
Fighting Cybercrime – What Happens to the Law When the Law Cannot Be Enforced? - DyslexicAtheist
https://www.weforum.org/agenda/2019/02/fighting-cybercrime-what-happens-to-the-law-when-the-law-cannot-be-enforced/
======
harimau777
If it is impossible to enforce laws against cybercrimes, one option would be
to bring back the concept of outlawery:
[https://en.wikipedia.org/wiki/Outlaw](https://en.wikipedia.org/wiki/Outlaw)

Once a jury finds that a given domain was responsible for a crime but it was
impossible to actually go after them, the government would declare them to be
a fair target for any hackers.

Note: I don't know if this would actually be a good idea. I just think its an
interesting idea.

~~~
TACIXAT
A principle that is discussed is hacking back. It actually almost passed in
Georgia, USA. [1] The idea would be that if something was attacking you, you
could go on the offense to disrupt it. Personally, I think that would be a lot
of fun.

1\. [https://threatpost.com/georgia-governor-vetoes-
controversial...](https://threatpost.com/georgia-governor-vetoes-
controversial-hack-back-bill/131822/)

~~~
jstarfish
It almost passed in Georgia because our legislators are idiots. They also
almost passed a law criminalizing security research altogether.

The problem with allowing open season is that unlike the wild west, outlaws
did not literally hijack the bodies of victims to masquerade as someone else
before engaging in criminal activity. The "hacker" you're attacking is usually
another victim of the operator serving as a proxy. Attribution in the
cybersecurity space is very difficult and prone to error. You'd just be
institutionalizing lynch mobs.

------
michaelt
There are certainly cybercrimes that could be much better enforced. Running
DDoS botnets of insecure network cameras, distributing ransomware, making
robocalls, revenge porn, and so on.

But there's another set of cybercrimes where I don't really care about
enforcement. Running Sci-Hub, bypassing DRM to refill inkjet printer
cartridges, violating superinjunctions, and suchlike.

Sadly, the latter set tends to have much better lobbyists than the former, so
I'm always nervous about the outcome of legislators attempting to improve the
law.

~~~
jstarfish
> revenge porn

I've always wondered why USC 2257 is never pulled out to deal with this. It
seems like the sort of law enacted to allow arbitrary punishment of porn
producers-- just find some fault in their paperwork to wreck their day. An
angry ex with your honeymoon tape has no such paperwork at all.

------
gcb0
so much bullshit to force new abusive legislation. at least they avoided
"think of the children"itis

nothing on this topic is new. laws for wire fraud and money laundry already
lay a foundation for prosecuting international crimes. the problem is one of
three groups (us-eu-jp-au, Russia, China) selectively enforcing prosecution
for whatever reasons. new legislation will change nothing.

------
jdsully
I always thought the way we talk about "unsecured" services was wrong. I leave
my door unlocked all the time and have no expectation someone will come by and
test it. Were they to see it unlocked they'd have no expectation they were
allowed in. If someone does break in nobody suggests it was because their
choice of lock was "weak".

I don't expect I'd ever see it in my lifetime, but I would love to live in a
world where people don't try random ssh passwords thousands of times a day
against my servers. Being on the internet is like living in a bad
neighborhood.

------
stebann
Law can't be enforced because some powers don't want that. What about money
laundering that could get hidden within seemingly legit transactions for multi
billon dollars companies? Wouldn't be abusive if they try to regulate the
behaviour of people buying online? How do they know the way to conduct that
kind of investigation? Doesn't seem realistic.

------
craftinator
It erodes the authority of the lawmaker.

