Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Breaching an AUP a Crime In Western Australia

timothy posted more than 3 years ago | from the saw-it-in-wargames dept.

Australia 121

An anonymous reader writes "A recent court case highlights that breaching an acceptable use policy at work could land you in court in Western Australia: a police officer doing a search of the police database for a friend was fined — not for disclosing confidential police information, but for unlawful use of a 'restricted-access computer system' — cracking. More worryingly for West Australians, this legal blog points out that breaching any Acceptable Use Policy would seem to be enough to land you in jail for cracking — for example, using your internet connection to break copyright."

Sorry! There are no comments related to the filter you selected.

I don't see a problem with this (4, Insightful)

Anonymous Coward | more than 3 years ago | (#34898824)

I'm authorized to use the computer at work to search through medial records (I'm an Pharm.D), but I can get in trouble (and fined) for searching HIPAA records without cause.

Re:I don't see a problem with this (5, Insightful)

icebike (68054) | more than 3 years ago | (#34898904)

Exactly.

Almost nothing in this article suggests a vendor's AUP is the topic under discussion.

The guy was using a police database for pete sake. These things are always governed by special rules and regulations just like HIPAA.

Unlawful use of a 'restricted-access computer system' is not the same as an AUP issue. Once the system is covered or by a legal "Restricted-Access" designation its not an AUP.

Re:I don't see a problem with this (4, Funny)

Anonymous Coward | more than 3 years ago | (#34899256)

The problem here, is that this person is a police officer, yet he is being charged with a crime. Being a police officer is very demanding, and the same rules can not apply to them.

Re:I don't see a problem with this (1)

cheekyjohnson (1873388) | more than 3 years ago | (#34899518)

What? That's ridiculous. Police officers should have to follow the law like everyone else.

Re:I don't see a problem with this (1)

smash (1351) | more than 3 years ago | (#34900546)

If you were living in australia, you would have seen the biting sarcasm in that post. We've had a number of recent high profile cases of police acting as if they are above the law.

Re:I don't see a problem with this (1)

cheekyjohnson (1873388) | more than 3 years ago | (#34901354)

It seems so. It is ridiculous enough to be a sarcastic post, but I have actually seen people say similar things in a serious manner.

Re:I don't see a problem with this (0)

Anonymous Coward | more than 3 years ago | (#34901974)

Luckily, that sort of abhorrent behavior only happens in Australia. Here in the US, that law enforcement officer would be spending lots of time behind bars. Our LEOs are top notch!

By the way, Cheekyjohnson, please look up "cheeky".

Re:I don't see a problem with this (1)

davester666 (731373) | more than 3 years ago | (#34902150)

If you are alive, you would have seen the biting sarcasm in that post. We've had a number of recent high profile cases of police acting as if they are above the law.

FTFY.

Re:I don't see a problem with this (1)

MichaelSmith (789609) | more than 3 years ago | (#34902612)

Though compared to the US the issue overall is fairly minor.

Re:I don't see a problem with this (4, Insightful)

Lorens (597774) | more than 3 years ago | (#34899728)

Being a police officer is very demanding. The same rules can not apply to them. The rules are stricter for them.

There, corrected that for you.

Re:I don't see a problem with this (0)

Anonymous Coward | more than 3 years ago | (#34899956)

trollface.jpg ??

Re:I don't see a problem with this (2)

Barny (103770) | more than 3 years ago | (#34899448)

Not just police officers are covered by this, ALL public servants are, our country takes a very dim view of people abusing their position to access personal information for fun or profit and it is a federal offence.

Re:I don't see a problem with this (1)

GrpA (691294) | more than 3 years ago | (#34901554)

No, it's a state offence. Given the wording, I'd guess that this was related to section 440A of the criminal code, which is related to unauthorised use of a restricted-access system.

It has nothing to do with AUPs but a LOT to do with a stopping people from doing stuff they shouldn't be on a computer system that complies with the code.

Systems with AUPs are rarely "restricted access systems" - Most systems don't comply. The police network does.

So do some public networks. It's not going to be possible to protect, for example, a public service AUP such as Facebook or Myspace under this law. It excludes any service in which access is not restricted.

But I agree. He's likely to have broken other laws, both federal and state, with what he did.

GrpA

Re:I don't see a problem with this (1)

Barny (103770) | more than 3 years ago | (#34901636)

Actually there are a few other networks, medicare, centrelink, taxation, etc.

'Unauthorised' is about four pages of stuff (so far as centrelink and other public sector jobs go, not sure about police) you can't do with a system you have to access.

Of course other systems are protected by vairous laws, using someone elses wifi, hacking a facebook account (if the hacking is done in Australia) are among the things that are considered a federal offence. (just not under this specific one)

The law is very well used in the case the specified in the story, she should not have accessed the system in that way.

