Lawyers Say Hackers Are Sentenced Too Harshly 439
Bendebecker writes "Cnet is reporting: 'The nation's largest group of defense lawyers on Wednesday published a position paper arguing that people convicted of computer-related crimes tend to get stiffer sentences than comparable non-computer-related offenses.' Finally, someone is listening..." The document makes the points that most computer crime cases involve disputes between an employer and employee, and that the seriousness of the offense is generally comparable to white-collar fraud cases.
Well (Score:3, Interesting)
Quite frankly given the number of laywers who do their best to circumvent the true spirit of the law I don't want them making any public statements on my behalf...
Hmmm . . . (Score:5, Interesting)
On the other hand I AM glad that computer crime is possibly going to be recognized as a white collar crime instead of a terrorist threat.
This one bombed a bus. That one stole a credit card. Kill 'em both!
"White collar crime" - a misnomer... (Score:5, Interesting)
Scenario A: man walks into a store with a gun, demands they empty the till, walks out with a hundred bucks.
Net effect: 100 bucks for the store + mental anguish for people in there.
Punishment: Ten years
Scenario B: Man defrauds investors, pension funds etc out of millions or billions
Net Effect: Pension funds slashed, thousands made unemployed
Punishment: 5 years
We all know that white collar crime gets punished a whole lot less, but is that right ? Why shouldn't execs from the likes of Enron, WorldCom et al be looking at life behind bars for the havoc they have reaked ? Well because there really is a different set of laws for the rich. Sure they might even get 15 years in the cases of these massive frauds, but is this enough given the damage they have caused ?
So maybe the problem is that white collar crime is punished too little, rather than hacking is punished too much. Maybe having sentences for theft, fraud etc (of any kind not involving actual violent which already has punishments) should be related to the amount of money stolen.
Maybe 1 year per $1000....
Perhaps the hacking penalties are fine... (Score:5, Interesting)
Read... (Score:4, Interesting)
Read: The fast-growing, little-punished type of crime that destroys the finances of thousands every year.
"Hacking" is no more the refuge of the geek. True criminals have embraced it as a way to siphon off lots of money with little risk.
Let's not charge people looking for CC#'s with terrorism, but let's not label it "annoying" and offer up slaps for people's wrists.
The problem isn't the harsh sentences for hackers (Score:5, Interesting)
I agree (Score:5, Interesting)
If I hack into someone's network and don't even do anything but look around, I'm charged with causing losses of millions. I'm charged with stealing any sensitive content I gained access to whether or not I even looked at it. Not to mention they'll slap all the cybercrime and terrorism laws they can find down on me too. It has nothing to do with the severity of the laws, just that you get pinned with so many of them.
White collar? (Score:2, Interesting)
If hacking isn't white-collar, then what is?
white-collar fraud (Score:4, Interesting)
I think white-collar criminals are already getting far less punishments than they should. How could someone who screws up the millions of dollars from their employees be subjected to punishment comparable to shoplifters or burglars?
Re:"White collar crime" - a misnomer... (Score:5, Interesting)
Re:"White collar crime" - a misnomer... (Score:1, Interesting)
6th Grader Charged in Grade-Switch Caper (Score:5, Interesting)
Story [gopbi.com] (palmbeachpost.com)
An 11 year old snuck into his classroom during lunch and changed some of his grades on his teacher's computer. He was caught and is now facing FELONY computer fraud charges. Tell me that's not a bit ridiculous.
-Dan.
Exactly backwards (Score:4, Interesting)
Hacking is not a white collar crime. When I think of white collar crime I see millionaire executives spending stolen money for blow jobs by preteens in foreign countries. When I think of hacker crime I see a trail of empty Mountain Dew bottles and Cheetos bags. Hackers need to become filthy rich before they can play the courts like the big boys do.
Extreme cases aside, most hacking is like kids stealing cars to take 'em for joy rides. Sure, a few people get hurt by each crime, but it's not like you have a few hundred thousand stock holders who'll have to work 10 extra years before they retire because their portfolios are toast.
Re:Have to exaggerate the problem... (Score:5, Interesting)
Kevin Mitnick, in his Slashdot interview [slashdot.org], explained this in detail:
Suffice it to say, we need to find a compromise where we can accurately represent the loss of intellectual property without undually exaggerating its (non-material) worth.
But I'm angry now (Score:5, Interesting)
Computers are for "smart" people
People feel marginalized when they don't understand even the basic concepts of what has happened
Therefore when a CEO realizes they have been hacked/cracked (you fight that out) they feel even more violated since they don't even understand how someone could get past all the hardware they bought and all those 45-100K+ people they have running around purporting to be computer experts.
Their anguish is then felt by atrtorneys who can't understand the crime, the criminals or why everyone is so upset. The one thing they do know is that THAT FAT GUY WITH THE UNKEMPT BEARD AND THE WIERD SHIRT THAT HAS THE FORMULA FOR HELL ON EARTH:
#!
ON HIS SHIRT IS DEFINITELY GUILTY!
And that's pretty much what happens.
