Personal tools

ddenning.html

CFP'91 -

Law Enforcement & Civil Liberties

Wednesday, March 27, 1991

Sharon Beckman
Cliff Figallo
Mike Gibbons
Mitch Kapor
Mark Rasch
Kenneth Rosenblatt
Sheldon Zenner
Dorothy Denning, Chair


Copyright (c) 1991 IEEE. Reprinted, with permission, from The First Conference on Computers, Freedom and Privacy, held March 26-28, 1991, in Burlingame, California. Permission to copy without fee all or part of this material is granted provided that the copies are not made or distributed for direct commercial advantage, the IEEE copyright notice and the title of the publication and its date appear, and notice is given that copying is by permission of the Institute of Electrical and Electronics Engineers. To copy otherwise, or to republish, requires a fee and specific permission.

Published in 1991 by IEEE Computer Society Press, order number 2565. Library of Congress number 91-75772. Order hard copies from IEEE Computer Society Press, Customer Service Center, 10662 Los Vaqueros Circle, PO Box 3014, Los Alamitos, CA 90720-1264.


DENNING: This is the session on law enforcement and civil liberties and if there's probably any one session that prompted this conference in the beginning, I think this is it.

Let me just tell you a little bit about how I got involved with this. ... My background is in computer security, and a little over a year ago a student who was editing a magazine called Worm, which was advertised as a cyberpunk hacking kind of publication, asked me if he could interview me for this. After some deliberation I consented, and in the process got very curious about who these hackers out there were.

After working on the other side of the problem for so long, I wanted to find out more about who the hackers were. And so I spent several months after that talking with various hackers, mostly over the net, and wrote a paper on that which I then gave at the National Computer Security Conference last October.

In the meantime some of my very close colleagues, like Donn Parker, who - and Donn is never shy about telling me when he sees my shortcomings - suggested that I really should go look at the other side, at the law-enforcement side as well.

That was prompted in part because, in the process of looking at the side of the hackers, ... it looked like there was this witch-hunt on the part law enforcers against hackers, many of whom maybe weren't even doing anything illegal.

... This raised a lot of questions. So ... I followed Donn's suggestion and did talk with law enforcers. I ... talked with Ken Rosenblatt down in Santa Clara County and I talked to Don Ingraham and went down to L.A. and talked with Jim Black, who's in the LAPD, and went to Arizona and talked to Gail Thackeray.

And after talking with all the law enforcers I got a very, very different side to the whole story and really had a considerable respect for what I saw the law enforcers doing.

One thing I saw was that there certainly was definitely no witch- hunt going on. What was happening is that there were very, very legitimate complaints on the part of companies bringing these complaints to law enforcers and law enforcers reacting to that in a very, for the most part, reasonable way.

... So that's sort of what led me to all of this. And that doesn't mean that there haven't been some cases where I think there may have been some mistakes made, but at the same time I think that for the most part the law enforcers have approached the cases very well and have also been very sensitive to the differences among the people who commit the crimes.

Every teenager who has done something wrong is not thrown in jail. Many of the cases are never prosecuted at all, and in many cases the offenders are given no sentence or something very light.

With that as an introduction, ... this panel is ... going to be mostly a discussion, and ... we're going to just start out and give every panelist up to two or three minutes to introduce themselves and state any major issues or make any key points that they'd like to make beforehand.

Then ... I will ask some questions of the panelists, for discussion purposes, and after that we will open it up to oral questions from the audience. I'm not asking for any written questions in this session. Part of it is I was afraid I'd get so many I wouldn't be able to manage it.

I'd like to start with a panelist, and I'd like to start with Sheldon Zenner. I've known Sheldon here the longest, and it hasn't been all that long - it's been less than a year. ... Sheldon was the attorney who ... defended ... Craig Neidorf last summer. [applause]

I will let Sheldon say something about that in his opening comments, but there's kind of an amusing story about Sheldon I'd like to share, and that is how I was introduced to him. ...

I had ... talked with Craig Neidorf and with somebody in Sheldon's law firm named Jim Dunlop about the [Neidorf] case. Jim had said that he was going to call me back to talk to me more. In the meantime, I had a meeting at work. So I left a note with the secretary saying that, if Jim Dunlop called, they should get me out of the meeting and I'd go talk with him.

... I was sitting in the meeting and I got a message that said Jim was on the phone and I should talk to him. I picked up the phone and Sheldon said, "Hi. I'm not really Jim Dunlop. I used social engineering in order to be able to get you to the phone." In fact, if he had said that he was Sheldon Zenner the secretary wouldn't have gotten me. ... So that was how we were introduced.

ZENNER: OK. Starting out with social engineering. Very briefly, my background, so that you can understand I guess what I bring to the party, is that I spent 7-1/2 years as an Assistant United States Attorney, working as a federal prosecutor in Chicago. I worked very closely with law enforcement, FBI, Secret Service, all the federal agencies, and I have an abiding and long respect for the work they do.

By the same token, I listened closely to what Don Ingraham had to say and he quoted from that very popular book, All I Really Need to Know, I Learned in Kindergarten, or something to that effect. And one of the precepts taught in that book is, "Clean up your own mess." And I guess I still wait for Dale Boll of the Secret Service and for some others to follow that precept as well, because another thing Don Ingraham said was that, ... one thing we're missing here are some of the victims. And I think he was partially right and partially wrong.

We certainly don't have the victims of computer crime, when he means the banks and the companies, even the ma-and-pa companies. We have some, as Cliff Stoll raises his hand.

But there are other victims and they are victims of perhaps law enforcement that on occasion goes a little too far and is a little over- zealous and happens to ensnare some innocent people in their web. And some of those victims are here and I know you've seen them.

Lastly, I very rarely get a public opportunity to speak, for good reason, but given this opportunity I have to seize it for a moment and go off the script because this is a unique opportunity for me to thank some people.

I know the Academy Awards are over, but, you know, people have been very kind and come up to me and slap me on the back and tell me what a fine job I did on Craig's case. Or Craig, who's here, tells me [of] people coming up to him and slapping him on the back.

And, quite frankly - and this really is very frightening - I have no doubt (and the judge in that case said he had no doubt) that, ... if some things had not gone the way they did, Craig would probably be sitting in jail today rather than finishing up his college education - because the government was looking for a two-year sentence on him, which he would be serving right now.

The only reason he is not, I think, is because some people whom I had never met and never heard of, never spoken to, found out about Craig's case through the miracle of computer communication - something I am sorry to say I still do not understand - and volunteered and called me out of nowhere and said, "I've heard about Craig's case. Is there something I can do?"

One of those people is Dorothy Denning; another is John Nagle; another is Peter Neumann; another is Mitch Kapor; another is John Perry Barlow, whose article really gave me the inspiration for my opening statement. Those people came out of the woodwork and out of nowhere - and I had never heard of any of them before this thing started - and just volunteered.

John and Dorothy came to Chicago at their own expense. They weren't paid a cent. They spent innumerable hours helping me understand that which all of you apparently understand already, which allowed us to present a defense and allowed us to show the government that they had made a mistake. But were it not for Dorothy and Peter and Mitch and John Perry Barlow, John Nagle and the rest I am afraid Craig would be in jail, and I just wanted to take this opportunity to thank them all. [applause]

RASCH: My name is Mark Rasch. I am with the Criminal Division of the Department of Justice in Washington. I suppose my claim to fame and the reason why I'm here is that I was one of the two prosecutors who prosecuted the Internet worm case of Robert Morris [Jr.]. That was the beginning of my entrance into this Alice-in-Wonderland world of cyberspace.