Re:I don't see a problem with this (1)

snowgirl (978879) | more than 3 years ago | (#34899560)

I read the summary, and came to the same conclusion based on the charge. (A similar charge exists in the US, and I had to look it up for an internet debate at one point. A restricted-access computer generally has to be run by the government.)

Thanks for laying things out so clearly at the front of the article... I didn't even have to put the first leg of my pedantic-bitch pants on...

Re:I don't see a problem with this (0)

Anonymous Coward | more than 3 years ago | (#34900920)

Gah. As the guy who wrote TFA, this is exactly wrong. They aren't governed by special rules, or she'd be charged under a special rule. Instead, she was charged with cracking. The fact that it's a police database was entirely co-incidental.

A Restricted-access computer system is defined in the criminal code as: "a computer system in respect of which —

(a) the use of a password is necessary in order to obtain access to information stored in the system or to operate the system in some other way; and

(b) the person who is entitled to control the use of the system —

(i) has withheld knowledge of the password, or the means of producing it, from all other persons; or

(ii) has taken steps to restrict knowledge of the password, or the means of producing it, to a particular authorised person or class of authorised person;"

Again, the fact that it was a police DB was entirely co-incidental.

Re:I don't see a problem with this (0)

Anonymous Coward | more than 3 years ago | (#34901646)

As an ex-employee of the Australian Federal Public Service, I can assure you that all public servants are governed by special rules, and that unauthorised access to federal systems is categorised as an illegal offense under some law that used to pop it's name up daily on my login screen but i can't remember the name of now.

Re:I don't see a problem with this (0)

Anonymous Coward | more than 3 years ago | (#34902206)

So you see nothing wrong at all with someone accessing your police records, credit rating, medicare records etc who has no reason to do so? You would think the government was in the wrong if they pressed charges against this individual accessing your personal data?

I suppose if someone cracked into the DSD computer network to attempt to steal sensitive information and the goons came around to their house asking questions you would be posting articles here on /. saying the government was sending goons to enforce the MS EULA or some such and other sky is falling hyperbole? After all it could not possibly have anything to do with someone trying to crack into a network requiring top secret clearance could it.

Re:I don't see a problem with this (2, Insightful)

Interoperable (1651953) | more than 3 years ago | (#34898984)

Accessing a private system in a way that is forbidden by it's owner should get you fired. Accessing confidential information for personal reasons might be a breach of contract or, in the case of medical records and other sensitive information, even be illegal in its own right. However, simply misusing a private system shouldn't be a criminal act.

It seems to me that it could be likened to trespassing. A property owner could allow the public onto property providing that they abide by certain conditions. Failure to abide by those conditions would warrant getting kicked off the property. Refusal to leave would then constitute trespassing; however, trespassing would not occur the instant that an individual broke the conditions.

Accessing a system once authorization to use it has been revoked could be considered unauthorized use. Claiming that authorization is defacto revoked once the acceptable use policy is breached has the effect of using authorized use laws as a proxy to put breach of the acceptable use policy into the criminal code. That, I hope, goes against the intent of the law.

Re:I don't see a problem with this (1)

SuricouRaven (1897204) | more than 3 years ago | (#34899196)

Much of this 'accessing a private system in a way that is forbidden by it's owner' is of a very trivial nature. Employes sneaking a few minutes break at work to check a website while they wait for an email, that manner of thing. The problem is that so long as it's possible for these trivial issues to be considered a serious offense of any form, there is the temptation for system operators to overreact - perhaps to make an example of someone, or settle a grudge.

Re:I don't see a problem with this (2)

Canberra Bob (763479) | more than 3 years ago | (#34899862)

TFA here though isn't referring to someone "sneaking a few minutes break at work to check a website while they wait for an email", it is talking about a police officer accessing personal and by its nature I would imagine very sensitive information on a police database, not a random website, that they had no legal reason to be accessing. This is a far cry from using company time to surf the web.

Re:I don't see a problem with this (1)

AHuxley (892839) | more than 3 years ago | (#34900682)

Australia has had a lot of police database issues. From the removal of original files and the double life of officers as active spies for criminal groups.
eg. "Victoria Police and the problem of corruption and serious misconduct"
http://www.opi.vic.gov.au/file.php?61 [vic.gov.au]
The NSA used levels of access, subsets of information was never open to anyone not cleared for that unique operation. The East Germans split all their spy info so no one person could ever walk out with full details.
In the private sector its a can be a internet free for all.
http://www.theage.com.au/technology/security/vodafone-sacks-staff-over-database-breaches-20110114-19q0y.html [theage.com.au]
http://www.zdnet.com.au/virus-hits-integral-energy-desktops-339298861.htm [zdnet.com.au]
Australia has a lot to learn at the low and mid level computing, usually buying in systems from the USA and letting the locals try their best. The NSA and GCHQ have worked with our top level defence staff, so thats more safe.

Re:I don't see a problem with this (1)

obeythefist (719316) | more than 3 years ago | (#34901246)

I don't think we should confuse the notorious Victorian Police with the West Australian Police. Very different organisations.

