RE: Cybercrime treaty
> Russ wrote:
> > IMO, we should do nothing but prepare for a demonstration
> case where one (or
> > more of us) are the defendants.
> Russ - this is a treaty. That means every country will come up with
> their own legal implementation. When they prosecute you in
> Canada, for
> example, the resulting precedent will do nothing for us in the U.S.
> (It's actually a council of Europe treaty, but apparently the
> US DOJ has
> taken a strong role in drafting it). And if the treaty
> starts out with
> dumb provisions, it will be very hard not to end up with dumb
> in all the implementing legislations in individual countries.
I agree 100% with Stuart. It is a lot easier to change things like this in
the early stages, and a well-reasoned response from a respected group could
have some strong effects. We're also not without some political resources
among our own group - for example, Sen. Nunn is on ISS' board.
> > If we shot this down what will come afterwards? If we're
> listened to, what
> > would prefer it to say?
> How about making it a crime to distribute an exploit script without
> first giving two weeks notice to affected vendors?
> Think of this: if it was in an international treaty, you wouldn't have
> to defend your policy on NTBugtraq :-)
OK, let's get serious about this - what ought it say? Why shouldn't it say
what it does? Let's come up with a reasoned response that the people who are
doing this will listen to.