Forgot your password?
typodupeerror
This discussion has been archived. No new comments can be posted.

European Law Could Give Hackers Mimimum Two-Year Sentence

Comments Filter:
  • Minimum Sentences (Score:5, Insightful)

    by Anonymous Coward on Wednesday March 28, 2012 @07:45PM (#39502943)

    Judges hate minimum sentences. Legislators should stop making them.

    • by elucido (870205) on Wednesday March 28, 2012 @07:58PM (#39503075)

      Minimum sentences as well as private prisons should be entirely unconstitutional.

      • Re: (Score:2, Interesting)

        by cold fjord (826450)

        Minimum sentences as well as private prisons should be entirely unconstitutional.

        I'm afraid I'm not as dazzled by your pronouncement as the moderators, so I'll ask, could you expand upon this a bit? Why do you claim this? Why is it unjust for there to be minimum sentences or prisons run by private companies for the government? In most legal systems it is the prosecutor that makes the primary decision about the possible penalties you will face by deciding what crimes to charge you with: none, minor charges, or serious charges, depending upon the merits of the case. Once the prosecut

        • Private prisons do create some conflict of interest. Repeat offenders mean repeat customers.
          • So please explain how prisons run by corporations for, and regulated by, the state create repeat offenders whereas a state run institution wouldn't?

            • The state has a clear incentive to make sure the prisoners don't offend again: Each prisoner means more expense, and politicians (well, in theory) don't like wasteful spending. Thus they have a reason to focus on rehabilitation - getting the prisoners educated, keeping them from creating a prison culture that glorifies crime, controlling gangs. Private prisoners, on the other hand, get paid by the prisoner - they have no incentive for rehabilitation. Quite the opposite: If a prisoner serves his time, is rel
        • by Carewolf (581105) on Thursday March 29, 2012 @02:50AM (#39505737) Homepage

          Minimum sentences are pure insanity and pandering to the voters.

          The problem is that it takes away the option of the prosecutor and judge to give fair sentences, and forces them to hand out minimum sentences for cases where the minimum sentence was never intended.

          Examples are plentiful everywhere they have been implemented. 10 year prison for teenager for taking nude pictures of themselves, 4 year prison for _reporting_ child-pornography on web to the police (reporter have it cached on your computer, so in his possession)... The list goes on, it should be unconstitutional to protect politicians from being tempted to introduce this insanity.

          • by bloodhawk (813939)
            From what I have seen in the past 40 years of my life the insanity occurs when you allow the judge and/or the prosecutors to determine sentences. We see murders walk away with slaps on the wrist, pedophiles gien chance after chance after chance to reform because they were polite to the judge and claimed they were "honestly sorry" for their crimes. Justice is supposed to be blind, treating all equally and that doesn' happen often enough nowadays, if judges/prosectors were more consistent and sane with their
            • Re:Minimum Sentences (Score:4, Interesting)

              by Carewolf (581105) on Thursday March 29, 2012 @05:17AM (#39506585) Homepage

              Ahh.. Yes. The people who actually UNDERSTAND the cases, and who knows ALL THE DETAILS gives out smaller sentences than people who HAVE NO CLUE would like..

              A "funny" experiment was made a few years ago. A random group of people where selected they were first asked if they felt punishment for crimes were too soft, most agreed. They then looked at specific cases with all the details, and in each case when presented with all the evidence - most felt the punishment was too harsh.

            • by tehcyder (746570)

              From what I have seen in the past 40 years of my life the insanity occurs when you allow the judge and/or the prosecutors to determine sentences. We see murders walk away with slaps on the wrist, pedophiles gien chance after chance after chance to reform because they were polite to the judge and claimed they were "honestly sorry" for their crimes.

              This is pure bullshit. I bet you can't provide any actual examples at all of either of these two situations, unless you live in some very weird country indeed.

          • Minimum sentences are pure insanity and pandering to the voters.

            Or are they a completely rational response to Judges that won't enforce the laws they disagree with philosophically? Judged are often beyond recall or reaffirmation as politicians are, so mandatory requirements may be the only legally binding requirement on them.

            The problem is that it takes away the option of the prosecutor and judge to give fair sentences, and forces them to hand out minimum sentences for cases where the minimum sentence was never intended.