Re:I don't see a problem with this (1)

nurb432 (527695) | more than 3 years ago | (#34899006)

Following HIPAA regulations is different then a simple violation of an AUP.

Re:I don't see a problem with this (1)

Kalriath (849904) | more than 3 years ago | (#34899024)

It's a police database. Pretty sure it's not an "Acceptable Use Policy" at issue here, I'm pretty sure it's a fucking law.

This is a non-story.

Re:I don't see a problem with this (1)

Barny (103770) | more than 3 years ago | (#34899462)

Yup, all public servants are covered by that same law, they are not allowed to access any official records on any close acquaintance.

Re:I don't see a problem with this (1)

Anonymous Coward | more than 3 years ago | (#34899110)

There is no problem with this.
breaking the law can result in prosecution.
This is only possibly news to anti-copyright hippies living in moms basement.
There again...thats 99% of readers here.

Re:I don't see a problem with this (0)

Anonymous Coward | more than 3 years ago | (#34900456)

Everyone like to think he is special, not part of the masse. That make you part of the 99% of douche here.

Re:I don't see a problem with this (1)

Anonymous Coward | more than 3 years ago | (#34899616)

Agreed. I used to work for the police (not as a police officer, just regular staff) and my job routinely involved accessing, creating and supplementing various kinds of records, most of which contained confidential information and all of which were protected by law in terms of access, sharing, use, publication and so on. This access was most definitely audited. Anyone accessing records without being able to demonstrate a legitimate reason was in trouble and this kind of unwarranted access may well form part of a criminal offense. I've also worked for a national utility and had access to millions of customer records. Again this was audited and inappropriate access was not acceptable. I knew people who were dismissed because they couldn't resist being nosy and I knew people who were the subject of criminal proceedings because they were stupid enough to see this data as a useful resource for their greedy schemes, or they were dumb enough to sell or even give away information to a 3rd party. Another thing I learned was that there are *always* people trying to access such data illegitimately, not by some fantastic technical exploit but by social engineering. People who do this can be expert, plausible and determined which is why access and audit procedures have to be rigorous and the laws have to be enforced.

And that's why US law is different. (4, Insightful)

Jane Q. Public (1010737) | more than 3 years ago | (#34898834)

So far, the courts in the U.S. have ruled against such an idea, because in effect it would let companies define the law for themselves, at whim.

Re:And that's why US law is different. (1)

Haedrian (1676506) | more than 3 years ago | (#34898846)

The US ruled against a law which gives corporations more power?

Are we talking about a different US?

Re:And that's why US law is different. (0)

corsec67 (627446) | more than 3 years ago | (#34898870)

This is a work-related system, so possibly they have a signed contract between the employee and the police, which would be dealt with in the same way in the US.

Contracts that aren't signed are one thing, but if both parties have signed it, then it is a "Breach of contract", and definitely a crime in the US.

Re:And that's why US law is different. (0)

Anonymous Coward | more than 3 years ago | (#34898948)

You are correct, but you wouldn't receive a fine. Compensation would be required and determined in a civil court. The summarizer might have used the wrong terms though and I didn't rtfa so it might not have been an actual "fine", but compensation to the government.

Re:And that's why US law is different. (1)

smash (1351) | more than 3 years ago | (#34900592)

The individual in this case may well receive a fine. However there are also likely privacy laws that were breached (seperate and standing on their own in addition to the breach of acceptable use) that the cop violated, and i'm guessing that is why the sentence was so stiff.

Re:And that's why US law is different. (4, Informative)

Carewolf (581105) | more than 3 years ago | (#34898962)

How could breach of contract EVER be a crime?? It is a breach of contract, not a violation of a law, when you breach a contract you get the consequences listed in the contract, or if you refuse them a civil law suit, but not a fine and not a prison sentence.

Re:And that's why US law is different. (2)

DaveGod (703167) | more than 3 years ago | (#34899710)

How could breach of contract EVER be a crime?? It is a breach of contract, not a violation of a law, when you breach a contract you get the consequences listed in the contract, or if you refuse them a civil law suit, but not a fine and not a prison sentence.

My reading of TFA is that breach of the AUP itself was not what made this illegal. The AUP was merely the mechanism that had communicated to (or perhaps reminded) Ms Giles that her use was unauthorised.

Similarly, say a self-employed personal is contracted in to provide some sort of safety role, in the knowledge that the other party would be wholly reliant on their performance for safety, then recklessly fails to fulfil that role. The contractor may then be up for involuntary manslaughter not because of breach of contract but incidentally for the same reasons that he might also be sued for breach of contract.

Obviously there are still some issues here, like it appears rather easy to find yourself breaching your "authorised use" compared to the tests required to establish a criminal negligence in a manslaughter. Perhaps relevant though that this was a restricted database and Giles' employment position indicates she should have full appreciation of the restrictions and implications. That is very different to some garbage click-though AUP on home software.