Since then I have worked on a number of criminal investigations of computer hacking, computer viruses and the like. And when I say "hacking" I am being pejorative. I am using the term in the manner in which it's used by law enforcement to mean the unauthorized access into computers, and for those of you who consider yourself to be hackers in the other sense, I apologize.

Let me say this, also. The topic of this panel is Law Enforcement and Civil Liberties, and there are the Fourth Amendment, the Fifth Amendment, the First Amendment and all the other rights that are guaranteed by the Constitution, or the rights that are not enumerated in the Constitution, [that] exist and continue to exist in full force in cyberspace.

... I disagree [with] Professor Tribe that we need a 27th Amendment. I think it's unnecessary. I think also, though, that the manner in which those rights are expressed and the way they're enforced changes with technology. So that, when I decide what technology to employ - for example, if I decide to speak with you in a room - I have a certain expectation of privacy. If I decide to use the technology of a microphone, my expectation of privacy, even though I may be speaking to only one of you, since all of you can hear me because of this technological device, my expectation of privacy is changed because of the technology I employ.

If I decide to speak directly to you using the television and broadcast it over the public airwaves, my expectation of privacy also changes. The law has to recognize that technology affects behavior, and behavior is what dictates expectations of privacy. So when you're balancing these two, these are some of the things we have to look at.

The Fourth Amendment, for example, speaks about warrant requirements and about specificity of warrants. You have to specify the item to be seized. A lot of the controversy around computer-crime investigations, about Sun Devil and a number of other cases, has been controversy that federal law-enforcement agents have seized everything.

When we can come up with an acceptable way to seize only the files that are called for by the warrant, of determining them quickly and efficiently and then not seizing the entire disk and still being able to admit them into evidence, I assure you that's exactly what we will do.

Until then the procedure that we are employing is to seize what is covered by the warrant, examine it as quickly and efficiently as possible, and return it when it becomes clear that it is not covered by the warrant. Those are our policies. Whether they are implemented completely in every case is a matter for litigation and that's what we do.

We are sensitive to First Amendment concerns. We have no desire to stop people from communicating with each other. We certainly hope that they continue to communicate with each other. The public discussion of these matters helps make us better in law enforcement and hopefully will help the computer community to police itself as well. Thank you. [applause]

FIGALLO: My name is Cliff Figallo, and why am I up here? I'm surrounded by lawyers and cops. ... . I'm the manager of the Whole Earth Lectronic Link, otherwise known as the WELL, and so I guess I am kind of like a cop, and a judge when it comes down to it on the WELL at times.

But mostly I'm up here because we have concerns about the possible overuse of law enforcement and its possible effects on the electronic community. A lot of what's been talked about so far has been, you know, fraud and the area of credit cards, telephone fraud and whatever.

But what hasn't been considered is the fact that there are actual communities growing and living in cyberspace. The WELL has been around since 1985 and we've tried to encourage it to be an active forum for whatever problems, discussions, issues people wanted to talk about.

In the fall of 1989 we hosted a thing called "The Hackers Forum," where Harpers Magazine asked us if we could host a discussion of hacking and cracking. And we invited a couple of active young hackers on, named Phiber Optik and Acid Phreak, to interact with the rest of us old fogies about the ethics of hacking and cracking.

And out of that came an article and out of that came more interest in this whole area and the interaction of these kind of activities with law enforcement. And eventually the Electronic Frontier Foundation was founded by Mitch [Kapor] and John Perry Barlow, and this conference I think is kind of an indirect result of all of that discussion.

So I think that these communities definitely serve a purpose, a very valuable purpose, and that they need to be protected and preserved. And when I hear about cases where a kind of a half-cocked-looking legal system goes and seizes all the equipment from someone and never does really consummate the case, it makes me wonder what would happen if some illegal activity was suspected of happening somewhere on the WELL, and that possibly the WELL could be shut down.

That's one of our main fears, and I kind of think of my managing the WELL as sort of like being a resident manager in a large apartment complex where ... you want your people to feel safe in their homes and you don't want to have a bunch of people charging down the halls bashing down doors ... because they suspect something's in someone's apartment in the building.

You just want it to be handled sensitively. So I'm hoping that the dialogue we can engage in here will help us, the members of the electronic community, to talk to the law-enforcement people and convince them of the fact that they need to be sensitive, that people actually live here now, that ... not everybody only uses electronic transactional systems for sending their credit-card charges over the wires, you know.

People actually live in the electronic community now and it's a sort of place that we need to take care of. [applause]

BECKMAN: I'm Sharon Beckman, [with the law firm of Silverglate & Good in Boston. I am the litigation counsel for the Electronic Frontier Foundation and also represent Steve Jackson Games, the Austin, Texas] game editor and publisher, which was never the target or suspect in any criminal investigation but whose bulletin-board system was shut down and whose publication of a fantasy game book was restrained when the Secret Service seized its computers.

Also in connection with the Electronic Frontier Foundation, I've been involved in the redrafting of a proposed computer-crime bill in Massachusetts, which is novel in that its provisions are designed to guarantee the balance that we've all be talking about between legitimate law enforcement and property interests and also privacy interests and communication interests.

I actually agree with Mark on what I think was ... Tribe's primary thesis, which was that the Constitution as it exists, even without the need for any constitutional amendment, should be interpreted so that its fundamental underlying values apply in changed circumstances and in the context of new technologies.

I think it's a fundamental misperception in this area that there's no law pertaining to electronic searches and seizures. ... This doesn't exist in a vacuum. There's a rich set of precedent that applies when a search or seizure implicates First Amendment concerns.

We heard several of the law-enforcement officers in the previous panel talking about the problems that they face stemming from the sheer magnitude of their searches and the fact that when they're on the field, on premises, they feel called upon to make exercises of discretion.

But the Supreme Court has made clear ... that in the First Amendment area no discretion is to be left to the searching officers and that the requirements of specificity in a warrant are particularly intended so that there's no unintentional over-broad seizure that implicates First Amendment concerns.

And similarly the Court has held ... in the First Amendment context [that] when the items sought to be seized arguably implicate First Amendment concerns there must be an opportunity for a prompt, post- seizure adversary hearing and, in some instances, a pre-seizure adversary hearing before a neutral judge - particularly on the topic of whether the search would violate the First Amendment.

I'm very interested in these discussions that have been happening, that are continuing to happen today, in thinking about what has been done to make sure that those constitutional guarantees apply in courts, in legislatures and in the field, and what can be done better. [applause]

ROSENBLATT: Good morning. My name is Ken Rosenblatt. I am a deputy district attorney in Santa Clara County. For those of you who are not familiar with Santa Clara County, we encompass Silicon Valley, and I milk that for everything I can get. I was a little concerned when I was asked to join this panel because I was asked to join as a fill-in, actually for Jim Black, who could not be here - LAPD.

I was told that they would like me to speak, and I said, "Well, what's the name of the panel?" And they said, "Law Enforcement and Civil Liberties."

I said, "Fine, I'll take civil liberties."

They said no, no [laughter], and I knew I was in trouble.

Well, my point out of all that is that there is not a dividing line, in my viewpoint. I am charged, along with Don Ingraham, along with Mr. Rasch, with upholding the civil liberties of everybody.

