Congress Takes a Holiday
When the Congressional aide called the 2600 offices and asked Emmanuel Goldstein to offer testimony before the House Subcommittee on Telecommunications and Finance on June 9, 1993 we knew it sounded too good to be true. In our neverending optimism, however, we decided to grant their request and submit a statement. At the time, it seemed like a good idea with great potential for all sorts of dialogue. After all, it marked the first time that Congress had actually asked for the opinion of hackers in implementing policy. But what we failed to anticipate was the possibility that the whole thing was nothing more than a big publicity stunt designed to generate anti-hacker soundbites rather than any technological inspiration.
Quicker than you could say "Geraldo," Congressmen Markey (D-Massachusetts) and Fields (R-Texas) began hacker-bashing. Markey held up a copy of 2600 and called it a manual for computer crime. In a very patronizing tone, he lectured Goldstein on the definition of a criminal. He compared printing articles in 2600 to telling people how to break into specific houses on Maple Street. Fields was no better, accusing 2600 of printing "codes" to listen in on phone calls. When Goldstein attempted to explain that these "codes" were unencrypted frequencies that anyone with a scanner could listen to, Fields dismissed him by saying he was very disturbed that this publication and the people involved in it were allowed to exist.
While Markey and Fields were the only members of the subcommittee who chose to attend the hearing, their ignorance and unwillingness to listen echo throughout the fantasy world of elected officials. What is very unfortunate for us is that these politicians, whose depth of understanding seems unable to surpass that of A Current Affair, are very powerful people who pass laws based on their misperceptions. We can hardly wait to see what they come up with next.
What follows is some of what they didn't read:
The next few years will almost certainly go down in history as those in which the most change took place in the least amount of time. The computer and telecommunications revolution that we are now in the midst of is moving full speed ahead into unknown territory. The potential for amazing advances in individual thought and creativity is very real. But so is the potential for oppression and mistrust the likes of which we have never before seen. One way or the other, we will be making history. I think we can imagine it best if we think of ourselves speeding down a potentially dangerous highway. Perhaps the road will become slick with ice or fraught with sharp curves. It's a road that nobody has gone down before. And the question we have to ask ourselves is what kind of a vehicle would we prefer to be in if things should start getting out of control: our own automobile where we would have at least some chance of controlling the vehicle and bringing it down to a safe speed or a bus where we, along with many others, must put all of our trust behind a total stranger to prevent a disaster. The answer is obviously different depending on the circumstances. There are those of us who do not want the responsibility of driving and others who have proven themselves unworthy of it. What's important is that we all have the opportunity at some point to choose which way we want to go. Rapidly changing technology can also be very dangerous if we don't look where we're going or if too many of us close our eyes and let someone else do the driving. This is a ride we all must stay awake for. I am not saying we should be overly suspicious of every form of technology. I believe we are on the verge of something very positive. But the members of this committee should be aware of the dangers of an uninformed populace. These dangers will manifest themselves in the form of suspicion towards authority, overall fear of technology, and an unhealthy feeling of helplessness. The recent FBI proposal to have wiretap capabilities built into digital telephone systems got most of its publicity because American taxpayers were expected to foot the bill. But to many of the non-technical people I talked to, it was just another example of Big Brother edging one step closer. It is commonly believed that the National Security Agency monitors all traffic on the Internet, not to mention all international telephone calls. Between Caller ID, TRW credit reports, video cameras, room monitors, and computer categorizations of our personalities, the average American feels as if life no longer has many private moments. Our Social Security numbers, which once were for Social Security, are now used for everything from video rentals to driver's licenses. These numbers can easily be used to track a person's location, expenses, and habits - all without any consent. If you know a person's name, you can get their telephone number. If you have their phone number, you can get their address. Getting their Social Security number is not even a challenge anymore. With this information, you can not only get every bit of information about this person that exists on any computer from Blockbuster Video to the local library to the phone company to the FBI, but you can begin to do things in this poor person's name. It's possible we may want a society like this, where we will be accountable for our every movement and where only criminals will pursue privacy. The American public needs to be asked. But first, they need to understand. In Germany, there is a fairly new computerized system of identity cards. Every citizen must carry one of these cards. The information includes their name, address, date of birth, and nationality - in other words, the country they were originally born in. Such a system of national identity can be quite useful, but in the wrong hands it can be extremely scary. For example, if a neo-Nazi group were to somehow get their hands on the database, they could instantly find out where everyone of Turkish nationality lived. A malevolent government could do the same and, since not carrying the card would be a crime, it would be very hard to avoid its wrath. Before introducing a new technology that is all-encompassing, all of its potential side-effects and disadvantages should be discussed and addressed. Opportunities must exist for everyone to ask questions. In our own country, nobody was ever asked if they wanted a credit file opened on them, if they wanted to have their phone numbers given to the people and companies they called through the use of Caller ID and ANI, or if they wanted to be categorized in any manner on numerous lists and databases. Yet all of this has now become standard practice. This implementation of new rules has resulted in a degree of cynicism in many of us, as well as a sense of foreboding and dread. We all know that these new inventions will be abused and used to somebody's advantage