Re:And that's why US law is different. (1)

Daniel Dvorkin (106857) | more than 3 years ago | (#34900182)

Think of it in terms of trespass. Trespass law says, basically, "It's a crime to be on private property if the owner doesn't want you there," but it doesn't say anything about why the owner doesn't want you there. So if I say "you can walk across my yard" and my neighbor says "you can walk across my yard as long as you're not wearing a red shirt," you're committing a crime if you walk across my neighbor's yard wearing a red shirt, but walking across my yard, you're fine.* The crime is not in your choice of clothing, but in being on the property against the owner's wishes.

*Except, of course, that you will be killed by the monster of the week.

Re:And that's why US law is different. (1)

sg_oneill (159032) | more than 3 years ago | (#34900296)

Thats a nice analogy for something that ,however , isn't true.

A breach of contract does not breach criminal law. Its not a crime to breach a contract unless it devolves into ,say, fraud (which is narrowly defined) or something like that.

It is however a breach of civil law and thus is sueable.

Re:And that's why US law is different. (1)

Daniel Dvorkin (106857) | more than 3 years ago | (#34900374)

AUPs and TOSs aren't contracts, though. The law hasn't decided exactly what they are. It's an area that will almost certainly keep evolving.

Re:And that's why US law is different. (1)

gl4ss (559668) | more than 3 years ago | (#34902388)

breaking your vows as a county/country/national official is usually a crime though. and doing favor searches for a friend is exactly that.

Re:And that's why US law is different. (1)

Jane Q. Public (1010737) | more than 3 years ago | (#34899134)

Breach of contract is at most a civil issue, not a crime.

Re:And that's why US law is different. (3, Informative)

vux984 (928602) | more than 3 years ago | (#34899252)

Contracts that aren't signed are one thing, but if both parties have signed it, then it is a "Breach of contract", and definitely a crime in the US.

Breach of contract is NEVER a crime in the US.

When you borrow money from the bank, and then miss a payment, you are in breach of contract. That's not illegal. You aren't a criminal. Its not a crime.

The contract may spell out consequences when you are in breach that you may be subject to (such as having the full loan amount being immediately repayable...) and the bank can sue you for damages caused by you not making your payment... and so forth.

Re:And that's why US law is different. (1)

Barny (103770) | more than 3 years ago | (#34899470)

Not a contract, its a law in Australia that public servants are not allowed to access records of close acquaintances.

Re:And that's why US law is different. (0)

icebike (68054) | more than 3 years ago | (#34898926)

So far, the courts in the U.S. have ruled against such an idea, because in effect it would let companies define the law for themselves, at whim.

Not germane here.

Break into your local police computer system and see how far the courts protect you.

It wasn't a "policy" that was violated, it was a "LAW". There are similar laws in virtually every state as well as at the federal level.

Re:And that's why US law is different. (1)

Carewolf (581105) | more than 3 years ago | (#34898972)

That is what I thought, but according to the summary he was sued for violating the policy not for violating the law. This might be a misunderstandment or this might be a devious attempt to set a precedence by using the wrong violation in an otherwise obvious case.

Re:And that's why US law is different. (0)

icebike (68054) | more than 3 years ago | (#34899040)

That is what I thought, but according to the summary he was sued for violating the policy not for violating the law. This might be a misunderstandment or this might be a devious attempt to set a precedence by using the wrong violation in an otherwise obvious case.

That's why you should always RTFA instead of trusting the summary.

From TFA:

unauthorised use of a restricted-access computer system. And that is an offence under the Criminal Code (WA). Section 440A(2)

She (not he) was not sued. She was CHARGED with a violation of a statute.

Re:And that's why US law is different. (1)

jedidiah (1196) | more than 3 years ago | (#34899348)

...except if this was a cop, it was likely authorized use.

The cop just abused their access priveledges.

This is a violation of an internal policy, not cracking or trespassing.

Re:And that's why US law is different. (2)

bws111 (1216812) | more than 3 years ago | (#34899380)

If he abused his access privileges then it is not 'authorized use'. The laws are against unauthorized use.

Re:And that's why US law is different. (1)

slashqwerty (1099091) | more than 3 years ago | (#34902060)

If he abused his access privileges then it is not 'authorized use'. The laws are against unauthorized use.

A similar issue came up in the United States in 2008. Lori Drew [wikipedia.org] was prosecuted for violating the MySpace terms of use when she logged in with an alias, which meant accessing MySpace computers in "excess of authorized use"*. The jury convicted her. The judge threw out the conviction for the reasons mentioned by other posters along with the idea that the law would be unconstitutionally vague because there would be a lack of guidance for law enforcement and a lack of notice to the public.

*The case was heavily covered on Slashdot. Drew's reasons for accessing the system were highly unethical but not illegal at the time, so the prosecutor decided to get creative and charge her with exceeding the level of authorization granted by the terms of use.

