Toward a Criminal Law for Cyberspace
Total Page:16
File Type:pdf, Size:1020Kb
View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by bepress Legal Repository TOWARD A CRIMINAL LAW FOR CYBERSPACE: DISTRIBUTED SECURITY BY SUSAN W. BRENNER NCR D ISTINGUISHED PROFESSOR OF LAW & T ECHNOLOGY , U NIVERSITY OF DAYTON SCHOOL OF LAW . E MAIL : SUSAN .B [email protected] .EDU WEBSITE : HT TP :// WWW .CYBERCRIMES .NET. Brenner – Distributed Security I. Introduction ................................ ................................ ................................ .............. 3 II. Evolution of the Current Model ................................ ................................ ................. 5 A. Rules ................................ ................................ ................................ ............... 5 1. Order ................................ ................................ ................................ ............... 6 2. Intelligence ................................ ................................ ................................ ...... 8 a) Ants ................................ ................................ ................................ ........... 11 b) Wolves ................................ ................................ ................................ ....... 15 c) Humans ................................ ................................ ................................ ..... 24 3. Control ................................ ................................ ................................ ........... 37 4. Territory ................................ ................................ ................................ ......... 40 B. Model ................................ ................................ ................................ ............. 40 1. Real -world crime ................................ ................................ ............................ 41 a) Proximity ................................ ................................ ................................ .... 41 b) Scale ................................ ................................ ................................ .......... 41 c) Physical constraints ................................ ................................ ................... 42 d) Patterns ................................ ................................ ................................ ..... 43 2. Traditional Model of Law Enforcement ................................ ........................... 45 a) Assumptions ................................ ................................ .............................. 45 b) Strategy and Structure ................................ ................................ ............... 49 III. Cybercrime and the Current Model ................................ ................................ ..... 55 A. Pro ximity ................................ ................................ ................................ ........ 56 B. Scale ................................ ................................ ................................ ............. 57 C. Physical Constraints ................................ ................................ ...................... 58 D. Patterns ................................ ................................ ................................ ......... 59 E. Sum ................................ ................................ ................................ ............... 65 IV. Toward a New Model: Distributed Security ................................ ........................ 65 A. From Hierarchy to Network ................................ ................................ ............ 66 1. Why impose responsibility for prevention? ................................ ..................... 74 2. How is responsibility to be imposed? ................................ ............................. 77 a) Voluntary ................................ ................................ ................................ .... 77 b) Obligatory ................................ ................................ ................................ .. 79 B. Distributed Security ................................ ................................ ........................ 83 1. Complicity ................................ ................................ ................................ ...... 85 2. Assumption of Risk ................................ ................................ ........................ 91 V. Conclusion ................................ ................................ ................................ .......... 95 2 Brenner – Distributed Security I. Introduction A set of rules and constraints that shape human action through inducing a particular pattern of human behavior. 1 Why “a criminal law for cyberspace”? should cyberspace have its own criminal law? What is it about cyberspace that requires the artic ulation of a set of distinctive principles governing the imposition of criminal liability? The simple answer is that cybercrime 2 creates challenges for the extant model of law enforcement 3 that are already of a severity sufficient to require the devel opment of a new model , one that can address these challenges .4 The model that is currently in use, 5 like all models of law enforcement, combines a set of legal principles (“the criminal law”) with a repertoire of operational procedures (“police practices”) to create the device, the architecture, a society uses in an effort to maintain “order,” a concept which is discussed below. 6 Because the extant model of law enforcement evolved within a specific historical context, it incorporates certain assumption s about the modes and methods of criminal behavior law enforcement agents will encounter in a given society. 7 Because these assumptions are historically derived, they can become at odds with the social realities law enforcement officers actually encounter at a particular moment in time; as the disconnect between one or more of these basic assumptions and experiential reality becomes increasingly apparent, law enforcement personnel will endeavor to have their model updated by incorporating new or revised as sumptions, but this can be a slow process. 8 Consequently, the deviation between embedded assumptions and empirical 3 Brenner – Distributed Security reality is particularly profound when a society is undergoing rapid, pronounced social and cultural changes. 9 The rise and proliferation o f cybercrime is revealing a profound, irreparable deviation between fundamental assumptions that configured the current model of law enforcement and the emerging texture of social reality in the twenty -first century. 10 The deviation is profound because sev eral already -apparent characteristics of cybercrime are inconsistent with assumptions that shaped the model’s basic operating premises; 11 it is irreparable because these premises cannot be modified to adapt the current model so that it can deal effectivel y with these aspects of cybercrime. 12 What is needed is a new model of law enforcement, one that is specifically designed to address the challenges of cybercrime. 13 This is where a “criminal law for cyberspace” comes in. Given the nature of the challenge s cybercrime poses for the traditional model of law enforcement, developing a new, cybercrime -adequate model is not simply a matter of devising new police practices. As noted earlier, a model, any model, of law enforcement is based on an array of police practices and a set of legal principles.14 Devising new police practices is therefore part of the calculus involved in creating a new model, but the model must also be supported by legal principles which reinforce and implement the approach it takes to wrong doing. 15 Articulating the precise contours of this new, cybercrime -specific model of law enforcement is an undertaking that is quite beyond the scope or ambitions of this article. It has two goals: One is to explain how the current model of law enforcement evolved and why a new model is needed; the other is to outline this new model and explain how criminal law doctrines can be used to implement it. Sections II and III trace the evolution 4 Brenner – Distributed Security of the current model and describe its limitations as to cybercrim e; section IV sketches the contours of the new model and explains the role “a criminal law for cyberspace” plays in its implementation. Finally, section IV presents a brief conclusion. II. Evolution of the Current Model [W]here . men live without ot her security than what their own strength . shall furnish them. there is no place for industry, . no culture of the earth, . no arts, no letters, no society. 16 The current model of law enforcement, like all the antecedent models, i s intended to provide a baseline of security in a society, a framework within which human activities, especially those that are essential to the survival and perpetuation of the species, can be conducted confidently and predictably. A law enforcement mode l is an extrapolation, an operationalization, of a criminal law. The function of criminal law is to maintain an acceptable level of ”order” within a society; 17 it does this by defining certain types of behavior, behaviors which threaten essential interests, as intolerable. 18 Merely defining behaviors as intolerable is not, however, sufficient to eliminate them; there must also be processes in place that discourage individuals from engaging in these outlawed behaviors.19 The sections below consider these tw o aspects of a law enforcement model -- “rules” and “process” -- in more detail.