Recently in Internet Category
by Nathan Peske, UMN Law Student, MJLST Staff
On May 1, 1978 Gary Thuerk sent the first unsolicited mass e-mail on ARPANET, the predecessor to today's Internet. Thuerk, a marketing manager for Digital Equipment Corporation (DEC), sent information about DEC's new line of microcomputers to all 400 users of the ARPANET. Since ARPANET was still run by the government and subject to rules prohibiting commercial use, Thuerk received a stern tongue lashing from an ARPANET representative. Unfortunately this failed to deter future senders of unsolicited e-mails, or spam, and it has been a growing problem ever since.
From a single moderately annoying but legitimate advertisement sent by a lone individual in 1978, spam has exploded into a malicious, hydra-headed juggernaut. Trillions of spam e-mails are sent every year, up to 90% of all e-mail sent. Most spam e-mails are false ads for adult devices or health, IT, finance, or education products. The e-mails routinely harm the recipient through attempts to scam money like the famous Nigerian scam, phishing attacks to steal the recipient's credentials, or distribution of malware either directly or through linked websites. It is estimated that spammers cost the global economy $20 billion a year in everything from lost productivity to the additional network equipment required to transmit the massive increase in e-mail traffic due to spam.
While spam is clearly a major problem, legal steps to combat it are confronted by a number of identification and jurisdictional issues. Gone are the Gary Thuerk days when the sender's e-mail could be simply read off the spam e-mail. Spam today is typically distributed through large networks of malware-infected computers. These networks, or botnets, are controlled by botmasters who send out spam without the infected user's knowledge, often for another party. Spam may be created in one jurisdiction, transmitted by a botmaster in another jurisdiction, distributed by bots in the botnet somewhere else, and received by recipients all over in the world.
Anti-spam laws generally share several provisions. They usually include one or all of the following: OPT-IN policies prohibiting sending bulk e-mails to users that have not subscribed to them, OPT-OUT policies requiring that a user must be able to unsubscribe at any time, clear and accurate indication of the sender's identity and the advertising nature of the message, and a prohibition on e-mail address harvesting. While effective against spammers that can be found within that entity's jurisdiction, these laws cannot touch other members in the spam chain outside of its borders. There is also a lack of laws penalizing legitimate companies, often more easily identified and prosecuted, that pay for spamming services. Only the spammers themselves are prosecuted.
Effectively reducing spam will require a more effective international framework to mirror the international nature of spam networks. Increased international cooperation will help identify and prosecute members throughout the spam chain. Changes in the law, such as penalizing those who use spamming services to advertise, will help reduce the demand for spam.
Efforts to reduce spam cannot include just legal efforts against spammers and their patrons. Much like the international drug trade, as long as spam continues to be a lucrative market, it will attract participants. Technical and educational efforts must be made to reduce the profit in spam. IT companies and industry groups are working to develop anti-spam techniques. These range from blocking IP address and domains at the network level to analyzing and filtering individual messages, and a host of other techniques. Spam experts are also experimenting with techniques like spamming the spammers with false responses to reduce their profit margins. Efforts to educate users on proper e-mail security and simple behaviors like "if you don't know the sender, don't open the attachment" will also help bring down spammers' profit margins by decreasing the number of responses they get.
Like many issues facing society today, e-mail spam requires a response at all levels of society. National governments must work individually and cooperatively to pass effective anti-spam laws and prosecute spammers. Industry groups must develop ways to detect and destroy spam and the botnets that distribute them. And individual users must be educated on the techniques to defend themselves from the efforts of spammers. Only with a combined, multi-level effort can the battle against international e-mail spam be truly won.