I think.. (Score:5, Interesting)
Joe Schmoe embezzles from his S&L firm for ten years, gets caught, and it is realized that he made off with 500K. He is slapped on the wrist, fired, made to "pay it back" on time deferred payments, or maybe stuck in a white collar prison/country club for a few years.
Mike, the l337 hacker from down the street, defaces Stuff-Marts web page, pointing out that Stuff-Mart buys 80% of its stuff from china, where it is made in forced child labor camps at gunpoint, and it is repaired in an hour.
Now.. Stuff Mart's lawyers tell the jury that they *potentially* lost MILLIONS due to the damage, (when in fact, they did not "lose" anything.. and there is no way to prove how many people would have bought during that time anyway). The SM lawyers also point out that it cost "an estimated 100K dollars to repair the damage!".. which means they just budgeted in A) the new server and colocation company to handle the site, B) the three person team who maintains and handles the site already, and C) all of their IT staff who received an Email about the "hack" and therefore were "working" on it.
Its all about what the jury wants to hear, and all about language.. "potential" is used ahead of "we could have potentially lost BILLIONS in sales!" but the judge/jury does not hear the "potential". Nor do they realize that 99% of that IT staff was already working there, doing their routine jobs, and had nothing to do with the repair anyway.
(Same reason a procedure at the hospital that took all of 15 minutes costs your insurance company as much as your house did.. funky accounting and everyone wanting to be "in" on the action.)
I think a lot of "hacking" is a no harm no foul problem anyway.
Maeryk
Re:The Witches of Yesterday... (Score:3, Interesting)
white-collar fraud (Score:3, Interesting)
1: Open a Swiss bank account.
2: put money from xyz white-collar fraud into account, get a few mill
3: goto jail (not for that long)
4: take money out account.
5: Enough profit to retire.
or
1: Open a Swiss bank account.
2: Rob a bank for a few thousand
3: goto jail (for a long time)
4: take money out account.
5: umm... well you've got a bit of cash, but was it worth the time?
I agree (Score:5, Interesting)
From http://www.savage.net/public_html/net/phrack.html:
This guy was accused of stealing 80 grand when in reality it was worth 13 dollars!!!Also see Kevin mitnick answers [slashdot.org] if you missed it.
Re:Have to exaggerate the problem... (Score:4, Interesting)
if you cannot produce an invoice or legitimate quote for repair/losses then you are told to shut up would fix every bit of this.
back to computer crime. (Score:3, Interesting)
That's true! In fact, most societies would forgive you if you shot and killed someone who was busy carving up their friend with a knife. Do you know of any that would do the same for someone who shot a hacker? So why is it that hackers can be held for five years without being charged as KM was?
Punishment should fit crime, and ordinary rules of presumed innocence need to be applied in cases of suspected computer crime. As things are, any with-it employer could be frighfully abusive if they wanted.
Re:I agree (Score:2, Interesting)
Re:Personal example (Score:3, Interesting)
Yes.. but you have demonstrated he caused harm, therefore there *is* a foul. I wasnt saying that Cracking is always harmless.. but in some cases (defacing a web page) the cost of repair is as simple as bringing up the cached copy, re-installing it, and fixing the exploit (if known.)
There is no way that cost a million dollars.
Cracking is tresspass at the least and theft at the most. It deserves jail time. The issue is how much jail time. The guy who hacked me should face at a minimum the legal penalty for breaking into my house and rifling through my file cabinet
No argument. Define trespass though. SOmeone walks across my yard, its "trespassing". Refusing to leave when I ask them too, is "Defiant trespass". Coming into my house after I tell them to leave is anything from Breaking and Entering to Forced Entry (depending on whether I am trying to stop them or not, I think) and theft is another layer on top of that. (Hence the laundry list of charges usually piled on a burglar).
Breaking into your house and rifling your file cabinet would probably NOT net me jail time for a first time offense. Especially if nothing was taken, and none of the information gained was used against you. Its more likely a fine, time served, probation kind of thing.
Maeryk
federal point system (Score:3, Interesting)
And for copyright cases, they automatically tack on 4 points if a computer was involved.
Why do lawmakers need a detailed understanding? (Score:3, Interesting)
Depending on exactly what the hacker does, we're talking about vandalism, or thief, or trepassing using a new technique. When bank robbers moved from horses to cars was it important that lawmakers have a detailed understanding of cars before writing applicable laws? When copyright laws moved from covering just books to motion pictures, did lawmakers require a detailed understanding of how motion pictures are created? Does it really matter the exact technical approach used to commit the crime? I don't think so. Vandalism is vandalism. It doesn't matter whether I use can of spraypaint or I hack into the web server. It costs the company money to fix. The dollar value of the damage should drive the punishment.
Definitely true at my College. (Score:2, Interesting)
There is a difference (Score:2, Interesting)
Dammages... (Score:2, Interesting)
From the trenches (Score:3, Interesting)
I dunno, it's a little disheartening to be an aspiring lawyer when I've heard of a firm that prides itself on defending those accused of computer crimes has a password policy that mandates a particular format for your network passwords, and that your password always be provided to your assistant.