That just doesn't mean the victims that we like to jump up and down about, and we should be jumping up and down about, but also the civil liberties - as guaranteed in the Constitution - of computer owners whose computers we must seize; of people ... whom we have charged with a crime.

In that light I want to be very clear that this is not an "us versus them" proposition. We do have different viewpoints. Allow me to express some of mine. They come in a series of basic propositions.

The first, which may be somewhat controversial, is I don't think we have a crisis here. A problem, perhaps. A crisis, no. If we had a crisis, I think we would have hundreds of people in this room who've had their computers seized by law enforcement without cause. We would have hundreds of Steve Jacksons, hundreds of Craig Neidorfs - without commenting in any way about those cases because thankfully I know very little about them. I didn't have to deal with them. But I don't think we have a crisis. ... What we should have is the beginning of a dialogue about some problems which appear to be emerging and a discussion about what we should do about those problems.

The next proposition I would suggest is that the law is not the problem. We have a Constitution. It functions perfectly well. The complaints that I've heard ... we even sum up in one word, zealotry, people ignoring the mandates of the Constitution. That may or may not be a problem.

But one of the concerns I have is Sharon [Beckman] and what Sharon wants to do. I didn't mean that personally obviously. But attempts to change the law in response to what some people would like to characterize as a crisis.

It's my position that the Fourth Amendment and the various laws that protect us at this point are adequate. We don't need a 27th Amendment. We may need to do some fine-tailoring around the edges. We may have to have some court decisions explaining how the laws that we have on the books apply. We may need a little tinkering. We do not need wholesale restructuring.

And, for example, the discussion that Sharon was just talking about - about the First Amendment giving you a right to a pre-seizure review, actually (and we can get into this later) the Supreme Court, I think, rejected that in Zurcher v. Stanford Daily. But there are a lot of discussions about how the Fourth Amendment should affect the First, my point being those discussions have already been underway for years and there are court decisions on them.

Finally, the last proposition I would like to suggest is that any changes in the law that are made will not only affect the ability of law enforcement to seize computers and bring suspects to "justice," and I put that in quotes, it will also affect our ability to protect you - because for every person out there in that audience there is probably some way in which their intellectual property, which is what I specialize in, and theft- of-trade-secret cases could be affected.

And, as Don Ingraham mentioned in the last panel, any rules that you set down or that you want to change will affect our ability to apprehend people who are the greatest threat to you: the people who trash the WELL, or attempt to; the people who steal proprietary information from the companies for whom many of you work. And I think that under those circumstances changes may need to be made, but they should be made very carefully. [applause]

GIBBONS: Good morning. My name is Mike Gibbons and I'm with the FBI and I'm a special agent and have been for about 6-1/2 years. I worked for about five years on the street doing investigations and I am now one of those supervisors in headquarters charged with setting policy and overseeing a lot of the work that's done on the street.

Like the investigators we had here earlier, I've worked on a number of cases involving computer fraud and abuse, many other type of white-collar cases, fraud against the government and what-not.

As a matter of background, I've worked on some rather insignificant cases. I probably am the only investigator or FBI agent in the country to open and work a case where they only had a 75-cent loss in computer time. [reference to The Cuckoos Egg case] [laughter and applause]

I also opened and worked on initially the Robert Morris [the Internet worm] investigation. I was the first one to get it opened and basically worked the case for a few days and turned it over to an agent who was less than happy about working it because he didn't understand computer terminology - and that's going to be a point in a little bit. It took a few days. I helped to write a search-warrant affidavit, and later I testified for the grand jury and sat during the trial with Mark Rasch at that prosecution.

But having worked in the street for a number of years and now coming in to headquarters and understanding some of the problems, I think the tone of this conference is one of policy and procedures and whether or not we have our act together as law enforcement in these policies and procedures, and what changes have been made and need to be made.

We've listened to people like Cliff Stoll and others and we found a couple of problems within our organization, and I will admit this publicly now. One of those was a uniform response. You could call an FBI office in Poughkeepsie and get one response about a computer crime or computer fraud and abuse, and call Oakland, California, and get an entirely different picture like, "Go away, kid."

And then the problem for the street investigators was there may not have been a good manual for the headquarters supervisor to assist the field people, also. So we undertook a program, and it was ... with the Director, [William] Sessions, really believing in computer crime, and he wrote an article a month ago in the Law Enforcement Bulletin ... on computer crime and how he considered it one of the highest priorities the FBI has to deal with.

Because not just computers as the target of the crime but computers as a tool in everyday crime [are] going to pervade almost every type of crime we're going to be getting into. And that issue I'll take up later, maybe, with education.

But we brought in a task force to try to resolve the issue quickly and we came up with a new way: Rather than us only looking at cases that involve computer crimes over $25,000 in loss, we said, "Hey, let's look at 'em all for a year or two."

And we broke it down into three categories, and that is: computer impairment, ... any time someone's harming a computer; computer-data theft, and that would be any time somebody's stealing information, and there are other statutes that fall into that; and then intrusion, ... and eventually intrusion would fall under misdemeanor.

And we would open cases on intrusion where we didn't really know what was going on. So the idea is we'd like to learn, we would like to teach our people, and maybe later we'll talk about education of the agents. And we'd like to try to exchange some ideas, and that's why they felt it was important to send me to a forum like this, to discuss the issues. Thank you.

KAPOR: My name is Mitch Kapor. I'm the co-founder of EFF [Electronic Frontier Foundation]. I have five points I'd like to make in three minutes or so. First, I believe that there is an electronic frontier. It hasn't been settled yet. This is the beginning, not the end. You ain't seen nothin' yet. ... [applause]

As evidence, we do not know how specifically to extend the First Amendment to protect bulletin boards because it hasn't happened yet. We haven't had the cases. It is not established. We do not know how specifically to draw the line between what is a reasonable and an unreasonable search.

I think we've made a lot of progress in that last year among all parties in gaining the recognition that these are relevant and important issues. If you look where we were at the time Sun Devil was happening, those questions were not being asked. Everybody now agrees those questions are being asked. That's important.

What have I learned about law enforcement in the last year? I didn't know anything about law enforcement. I didn't even watch cops- and-robbers shows on TV. It is much more of a black-and-white world than the world that I am used to living in. Now that may just be me or it may be them. But, you know, there are a lot of different kind of people in the world.

Law enforcement, in my opinion - and this is all in my opinion so I am going to drop that phrase from here on out - sees its job as catching crooks. And there are bad guys out there and their job is to go get them, and that is a social function. And I want crooks to be caught, too.

But hackers do not fit neatly into the black-and-white world of crooks doing bad things. And when you try to take a phenomenon as complex and as interesting as hackers and reduce it down to black and white, what you get is public perception formed by screaming headlines of the "evil hacker conspiracy to disrupt this nation's vital systems."

And I am as mad as hell at anybody who contributes to that false and damaging public perception. [applause] I am also mad as hell that there are perfectly innocent victims who've gotten caught up in the gears of the law-enforcement system and who have been screwed over.

Now Don Ingraham says this is inevitable. Well, I don't regard it as such, and I am gonna fight against that. I'll tell you something else. If, as is the case, and this is something I genuinely believe, that the worst cases of abuse are not systematic - and I don't think they're systematic - I'd like to hear some of the law-enforcement people point the finger at those of their colleagues that they think need to be brought into line. 'Cause if it is the case of a few bad apples and that's all it is, let's get that ... out on the table, and it will be possible to be much more collegial about the issues where we have to work together.

The biggest thing that I've learned, unfortunately, is that, as much as we would like to work together and be nice and polite and go and work out the guidelines (and we are trying to do that) when law enforcement, as Don Delaney came and said, "You know, when we have to file charges, it's just black and white and we just have to say it and it is an adversarial system," it leaves groups like the EFF in the position of saying, "Then we must be adversarial also."

I wish that were not the case. ... When Donn Parker asked me what have we done to educate the judges, I said, "Well, we're doing a little bit there. But, frankly, until we feel that people's basic rights are being protected we have to put the majority of our attention on that."

I have two more points, and I know I'm going over but, for me, please, bear with me for two minutes. [laughter] This is hard stuff. This is new stuff. Most of the law-enforcement people that I've met have a great deal of integrity and willingness to deal with the situation, but it's performance that counts. And as a taxpayer I want to see my taxpayer dollars going into training law enforcement, giving them some decent equipment and letting them learn how to make the distinctions that support civil liberties.

OK. Yesterday I was talking to Phil DeWitt from Time magazine, and he said, "Hey, my editor's got a problem. Why should we care about hackers' rights?" Well, this is for the editor of Time magazine and anybody else that needs a basic civics lesson. "Their rights - our rights. It's a slippery slope. It is the protection of individual rights which protects each and every one of us from being tyrannized by our government and from being tyrannized by a majority." I am surprised that I have to say that but I think somebody ought to say that and anybody else should feel free to say that on the record, too.

Rights really matter, and its the rights of every single individual, whoever's rights are being challenged. Because today maybe you think of it as "them" and tomorrow maybe it's another group and so on, and that's a very familiar story. It is a cliche in the civil-liberties community. But I think technology people and the general public need to understand that.

Last point, the big picture: Is this just about civil liberties? No, this is not just about civil liberties. When we started the EFF, we said the mission in the large was the civilization of cyberspace. We are moving into this new realm and we want to do it in a way that we will all be happy with.

The most interesting social experiments about that new world of cyberspace are taking place on the Internet, in the computer underground and on the bulletin boards of this country in a non-commercial vein. It is the network petri dish that is going to be inventing a future that we are all going to be living in. It is terribly important not to do anything which has a chilling effect on those valuable social experiments. And that means full protection of all of our civil liberties, and that's what the fight is really about. Thank you. [applause]

PANELIST DISCUSSION

DENNING: I'd like to ask the panelists if any of them want to respond to Mitch. ... So, would any of the panelists like to respond to any of the comments that Mitch made? [pause, then laughter]

RASCH: I'll do it. You know, Mitch in closing said that we shouldn't ruin this valuable social experiment or do anything that would chill this valuable social experiment, and I suppose it depends on what the social experiment is.

If the social experiment is to encourage a free and open dialogue among people, that's fine. However, if the social experiment is to decide what is the best way to break into other people's computers, if the social experiment is to say, "How can I steal software? How can I steal files? How can I steal information?" then that's not a valuable social experiment, and that does need to be chilled.

If the social experiment is, "How can I destroy other people's files? How can I commit extortion against other people? How can I send a computer virus across a network to destroy other people's information or to interfere with their use of the computers?" that's antisocial and it's criminal and should be discouraged.

So I think we need to make a distinction. Computer crime ultimately is crime and the criminal aspects of computer crime are the fact that it interferes with other people's enjoyment of the networks. I think we have to understand that the right to be free from these intrusions by other people, by hackers, by authors of viruses and the like, is also a fundamental civil liberty, and one of the goals of law enforcement is to ensure that that civil liberty is protected as well, so that cyberspace will continue to flourish. [applause]

FIGALLO: Well, I don't think that Mitch would have that much argument with you because I don't think that we're talking about, you know, allowing people to commit crimes. We're talking about the fact that law enforcement does not yet have a total grasp on what it's dealing with, as our perception, and that in going after what they perceive to have been a crime [they are] trying to set an example to show that maybe we're gonna get tough on computer crime and we're going to go after this teenager who we think has been dialing numbers.

And if they don't get their case right and if they can't make a case and make a true conviction that something really bad has happened, well then we are worried that maybe they are going to come, you know, searching around and on fishing expeditions, or whatever, and violating people's privacy, and by doing that will have a chilling effect on people's feeling that they can ... have access to a free and open flow of information. So I don't think that we're contesting that there are reasons for law enforcement.

KAPOR: I want to respond by agreeing partially with what Mark said and disagreeing. The First Amendment protects your right to discuss doing all sorts of nasty things. It's been up to the Supreme Court any number of times, including on how to build an atomic bomb, OK.

The line is crossed when you move from speech into behavior. Now I'm not an attorney and I'm not going to try to argue like an attorney, but the way I read Mark's statements, taken at face value, would suggest that discussions, for instance, of how to break into a computer system might be construed as illegal, and I will tell you that you cannot do that.

You need to train computer professionals, for instance, in computer security to discuss how to defend systems. And you cannot, in any way that I know of, tell computer-security people that they can discuss "x" and hackers that they can't. I mean, who's gonna tell who's who?

You must permit the discussion. You cannot chill that. You must take the laws to apply to behaviors. Yes, that makes it more difficult, I agree. Law enforcement [seems to feel] if certain things were illegal to talk about there'd be fewer crimes. The price we pay for living in a free and open society is taking that risk. Is that an agreeable statement?

RASCH: I agree with part of what Mitch said and disagree with.... That's right. We're just ... winnowing this conversation a bit. Let me say that you can certainly have a First Amendment right to discuss criminal activity, in the sense that you have a First Amendment right to talk about, for example, how to build a bomb or how systems are broken into.

On the other hand, when ... you and one other person, or a number of other people, are talking about how to break into a specific system, just as you and another person can talk about how to break into a specific bank and [are] planning that type of activity, certainly that's speech in the sense that it's a communicative action. But that's not protected speech any more than handing the note to the bank teller saying, "Give me all your money," is protected speech.

It is frequently difficult to tell the difference. I believe that law enforcement should err on the side of the First Amendment. On the other hand, it still raises questions. When you see bulletin boards that are exchanging information like this, it does raise questions about that type of activity. One of the things about cyberspace, one of the things about the networks, is it is frequently difficult to tell the difference between one person talking to another about breaking into a specific computer and one person talking to "the network" about breaking into computers in general.

These are the areas where Sharon said the application of the principles of the First and Fourth amendment[s] become difficult and they break down in cyberspace. These are the issues that we're here to discuss. These are the sensitivities that we are trying to get law enforcement and other people to be familiar with, so that they can recognize the differences between these two. We will err on the side of First Amendment rights and First Amendment concerns. But on the other hand when we catch people planning, actively planning criminal activity, we intend to prosecute them.

BECKMAN: I'd like to take a stab at maybe ... bringing these two even closer together. I mean, there is a line to be drawn between free communication of ideas and speech which amounts to criminal conduct. The Supreme Court has drawn that line, in the Brandenburg case. And the line is crossed when the speech amounts to advocacy of imminent lawless action. Even if there's a conversation about a particular computer system, unless the speech amounts to a threat of imminent lawless activity, it's protected by the First Amendment and can't be criminalized.

DENNING: That's ... reassuring to me because I know that I and my colleagues ... write lots of papers describing the vulnerabilities of particular systems. [laughter] And one of the things that I observed in looking at some of the things that were floating around on bulletin-board systems and so on was that there wasn't a lot of difference in the information that was being conveyed. There was a difference in the tone of how that information was being conveyed. But it was still much the same stuff, which is very troubling to me because I really don't know how to deal with that.