by Matt Mason, UMN Law Student, MJLST Staff
The net neutrality debate, potentially the greatest hot-button issue surrounding the Internet, may be coming to a (temporary) close. After years of failed attempts to pass net neutrality legislation, the D.C. Circuit will soon rule as to whether the FCC possesses the regulatory authority to impose a non-discrimination principle against large corporate ISP providers such as Verizon. Verizon, the plaintiff in the case, alleges that the FCC exceeded its regulatory authority by promulgating a non-discrimination net neutrality principle. In 2010, the FCC adopted a number of net neutrality provisions, including the non-discrimination principle, in order to prevent ISPs like Verizon from establishing "the equivalents of tollbooths, fast lanes, and dirt roads" on the Internet. Marvin Ammori, an Internet policy expert, believes that based on the court's questions and statements at oral argument, the judges plan to rule in favor of Verizon. Such a ruling would effectively end net neutrality, and perhaps the Internet, as we know it.
The D.C. Circuit Court is not expected to rule until late this year or early next year. If the D.C. Circuit rules that the FCC does not have the regulatory power to enforce this non-discrimination principle, companies such as AT&T and Verizon will have to freedom to deliver sites and services in a faster and more reliable fashion than others for any reason at all. As Ammori puts it, web companies (especially start-ups) will now survive based on the deals they are able to make with companies like Verizon, as opposed to based on the "merits of their technology and design."
This would be terrible news for almost everyone who uses and enjoys the Internet. The Internet would no longer be neutral, which could significantly hamper online expression and creativity. Additional costs would be imposed on companies seeking to reach users, which would likely result in increased costs for users. Companies that lack the ability to pay the higher fees would end up with lower levels of service and reliability. The Internet would be held hostage and controlled by only a handful of large companies.
How the FCC will respond to the likely court ruling rejecting its non-discrimination principle is uncertain. Additionally, wireless carries such as Sprint, have begun to consider the possibility of granting certain apps or service providers preferential treatment or access to customers. Wireless phone carriers resist the application of net neutrality rules to their networks, and appear poised to continue to do so despite the fact that network speeds are beginning to equal those on traditional broadband services.
In light of the FCC potentially not having the regulatory authority to institute net neutrality principles, and because of the number of failed attempts by Congress to pass net neutrality legislation, the question of what can be done to protect net neutrality has no easy answers. This uncertainty makes the D.C. Circuit's decision even more critical. Perhaps the consumer, media, and web company outcry will be loud enough to create policy change following to likely elimination of the non-discrimination rule. Maybe Congress will respond by making the passage of net neutrality legislation a priority. Regardless of what happens, it appears as though we will soon see the installation of speed limits on the information superhighway.
by Ude Lu, UMN Law Student, MJLST Staff.
On April 18th, 2013, Cyber Intelligence Sharing and Protection Act (CISPA) was passed with wide spread controversies. CISPA aims to help national security agencies to investigate cyber threats by allowing private companies, such as Google and Facebook, to search users' personal data to identify possible threats. Commentators argue that CISPA compromises the Fourth Amendment, because, under CISPA, agencies can get privacy data of suspects identified by the privacy companies without a judicial order. CISPA bridges the gap between crime investigations and the privacy data stored and analyzed by social media companies.
by Bryan Dooley, UMN Law Student, MJLST Staff
While most would likely agree that threats to cybersecurity pose sufficient risk to warrant some level of new regulation, opinions vary widely on the scope and nature of an appropriate response. The Cyber Intelligence Sharing and Protection Act, one of several proposed legislative measures intended to address the problem, has drawn widespread criticism. Concerns voiced by opponents have centered on privacy and the potential for misuse of shared information. Some fear the legislation creates the potential for additional harm by allowing or encouraging private parties to launch counterattacks against perceived security threats, with no guarantee they will always hit their intended targets.
by Bryan Morben, UMN Law Student, MJLST Staff
There has been a lot of attention on North Korea and the possibility of a nuclear war lately. In fact, as recently as April 4, 2013, news broke that the increasingly hostile country moved medium-range missiles to its east coastline. It is reported that the missiles do not have enough range to hit the U.S. mainland, but is well within range of the South Korean capital. Tensions have been running high for several months, especially when the North took the liberty to shred the sixty year old armistice that ended the Korean War, and warned the world that "the next step was an act of 'merciless' military retaliation against its enemies."