            That isn't really true. Prosecutors have discretion as to what crimes to charge people with. If they think one crime is too harsh for the circumstances, they can charge a lesser crime, or none at all.

            I will point out that laws can be, and often a

      • by dutchwhizzman (817898) on Thursday March 29, 2012 @03:09AM (#39505863)
        Europe doesn't have a constitution, it's not even a nation or anything like that. There was an attempt at a European constitution, but it was voted down in referendums in several countries in the EU.
    • by sg_oneill (159032) on Wednesday March 28, 2012 @08:00PM (#39503103)

      Judges hate minimum sentences. Legislators should stop making them.

      Yeah, you can see how this will go wrong. Someone finds an open facebook at a netcafe, and decide to post some dopey comment on the unsuspecting security-ignoramasus page. The person flips out and calls the cops, and the cops charge him, because technically it is hacking.

      The judge hears the case and goes "Well I have to find this guy guilty, and normally I'd give him a $50 fine and tell him to quit being a dick, but instead he's going to jail for 2 years and having the rest of his life ruined because of a harmless prank.

      Yes indeed, theres a very good reason judges hate mandatory minimums.

      • by tehcyder (746570)
        Maybe peple should considr their actions in advance and be able to differentiate harmless pranks from actions that break the law.
    • by interkin3tic (1469267) on Wednesday March 28, 2012 @08:08PM (#39503193)
      Simpletons are the only ones who like mandatory minimums. You have a mechanism to investigate crimes on a case-by-case basis, looking at all the evidence, the factors that went into the crime, and setting the punishment to fit the case. That's the job of the courts. It's not perfect, but one-size-fits-all justice is usually not justice. The mandatory minimum sentence should be zero in ALL crimes.
      • pff next what, innocent until proven guilty?

      • "The mandatory minimum sentence should be zero in ALL crimes."

        I have to disagree? What about murder and rape? I think that society has a need to set a minimum sentence for such violent crimes to ensure that those who perpetrate them are off the streets for whatever amount of time.

        That being said, I don't think that hacking, which has a hugely broad definition (even a good one depending), should carry a minimum sentence.

    • by Anonymous Coward

      The article from the first link says that the law in question would require member states adapt a maximum penalty of at least two years. This doesn't sound like what we would normally call a "minimum sentence".

      • by Rhodri Mawr (862554) on Wednesday March 28, 2012 @08:34PM (#39503497)
        From the first linked article:

        Cyber attacks on IT systems would become a criminal offence punishable by at least two years in prison throughout the EU under a draft law backed by the Civil Liberties Committee on Tuesday.

        The maximum penalty to be imposed by Member States for these offences would be at least two years' imprisonment, and at least five years where there are aggravating circumstances such as the use of a tool specifically designed to for large-scale (e.g. "botnet") attacks, or attacks cause considerable damage (e.g. by disrupting system service), financial costs or loss of financial data.

        At first glance these two paragraphs do appear to be contradicting each other - but it isn't clear which of these paragraphs is an EU press release and which is the journalist's interpretation. The article (and as a result the slashdot summary) may be misinterpreting the press release.

        "maximum" may be a misprint here, or, the EU may, as usual, be trying to obfuscate the intent of their legislation.

        • by bws111 (1216812)

          What is contradictory? A minimum sentence of two years, and a maximum sentence of at least two years is not contradictory. A minimum of two years and a maximum of at least one year would be contradictory.

        • by AK Marc (707885)
          Or maybe they want a minimum maximum of 2 years.
    • Re:Minimum Sentences (Score:4, Informative)

      by Kat M. (2602097) on Wednesday March 28, 2012 @08:24PM (#39503369)

      The article is not entirely clear on the minimum sentence part. From the body of the text it appears that it's that the maximum sentence should be at least two years (which makes sense, given that individual member states would be free to set higher maximum sentences if it's a directive), and five if there are aggravating circumstances. Also, given that petty offenses should not carry criminal sanctions at all does not mesh with a minimum two year sentence.

      The only part that mentions a two year minimum sentence is the summary paragraph, which may be the result of poor editing.

      There's a video recording of the committee meeting, but I don't really have the time to search through it to find what was actually decided. I guess it'll become clearer within the next few days.

