Utah Politician Looking To Tackle Doxing, DoS Attacks And Swatting With New Slate Of Cybercrime Amendments

from the as-usual,-bill-has-arrived-in-completely-unfinished-state dept

Three of the Four Horsemen of the Internet Apocalypse (*Revenge Porn not included) are being targeted by Utah legislator David Lifferth with a package of amendments to the state’s cybercrime statutes.

Utah Representative David E. Lifferth (R) has filed House Bill 225 which modifies the existing criminal code to include cyber crimes such as doxing, swatting and DoS (denial of service) attacks. According to the amendments, these crimes can now range anywhere from misdemeanors to second-degree felonies.

As is often the case when (relatively) new unpleasantness is greeted with new legislation, the initial move is an awkward attempt to bend the transgressions around existing laws, or vice versa. Lifferth’s is no exception. As GamePolitics points out, only one of the new crimes is specifically referred to by its given name: DoS attacks. The other two can only be inferred by the wording, which is unfortunately broad.

Swatting becomes:

[making] a false report to an emergency response service, including a law enforcement dispatcher or a 911 emergency response service, or intentionally aids, abets, or causes a third party to make the false report, and the false report describes an ongoing emergency situation that as reported is causing or poses an imminent threat of causing serious bodily injury, serious physical injury, or death; and states that the emergency situation is occurring at a specified location.

It’s the stab at doxing that fares the worst. In its present form, the wording would implicate a great deal of protected speech. This is the wording Lifferth would like to add to the “Electronic communication harassment” section.

electronically publishes, posts, or otherwise makes available personal identifying information in a public online site or forum.

Considering it’s tied to “intent to annoy, alarm, intimidate, offend, abuse, threaten, harass, frighten, or disrupt the electronic communications of another,” the amended statute could be read as making the publication of personal information by news outlets a criminal activity — if the person whose information is exposed feels “offended” or “annoyed.” Having your criminal activities detailed alongside personally identifiable information would certainly fall under these definitions, which could lead to the censorship (self- or otherwise) of police blotter postings, mugshot publication or identifying parties engaged in civil or criminal court proceedings.

It also would to make “outing” an anonymous commenter/forum member/etc. a criminal act, even if the amount of information exposed never reaches the level of what one would commonly consider to be “doxing.” Would simply exposing the name behind the avatar be enough to trigger possible criminal charges?

While it’s inevitable that lawmakers will have to tangle with these issues eventually, it’s disheartening to see initial efforts being routinely delivered in terrible — and usually unconstitutional — shape. We expect our legislators to be better than this. After all, it’s their job to craft laws and to do so with some semblance of skill and common sense. If nothing else, we expect them to learn something from previous failures to pass bad laws, whether theirs or someone else’s.

Filed Under: , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Utah Politician Looking To Tackle Doxing, DoS Attacks And Swatting With New Slate Of Cybercrime Amendments”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Imagine what this would do to Wikipedia’s sockpuppet-finders. They’d have to rely on a defense of “we didn’t intend to annoy him” which is not a defense I’d ever want to have to take into court. And the prosecution could still argue that it was intended to “disrupt his electronic communications” since a violation if Wikipedia policy would result in a ban.

Anonymous Coward says:

Solving the wrong problem

Instead of criminalizing SWATting (or increasing penalties in cases where it’s already illegal), they’d be better off amending the rules & regulations so that false reports that today result in a SWATting will not be so destructive. This comes in two parts: first, require that the 911 dispatcher receive enough information that they can recognize grossly false reports (a VoIP call from a provider that doesn’t even do business in your state probably isn’t actually reporting personally-observed gunfire); second, discourage the cops from taking a shoot-first, ask-questions-never policy.

Deatives (user link) says:

Re: Solving the wrong problem

I agree that might be a better solution. Obviously VoIP calls or IP Relays (people register fraudulent accounts pretending to be deaf, use them to swat) should require a lot more information than lets say a call from a cell phone that’s sending GPS info. Also better police training on dealing with hoaxes is necessary, maybe put a “possible hoax” marker on their computer screen or whatever. There are a many possible solutions to deal with the issue.

staatstrojaner (user link) says:

Re: "evidence"

the cool part is that you can plant evidence on any device around those “crimes”

it would be funny to have EVIDENCE
in David E. Lifferth android/cellphone/phablet/laptop/car
that at the same time he was in a hotel with his mistress
he was also
-steering a swarm of botnets to DOS attacks some US business websites,
-voip calling 911 to deliver some swatting
-and buying and watching CP videos in thailand

Some governments LIKE GERMANY have been proven (CCC) to use taxpayers money to buy trojan software that allows to plant/manipulate evidence in any digital device…

Jim the Bear (profile) says:

A person is guilty of electronic communication harassment and subject to prosecution in the jurisdiction where the communication originated or was received if with intent to annoy, alarm, intimidate, offend, abuse, threaten, harass, frighten, or disrupt the electronic communications of another, the person:

electronically publishes, posts, or otherwise makes available personal identifying information in a public online site or forum.

This reads to me that it has the potential to make interacting with anyone who is using their real name a crime, regardless of whether that person was willingly using their real information or not. Also, it doesn’t seem to have any caveats for someone who publishes their own information willingly (by Facebook for example), meaning FB could functionally be illegal to use in Utah if this passes.

Anonymous Coward says:

Swatting: Knowingly and intentionally making false calls to emergency services.
Doxxing: Knowingly and intentionally revealing private details about someone’s life in a public manner without their consent.
(D)DOS attacking: Knowingly and intentionally flooding a service with requests that are misrepresented or are not intended to be followed through with.
Revenge porn: Knowingly and intentionally revealing private and explicit details of a person in a public manner without their consent.

Why do lawmakers always have to make these things so complicated? These are probably covered by existing laws, probably long before the Internet was widely available.

Like in Australia, everytime a cyber-bullying case happens, people call for new anti-cyber-bullying laws. They conveniently ignore the fact there is ALREADY anti-cyber-bullying laws in the Telecommunications Act. Just like with patents, adding “on a computer” or “on the Internet” seems to warrant a whole new law.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...