top
US
US
Indybay
Indybay
protest cheer
indybay menu
category menu
publish menu
Indybay
Regions
Indybay Regions North Coast Central Valley North Bay East Bay South Bay San Francisco Peninsula Santa Cruz IMC - Independent Media Center for the Monterey Bay Area North Coast Central Valley North Bay East Bay South Bay San Francisco Peninsula Santa Cruz IMC - Independent Media Center for the Monterey Bay Area California United States International Americas Haiti Iraq Palestine Afghanistan
Topics
Newswire
Features
Home
About
Contact
Subscribe
Calendar
Publish
Donate
From the Open-Publishing Calendar
From the Open-Publishing Newswire
Indybay Feature
U.S. Media Activism & Independent Media

Computer Crime Laws Chill Discovery of Customer Privacy Threats

by via the EFF
Sat, May 31, 2008 9:58AM
Friday, May 30, 2008 :Have you ever wanted to test whether an e-commerce website is keeping your data secure? The federal Computer Fraud and Abuse Act -- and state statutes modeled on that law -- are so overbroad and vague that your curiosity could get you in deep legal water. When you access your account with an online retailer, the URL often contains a series of numbers. What if those numbers, instead of being randomly generated, appear to be unencrypted personal information, like the last four digits of your credit card, or your California Bar number. What would happen if you edited the URL to contain a different credit card or Bar number? Perhaps it would give you access to someone else's account. That's something you'd want to know because it means your information is also unsecured and the company has something important to fix.
You'd better think twice before testing your theory. Federal and state laws that criminalize unauthorized access to computers also hobble the rights of customers and security experts to use their own browsers to test whether a computer server adequately protects their data from thieves and fraudsters. This is true even if you don't damage, delete, alter or change anything and are acting solely with the intent to protect yourself and others. Under the Computer Fraud and Abuse Act, codified at 18 U.S.C. 1030, obtaining any information from a simple unauthorized access is a misdemeanor punishable by up to a year in jail, while the existence of other factors (such as causing damage or taking medical information) may make such access a felony. 18 U.S.C. 1030(a)(2)(c), (c)(2)(a). California's computer crime law (Penal Code section 502) also prohibits a number of unauthorized activities with computers and computer networks. Merely accessing a computer system without permission is an infraction under California law. (c)(7), (d)(3).

Read More

For more information: http://www.eff.org/deeplinks/2008/05/compu...
Add Your Comments
Support Independent Media
We are 100% volunteer and depend on your participation to sustain our efforts!

Donate

$170.00 donated
in the past month

Get Involved

If you'd like to help with maintaining or developing the website, contact us.

Publish

Publish your stories and upcoming events on Indybay.

Regions
North Coast
Central Valley
North Bay
East Bay
South Bay
San Francisco
Peninsula
Santa Cruz
California
International
Topics
Animal Lib
Anti-War
Arts + Action
Drug War
Education
En Español
Environment
Global Justice
Government
Health/Housing
Immigrant
Labor
LGBTI / Queer
Police State
Racial Justice
Womyn
International
Americas
Haiti
Iraq
Palestine
Afghanistan
More
FAQ
Make Media
Get Involved
Photo Gallery
Feature Archives
Fault Lines
Links
Search Indybay's Archives
Advanced Search
IMC Network
© 2000–2024 San Francisco Bay Area Independent Media Center. Unless otherwise stated by the author, all content is free for non-commercial reuse, reprint, and rebroadcast, on the net and elsewhere. Opinions are those of the contributors and are not necessarily endorsed by the SF Bay Area IMC.
Disclaimer | Copyright Policy | Privacy | Contact | Source Code