      • I agree, the first article paints a very different picture from the second. first article talks about maximum sentences being at-least 2 year or 5 years for aggravated circumstances, the 2nd article they have becomes minimum sentence. In the first article there is also a section (under IP spoofing) stating 'However, no criminal sanctions should apply to "minor cases", i.e. when the damage caused by the offence is insignificant.' This could be very significant
    • "Aw, I don't think you can do it!" "Learn that poem... learn that poem..."
  • by Anonymous Coward

    Does "Hacking" include typing the URL wrong?

    • According to my high school, "hacking" includes opening Internet Explorer when the last guy to use the PC set the home page to an unprotected network share.
    • I lost a boot drive for a workstation recently, and with it the activation for some very expensive professional software products.

      More than one vendor subsequently refused to let me reactivate the software (the same legitimate copy of the same software on the same machine except with a fresh OS installation on a new drive) because they had records showing that my software key was registered to someone else, sometimes not even in the same country. Eventually, after multi-week hassle and in some cases literal

    • by rastos1 (601318)

      Does "Hacking" include typing the URL wrong?

      (In a few months:) That would require to un-hide the address bar in first step. Only hackers do that.

  • by BitterOak (537666) on Wednesday March 28, 2012 @07:49PM (#39502973)
    From the article:

    The proposal also targets tools used to commit offences: the production or sale of devices such as computer programs designed for cyber-attacks, or which find a computer password by which an information system can be accessed, would constitute criminal offences.

    So, what would the scope of such a prohibition be? Would pen testing tools commonly used by security professionals be prohibited in Europe? Would you need a license to possess or use such tools? This sounds like an overreaching law. And since when did the European parliament get the authority to impose mandatory minimum prison sentences in its member nations?

    • by X0563511 (793323) on Wednesday March 28, 2012 @07:51PM (#39502987) Homepage Journal

      I used wireshark to fix a bug today. Apparently I would be a criminal in the UK, with a minimum sentence of 2 years.

      This is fucked.

      • by walkerp1 (523460)

        I used wireshark to fix a bug today. Apparently I would be a criminal in the UK, with a minimum sentence of 2 years.

        Nothing so elaborate is required. I've perpetrated some beautiful felonies with netcat one-liners.

      • I used wireshark to fix a bug today. Apparently I would be a criminal in the UK, with a minimum sentence of 2 years.

        This is fucked.

        If you did it trying to hack into someone else's computer(s) or network(s) that you didn't have proper authorization to use or use in that manner, then probably yes. If you did it for your employer as part of your job responsibilities or normal maintenance, or on your own personal network of systems you own, control, or have authorization to use for that purpose, then it is very unlikely. Hmmm, that didn't seem so hard.

      • by martin-boundary (547041) on Wednesday March 28, 2012 @10:03PM (#39504205)

        I used wireshark to fix a bug today. Apparently I would be a criminal in the UK, with a minimum sentence of 2 years.

        This is fucked.

        No, no! That's good news! In Texas, you'd get the death penalty...

    • Re: (Score:3, Insightful)

      by cpu6502 (1960974)

      >>>since when did the European parliament get the authority to impose mandatory minimum prison sentences in its member nations?

      Since when did the American congress get the authority to impose mandatory minimum prison sentences on its member states' courts? ANSWER: When both the parliament and congress usurped the power through decree. This is the natural progession from a union of independent states into a central authority that tries to control everything down to the smallest level (even your h

      • by gstoddart (321705) on Wednesday March 28, 2012 @08:54PM (#39503683) Homepage

        At least in the U.S. we have a 10th amendment and a Supreme Court which forbids congress from exercising powers never granted to it

        There's amendments with lower numbers they ignore all the time.

        Why should the 10th be any different?

        • There's amendments with lower numbers they ignore all the time.

          Why should the 10th be any different?

          The actual problem, as generally seen on Slashdot, is that many people fail to understand how they get applied in practice as opposed to their actually being ignored. Prisoners of War, for example, have generally never been subject to Habeas corpus - a subject of perpetual confusion on Slashdot. German and Italian POWs in the UK, US, and Canada didn't have the right to Habeas Corpus in WW2, Al Qaeda members taken prisoner originally didn't either. (Perhaps they now wish Bin Laden hadn't declared War on t [pbs.org]

          • by julesh (229690)

            There's amendments with lower numbers they ignore all the time.

