Utah Politician Looking To Tackle Doxing, DoS Attacks And Swatting With New Slate Of Cybercrime Amendments
from the as-usual,-bill-has-arrived-in-completely-unfinished-state dept
Three of the Four Horsemen of the Internet Apocalypse (*Revenge Porn not included) are being targeted by Utah legislator David Lifferth with a package of amendments to the state's cybercrime statutes.
Utah Representative David E. Lifferth (R) has filed House Bill 225 which modifies the existing criminal code to include cyber crimes such as doxing, swatting and DoS (denial of service) attacks. According to the amendments, these crimes can now range anywhere from misdemeanors to second-degree felonies.As is often the case when (relatively) new unpleasantness is greeted with new legislation, the initial move is an awkward attempt to bend the transgressions around existing laws, or vice versa. Lifferth's is no exception. As GamePolitics points out, only one of the new crimes is specifically referred to by its given name: DoS attacks. The other two can only be inferred by the wording, which is unfortunately broad.
Swatting becomes:
[making] a false report to an emergency response service, including a law enforcement dispatcher or a 911 emergency response service, or intentionally aids, abets, or causes a third party to make the false report, and the false report describes an ongoing emergency situation that as reported is causing or poses an imminent threat of causing serious bodily injury, serious physical injury, or death; and states that the emergency situation is occurring at a specified location.It's the stab at doxing that fares the worst. In its present form, the wording would implicate a great deal of protected speech. This is the wording Lifferth would like to add to the "Electronic communication harassment" section.
electronically publishes, posts, or otherwise makes available personal identifying information in a public online site or forum.Considering it's tied to "intent to annoy, alarm, intimidate, offend, abuse, threaten, harass, frighten, or disrupt the electronic communications of another," the amended statute could be read as making the publication of personal information by news outlets a criminal activity -- if the person whose information is exposed feels "offended" or "annoyed." Having your criminal activities detailed alongside personally identifiable information would certainly fall under these definitions, which could lead to the censorship (self- or otherwise) of police blotter postings, mugshot publication or identifying parties engaged in civil or criminal court proceedings.
It also would to make "outing" an anonymous commenter/forum member/etc. a criminal act, even if the amount of information exposed never reaches the level of what one would commonly consider to be "doxing." Would simply exposing the name behind the avatar be enough to trigger possible criminal charges?
While it's inevitable that lawmakers will have to tangle with these issues eventually, it's disheartening to see initial efforts being routinely delivered in terrible -- and usually unconstitutional -- shape. We expect our legislators to be better than this. After all, it's their job to craft laws and to do so with some semblance of skill and common sense. If nothing else, we expect them to learn something from previous failures to pass bad laws, whether theirs or someone else's.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cybercrime, david lifferth, dos attacks, doxing, doxxing, swatting, utah
Reader Comments
Subscribe: RSS
View by: Time | Thread
Someone ends up posted on a mugshots site and sues the site, the cops & the state for doxing them.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Solving the wrong problem
[ link to this | view in chronology ]
Re: Solving the wrong problem
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re: "evidence"
it would be funny to have EVIDENCE
in David E. Lifferth android/cellphone/phablet/laptop/car
that at the same time he was in a hotel with his mistress
he was also
-steering a swarm of botnets to DOS attacks some US business websites,
-voip calling 911 to deliver some swatting
-and buying and watching CP videos in thailand
Some governments LIKE GERMANY have been proven (CCC) to use taxpayers money to buy trojan software that allows to plant/manipulate evidence in any digital device...
[ link to this | view in chronology ]
Re: Re: "evidence"
[ link to this | view in chronology ]
Anonymity
[ link to this | view in chronology ]
Re: Anonymity
[ link to this | view in chronology ]
Re: Anonymity
I'd rather we used some common sense here. If outing them leads to ridicule, tough. Don't be an asshole. However, if outing them leads to knuckle-draggers (or the FBI) finding out who squealed on them (like John Kiriakou), that's a problem.
[ link to this | view in chronology ]
This reads to me that it has the potential to make interacting with anyone who is using their real name a crime, regardless of whether that person was willingly using their real information or not. Also, it doesn't seem to have any caveats for someone who publishes their own information willingly (by Facebook for example), meaning FB could functionally be illegal to use in Utah if this passes.
[ link to this | view in chronology ]
Doxxing: Knowingly and intentionally revealing private details about someone's life in a public manner without their consent.
(D)DOS attacking: Knowingly and intentionally flooding a service with requests that are misrepresented or are not intended to be followed through with.
Revenge porn: Knowingly and intentionally revealing private and explicit details of a person in a public manner without their consent.
Why do lawmakers always have to make these things so complicated? These are probably covered by existing laws, probably long before the Internet was widely available.
Like in Australia, everytime a cyber-bullying case happens, people call for new anti-cyber-bullying laws. They conveniently ignore the fact there is ALREADY anti-cyber-bullying laws in the Telecommunications Act. Just like with patents, adding "on a computer" or "on the Internet" seems to warrant a whole new law.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
I'd settle for not needlessly or callously endangering anyone, and worry about effective later. The law can be a very blunt instrument as shown by trying to shoehorn "SWATting" and "doxxing" into existing law.
[ link to this | view in chronology ]
Eagle Mountain Resident - He is not properly representing us
[ link to this | view in chronology ]