Utah Politician Looking To Tackle Doxing, DoS Attacks And Swatting With New Slate Of Cybercrime Amendments
from the as-usual,-bill-has-arrived-in-completely-unfinished-state dept
Three of the Four Horsemen of the Internet Apocalypse (*Revenge Porn not included) are being targeted by Utah legislator David Lifferth with a package of amendments to the state’s cybercrime statutes.
Utah Representative David E. Lifferth (R) has filed House Bill 225 which modifies the existing criminal code to include cyber crimes such as doxing, swatting and DoS (denial of service) attacks. According to the amendments, these crimes can now range anywhere from misdemeanors to second-degree felonies.
As is often the case when (relatively) new unpleasantness is greeted with new legislation, the initial move is an awkward attempt to bend the transgressions around existing laws, or vice versa. Lifferth’s is no exception. As GamePolitics points out, only one of the new crimes is specifically referred to by its given name: DoS attacks. The other two can only be inferred by the wording, which is unfortunately broad.
Swatting becomes:
[making] a false report to an emergency response service, including a law enforcement dispatcher or a 911 emergency response service, or intentionally aids, abets, or causes a third party to make the false report, and the false report describes an ongoing emergency situation that as reported is causing or poses an imminent threat of causing serious bodily injury, serious physical injury, or death; and states that the emergency situation is occurring at a specified location.
It’s the stab at doxing that fares the worst. In its present form, the wording would implicate a great deal of protected speech. This is the wording Lifferth would like to add to the “Electronic communication harassment” section.
electronically publishes, posts, or otherwise makes available personal identifying information in a public online site or forum.
Considering it’s tied to “intent to annoy, alarm, intimidate, offend, abuse, threaten, harass, frighten, or disrupt the electronic communications of another,” the amended statute could be read as making the publication of personal information by news outlets a criminal activity — if the person whose information is exposed feels “offended” or “annoyed.” Having your criminal activities detailed alongside personally identifiable information would certainly fall under these definitions, which could lead to the censorship (self- or otherwise) of police blotter postings, mugshot publication or identifying parties engaged in civil or criminal court proceedings.
It also would to make “outing” an anonymous commenter/forum member/etc. a criminal act, even if the amount of information exposed never reaches the level of what one would commonly consider to be “doxing.” Would simply exposing the name behind the avatar be enough to trigger possible criminal charges?
While it’s inevitable that lawmakers will have to tangle with these issues eventually, it’s disheartening to see initial efforts being routinely delivered in terrible — and usually unconstitutional — shape. We expect our legislators to be better than this. After all, it’s their job to craft laws and to do so with some semblance of skill and common sense. If nothing else, we expect them to learn something from previous failures to pass bad laws, whether theirs or someone else’s.
Filed Under: cybercrime, david lifferth, dos attacks, doxing, doxxing, swatting, utah
Comments on “Utah Politician Looking To Tackle Doxing, DoS Attacks And Swatting With New Slate Of Cybercrime Amendments”
I await the fallout
Someone ends up posted on a mugshots site and sues the site, the cops & the state for doxing them.
Re: Re:
and maybe they should be
More laws – that will certainly fix the problem.
Re: Re:
Isn’t that the one about doubling every 18 months 🙂
Imagine what this would do to Wikipedia’s sockpuppet-finders. They’d have to rely on a defense of “we didn’t intend to annoy him” which is not a defense I’d ever want to have to take into court. And the prosecution could still argue that it was intended to “disrupt his electronic communications” since a violation if Wikipedia policy would result in a ban.
Solving the wrong problem
Instead of criminalizing SWATting (or increasing penalties in cases where it’s already illegal), they’d be better off amending the rules & regulations so that false reports that today result in a SWATting will not be so destructive. This comes in two parts: first, require that the 911 dispatcher receive enough information that they can recognize grossly false reports (a VoIP call from a provider that doesn’t even do business in your state probably isn’t actually reporting personally-observed gunfire); second, discourage the cops from taking a shoot-first, ask-questions-never policy.
Re: Solving the wrong problem
I agree that might be a better solution. Obviously VoIP calls or IP Relays (people register fraudulent accounts pretending to be deaf, use them to swat) should require a lot more information than lets say a call from a cell phone that’s sending GPS info. Also better police training on dealing with hoaxes is necessary, maybe put a “possible hoax” marker on their computer screen or whatever. There are a many possible solutions to deal with the issue.
Can Utah negotiate the International treaties, and make and receive the extradition requests needed to enforce such laws?
Re: "evidence"
the cool part is that you can plant evidence on any device around those “crimes”
it would be funny to have EVIDENCE
in David E. Lifferth android/cellphone/phablet/laptop/car
that at the same time he was in a hotel with his mistress
he was also
-steering a swarm of botnets to DOS attacks some US business websites,
-voip calling 911 to deliver some swatting
-and buying and watching CP videos in thailand
Some governments LIKE GERMANY have been proven (CCC) to use taxpayers money to buy trojan software that allows to plant/manipulate evidence in any digital device…
Re: Re: "evidence"
https://ccc.de/en/updates/2011/staatstrojaner
Anonymity
I for on, am behind making it a crime to match a name with an avatar.
Re: Anonymity
The rest is pure crap though.
Re: Anonymity
I’d rather we used some common sense here. If outing them leads to ridicule, tough. Don’t be an asshole. However, if outing them leads to knuckle-draggers (or the FBI) finding out who squealed on them (like John Kiriakou), that’s a problem.
This reads to me that it has the potential to make interacting with anyone who is using their real name a crime, regardless of whether that person was willingly using their real information or not. Also, it doesn’t seem to have any caveats for someone who publishes their own information willingly (by Facebook for example), meaning FB could functionally be illegal to use in Utah if this passes.
Swatting: Knowingly and intentionally making false calls to emergency services.
Doxxing: Knowingly and intentionally revealing private details about someone’s life in a public manner without their consent.
(D)DOS attacking: Knowingly and intentionally flooding a service with requests that are misrepresented or are not intended to be followed through with.
Revenge porn: Knowingly and intentionally revealing private and explicit details of a person in a public manner without their consent.
Why do lawmakers always have to make these things so complicated? These are probably covered by existing laws, probably long before the Internet was widely available.
Like in Australia, everytime a cyber-bullying case happens, people call for new anti-cyber-bullying laws. They conveniently ignore the fact there is ALREADY anti-cyber-bullying laws in the Telecommunications Act. Just like with patents, adding “on a computer” or “on the Internet” seems to warrant a whole new law.
When well-meaning lawmakers get to work on legislation to improve online life, shouldn’t they be asking people who actually know what they’re on about for help so that the end result has a reasonable chance of being effective?
Re: Re:
I’d settle for not needlessly or callously endangering anyone, and worry about effective later. The law can be a very blunt instrument as shown by trying to shoehorn “SWATting” and “doxxing” into existing law.
Eagle Mountain Resident - He is not properly representing us
This guy is the elected rep for our part of Utah, and we are actively trying to get rid of him. Nothing but problems, and he’s trying to go for a Senate seat. Not on my watch.