            Why should the 10th be any different?

            The actual problem, as generally seen on Slashdot, is that many people fail to understand how they get applied in practice as opposed to their actually being ignored. Prisoners of War, for example, have generally never been subject to Habeas corpus - a subject of perpetual confusion on Slashdot. German and Italian POWs in the UK, US, and Canada didn't have the right to Habeas Corpus in WW2, Al Qaeda members taken prisoner originally didn't either. (Perhaps they now wish Bin Laden hadn't declared War on the US [pbs.org]. Of course it took 9/11 for the US to reply in kind, legally [findlaw.com].)

            Last I saw, the US and the UK are not at war, yet at least one of those gitmo prisoners whose Habeas Corpus requests were ignored was a British citizen.

            • Last I saw, the US and the UK are not at war, yet at least one of those gitmo prisoners whose Habeas Corpus requests were ignored was a British citizen.

              If his requests were ignored it was because he had no right to them under existing law. He would have been held due to making war as part of Al Qaeda regardless of his citizenship, much as non-German nationals fighting for the German army would have been held unless there was some special mitigating circumstance. (For example, a variety of POWs were forced, coerced by the German Army to serve various functions in its ranks.)

              If said sad British subject had followed the Queen's flag to battle, he would have

              • by julesh (229690)

                If his requests were ignored it was because he had no right to them under existing law. He would have been held due to making war as part of Al Qaeda regardless of his citizenship, much as non-German nationals fighting for the German army would have been held unless there was some special mitigating circumstance.

                Yes, perhaps. Except that there is no evidence that some of these people ever had anything to do with al Qaeda. These were just innocent men who happened to be in the wrong place at the wrong time, or at least that's what all the evidence that has been presented appears to make them.

                http://www.guardian.co.uk/uk/2004/mar/14/terrorism.afghanistan [guardian.co.uk]

    • by game kid (805301)

      Hide your nmaps...

    • by Yvanhoe (564877)
      I should have bought one of these "Hacking is not a crime" stickers they proposed on the hackerspaces mailing list...
  • by NemoinSpace (1118137) on Wednesday March 28, 2012 @07:51PM (#39502995) Homepage Journal
    Should be illegal for the government.
    • What is illegal for the citizenry...Should be illegal for the government.

      Because every citizen needs their own standing army, blue water navy, air defense artillery & missiles with the right to govern their own airspace, the ability to capture and imprison their neighbors for acts ranging from buggery to murder, the power of personal approval over new cancer treatments, and the ability to make treaties with Japan, Canada, Fiji, and Peru. Or is it nobody and no government needs that? I forget.....

      I enjoy Slashdot because on occasion you read fine minds in elevated discourse

  • by lightknight (213164) on Wednesday March 28, 2012 @07:55PM (#39503029) Homepage

    Just watch and wait: it'll be the kid who takes apart his iPod to replace the broken battery who gets charged.

    • Just watch and wait: it'll be the kid who takes apart his iPod to replace the broken battery who gets charged.

      He hurt a poor, defenseless, for-profit corporation. Taking two years of his life for slightly modifying a thing he already owns is getting off easy -- the kid is a monster.

    • by rtb61 (674572)

      No, it'll be some dumb schmuck who has no idea about computer security, whose computer gets taken over to launch a series of attacks and once the attacks are finished all traces are cleaned up, leaving nothing but a trail to the victim, the victim here being the person accused of hacking who now can no longer prove the innocence.

      Now of course if it is a law enforcement type who is meant to be upholding these laws, it will be kind of funny, for every one else and of course everyone has heard about tens of

    • Just watch and wait: it'll be the kid who takes apart his iPod to replace the broken battery who gets charged.

      That is entirely too cynical. The authorities seem perfectly capable of coming up with reasonable suspects:

      'Lulzsec hackers' arrested in international swoop [bbc.co.uk]

      FBI arrests 16 in Anonymous hacking investigation [cnet.com]

    • Re: (Score:2, Funny)

      by Ksevio (865461)

      replace the broken battery who gets charged.

