the commission of such an offence (whether by himself or by any other person);
and the offence he intends to commit or facilitate is referred to below in this section as the further offence.
Also Section 3. Where there has been a modification to the passwords.
Then we can look at all the other offences. Theft in general, fraud, etc. All of the above applies to hackers within the UK jurisdiction. Extradition of suspects is difficult and time consuming. Yet, there are people out there responsible for "millions" of criminal acts. If they had tampered and opened real mail, the sentencing would be much greater. If they had burgled homes, stolen real property instead of digital, then it would be greater. However, many do steal money. I have had my card cloned several times because of misuse of a computer. These thefts are cross-border but happen within cyber jurisdiction. If the internet were treated as a jurisdiction and that there were universal laws applied across the globe one might feel safer. However, the defence forces and the "dark forces" routinely bypass and undermine the possibility of such a jurisdiction operating effectively. The internet is effectively an undeclared war zone. An interesting article from 2012 discusses the key issues succinctly.
As a result of the divergence in international law on the issue of State responsibility, there are two competing standards emerging for cyber attacks: the effective control standard applicable to non-State actors, and both the effective and overall control standards applicable to State sponsors of cyber attacks.
State Responsibility for Cyber Attacks: Competing Standards For a Growing Problem by Scott Shackelford.
If we caught a foreign agent in our bedroom and he or she had a rank in another country's military, it would be much easier to build a case against that country. But often they use numerous non-State actors, and the only way to build a case of control based responsibility would be to follow the paper trail, i.e. find out who paid whom. It might be a cash transaction. Then the person who gave the cash would be traced to another. If we can do it in civil cases, we can in military cases too.
In the case of the US scanning of Yahoo accounts using keywords connected with counterterrorism or the Cold War one can argue that as we have seen in the Wikileaks that far more information is gleaned, and that the scanning can have other uses that might be deemed offensive or constitute industrial espionage. This in addition to all the rights we have concerning communication. But the reality is that as soon as we use any form of electronic device we must sign away rights and duties which have or follow in the real world. The internet is in short irresponsible, frighteningly so.