Re:And that's why US law is different. (1)

smash (1351) | more than 3 years ago | (#34900602)

Authorized use is for the purposes of an official investigation. Not looking up personal acquaintances.

The police database is not the fucking white pages.

Re:And that's why US law is different. (2)

icebike (68054) | more than 3 years ago | (#34900622)

This is a violation of an internal policy, not cracking or trespassing.

Can you not READ?

Its a violation of Australian LAW. They even quoted the law for you on TFA. She was found Guilty.

Still you want to argue?
From which college did you get your Australian Law degree?

Re:And that's why US law is different. (2)

Jane Q. Public (1010737) | more than 3 years ago | (#34899154)

The other responders have already explained this, I guess. In my state it is against the law for a police officer to use their records database in any way that is outside their official duties, just as you say. (In other words, unauthorized access and searches are illegal.) But I am far from certain that is true in all states.

Regardless, that isn't what the article was about.

Re:And that's why US law is different. (2)

CanadianRealist (1258974) | more than 3 years ago | (#34899092)

"it would let companies define the law for themselves, at whim"

The key point being that "at whim" means without paying sufficient amounts of money to legislators. Companies are free to define the law for themselves, as long as they are willing to pay for it.

Re:And that's why US law is different. (1)

shentino (1139071) | more than 3 years ago | (#34899248)

Not to mention that most AUPs say "we reserve the right to change any term with or without notice at any time", which could be construed as ex-post facto law if you are not notified with sufficient opportunity to cure.

Re:And that's why US law is different. (1)

Max Littlemore (1001285) | more than 3 years ago | (#34900200)

This has nothing to do with AUP. This is entirely because the idiot was accessing a secure government system.

So far, the U.S. gov't has extradited people for this and the U.S. courts have given them custodial sentences.

Pretty sure article/summary is overboard (4, Informative)

rrossman2 (844318) | more than 3 years ago | (#34898840)

It's no different than having access to a system tied into say patient records. There's no need or reason for you to go looking at information on someone else who you aren't treating or don't have permission to look at (for example in the US you have to sign papers for doctors to transfer your medical records etc to another doctors office).

I think the article is extrapolating something to include everything, where it shouldn't

Re:Pretty sure article/summary is overboard (0)

Anonymous Coward | more than 3 years ago | (#34898910)

You mean SlashFUD against some possible common sense law? Every country has some sort of database put together that lists vast amounts of the populations information intended to help those we put in authority solve crimes. When they start using that information to look up information on past girlfriends and neighbors without even a written report we have a problem. If these agencies really want to show the laws are effective they need to be shown the double edged sword and be tried the same way anyone else would be if they accessed information they were not entitled to.

Re:Pretty sure article/summary is overboard (1)

Mashiki (184564) | more than 3 years ago | (#34899722)

I agree with what you say on this. Personally I'm surprised he only got fined, in Canada if you do what he did and you're a cop it's one of a few choices depending on how bad it is. Demotion of on average of 4 ranks(down as far as 4th rank constable -- that's one step above a base recruit), no pay for 60 days, or fired.

Hmmm (1)

Sulphur (1548251) | more than 3 years ago | (#34898868)

When your job is to uphold the law, it is a bad idea to organize the conspiracy.

missing the point entirely (1)

FuckingNickName (1362625) | more than 3 years ago | (#34898874)

By default you have privacy and property ownership: the Wireless Telegraphy Act in the UK, for example, doesn't let you intercept messages without the consent of the sender. Just because it's "on the Internet", laws don't suddenly stop applying. So, unless your contract stipulates otherwise, standard laws apply - and the AUP specifies the limit on what you're allowed to do with someone else's system. Make sense?

One step closer (2)

countertrolling (1585477) | more than 3 years ago | (#34898888)

to prison for violating an EULA...

Malicious or stupid. Or both. (5, Insightful)

SpeedyDX (1014595) | more than 3 years ago | (#34898898)

TFA says right off the bat that in the case in question, Giles v Douglas, was charged under a CRIMINAL statute. Giles was granted special permission under certain specific conditions to use the police database. She did not adhere to those conditions and thus her use of the database was impermissible. Impermissible use of the database is a criminal offence (instance of s440). There's nothing special about this case.

Breaching the AUP is not a crime. Breaching the AUP in a manner that leads to committing a crime is also not a crime. BUT COMMITTING A CRIME IS A CRIME! It just so happens that an AUP is involved in the details of this case.

Re:Malicious or stupid. Or both. (1)

jedidiah (1196) | more than 3 years ago | (#34899390)

In other words it was a violation of internal policy.

It's impossible to know from observing the "crime" whether or not it was infact a crime.

THIS is probably what a lot of people here have trouble with. It was an act that was not obviously illegal just by looking at it.

Re:Malicious or stupid. Or both. (0)

Anonymous Coward | more than 3 years ago | (#34899990)

And rephrased a different way, she purposefully access a police database for personal reasons. That's a very different league to someone browsing the net when they shouldn't at work.