      Well it'd be hard to charge if the battery was still broken.

  • by elucido (870205) on Wednesday March 28, 2012 @07:57PM (#39503057)

    These ideas are all traps put in place by corrupt lawmakers and special interest groups that benefit from for profit prisons. Don't get it twisted.

    • This is, of course, utter fantasy mixed with BS. Minimum sentences have been in use going far back into history. Prisons run by corporations account for only about 10% of prison beds, and if there was that sort of corruption I expect we would hear of it constantly (with evidence). And three strikes laws?

      Three strikes law [wikipedia.org]

      The three strikes law significantly increases the prison sentences of persons convicted of a felony who have been previously convicted of two or more violent crimes or serious felonies, and limits the ability of these offenders to receive a punishment other than a life sentence. Violent and serious felonies are specifically listed in state laws. Violent offenses include murder, robbery of a residence in which a deadly or dangerous weapon is used, rape and other sex offenses; serious offenses include the same offenses defined as violent offenses, but also include other crimes such as burglary of a residence and assault with intent to commit a robbery or murder.This law also penalizes habitual offenders

      If you have evidence to support your nonsense, please present it.

    • These ideas are all traps put in place by corrupt lawmakers and special interest groups that benefit from for profit prisons. Don't get it twisted.

      In this case I think it as likely that it's techno-ignorant lawmakers trying to accomplish something valid by using too large a hammer.

  • Why does it seem that laws like this would do nothing except scare away responsible White Hat hackers who report security flaws, leaving only the Black Hats who profit from their computer crimes?

    • by cpu6502 (1960974)

      "If hacks are outlawed, then only criminals will have hacks." --- I'll guess we'll have to rely upon Microsoft to investigate and fix any holes in the software. (In other words like calling the police on 911; no defense at all.)

  • by elucido (870205) on Wednesday March 28, 2012 @08:00PM (#39503101)

    These minimum sentences should not exist. It's bad enough that peoples lives can easily be ruined by hacking in general but it's even worse if they lose 2 years of their life. This would kill them professionally as they'd have no way to explain their gap in resume.

    It's only a matter of time before hackers are treated like sex offenders, just wait and see.

    • This would kill them professionally as they'd have no way to explain their gap in resume.

      Most people who need to worry about a resume/CV are bright enough to realize they shouldn't be cracking/hacking into other's people's networks & computers.

      The word will spread quickly. Besides, don't most people on Slashdot have a warm spot in their heart for Darwin..... at least when his ideas don't work against them?

      It's only a matter of time before hackers are treated like sex offenders, just wait and see.

      I think it will be a very long time before anyone has to worry about the cry going out,

      "Oy! Lock up your daughters! We've got a hacker in the

      • Most people who need to worry about a resume/CV are bright enough to realize they shouldn't be caught cracking/hacking into other's people's networks & computers.

        FTFY

        • FTFY

          Not really, no. As soon as you engage in this sort of behavior you are at risk, and you have little control over the risk other than not doing it. Most people know not to do it, Slashdot audience not withstanding.

          • I once walked my pet goat over the main square of a small Belgian town, and made the national news. The mayor was interviewed on TV, bragged that he involved federal police, and that the culprit would face dire punishment if caught... but here I am, still free, alive and kicking. But apparently the German shop where I bought my Guy Fawkes mask got bothered...

            Most funny thing: during the interview, it was obvious that the mayor was struggling hard to not burst out in laughter about the fun stunt...

      • by julesh (229690)

        Most people who need to worry about a resume/CV are bright enough to realize they shouldn't be cracking/hacking into other's people's networks & computers.

        ISTR a case not too long ago where somebody was prosecuted succsessfully for breaking into somebody's wifi -- an open network which the "offender"s smartphone had automatically connected to. A 2 year minimum for that would be absurd. Thankfully, I think the OP misinterpreted the proposed law, which rather than establishing a minimum is intended to make sure all the member countries' maximums are high enough.

    • by Shimbo (100005)

      These minimum sentences should not exist. It's bad enough that peoples lives can easily be ruined by hacking in general but it's even worse if they lose 2 years of their life.

