Secure Private Web Sites and Wiretapping 11
Masem writes "According to this CNET article, an interesting case is working it's way through the courts. A pilot for Hawaiian Airlines had set up a private web site, sufficiently secured for only those that he wanted to allow access to (in this case, coworkers), on which he reported gripes and complaints about the company. The airline used a fellow pilot's name and information to gain access to the site at least 20 times to find out what he was doing (though the article does not say if the pilot had been punished in anyway). The pilot's lawyers argued that secured communication that the web site provided was considered to be the same level as phone calls, and thus the activities of the airline were akin to wiretapping. The initial judical decision rejected this arguement, but a federal circuit court reversed it and found in favor of the pilot. It's unknown where this will go, but this decision could set several favorable precidents regarding private communications on the net."
Re:Wire-tapping (Score:1)
Actually, I don't think it has anything to do with what companies can and cannot legally do. Assuming that the guy did not host the website on company computers, the nature of the site is irrelevant. Whether it is Playboy.com or this guy's site, you cannot gain entry to a protected site using a stolen password.
As such, unless the VP was acting under company orders or gaining illegal access on company computers, I cannot see how his employer could be help liable.
-------
Could the DMCA be applied? (Score:1)
This is probably useless, but I'm just curious, would it be possible to apply the DMCA to this case? Considering how broad the idiotic terms in the law are, couldn't Hawaiian Airlines be considered "circumventing protection" by finding a way to access the private site, even if it was by social engineering means instead of technical. That would be a nice turn-around on an old enemy, but it might be a bad precedent to set, widening the reach of the law even more.
Re:Could the DMCA be applied? (Score:2)
When someone does this to their site... (Score:2)
Wire-tapping (Score:1)
//rdj
Re:Could the DMCA be applied? (Score:1)
I was going to say the same thing... (Score:3)
So why isn't this VP's ass in the slammer yet?
Not that I advocate what was done to Kevin Mitnick. While I know that what he did was in the wrong, I don't believe his treatment or his "punishment" fit the crime committed. However, had KM only did 1/10 the time, he still would've did more time than this VP.
Just more proof of class ruling over justice - somehow I think all of this will be swept under the rug, the VP will get his wrists slapped, and we'll hear no more about it...
Worldcom [worldcom.com] - Generation Duh!
Re:Could the DMCA be applied? (Score:1)
There is such a thing as a 'reasonable expectation of privacy'. A call on a payphone in a crowded room doesn't afford the same level of privacy. However, can you say the same thing about a cordless phone? Is the harm done best resolved in criminal court or civil court? How can you set a price on that? How can you prevent someone with a CB and a crystal replacement (or any number or electrical engineers) from making a listening device?
Who's liable? -- I think it's the companies that make the phones!! Just like DVD makes are liable for the their inability to make strong encryption.
The problem with DMCA is it punishes consumers for the manufacturer's bad product while encouraging the manufacturer to ship same product. The DVD people must wake up in a cold sweat when they think about the implications of 16 year olds blowing away their encryption-- so they hide behind the law.
Besides the technology, the other problem that's always hurt privacy concerns is cost. i.e. your company has a mailserver and bandwidth that they pay for. They should be able to sneak a peek! It's been hard to convice people that the same rules that apply to phone should apply there.
What has changed people's attitudes on that is some IT manager's opionions on email snooping. Other people in the company don't like it. If you are an admin, it's like being a priest or a phone company employee. Yeah- you see a bit here or there because you have to, but most admins definitely don't want to. Especially not people they know.
When your boss tells his superiors that he wants to snoop email-- it's because he wants to snoop his employees most likely. Next he wants to snoop his superiors. Yes there are legitimate reasons for looking through email (porn, porn, porn) and you have to fight porn unless you want to get sued. But without policy it is a dangerous thing.
Hopefully we will see some postive work being done on this front.
URL for decision (Score:4)
Re:Could the DMCA be applied? (Score:1)
Re:Wire-tapping (Score:2)
_____________