I used to have access to the UK benefits (unemployment, disability etc) database when I worked for the Department of Work and Pensions. I used the database every day in the normal course of my work, and there were similar warnings against personal use splashed all over the login. However, it was made very clear to me during the induction that poking where I shouldn't would not only cost me my job, it would also be a criminal offense.

While the report doesn't mention it, I'd be very surprised if she hadn't had similar warnings during her training/induction.

If there were legitimate concerns that should be raised with the police regarding the child, she should have followed procedure, file a case or however they handle such things for the general public. If there aren't legal reasons to look up the data, then using the database should be as illegal as if I'd been concerned for a neighbour's finances and looked up his records.

Re:Malicious or stupid. Or both. (0)

Anonymous Coward | more than 3 years ago | (#34901330)

Well that's why we have courts and trials and judges because a crime needs to be proved, which in this case it was. People here have trouble with reality.

Re:Malicious or stupid. Or both. (1)

Cederic (9623) | more than 3 years ago | (#34900042)

Breaching the AUP is not a crime.

Nobody is suggesting that it is.

However: Accessing your ISPs systems without permission is illegal access and is a crime.

Do you have permission? Only if you obey the AUP.

The article thus posits that by breaching the AUP you cease to use the services in an authorised manner. Using the services in an unauthorised manner is illegal and you broke the law.

I personally think it's full of shit, but legally it may nonetheless be true. Ask a lawyer.

Re:Malicious or stupid. Or both. (1)

hldn (1085833) | more than 3 years ago | (#34900856)

Breaching the AUP is not a crime.

Nobody is suggesting that it is.

so now we're not even reading the titles of summaries on slashdot anymore?

Re:Malicious or stupid. Or both. (1)

Cederic (9623) | more than 3 years ago | (#34902880)

The title is sensationalistically misrepresenting the article. That doesn't qualify as a claim.

HOW'Z IT GO ?? OH, YEAH !! (0)

Anonymous Coward | more than 3 years ago | (#34898932)

Don't go to bed with no price on your head
                      No no don't do it

Don't do the crime if you can't do the time
                      Yeah don't do it

And keep your eye on the sparrow
When the going gets narrow

                      Don't do it
                      Don't do it

Where can I go where the cold winds don't blow
Now !!

Now is that really so hard ?? Instead of asking, why do THEY make this illegal, ask, why am I doing this illegal act !! Then tell yourself, don't do it !! Easy !! Simple !!

Oh, the Possibilities (0)

Anonymous Coward | more than 3 years ago | (#34898974)

Good thing Clear isn't in Australia. Get thrown in jail for using more than 7 GB a month is a bitch.

restricted-access computer system (3, Interesting)

AfroTrance (984230) | more than 3 years ago | (#34899016)

restricted-access computer system means a computer system in respect of which —

(a) the use of a password is necessary in order to obtain access to information stored in the system or to operate the system in some other way; and

(b) the person who is entitled to control the use of the system —

(i) has withheld knowledge of the password, or the means of producing it, from all other persons; or

(ii) has taken steps to restrict knowledge of the password, or the means of producing it, to a particular authorised person or class of authorised person;

The definition of 'restricted-access computer system'. My interpretation of this, is that a police database would fall under this, but an internet connection would not. But the law isn't worded very well. It seems it was added in 1990, and written by someone with little understanding of computers.

Re:restricted-access computer system (1)

SuricouRaven (1897204) | more than 3 years ago | (#34899286)

Are you sure this is the current version, and it hasn't been amended since? It seems very limited to limit the law to systems with password authentication. If it matters, dialup and most ADSL systems (At least those using PPPoE) do use passwords for authentication. Cable internet (DOCSIS) doesn't, but rather authenticates the modem hardware.

Re:restricted-access computer system (1)

AfroTrance (984230) | more than 3 years ago | (#34900158)

Yes. The blog has a link to the WA government website, which has latest criminal code (as of 18/10/10).

Yes most internet connections you authenticate, but you don't need a password to access the internet. And would you define the entire internet as a 'computer system'?

It also states the 'computer system' must be restricted to authorised person(s). The internet isn't a restricted system.

Re:restricted-access computer system (0)

Anonymous Coward | more than 3 years ago | (#34901308)

However, the ISP you connect to is restricted - the only authorised people are paying customers.

Re:restricted-access computer system (0)

Anonymous Coward | more than 3 years ago | (#34900972)

(As the guy who wrote TFA:) Password is defined in the criminal code:

"password includes a code, or set of codes, of electronic impulses;"

So the authentication done in modem hardware would, IMO, constitute a password.

Cracking? (1, Offtopic)

ArchieBunker (132337) | more than 3 years ago | (#34899060)

So using a system you already have access to but not following workplace policy is cracking? You sound like one of those people who refuses to have a bank account and then wonders why nobody will hire you.