at some point. There are those who would have us believe that the only people capable of such misdeeds are computer hackers and their ilk. But it just isn't that simple. So where is the boundary between the hacker world and the criminal world? To me, it has always been in the same place. We know that it's wrong to steal tangible objects. We know that it's wrong to vandalize. We know that it's wrong to invade somebody's privacy. Not one of these elements is part of the hacker world. A hacker can certainly turn into a criminal and take advantage of the weaknesses in our telephone and computer systems. But this is rare. What is more likely is that a hacker will share knowledge with people, one of whom will decide to use that knowledge for criminal purposes. This does not make the hacker a criminal for figuring it out. And it certainly doesn't make the criminal into a hacker. It is easy to see this when we are talking about crimes that we understand as crimes. But then there are the more nebulous crimes; the ones where we have to ask ourselves: "Is this really a crime?" Copying software is one example. We all know that copying a computer program and then selling it is a crime. It's stealing, plain and simple. But copying a program from a friend to try it out on your home computer -- is this the same kind of crime? It seems obvious to me that it is not, the reason being that you must make a leap of logic to turn such an action into a crime. Imagine if we were to charge a licensing fee every time somebody browsed through a magazine at the local bookshop, every time material was borrowed from a library, or every time a phone number was jotted down from the yellow pages. Yet, organizations like the Software Publishers Association have gone on record as saying that it is illegal to use the same computer program on more than one computer in your house. They claim that you must purchase it again or face the threat of federal marshalls kicking in your door. That is a leap of logic. It is a leap of logic to assume that because a word processor costs $500, a college student will not try to make a free copy in order to write and become a little more computer literate. Do we punish this student for breaking a rule? Do we charge him with stealing $500? To the hacker culture on whose behalf I am speaking today, the only sensible answer is to make it as easy as possible for that college student to use the software he needs. And while we're at it, we should be happy that he's interested in the first place. Of course, this represents a fundamental change in our society's outlook. Technology as a way of life, not just another way to make money. After all, we encourage people to read books even if they can't pay for them because to our society literacy is a very important goal. I believe technological literacy is becoming increasingly important. But you cannot have literacy of any kind without having access. If we continue to make access to technology difficult, bureaucratic, and illogical, then there will also be more computer crime. The reason being that if you treat someone like a criminal, they will begin to act like one. If we succeed in convincing people that copying a file is the same as physically stealing something, we can hardly be surprised when the broad-based definition results in more overall crime. Blurring the distinction between a virtual infraction and a real-life crime is a mistake. New laws are not needed because there is not a single crime that can be committed with a computer that is not already defined as a crime without a computer. But let us not be loose with that definition. Is mere unauthorized access to a computer worthy of federal indictments, lengthy court battles, confiscation of equipment, huge fines, and years of prison time? Or is it closer to a case of trespassing, which in the real world is usually punished by a simple warning? "Of course not," some will say, "since accessing a computer is far more sensitive than walking into an unlocked office building." If that is the case, why is it still so easy to do? If it's possible for somebody to easily gain unauthorized access to a computer that has information about me, I would like to know about it. But somehow I don't think the company or agency running the system would tell me that they have gaping security holes. Hackers, on the other hand, are very open about what they discover which is why large corporations hate them so much. Through legislation, we can turn what the hackers do into a crime and there just might be a slim chance that we can stop them. But that won't fix poorly designed systems whose very existence is a violation of our privacy. The future holds such enormous potential. It is vital that we not succumb to our fears and allow our democratic ideals and privacy values to be shattered. In many ways, the world of cyberspace is more real than the real world itself. I say this because it is only within the virtual world that people are really free to be themselves - to speak without fear of reprisal, to be anonymous if they so choose, to participate in a dialogue where one is judged by the merits of their words, not the color of their skin or the timbre of their voice. Contrast this to our existing "real" world where we often have people sized up before they even utter a word. The Internet has evolved, on its own volition, to become a true bastion of worldwide democracy. It is the obligation of this committee, and of governments throughout the world, not to stand in its way. This does not mean we should stand back and do nothing. Quite the contrary, there is much we have to do if accessibility and equality are our goals. Over-regulation and commercialization are two ways to quickly kill these goals. A way to realize them is to have a network access point in every house. Currently, network access is restricted to students or professors at participating schools, scientists, commercial establishments, and those who have access to, and can afford, local services that link into the Internet. Yes, a lot of people have access today. But a far greater number do not and it is to these people that we must speak. The bigger the Internet gets, the better it gets. As it exists today, cultures from around the globe are represented; information of all kinds is exchanged. People are writing, reading, thinking. It's potentially the greatest educational tool we have. Therefore, it is essential that we not allow it to become a commodity that only certain people in society will be able to afford. With today's technology, we face the danger of widening the gap between the haves and the have-nots to a monumental level. Or we can open the door and discover that people really do have a lot to learn from each other, given the opportunity.A full transcript is available for free at 2600@well.sf.ca.us or $5 from PO Box 752, Middle Island, NY 11953.