      Bad article, worse summary. The EU doesn't do laws, it does directives which are sort of meta-laws; the individual States actually pass the laws. In this case, the EU is proposing that each member state should have a law making hacking punishable by two or more years in prison. That does not imply a minimum sentence in any form.

  • by Genda (560240) <mariet@@@got...net> on Wednesday March 28, 2012 @08:04PM (#39503145) Journal

    Part 2 is; Hacking is defined as anything we don't want you inspecting too closely. We'll be using the first million prisoners to build the prisons for the next million and so on and so on. Once society is imprisoned, people will be much more easily controlled.

    Governments everywhere, rejoice!

  • by Hentes (2461350) on Wednesday March 28, 2012 @08:05PM (#39503163)

    I have a suspicion that they will count jailbreaking/bypassing DRM as hacking too. It's just a small step from outlawing IP spoofing.
    How about sentencing hackers based on the damage they have done instead of another witchhunt against technology?
    Only demonstrating a vulnerability: no sentence or a few month of community service; destroying data or sabotaging systems: monetary fine based on the losses that occurred if the guy can't pay then prison; stealing and selling or making public user data: long long years of prison.

    • by gl4ss (559668)

      *How about sentencing hackers based on the damage they have done instead of another witchhunt against technology?*

      Then they would have to actually show damages. in information leak cases that's quite hard. espionage, meddling with others exchange of letters etc is already illegal though. purely monetary fine would let murdoch run free though.

  • by Anonymous Coward on Wednesday March 28, 2012 @08:33PM (#39503477)

    when i was 16 while learning how to program i created a cheating engine for an online game which i was then arrested and charged for at 18 under the computer misuse act. as it stood i was given a £300 fine and some community service, considrring i was unaware of the fact breaking TOS was illegal (i was a kid, and cheats have always been in games, or things like gameshark that injected into games so i consider
    ed it akin to that) hoeever this new law would have seen me goto prison for two years.

    this is just a stupidly thought out blanket law in my opinion. hopefully it doesnt go through or thrre will be a big spree of teenagers in jail for petty things like that.

  • was the Computer Fraud and Abuse Act of 1986. The law is incredibly vague, and thats the only thing they could get him on. They couldnt get him on 'espionage', because he didnt commit espionage. they couldnt get him for 'false statements to the FBI', because he didnt make any. they couldnt get him for 'obstruction of justice', because he didnt obstruct justice. The only thing they could get him for was improperly accessing information on a govt computer. Which basically could be used arbitrarily against alm

    • It appears that they have Bradley Manning pretty much dead to rights.

      Not so much ambiguity there.

    • It is as if we reward programmers by how many lines of code they write.

      A JUDGE is supposed to JUDGE something. We put all these extra detailed rules on everything to employ more lawyers while removing as much actual decision making as possible.

      When we take out the common sense of a HUMAN who can put situations into context and deal with specifics of each situation while a GENERIC blanket statement of law is just a brain dead policy. It is literally brain dead and if we keep defining more detail it will not

  • When did the UE gain authority on criminal offences? I thought this was a member states prerogative. This un-democratic monster is getting uglier every day.
    • by gl4ss (559668)

      well the member states have to sign it to law first.
      it would make some tools illegal though. like a password bruteforcer. it would make a lot of things anyone can write on a keyboard in an hour illegal.
      however there's an upside to this one, it would make a company liable for what it's employees do. how that works actually I don't have the slightest idea, would the ceo go to prison? shareholders? the board?

      "However, no criminal sanctions should apply to "minor cases", i.e. when the damage caused by the offen

  • Can't do anything about China (and others) breaking into every system they can...okay, let's hit our own citizens hard because we can then at least we can say that we're doing SOMETHING about the 'hacking problem'.

    Just like Intellectual Property and counterfeit producs. Can't get the real problems solved, hit those within reach.

  • by nurb432 (527695)

    "Computer Misuse Act ", while misusing the word "Hacker".

    That should be a crime in itself. :)

  • "Hacking" just seems far too broad a category of crimes to slap a minimum sentence on, it really calls out for flexible sentencing to fit the exact nature of what was done.

All this wheeling and dealing around, why, it isn't for money, it's for fun. Money's just the way we keep score. -- Henry Tyroon

Working...