Re:Cracking? (1)

SuricouRaven (1897204) | more than 3 years ago | (#34899290)

Remember that laws are usually not written by people with a technological background. This is why there have been cases of people facing criminal hacking charges for things like guessing a default password of 'password'.

Re:Cracking? (1)

bws111 (1216812) | more than 3 years ago | (#34899360)

There are no laws against 'hacking' or 'cracking'. The laws are against "unauthorized use of a computer". It doesn't matter what method you used to access the computer, just that it is not authorized. Just like unauthorized access to physical property can get you a 'breaking and entering' charge, even if the only breaking you did was to push open an unlocked door.

Re:Cracking? (1)

Barny (103770) | more than 3 years ago | (#34899510)

Its not workplace policy, its law that no one is allowed to access police (or any other public database) for purposes other than their job. Remember with the information in these files they could set up a massive identity theft, blackmail, etc.

Citizen's Acceptable Use Policy (0)

Anonymous Coward | more than 3 years ago | (#34899068)

There is an easy fix for that.

Citizens of the world should establish and join an organization, which would create it's own Acceptable Use Policy, when other organizations, including corporations, etc. are dealing with their members.

If corporations and other organizations are entitled to create and legally enforce "Acceptable Use Policies", most certainly citizens, consumers should have the same right.

Re:Citizen's Acceptable Use Policy (0)

Anonymous Coward | more than 3 years ago | (#34899236)

Congratulations, you've formulated a bullshit fix to a problem that doesn't even exist. RTFA.

Re:Citizen's Acceptable Use Policy (1)

SuricouRaven (1897204) | more than 3 years ago | (#34899316)

People: We demand fair treatment!
Corporations: Then we won't do business with you.
People: Fine! We don't need you.
Corporations: ...
People: I miss facebook. And my mobile phone won't work. And I want to see the next episode of House.
Corporations: Sign the agreement.
People: Oh... you win.

Re:Citizen's Acceptable Use Policy (0)

Anonymous Coward | more than 3 years ago | (#34901414)

The headline should read "Breaching a Police Database a Crime in all of Western World". The article is pure idiocy, only matched by your "solution" to this nonexistent problem.

Criminalization of a civil issue (1)

nurb432 (527695) | more than 3 years ago | (#34899076)

Transfers the cost to the taxpayers, and makes fishing expeditions pretty painless, and zero risk, for the companies doing it.

Stuxnet false flag op (0)

Anonymous Coward | more than 3 years ago | (#34899144)

Yesterday I told you I thought the stuxnet was a false flag op. Today it's proven.
It would sure be nice if all you slashdot heads took a break from compiling your latest kernels, and stop towing the establishment agenda.

Elections - abused by electronics - /.'ers poo poo it.
Spying - abused by fios splitters - /.'ers poo poo it.
HFT - poo poo
Stuxnet - The Protecting Cyberspace as a National Asset Act of 2010 + Internet ID

The dirty secret is if elections can be manipulated, so can fighter aircraft, space craft, nuclear reactors, os's, and the monetary system itself

Quit saying this stuff is okay. It's fucking not okay! It's treasonous! Wake the fuck up!

Huh? What's the problem? (5, Insightful)

adamofgreyskull (640712) | more than 3 years ago | (#34899288)

Another misuse of the "Your Rights Online" tag and there are already a metric crap-tonne of morons saying that this is awful. It's a blog post that completely misses the fucking point. If wikileaks had reported that Australian police were allowed to look up information on citizens without a valid reason (i.e. for shits and giggles) everyone would be up in arms saying, "Isn't this terrible?". This isn't just a breach of an Acceptable Use Policy, it's against the law, for some very fucking good reasons. There are laws and procedures in place to stop simple invasions of privacy (like this) but also to stop criminals from bribing corrupt Police Officers to look up information for them.

Re:Huh? What's the problem? (0)

Duradin (1261418) | more than 3 years ago | (#34899398)

/. doesn't get along with rules well (unless it is the GPL, the holy word of RMS [blessed be his beard]). All it would take is a poorly worded summary and /. would be up in arms against a law that prohibits using planet-killing scale weapons.

Re:Huh? What's the problem? (0)

syousef (465911) | more than 3 years ago | (#34899486)

/. doesn't get along with rules well (unless it is the GPL, the holy word of RMS [blessed be his beard]).

You misspelt infested.

Re:Huh? What's the problem? (0)

Anonymous Coward | more than 3 years ago | (#34900284)

All it would take is a poorly worded summary and /. would be up in arms against a law that prohibits using planet-killing scale weapons.

And by /. you mean everyone on /. but yourself of course, because you're only a part of the community to show it its failings.

Re:Huh? What's the problem? (2)

Gnavpot (708731) | more than 3 years ago | (#34900260)

It's a blog post that completely misses the fucking point. If wikileaks had reported that Australian police were allowed to look up information on citizens without a valid reason (i.e. for shits and giggles) everyone would be up in arms saying, "Isn't this terrible?".

