7 External threats
The law can also be useful to us in protecting us from people outside our own organisation – or indeed from people within our own organisation acting against our interests. Because information and communications technologies (ICTs) are relatively new, laws have only recently been introduced and are still evolving.
You saw how copyright and patent laws could protect us – although it would be up to us to detect infringements and to take any legal action in the civil courts.
ICTs have brought new threats for ourselves and for our organisations. We need the protection of the law, and old laws have had to be reinterpreted for this new technology, with a range of new crimes having to be recognised and legislated against.
Computers can be used for communication among criminals or terrorists, and these messages can be made secret through encryption. This prospect has proved so threatening that some countries – notably, France – prohibit the use of encryption in any communication. Other countries – notably the US – prohibit the export of any foolproof encryption technology. Any encrypted message could, in principle, be decoded by a powerful enough computer given enough time, and in the latter example the intention has been to permit only encryptions that the security forces in the US could break. However, this is all rather futile, since any enemy would in time produce its own secure methods of encryption, and any encryption method that is today breakable by the US Pentagon but not by anyone else will soon be able to be broken by everyone as personal computers become ever more powerful.
This communication issue is one of a class of older crimes simply conducted by newer means. We shall ignore those examples and focus on the newer crimes peculiar to computing – so computer-aided fraud, as when someone siphons money from an employer, will not be addressed further. However, in many cases attempts to reinterpret old laws, such as those for theft, in the new context, have failed. Theft involves the removal of some physical property, and simply accessing information without changing or removing anything may not be interpretable as theft. Examples of such access might include hacking into a person’s mailbox and reading what is there, or hacking into a university’s ﬁle systems and copying an exam paper.