Re: [GKD-DOTCOM] What is the Future for Cyber-Security?

[Karen Banks]

Dear Colleagues,

On Monday, October 11, 2004, Global Knowledge Dev. Moderator asked:

> 8)  Growing collaboration between regulatory and security agencies helps
> fight cyber-crime and cyber-terrorism, but simultaneously poses threats
> to privacy and human rights. What is the best approach to maximizing the
> benefits and reducing the threats?

I wanted to respond specifically to the above question.

Some of you may have heard about the seizure of Indymedia servers from
the UK based Rackspace ISP this week in London. Several articles have
been written analysing the incident, the most comprehensive by
Statewatch in the UK, and they can be read here:

http://www.efcr2004.net/imc_servers_seized
http://www.statewatch.org/news/2004/oct/04uk-usa-indymedia.htm

This incident has highlighted the dangers of international law
enforcement cooperation dealing with transborder 'cyber-crime'.

Many organisations including the National Union of Journalists,
Reportier Sans Frontiers, AMARC, APC, the Global Liberties campaign,
etc., have highlighted the violation of 'freedom of expression' rights
this incident has underscored. However, it also presents other
challenges which are poorly understood by many civil society
organisations active in communication rights work.

These include:
- the trends in, and dangers of, international law enforcement
  cooperation--or 'trans-border' cooperation
- ISP responsibility in these situations
- accountability and due process

As Gus Hosein from Privacy International noted:

"This is a growing trend to use international co-operation regimes to
obscure accountability and due process. Now we are in a position where
we don't know who to complain to regarding these actions, and which laws
were used, under who's jurisdiction - and such action will likely
increase with international treaties such as the Council of Europe
Convention on Cybercrime, and other such initiatives."

For those of us following the WSIS Internet Governance process, we have
seen the Council of Europe Cybercrime treaty promoted as a possible
global governance model for dealing with trans-border 'cyber-crime'.

The seizure of the IMC servers is indeed an 'interesting case' to
monitor, but more so, it's an excellent opportunity to spotlight and
scrutinise the cyber-crime treaty and similar bilateral treaties with a
view to taking action to call for openness and clarity in international
co-operation and to ensure due process and civil liberties are
protected.


Karen Banks




This DOT-COM Discussion is funded by the dot-ORG USAID Cooperative
Agreement, and hosted by GKD. http://www.dot-com-alliance.org provides
more information.
To post a message, send it to: <[EMAIL PROTECTED]>
To subscribe or unsubscribe, send a message to:
<[EMAIL PROTECTED]>. In the 1st line of the message type:
subscribe gkd OR type: unsubscribe gkd
For the GKD database, with past messages:
http://www.GKDknowledge.org

Re: [GKD-DOTCOM] What is the Future for Cyber-Security?

[Barry Coetzee]

On a philosophical note I feel that the solution would be to stop doing
things that create enemies. If a country does not have any enemies then
their security concerns reduce radically. Crime is more a social issue.
Terrorism is a political issue. I do not think that any amount of
technology will address the problems caused by politicians.

The right to privacy and security of the individual should be the
driving motivation of cyber-security. The individual should decide
whether technology provided by their government, their industry, or by
like minded persons provide them with the security levels they desire.
The same applies to industry.

Governments are very different. They use the resources, usually
military, available to them to protect their own, usually military and
commercial, interests. It is usually also to protect their own interests
that they prescribe to their citizens.

I personally would rather use private encryption that civil rights
groups use rather than encryption provided by my government, or worse,
provided by some other government.

I strongly feel that NGOs, etc. should provide the people that they are
assisting with apropriate cyber protection. Not necessarily the
protection preferred or prescribed by some other government.

It is naive to expect "bad persons" to not use the technology available
to them. This has never happened in the history of mankind and will
definitely not happen in the cyber age. The same problem of the good
guys versus the bad continues, albeit with different tools.




This DOT-COM Discussion is funded by the dot-ORG USAID Cooperative
Agreement, and hosted by GKD. http://www.dot-com-alliance.org provides
more information.
To post a message, send it to: <[EMAIL PROTECTED]>
To subscribe or unsubscribe, send a message to:
<[EMAIL PROTECTED]>. In the 1st line of the message type:
subscribe gkd OR type: unsubscribe gkd
For the GKD database, with past messages:
http://www.GKDknowledge.org