I haven't RTFB, but I have RTFS, and it already addresses this:
"a police officer [...] was fined -- not for disclosing confidential police information, but for unlawful use of a 'restricted-access computer system'

What is worrying in the story is that she was not fined for her real, very serious, and I hope very criminal offense, but instead was fined for something which is usually not considered a criminal offense, but merely a breach of contract: Using a service with permission but not complying with the usage policy.

Let us use a car analogy:
A policeman deliberately hits a person with a police car, causing the person to die.
Instead of charging him with murder (or whatever the correct legal term is), he is charged with car theft.

The logic behind:
He had a permission to use the car for police work. He had no permission to use the car for murder. Using a car without permission = car theft.

Re:Huh? What's the problem? (2)

bws111 (1216812) | more than 3 years ago | (#34900836)

It does make sense like it is. In your car analogy there were two crimes committed: car theft and murder. If they had evidence he took the car, and didn't have evidence that he was the murderer, it would indeed make sense to only charge him with car theft. For the case at hand, I don't know if a cop giving someone information is a crime or not, but even if it was, how would they prove it? She gave the info to a friend, at the friends request. Who would even know a crime occurred?

The fact that she was charged with unauthorized access of a computer and not some sort of breach of contract also makes sense. What if the person accessing the database was not a cop? A cop who is not authorized to do a search is no different from a person off the street, and if they both perform the same action they should both be liable for the same penalties.

Re:Huh? What's the problem? (0)

Anonymous Coward | more than 3 years ago | (#34901528)

If you or I had done this, we'd get 5 years minimum for a fistful of hacking charges. When someone in the system does this, they get a slap on the wrist. There are thousands of real world examples of your hypothetical. Cops get away with murder all the time.

Re:Huh? What's the problem? (0)

Anonymous Coward | more than 3 years ago | (#34902604)

She was charged with unauthorised user of a computer system. In Australia that is an criminal offense, Even unauthorised use of an open wireless access point is a criminal offense here. And to be honest I fully support them being criminal offenses, a few years back a whole raft of public servants were also charged under this crime for accessing social security records. It is actually nice that people with vast access to citizens private information have at least someone looking over their shoulder to slap the bastards when they overstep the bounds.

Re:Huh? What's the problem? (0)

Anonymous Coward | more than 3 years ago | (#34902050)

"but also to stop criminals from bribing corrupt Police Officers to look up information for them."

This is how you stay ahead of the game, at least in China. Don't see any problem coming from this one.

Searching Obama's student loan info (1)

Anonymous Coward | more than 3 years ago | (#34899438)

The people who searched Obama's student loan info during his campaign got in a lot of trouble. They all lost their jobs and I think got probation. How is what the cop did any different?

Most companies of any decent size or who work with a company of any decent size have an AUP that makes it pretty clear that you can only access data on the company's systems for your job duties and not for anything else. If you violate that AUP you are aware it is wrong and should face the consequences. If you're lucky you'll only lose your job, but in serious cases I think you should face jail time. For instance if you looked up an address for a friend's ex-wife, it might be to send her money he owes her like he claims, or it could be because he wants to murder her...

It's a police database, so it's not unusual (0)

Anonymous Coward | more than 3 years ago | (#34899770)

In the United States (or at least in Florida, where I work) police databases are privileged information. Police officers are only allowed to access them when actively investigating crimes or civil infractions of the law. The public can only access scrubbed versions which redact private information like social security numbers and home addresses.

Illicit access, irregardless of disclosure, is a third degree felony under Florida law.

Then again, in our system specific databases are covered by specific criminal laws, so there's probably a difference between our system and this particular Australian incident.

newsflash: (1)

smash (1351) | more than 3 years ago | (#34900564)

If i don't like the colour of your fence i can take you to court over it. Doesn't mean i'll necessarily win.

I think this is far more reasonable than the cases in the US of people for example taking people to court for burning themselves on coffee because it wasn't labelled as hot, and WINNING.

If you abuse your authority to access private information, or breach terms of use that you signed then it SHOULD be legitimate for the provider to take you to court over it. If you disagree with terms of use, don't sign them.

Un-Authorised use (1)

Ozoner (1406169) | more than 3 years ago | (#34900794)

This situation is quite common.

It is illegal for Government Officers (in Oz and probably elsewhere) to use a Government Data Base for anything outside their authorisation. Like searching for a friends address.

The logs are kept and frequently analysed.

I live here! (0)

Anonymous Coward | more than 3 years ago | (#34901222)

Aww shit, I live in WA.. this is kinda scary, thinking they could jail my ass for ripping copyright songs. >.> (but there IS a fair use clause.. erm)

Easy solution (0)

Anonymous Coward | more than 3 years ago | (#34902330)

Don't use your Internet connection to violate copyright, then you won't be susceptible to either civil or criminal charges.

Break out of the media consumption cycle and you'll have more time for things that actually matter.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?