QUESTION & ANSWER PERIOD

KEITH HENSON: ... Several months back Kenneth [Rosenblatt] put a letter in the San Jose Mercury News wherein he stated that among the things which they would keep ... a bulletin board for was discussion about how to make bombs on that bulletin board.

And I find that to be quite disturbing. Because the same kind of material, if someone took and typed in a few pages from one of the Armys manuals on sabotage, for example, into a bulletin board, ... that's definitely the kind of stuff which you stated in the newspaper letter that you would keep the BBS for and not return it. Could you comment on that? ...

[This question] was to Kenneth Rosenblatt. He's the one who wrote the letter in the San Jose Mercury....

ROSENBLATT: Want to try that again for me? I didn't recognize....

HENSON: In the San Jose Mercury News, you wrote a letter to them stating that you would keep a bulletin board which had material on it relating to how to make bombs. I can get you a copy of the article if you want, or rather the letter that you wrote if you'd like to see it.

ROSENBLATT: No, no, I think you're refreshing my recollection, although [laughter] I seem to recall in that letter it was more a discussion of ... why we do what we do. And I think one of the things I said that was troubling about bulletin boards, obviously, and I think we all should find it a little troubling unless you're a bomb maker, that there would be discussions of exactly how to make bombs. I may have gone so far as to say ... if we have seized a bulletin board - not for bomb-making information, by the way; I think I made it clear it would be for telephone- access codes that didn't belong to the people who were putting them on the board - that when the owner made a motion to return the property we might have an objection to returning material about how to make a certain type of pipe bomb. We might have an objection to that.

HENSON: I don't understand that because that same material could be found in any library or anybody's personal library at home and be perfectly legitimate. Making a pipe bomb is not what one calls a high-tech activity.

ROSENBLATT: Well, I would tend to agree with that. You may have a point there. It may be that we have to return material which we would find dangerous to the general public. We don't have to be happy about it, but you may be correct. It may be that the First Amendment requires us to return material on how to make various designer drugs, material on how to make certain types of bombs. You may be absolutely correct.

The point of my letter, however, was to say that we may seize a bulletin board, which our office has done I think exactly once, maybe twice, in 15 years, for other material. And then the owner would have to come in and ask for some of the material back. And I could understand, or I could contemplate circumstances where they wouldn't get it back.

For example, if it was true contraband, that is access codes they didn't own. As to.... HENSON: Nobody has problems with that. ... But the concept of confiscating material off a BBS which would be protected if it was in somebody's library or in the public library really disturbs me.

ROSENBLATT: I think you might have a point.

HENSON: Thank you. [applause]

ROSENBLATT: [soto voice] ... last time I'll write a letter ... [laughter]

JOHN MCMULLEN: Mark used the term "hackers" in this pejorative sense, which I don't agree with. But rather than open an old argument, Mitch also used the "rights of hackers." And so on the same wavelength, I'd like him to define what he means by "hackers." ...

KAPOR: Well, you know what Humpty Dumpty said: "A word means exactly what I choose it to mean." Look, it's a fact that different people use it in these two different contexts. Generally when I use it I hope the context is making clear the sense of use and if it isn't somebody should ask.

... I really regret - I consider this to be a theft of intellectual property - that the term "hacker" has been appropriated. But there isn't anything to do about it so we just kind of have to not - I mean one way of not conceding defeat is to use the term and trust that the intelligence of the audience will be sufficient to disambiguate the different senses. [some laughter]

OTHER PANELISTS: Another Humpty.... Does disambiguate mean exactly what you mean it to mean?

KAPOR: That's a word that intellectuals understand. [laughter, applause, boos] I wanted to know if those were the pointy-headed intellectuals I remember from the Agnew era, or a different kind. I want to know which group I'm being targeted as.

DENNING: I have a question I'd like to ask - something that a couple of the panelists touched on in their opening remarks. It has to do with minimization and specificity in searches and seizures.

I was wondering if anybody else on the panel would like to comment on that issue. In particular, are the existing practices used by law enforcers - which is, you know, mainly taking the whole systems and so on - are those practices adequate or could we be doing better?

ZENNER: OK. Mark decided that I should answer this. I heard Don Ingraham speak yesterday. I've heard Mark and the others from law enforcement talk about the great lengths that they know they should go to when they seize computer systems, and I have no doubt that when those individuals are involved in a search and a seizure that they follow those rules.

They are three or four people in a nation filled with law- enforcement officers, and I have seen lots of the others. And the others, as in my own personal experience, don't follow those rules because they haven't followed those rules in searches and seizures in any other area and they don't see a reason to follow them in the computer area.

The tag line that prosecutors often use at the end of a search warrant ... is, "...and any and all other evidence that we find of the crime." And, of course, how do we decide what is "any and all evidence that we might find of the crime" during the search until we take it all, read it all and ... see if it's evidence or not?

And so what you get more often than not is - and this is a quote from an agent from an agency (which will remain nameless) to me; I can't give you the initials - but it's, "Look, we take it all and then we work it out later." And "later" might be a week or a month or - more often in federal cases - a year or two. And there's a five-year statute of limitations and it really takes a lot of time to review all this stuff.

All the while somebody is sitting at home without their records, without their files, without what they need to run a business. And oddly enough most of my practice is actually not representing people like Craig, and by that I mean individuals, it's representing businesses.

And as often as not it is a business who has had all its records taken by an agency because they are investigating a crime, and I don't begrudge them the right to investigate their crimes. We want them to do that, but they take everything and work it out later.

And when Don and others say, "You know, but the law allows you to go in and get that property back right away," - and he's right about that; there's a statute for that in federal law and I'm sure there are comparable ones in the states - what that means is we've shifted the burden.

And Don said, "Innocent until proven guilty doesn't really mean anything." I take issue with him on that. But what it means is that you gotta go out and hire somebody like me or others at great, ridiculous expense, to go [laughter] - right, as Craig [Neidorf] will attest - ... into court and fight with the government over the scope of their search.

And the first thing the government says in that civil case is, "Gosh, we'd like to give you discovery about that but there's a pending criminal case and we really, uh, need to stay discovery, mmm, for the next couple of years until the criminal case is resolved, because it might cause the disclosure of sensitive grand-jury information. Therefore, shove your civil case until the criminal case comes around and, fed guys, when are you going to get around to doing it?"

"Well, we're working on it, we're working on it."

And they are, but they've got five years to work and I know lots of prosecutors who have a big caseload and think very favorably about that five-year statute of limitations. And all the while the victim is without the goods. That's a problem.

RASCH: Let me add that we don't even necessarily have to return it at the end of those five years. Having said that ....

ANOTHER PANELIST: Comforting, comforting.

RASCH: I'm saying there's no statute that requires it just because the statute of limitations has stalled the prosecution. So you probably don't find much comfort in that thought. On the other hand, let me say this: This is another example of where technology has altered what the Fourth Amendment says. It doesn't alter the concepts of the Fourth Amendment; it doesn't alter the wording of the Fourth Amendment.

However, when you are executing a search warrant - let's assume for computerized information - and there are hundreds of disks, either floppy disks or ... large disk packs or bubble memory or something like that, and in the normal case when police officers go in and execute a search warrant looking for drugs or drug paraphernalia, they will go in, look for the drugs or the drug paraphernalia that's specified in the warrant, seize it and that's it. They are in and out of the house half an hour or an hour or whatever it is to look, search and seize. And that of course is what the framers of the Constitution had in mind.