by Eric Maloney, UMN Law Student, MJLST Staff
Facebook has become a part of everyday life for people around the world. According to Mark Zuckerberg and Co., over one billion people (yes, with a "B") are active on Facebook every month, with an average of more than 600 million active users every day in December 2012. Disregarding bogus or duplicate accounts, that means roughly one-seventh of the entire human population is active on Facebook every month (with the world population currently sitting somewhere in the neighborhood of seven billion people).
Apparently, Facebook has become so commonplace and ingrained in the daily routine of some that they feel the need to use the social networking service from the privacy of their prison cells.
by Kenzie Johnson, UMN Law Student, MJLST Managing Editor
The recent announcements by several large news outlets including the New York Times, Washington Post, Bloomberg News, and the Wall Street Journal reporting that they have been the victims of cyber-attacks have yet again brought cyber security into the news. These attacks reportedly all originated in China and were aimed at monitoring news reporting of Chinese issues. In particular, the New York Times announced that Chinese hackers persistently attacked their servers for a period of four months and obtained passwords for reporters and other Times employees. The Times reported that the commencement of the attack coincided with a story it published regarding mass amounts of wealth accumulated by the family of Chinese Prime Minister Wen Jiabao.
by Bobbi Leal, UMN Law Student, MJLST Articles Editor
With the dramatic 2012 Presidential election behind us, new information about the campaign funds are being released. A recent Huffington Post article outlining the campaign funds allotted toward the mining and analysis of internet data about potential voters. President Obama and Mitt Romney's campaigns spent a combined total of $13 million dollars on this controversial practice.
The Minnesota Journal of Law Science and Technology's recent publication, "It's the Autonomy, Stupid: Political Data-Mining and Voter Privacy in the Information Age," points out that campaigns utilize data mining as a way to more effectively target voters. The mined data includes information gleaned or purchased from both public and private sources. To make use of the internet's information on the individual, the campaigns use algorithms that match the attitudes of voters on specific issues with individual behaviors and tendencies. The individual behaviors they might look at include where you shop, which team you root for, which petitions you sign, who your friends are, and even what mobile device you use.
by Ian Birrell
Since at least 1999 when Napster was originally launched, internet piracy, or downloading copyrighted materials (especially songs, videos, and games,) has been a contentious activity. The Recording Industry Association of America (RIAA) has historically taken a very public and aggressive stance by finding individuals associated with IP addresses matching those where this "file sharing" is coming from. After finding such a target, the RIAA would send a letter demanding a settlement for thousands of dollars or threatening litigation, risky and expensive to the target, despite a potentially very small monetary value of downloaded material. The RIAA suits, which have continued for a number of years, include a number of well publicized absurd claims.
by Sabrina Ly
Evidence from social networking websites is increasingly involved in a litany of litigation. Although the widespread use of social media can lead to increased litigation, as well as increasing the cost of litigation, use of social media has assisted lawyers and police officers in proving cases and solving crimes. In New Jersey, for example, two teenage brothers were arrested and charged with murder of a twelve year-old girl. What led to the two teenagers' arrest was evidence left behind in their homes along with a Facebook post that made their mother suspicious enough to call the police. In another case, Antonio Frasion Jenkins Jr. had charges brought against him by an officer for making terroristic threats to benefit his gang. Jenkins posted a description of his tattoo on Facebook which stated: "My tattoo iz a pig get'n his brains blew out." Pig is considered a derogatory term for a police officer.The tattoo also had the officer's misspelled name and his badge number. The officer who is a part of the gang investigation team saw the Facebook post and immediately filed charges against Jenkins as he interpreted the tattoo as a direct threat against him and his family. These are two of the many situations in which social networking websites have been used as evidence to bring charges against or locate an individual.