New Law Putting Net—and You—at Risk

Rapoza: Myopic, over-reaching legislation has already claimed its first victim-LaBrea.

As of this moment, the security level of the Internet has taken a big hit. And its not because of a new worm or some nefarious hacker collective; its because of a set of badly conceived laws that have been passed by several states.

These measures, referred to as Super DMCA laws (see Freedom-to-Tinkers Super DMCA page) are badly designed laws promoted by the Motion Picture Association of America. Super DMCA legislation has already been passed in Colorado, Delaware, Illinois, Michigan, Oregon, Pennsylvania and Wyoming.

Now Super DMCA has claimed one of its first victims, the award-winning open-source application LaBrea, which is designed to stop the spread of worms such as Nimda across the Internet. Tom Liston, the developer of LaBrea, has stopped distribution of the program for fear of prosecution under the Illinois version of this law.

Why would a program that stops harmful worms from spreading run afoul of a law that is on the surface intended to stop cable theft? Because, like the less-damaging federal DMCA law, Super DMCA is overly broad and lacks common sense (see Peter Coffees column on these laws).

One of the common aspects of these laws is that they make illegal any device or program that can "conceal or to assist another to conceal from any communication service provider or from any lawful authority the existence or place of origin or destination of any communication." Aside from LaBrea, this makes a whole set of common IT programs and hardware illegal, from firewalls to VPNs to privacy applications.

So if you live in one of these states, you are now breaking the law if you run a firewall. And if youre an IT admin that has all of your internal systems running on NAT, you could face as much as five years in prison and up to a quarter-million-dollar fine.

Tom Listons LaBrea, which I named the most useful application of 2001 and which was also a finalist in eWEEK and PC Magazines 2002 I3 Awards, clearly violates the letter if not the spirit of these laws.

Some would say that Liston probably wouldnt face any legal action, but under the federal DMCA, several companies and individuals have faced legal consequences for actions that had nothing to do with the original intent of the law. Russian programmer Dmitry Sklyarov was even jailed for a time under the DMCA.