On the other hand, assuming that there is evidence of a criminal activity that's maintained on a computer, what you're going to end up [with] is a situation where the police come in and search, look for the evidence and find evidence of the criminal activity.

Now, I assure you that you people do not want law enforcement in your office for three months looking through your files, sitting there in your office. Were we to enforce the Fourth Amendment's search-then- seizure law, then that would require the law enforcement to stay in your office and probably kick you out while they did that to prevent you from interfering with the search. None of you want that, and as a result....

AUDIENCE MEMBER: Wrong.

RASCH: You would rather have law enforcement ... ? I would assure you that the courts would find that an invasion of your privacy and would find that to be unconstitutional.

ZENNER: But my question is, how often do you give them the choice ... ? You don't give them a choice. You say, "We'll take it." Because I know, ... representing victims of searches, I would be happy to say to the law- enforcement people.... [Rasch gestures toward microphone] I'll give it back to you. [laughter] Now that I've seized it, you try to get it back. [laughter, applause] No, hang on a second.

RASCH: All right, keep going.

ZENNER: My point is, simply, what the government does is comes and takes it and the rationale then becomes, "Well, you don't want us upsetting your business, etc. And, ... you know, that sounds all right. But on behalf of the company I'd much rather say, "We'll give you a room; we'll give you the stuff and you go in that room and do what you want." But we keep running our business and keep having people coming to work, instead of being in the position that Steve Jackson was [in], which was wiped out during the interim. [applause]

RASCH: Let me say this: First of all, because of the laws of evidence, we need to preserve the integrity of the original document. And what constitutes an original document under evidence law is murky, OK?

I mean, for example, if we simply download individual files from a hard disk onto a disk and say, "This is now the original file," we will run into challenges in court that the actual hard disk is the original file, is the best evidence and therefore that needs to be introduced into court. All right.

And simply because the owner of the computers is willing to stipulate or agree that these are authentic doesn't mean that that will necessarily be effective in a trial.

As a result we are empowered and authorized to take the original of whatever this document is. Now, let me tell you what we try to do to minimize the problems created by that ... requirement.

First of all, it's not that you could give us an office in your office and say, "Fine, go ahead." Because we would probably insist on kicking everybody out to make sure that nobody walks in and degausses [demagnetizes] the computers, nobody is altering information while we're in there, and things like that. So we would probably insist on that type of thing and I think a court would allow that.

So what we try to do is this: We will examine the files to see if there is something in the files covered by the warrant. If there is something covered by the warrant, the warrant authorizes us to seize those files or seize the computer on which those files are located. We will then make a copy of all of the files. We will return a copy of all of the files to the owner of the computer unless the files themselves are contraband, ... stolen credit-card numbers themselves or stolen software. Once we return the files, then we will return the computers as soon we can.

Now I understand that that may be little comfort to you, which is why there are procedures in the federal law that allow for you to go to court and ask for the stuff to be returned. If the court finds that the evidence was seized illegally, the court will order us to return that evidence.

But we have a right, because the court has found probable cause ... that there is evidence of crime, to seize the evidence of the crime and to examine it for sufficient time to determine the nature of that evidence. And then we must return it, and then we will. Now, having said that, how that works in individual cases, whether individual agents or individual U.S. attorneys fail to promptly return this evidence, is a matter for litigation. That's why we have an adversarial system. I'm telling you what our policy is.

Whether that policy is adhered to in every single case I can't tell you. I can tell you that we attempt to enforce that policy. We have developed guidelines for law-enforcement agents. We have developed sample search warrants.

We have developed training programs, which I am glad to say that Sheldon has agreed to participate in, on how to execute search warrants. And so these are all things we're trying to do to minimize the adverse impact of these types of searches.

BECKMAN: I'd like to take a quick stab at that, most of which I find laudable. Underlying your remarks, though, is the theme that the Constitution should bend to accommodate the rules of evidence.

Quite frankly, I think it's the other way around. The rules of evidence need to be interpreted in light of the Constitution, and if there is something wrong with them, they need to be changed. [applause]

Secondly, and perhaps more fundamentally, Mark's efforts that he's described today to implement guidelines and to minimize warrants are very good, and law-enforcement officers need expert assistance in how to make appropriate duplicate copies, how to minimize the search.

One of the problems that has existed in many of these cases, and very clearly in the Steve Jackson Games case, is that the law-enforcement officers didn't go to any independent expert witnesses. The experts whose words they took as gospel were those who were the alleged victims of the crime. The alleged victims came in and said, "We've been harmed. Here's how we've been harmed. And here's what you should take, and what you should take is: all computer hardware, all computer software and all documentary information relating to computers." Now that's clearly problematic and something it sounds like Mark seeks to avoid in his efforts. [This is] a clear example of a situation where we need some mutual education.

ROSENBLATT: If I might respond to that briefly, it is not the rules of evidence that are the only problem. Let us say I go into ... a business and I am looking to seize a computer that will have evidence of possible wrongdoing by a number of different people.

Even if we change the rules of evidence and allowed me to take ... a copy of all the files and then later try and introduce it into court, there's a Sixth Amendment right of confrontation on behalf of some third party out there who says, "Excuse me, I wasn't at the search scene. Nobody asked me. I don't know if that's the original because I didn't see you back it up. I've got a constitutional right."

[The] problem is the issues just aren't as simple. It's a very thorny area and almost any alternate you propose is going to have fatal problems. That's why we end up taking the original material and then trying to give copies back as quickly as possible because we haven't found a better way that still lets us get our case in the court.

FIGALLO: Well, taking the original and giving us copies back of the WELL is not going to keep the WELL on-line. And as far as minimization and particularity, if there's supposedly one file in the WELL which is the evidence, and the entire thing has to be seized - and, you know, I'm sorry about your hernias moving our hard disk. ... You'll have to look through ... two-plus gigabytes of storage.

You know, I'd like to have some kind of option where there could be some involvement, where the evidence does not have to be the whole installation; where there can be some kind of search; where there can be some kind of cooperation ... and not assume that I'm in on it just because there is something supposedly illegal on my system. So, that's mainly my fear.

ROSENBLATT: My brief reply to that is that ... we're doing it to protect the rights - I mean, obviously we are doing it to get evidence, because that's why we went and got a search warrant.

If we only take a part of the system, what happens if there's something else on that system that is exculpatory; that is, tends to suggest that somebody didn't do the crime? But we didn't take that, because we only thought this file and this file might be relevant. It is a delicate balancing act, [audience noises] and you may ... hiss and boo and moan but the problem is there's somebody else out there that you've got to think about when you do these balancing acts.

And even if you discount the possibility that there's somebody else out there that you need to protect, then the question [be]comes, "Do you want us in this business at all?" I won't even pause for an answer, [laughter] ... because I know what it might be.

But, on second reflection, think about that.

If your company lost some proprietary information - and that happens every day, at least in the Silicon Valley - and there's some reason to believe that (I have a case in mind; I can't really talk about it) somebody is disseminating copies of software throughout the country and one of the ways he's doing it is on, let's say, the WELL (which was not involved in this case) and it's somebody's proprietary software - let's say it's yours - in any change that you want to make in the system my question back is gonna be, "How do you want me to do my job?"

