Sunday, August 15, 2010

Wikileaks: Who Polices the Internet?

This is a question that has been brewing for 30 or so years and has finally come to a head. Who is responsible for governing the information posted on the Internet, and under what laws are the posters of this information governed?

We spoke on this topic at length last summer in my cyber ethics class in grad school. The ethical implications of Wikileaks' recent actions are obvious, and I don't want to get into that issue here. Never mind that some of us might feel that these guys should be taken behind the barn and shot. Clearly the site's owners feel no moral obligation to protect the citizens of the world. As I said, that's a whole other (ethical) debate.

The other side of this issue is the legal implications—the fascinating argument regarding who polices information posted on the ubiquitous Internet. Because the Internet is not constrained by (and is therefore absolved of) geo-political boundaries, technically there are no laws that can be enforced here to stop further postings of classified government materials on the Amsterdam-based Wikileaks site.

The First Amendment cannot apply because that is U.S. law. U.S. laws can only govern web sites hosted in this country. Although the legal system has yet to catch up with the digital age and struggles to do so on a a daily basis in our over-saturated court system, the U.S. does have some basic "Internet" laws in place like the Computer Fraud and Abuse Act (CFAA), which governs computer hacking. It also passed Digital Millenium Copyright Act (DMCA) that proscribes circumventing a technological measure that effectively controls access to a work protected under copyright. It has the Stored Communications Act (SCA) and the Electronic Communications Privacy Act (ECPA) that criminalizes unauthorized access to stored communications and limits the government's ability to compel ISPs to produce subscriber records. In 2003, the U.S. enacted a bill Controlling the Assault of Non-Solicited Pornography and Marketing messages sent electronically (the CAN-SPAM Act). Sadly, computer-related law does not expand much beyond those big items. See Title 17 and Title 18 of the United States Code for more information.

But because Wikileaks is in Amsterdam, none of our laws apply. There is nothing the Pentagon can do to stop the rogue organization from publicly posting leaked information. . . hence the appeals for the site owners to simply “do the right thing.”

Maybe the U.S. government should instead declare cyber war on its own Federal employees in an effort to prevent further leaks rather than focus its energies on Wikileaks? After all, the information being disseminated is 'classified,' which means that only those who have undergone an ardurous background investigation that is required to obtain a security clearance had access to those documents (or should have had access).

Was the Pentagon paper leak a failure in process (i.e., an error), or was it truly a deliberate leak executed by one or more cleared individuals? No matter how many people the U.S. government gives clearance to, it's impossible to control the actions of each and every one of those individuals. So why not crack down on the electronic systems that store and transmit that data in order to prevent further leaks?

Check out the ‘seeders’ map at the beginning of Wired Magazine's Threat Level feed entitled "Cyberwar Against Wikileaks? Good Luck With That." Clearly this is a global issue, where technically no one country is ‘in charge.’

The fact of the matter is that there is no legal recourse here. Do you think the question of whether (and how and by whom) the Internet is policed will ever be answered? I’d have to say probably not in our lifetimes.

No comments: