Digital Piracy: Neutralising Piracy on the Digital Waves

Rates of digital piracy, defined by Gopal, et al. (2004: 3) as ‘the illegal act of copying digital goods for any reason other than backup, without permission from or compensation to the copyright holder’, appear to be rising despite increasingly stringent methods employed by both legislators and the industries affected to curtail it. The harm it causes the industries is also increasing; affecting everyone from producers to consumers. This study explores the aetiology of digital piracy; specifically whether students in the United Kingdom neutralise the guilt for their actions through the use of Sykes and Matza’s (1957) techniques of neutralisation. Through the data collected from an online survey (n=114) this study finds that students typically neutralise their guilt when committing piracy through an ‘appeal to higher loyalties’ and a belief that ‘everyone else does it’. The use of these specific techniques implies that piracy has become a social norm for students at university who do not see it as morally wrong. The study concludes by suggesting the policy implications of these findings and potential avenues for further research

An introduction to computer viruses

This report on computer viruses is based upon a thesis written for the Master of Science degree in Computer Science from the University of Tennessee in December 1989 by David R. Brown. This thesis is entitled An Analysis of Computer Virus Construction, Proliferation, and Control and is available through the University of Tennessee Library. This paper contains an overview of the computer virus arena that can help the reader to evaluate the threat that computer viruses pose. The extent of this threat can only be determined by evaluating many different factors. These factors include the relative ease with which a computer virus can be written, the motivation involved in writing a computer virus, the damage and overhead incurred by infected systems, and the legal implications of computer viruses, among others. Based upon the research, the development of a computer virus seems to require more persistence than technical expertise. This is a frightening proclamation to the computing community. The education of computer professionals to the dangers that viruses pose to the welfare of the computing industry as a whole is stressed as a means of inhibiting the current proliferation of computer virus programs. Recommendations are made to assist computer users in preventing infection by computer viruses. These recommendations support solid general computer security practices as a means of combating computer viruses

Criminal Law in Cyberspace

Two of the most talked-about crimes of the year, the ILoveYou computer worm and the denial of service attacks on Yahoo, eBay, and ETrade, suggest that a new form of crime is emerging: cybercrime. Thousands of these crimes occur each year, and the results are often catastrophic; in terms of economic damage, the ILoveYou worm may have been the most devastating crime in history, causing more than $11 billion in losses. This paper asks how cybercrime is best deterred. It identifies five constraints on crime - legal sanctions, monetary perpetration cost, social norms, architecture, and physical risks - and explains how each of these constraints may be reduced by committing crime in cyberspace. The ease of cybercrime risks negative substitution effects, as offenders move away from realspace and look towards the Net. Because cybercrime requires fewer resources and less investment to cause a given level of harm, the law might want to use approaches that differ somewhat from those in realspace. In part, this is so because computers provide a cheaper means to perpetrate crime. Criminal law must be concerned not only with punishing crime ex post, but with creating ex ante barriers to inexpensive ways of carrying out criminal activity. For example, if computers serve as substitutes for conspirators, then law might develop doctrines that treat computers as quasi-conspirators and establish inchoate liability. Some government barriers, however, will create dead-weight losses. For example, encryption has the potential to further massive terrorism (which leads many in the law enforcement community to advocate its criminalization) but also the potential to facilitate greater security in communication and encourage freedom (which leads many others to push for unfettered access to the technology). To help solve such problems, the paper advocates the use of sentencing enhancements as tools that surgically target bad acts. Sentencing enhancements have received relatively little attention in the academic literature; this Article attempts to fill that gap. Cyberspace also adds additional parties to the traditional perpetrator-victim scenario of crime. In particular, much cybercrime is carried out through the use of Internet Service Providers. Law should impose modest responsibilities on third parties because doing so promotes cost deterrence and capitalizes on what Reinier Kraakman has called gatekeeper liability. Third parties can develop ways to make crime more expensive, and may be able to do so in ways that the government cannot always directly accomplish, such as cost effective regulation of the architecture of the Net. The same logic sometimes applies to victims of cybercrime; law can develop mechanisms to encourage optimal victim behavior as well. Burden-shifting must not, however, sacrifice the value of interconnectivity and network effects

Cyber security information sharing in the United States : an empirical study including risk management and control implications, 2000-2003

A tremendous amount of change in traditional business paradigms has occurred over the past decade through the development of Electronic Commerce and ad\ ancements in the field of Information Technology. As lesser-developed countries progress and become more prosperous. traditional . first world' countries have migrated to become strong service oriented economies (Asch, 200 I). Supporting technologies have developed over the past decade which has exploited the benefits of the Internet and other infonnation technologies. While Electronic Commerce continues to grow there is a corresponding impact on computer software and individual privacy (Ghosh and Swaminatha, 200 I). Recently. the U.S. National Institute of Standards and Technology (NIST) found that software bugs cost the U.S. economy approximately $59.5 billion, or .600/0 of the annual Gross Domestic Product (U.S. Department of Commerce, 2003). In addition, we have witnessed a rise in the strength and impact of Denial of Service and other types of computer attacks such as: viruses. trojans. exploit scripts and probes/scans. Popular industry surveys such as the annual Federal Bureau of Investigation/Computer Security Institute (Gordon. Et. AI.. 2006) confirm the growing threats in the Information Assurance field. In addition to these concerns our increased reliance on the Internet enabled systems (loudon and loudon. 2000). E-Commerce systems and Information Technologies an integrated suite of risks which must be managed effectively across the public and private sectors (Backhouse. Et. AI. 2005. Ghosh and Swamintha. 200 I. Parker. 200 I. Graf. 1995. Greenberg and Goldman, 1995). Previous research (Rumizen, 1998. Haver, 1998, Roulier, 1998) examined InterOrganisational, Web Infonnation Systems and Government Information Systems in order to assess how companies and other organisations can effectively design these information systems such that maximum benefits can be achieved for all participating organisations. Furthermore, Davenport, Harris and Delong (2001) and Davenport (1999) explained that collaboration is central to the results of a knowledge management system in which open, nonpolitical, non-competitive entities are involved in environments to achieve optimal individual and collective results. Before this memorable event. some related programmatic initiatives were already in-process at that time. The United States government built upon its active leadership in the areas of computer security and information assurance when it launched a number of important efforts to manage information security threats. This was clearly evident when President Clinton made the U.S. National Infrastructure (Nil) a major national priority in the 1 990s. One critical development occurred in 1998 when the National Infrastructure Protection Centre was established to be the central point for gathering, analysing and disseminating critical cyber security information and built upon the previous success of the national Computer Emergency Response Team (CERT). Earlier research (Rich. 2001, Soo Hoo, 2000. Howard. 1997 and Landwher, 1994) addressed various aspects of information security information and incident reporting. Also. Vatis 0001) addressed some research considerations in this area while investigating foreign network centric and traditional warfare events primarily through Denial of Service and Web Site Defacement attacks. However. areas for new exploration existed especially as they related to U.S. critical infrastructure protection (Karestand. 2003. Vatis. 200 I. U.S. General Accounting Office. 2000. Alexander and Swetham. 19(9). Finally. Information and Network Centric Warfare (Arens and Rosenbloom. 2003. Davies. 2000. Denning and Baugh. 2000. and Schwartau. 1997) are increasing national security issues in the \\' ar on Terrorism and Homeland Security in general