And the next question is, "Do you want me to do my job at all?" And until somebody can answer that I think we're going to keep doing what we're doing with as much discretion, as much sensitivity as we can muster and some obvious recognition that there are interests out there that are going to be hurt when we seize an entire system. ...

AUDIENCE MEMBER: I have a lengthy radio broadcast. If on that broadcast I say, "I found a way to penetrate Mike Gibbons' PROFS [an IBM time-sharing operating system] systems at the FBI..."

GIBBONS: We don't use PROFS, but.... [inaudible]

HARRY GOODMAN: ... indicate the step-by-step method in which that's done, it is questionable about whether the government would come after me. Yet if I put that same information on Cliff's WELL, it might well be the subject of a search warrant. [The] question is, "Does the government have a legitimate and enforceable interest in preventing the dissemination of information that may interfere with health and safety services?"

GIBBONS: ... Just to start, in case you all don't know it, what happens is when a complaint comes in, it really comes into law enforcement first and then the attorneys get hold of it. OK?

So ... you have to apply common-sense rules. ... I'm not an attorney so I can only apply common-sense rules - whatever an average investigator or a person ... would reasonably believe. If someone is putting something, writing it down and putting it in the public domain, I don't think that I am going to arrest someone for a piece of paper unless that is a communication which I - being on the WELL - can read (public readable) and you're asking people to help you break into this system.

Or I'm on a bulletin board and someone's saying ..., "I'd like other people to help me break in." ... You're getting ready to break the law and maybe then [I] might have reason for a search warrant. But the mere fact that information is posted - and I am on many BBSs and I'm out on many systems - the mere fact that people are exchanging information, I've never opened an investigation on something like that.

And I don't think many other law enforcement - I can't speak for all law enforcement - would find that to be the subject of a criminal investigation, mere information.

Only an intention or incitement of action is normally what [would give me] cause ... - or a person complaining about such things.

We do have numerous complaints about BBSs. Repeatedly people call us up and say, "My God, they are telling people how to build atomic bombs." I say, "Yeah, it's a åG' file. We've seen it a thousand times before. Thank you very much." That's my answer to that question.

GOODMAN: Wasn't the Sun Devil...?

GIBBONS: I [won't] comment about Sun Devil. It's an ongoing investigation by another department.

AUDIENCE MEMBER: This is directed at Ken Rosenblatt in particular because you incited this thought in my head, but also at law enforcement in general. There seems to be a position among law enforcement that we have to make a choice between protection and privacy.

I object. I want both and I don't think I have to sacrifice one for the other. What are you going to do if on an electronic post office - like the WELL is, for example, in one sense - are you going to seize the entire electronic post office?

Why is there a different standard for that arena than there is for the physical post office where I mail my letters? [applause]

ROSENBLATT: This is where technology makes answers a little more difficult. But let's get to your post office for a moment. First, I'd have to ask you what you meant by privacy and that'd take hours.

So I'm going to wing this, and without sure knowledge [that] I'm answering your question. ... I've seen the post-office metaphor before and let's say that ... I know that there is some proprietary information in a mailbox. Well, assuming I could do this, which is a whole 'nother story, I would be perfectly content to seize the mailbox. And I'd open the mailbox and I'd get the information out of it and I'd take it away, assuming I had a search warrant and there was a reason to do all of that.

The problem we have here is that there is no way to do that with bulletin boards and still comport with all requirements of the evidence code and the Constitution. There isn't a mailbox I can seize. There may be a hard disk with 150 mailboxes on it and in order to look in any one of them I have to seize the whole hard disk. That's a real problem but it ... is a problem posed by advances of technology. You might reply, "Well, no, you could download a particular file and seize it that way." You run into the same problems I discussed a few minutes ago.

KAPOR: I would hope ... before you seized any mailboxes you took the time to comply with the provisions of the Electronic Communications Privacy Act.

ROSENBLATT: Yes, yes, yes.

KAPOR: And do it through a subpoena. [applause]

ROSENBLATT: Well, but, you see.... That was a cheap shot, Mitch, because what he's asking me essentially is, "...Why don't you seize the particular part that you're going after rather than the whole...?" Yes, I know there are various federal laws and things ... - and by the way, I would be complying, I believe, if I had a search warrant, which was my....

KAPOR: I've taken my share of cheap shots, and if this was one it wasn't a very good one. It wasn't intended to be. ... [laughter] No, I'm serious. I think that we need to ensure a great deal of particularity and adherence to the very nice legislation that we already have.

My understanding, and I'm not an attorney, is that the ECPA says, "You've got to try to go and subpoena the stuff, first." And you can subpoena the contents of an individual mailbox. There are some exceptional circumstances which permit you to get around that. But by and large the intent of the legislation specifically was to prevent you from getting a search warrant directly to seize private electronic mail.

Jerry Berman, who is the prime mover behind the ECPA, I saw you in the audience; stop me if I'm wrong. But it's a bit cavalier. I think the ECPA ought to have been the first words off your lips. And, if there are seizures that do not go through the whole provisions of the ECPA, I think you should reasonably expect to face legal action. I mean, why else did we pass the law? [applause]

ROSENBLATT: I have no problem with complying with the ECPA. But I took that gentleman's question to mean something a little broader. Perhaps ... I was mistaken. But that's the idea, you know. I don't want to surrender privacy for protection. In fact, it really depends on what you mean by both terms. If you are going to get into a situation where for every seizure we make - and I'm not putting bulletin boards in a separate category, although for the ECPA they may or may not be - that I have to be so particular that I can't make a case, then I think we've got a problem. That's all I'm saying.

ZENNER: You know, there's ... - How to say this? Having been in law enforcement, I think I understand why law enforcement uses a search warrant rather than a subpoena. And when Mark and I were kibitzing a little here as they were talking, Mark said to me, "You know, when we want a toll record from the phone company we never use a search warrant. We just give 'em a subpoena."

And that's of course right, because the government trusts the phone company to give. ... No, that's what it's about. They trust the phone company to give them the information. The reason you use a search warrant instead of a subpoena is because you don't trust who you're giving it to and you're afraid they're gonna hit the delete key.

I tell that to you just to give you some insight as to what I think the real problem is, which is that when ... government - and I'm over- generalizing - is looking at BBSs, they don't have the same degree of trust they have come to have with the phone company, right, wrong, better or worse. That's my read of why you see search warrants for BBSs and subpoenas to the phone company. [applause]

ROSENBLATT: Well, ... in California we don't have an administrative subpoena, like Sheldon's talking about. I don't have a choice. Unless I have a case already pending against somebody, there is no such thing for me. That's a problem. So I use a warrant because I have to. That may well be different for the federal government, of course.

KAPOR: I want to yield 10 seconds to Jerry Berman.

JERRY BERMAN: Part of the problem here for law enforcement is that they gotta realize that we are trying to create a legal structure to import into the electronic frontier the same rights and privileges that we have for the published word and private mail. Mitch is absolutely right. You cannot take a whole post office under the Electronic Communications Act. You have to specify and have a search warrant and specificity of the particular mail you want. You can't take the whole WELL.

RASCH: How do you seize only that mailbox?

BERMAN: You're going to have to figure out how to seize [it].... [applause] Number two, ... ten seconds more, it has not been mentioned here that..., for example, in the Steve Jackson case, we're talking about the electronic printing press of the 21st Century, not business records.

And we have to start accommodating the fact that Steve Jackson's in a 21st-Century position similar to the New York Times. If stolen property gets into the New York Times through their computer system I would like to see you go and seize the New York Times' computer system.

RASCH: Indeed, that's what the Supreme Court said in the Pentagon Papers case: that in the possession of the stolen Pentagon Papers (and of course that's a throwback to another time) that the New York Times could be prosecuted for the simple possession. ... of the stolen Pentagon Papers.

BERMAN: It was a prior restraint to seize anything of the Pentagon Papers or the reports by the New York Times.

RASCH: No, it was a prior restraint to prevent the publication. If the government - and this is also Zurcher v. Stanford Daily, press - had gotten a search warrant for the New York Times for the Pentagon Papers, which was stolen property, it could have searched the offices of the New York Times.

BECKMAN: I gotta say something about Zurcher, since both prosecutors here have mentioned it.

RASCH: One former prosecutor.

BECKMAN: Zurcher, for those of you that don't know it, is a case in which law-enforcement officers were seeking [photographs] for evidence in a criminal prosecution and the Supreme Court upheld the warrant- authorized search of the newsroom for evidence of the criminal activity.

In response to that, Congress enacted a statute: the 1980 Privacy Protection Act, which states quite expressly that a person reasonably believed to be preparing materials for public dissemination cannot be searched with a warrant except in very, very narrow situations - such as when an individual's life or welfare are threatened.

So I hope, Ken, that you get an administrative-warrant procedure because should you shut down a bulletin-board system with a warrant rather than seeking a subpoena and giving a subpoena to the operator of that system you'll have an action on your hands. [applause]

RASCH: Let me add one other thing that the statute says, though. It also says if there's a threat that evidence will be destroyed you can go in with a search warrant...

ROSENBLATT: Right.

RASCH: ...which points out the ephemeral nature of computerized evidence as well.

FIGALLO: But you can't assume that there's ... a threat that it's going to be destroyed just because there's a possibility.

RASCH: That goes back to the question of trust. If you're dealing with a well-established bulletin board, where you can subpoena information from the bulletin board and have a reasonable assurance ... that the file integrity will be maintained and that the files on the bulletin board are business records, just like you do with the phone company, I think you can and should proceed by subpoena.

On the other hand, if you're dealing with a small private, hacker bulletin board, which is one person with a couple of modems and a couple of computers, you have no such assurance and the threat of the destruction of information is much greater in that kind of case and the degree of interference with the legitimate - and I'm also talking where it's pervasive criminal activity in the small bulletin board, in which you have a bulletin board dedicated, for example, to the transfer of stolen credit- card numbers.

KAPOR: I have to tell you, this is pretty high-stakes poker, because there's another clause to the Privacy Protection Act which deals with lack of immunity for government agents who carry this out.

Usually, when government agents carry out an act - again I'm not a lawyer, so stop me when I go off - there are good-faith defenses that it's, "I was just doing my job and therefore, even if I did something wrong, you can't go after me."

The drafters - this is Congress, not hackers, guys - of the Privacy Protection Act explicitly removed that safe harbor, such that if there is a violation the individual actors in the case face individual liability.

I think there's a very strong message there about what Congress thought ought to be the level of protection for institutions involved with communicating information.

They didn't say, "newspapers." We read it absolutely to be sufficiently general on the face to include bulletin boards. I agree there are exceptions to it, but I would say that simply taking the evidence that something is small or that there's weird stuff on the board as being sufficient to cross you over the line from a subpoena to a seizure is something that I suspect in the cold light of day a judge wouldn't be very sympathetic with. I think you gotta have much harder evidence. [applause]

ERIC LIEBERMAN: ... My name's Eric Lieberman. I'm a lawyer from New York. And this is directed toward the law-enforcement people ... on the panel who have explained that they need to seize an entire bulletin board because they can't download part of it because there might be a problem with the "best evidence" rule.

Now, I happen to know that prosecutors have a great deal of influence with judges who issue search warrants, and I'd like to ask you whether you ever, ever in such a situation have heard of a prosecutor asking the warrant officer to issue the warrant to permit the prosecutors to proceed by that least-restrictive means, and if not, why not?

RASCH: The answer is yes, I have. I've seen a number of examples of that happening. ... The reason why it doesn't happen more often is exactly what Ken pointed out, and that is the Sixth Amendment confrontation right of other individuals with respect to the evidence that has been seized. You may, as the person I'm searching, for example, say, "I will agree, if you only take this one file out of the computer, ... that it's a true and accurate copy of that one file on the computer and also stipulate so if you indict me. ... I will not be able to raise that claim as a criminal defense."

That evidence may or may not be evidence against you, however. I might end up indicting someone else and wanting to introduce that evidence. When I go to introduce that evidence in court, they have a confrontation clause. ...

LIEBERMAN: The confrontation clause applies to a witness, sir. It applies to the right to confront a witness before you. It has nothing to do with the document taken off a computer disk.

RASCH: No, that's not correct.

LIEBERMAN: And the best-evidence rule is a flexible rule. And you're here talking about fundamental rights under the Fourth and First amendment[s], which surely must be more important than the best- evidence rule, which has always been a flexible doctrine to begin with. And it has absolutely nothing to do with the right to confront a witness before you go to criminal trial.

RASCH: I am speaking about the eventual defendant having the right to confront the validity of that evidence that was seized. If that person is not you, the person who was searched, they have a constitutional right under the confrontation clause to challenge the authenticity of that evidence and ... just because you've stipulated that it's fair and accurate evidence doesn't mean they have.

LIEBERMAN: If a judge, if the magistrate issuing the order to begin with - and this is why I raise it in this way - has given the government the authority to proceed in that way, it is inconceivable to me that when the case goes to trial he's going to rule the evidence inadmissible.

ROSENBLATT: It won't be the same judge, for starters, and second, a judge cannot bargain away a Sixth Amendment right of somebody not before him.

LIEBERMAN: It's not a Sixth Amendment right, sir. It has nothing to do with the confrontation of a witness.

ROSENBLATT: We could have a legal argument for a long time but...

LIEBERMAN: As somebody said before, "Read the Constitution!"

DENNING: Whoa! [laughter] Front mike.

AUDIENCE MEMBER: I'd like to ask the law-enforcement officials whether they agree with a number of things. Were they really aware of three points?

The first point is that in a modern electronic business if you remove its entire computer system you aren't removing an implement, a tool; you are removing its entire business, destroying it utterly.

The second thing I wish to ask them is whether they really understand [that] electronic space is, to the people who use it, a very real space - that you're not just nicking, taking away, something they use, a tool in their lives? You are taking away a piece of real space where they live their lives.

I'd thirdly like to say they agree that the one thing that has come out of this whole session is - it would be so, so much better if we had some method of non-intrusive search and legislation to make very clear that just going in and taking a copy is sufficient for evidential purposes. [applause]

DENNING: OK. Unless somebody ... is dying to respond to that, I guess it's getting to be time to wrap up.

RASCH: I'll just say, "Yes, yes and yes."

ROSENBLATT: Yeah, I have to agree. [applause] .



Return to CFP'91 Index page.


Return to the CPSR home page.


Send mail to webmaster.

Archived CPSR Information
Created before October 2004
Announcements

Sign up for CPSR announcements emails

Chapters

International Chapters -

> Canada
> Japan
> Peru
> Spain
          more...

USA Chapters -

> Chicago, IL
> Pittsburgh, PA
> San Francisco Bay Area
> Seattle, WA
more...
Why did you join CPSR?

In these times, this is the kind of organization that technology professionals should be a part of.