According to Sen. Sharon Runner (Republican-Lancaster), it would not be too much of an effort to add such details to the current sex offender details that are already contained in sex offender registries.  Under federal law, people who have been convicted of sex offenses are required to register in a sexual offender registry after they have been released from prison.  The trigger for the proposed legislation was the revelation that the person involved in the murders of two San Diego teenagers had maintained a sexually explicit MySpace profile under a false name.  That man, John Albert Gardiner, pleaded guilty last year to charges of rape and murder of the two teenagers.  He was on parole at the time.  According to Runner, his MySpace account, which is full of graphic sexual content, should have sounded alarm bells.

According to Sen. Runner, the new provision that would require sex offenders to provide details about their e-mail IDs and social networking site usernames, would discourage crimes via the Internet.

Sen. Runner believes that the measure will cause sex offenders to think twice before they use the Internet for illegal activity.  San Diego criminal defense attorneys are not so sure about that.

The measure has already been sent to the California Assembly.  Several lawmakers have asked questions about how the state would pay for additional enforcement of these requirements.  There is also no information on how having access to a person’s e-mail IDs or social networking site usernames would prevent Internet crime activity or prevent a person from stalking potential victims.

The $1 billion class-action lawsuit will include separate incidents involving hackers who managed to break into Sony servers.  The class action lawsuit will also ask that Sony be made to pay for the expenses of fraud insurance and credit monitoring services for the victims for a period of two years.

The Canadian class-action follows the first U.S. lawsuit related to the recent intrusions against Sony in U.S. District Court.  That lawsuit has been filed by an Alabama man who is accusing the company of negligence and failing to protect, encrypt and secure sensitive data, and taking too long to notify users about the breach.

The most recent hacking incident, in which hackers broke into the Sony PlayStation Network, has caused the most serious damage.  These hackers are believed to have stolen sensitive information of more than 77 million PlayStation users.  The details include names, addresses, credit card details, and security questions.

This week, Sony confirmed that its Sony Online Entertainment PC Gaming service had also been hacked.  That security breach comes just a week after the company confirmed the intrusion into the PlayStation Network service.  According to the company, the Sony Online Entertainment breach exposed sensitive personal information belonging to more than 24.6 million users, as well as credit card information.

Sony now faces questions from a congressional subcommittee, which wants to know why the company waited to notify customers of the security breach, and how the company managed to identify how the breach occurred.  Lawmakers also want to know whether the company has managed to identify the individuals who were responsible for the breach.

According to a report in the Huffington Post, there are far too many people out there who fail to secure their routers.  This is in spite of the fact that according to a poll conducted for the Wi-Fi Alliance, 32% of Americans admitted that they have tried to access a wireless router that was not theirs.  However, far too many Americans believe in leaving their wireless routers open for outside use.  For some, it is a spirit of generosity that encourages them to do this.

Most wireless routers will come with encryption settings, but setting up the software requires some amount of technical knowledge.  Not surprisingly, many people fail to do so, and in some instances, the failure to secure the routers could have serious consequences.

There have been cases where people have been arrested by federal law enforcement officials, after downloaded images of child porn were traced to their routers.  In New York, one homeowner found himself under arrest after law enforcement officials traced downloaded images of child porn to his router.  It was only a few days later that the officers determined that he was innocent after all.  Soon, they arrested his neighbor, and charged him under child pornography laws.  In Florida, another man had a similar experience, when a neighbor outside his building used a tin can as an antenna to amplify his wireless signal.  That neighbor downloaded 10 million images of child porn.  The man was later arrested, and pleaded guilty.

Sen. Patrick Leahy, Democrat-Vermont, and the Chairman of the Senate Judiciary Committee, is soon to release a new version of an antipiracy bill.  A bill that was co-sponsored by Sen. Leahy was approved in November by the Senate Judiciary Committee, but failed to reach the Senate.  That bill was called the Combating Online Infringement and Counterfeits Act.  Earlier this month, Sen. Patrick Leahy along with House Judiciary Committee Chairman Lamar Smith, Republican-Texas, and representatives of the entertainment industry and labor organizations spoke about their intention to intensify the fight against piracy.   The bill is also being supported by Major League Baseball, the U.S. Chamber of Commerce, and trade groups with interests in film, music, and software.

The Obama administration has increased enforcement against websites that provide counterfeit or pirated goods. Most of this enforcement has involved domain seizures carried out by Immigration and Customs Enforcement.  Last November alone, officers of the Justice Department and the Department of Homeland Security seized 82 digital domains that trafficked in counterfeit and pirated goods

San Diego criminal defense attorneys also have issues with the free-speech implications of the bill.  The challenge in the implementation of any such proposed legislation would be to ensure that there are no infringements of individual civil liberties.   The complaint has often been that authorities do not allow website owners enough time to respond before these websites are seized.  Sen. Leahy says that he and his staff are working with the Department of Justice to ensure that there is sufficient judicial review to protect owners of sites that are seized.

A New Breed of Criminal?

A new California law that went into effect on January 1st makes it a crime for anyone to impersonate people online. California SB 1411 makes it a crime to “credibly impersonate another actual person through, or on an Internet website or by any other electronic means for purposes of harming, intimidating, threatening or defrauding another person.”

That also includes opening an e-mail account, or an account or a profile on a social networking profile in another person’s name. So, all those who think it’s funny to open an outrageous Twitter profile under Kanye West’s name, may find that there are consequences to such activities.

Existing law makes it and crime when someone “knowingly accesses and without permission alters, damages, deletes, destroys, or otherwise uses any data, computer, computer system, or computer network in order to … devise or execute any scheme or artifice to defraud, deceive, or extort.”  But this law goes much further by criminalizing many more activities.  It will be up to the courts to define exactly what activities are now illegal and what “harming, intimidating, threatening or defrauding” might mean.  Further, it is unclear when setting up an account in another name is a “credible impersonation.”

The bill sets criminal penalties for violations. Specifically, a violation may be punishable by a fine not exceeding $1,000, or by imprisonment not exceeding one year in a county jail. In addition, a person who suffers damage because of the violation of these laws is now allowed to bring a civil action against the impersonator for compensatory damages and injunctive relief.

Obviously, in addition to being vague and overbroad, there are serious free speech issues involved in a law like this. The law does not deal with such issues, especially those involving satire and parody. California criminal defense attorneys expect heated debate on the bill’s implications.  It is high time the California State Legislature stops adding new crimes to the books and deals with the real problems in this state.

Wardriving is the technique of driving around in a car with a laptop searching for unsecured wireless networks.  Have you ever been using your laptop in a new location and all of a sudden your laptop automatically connects to an unfamiliar network?  You just accidentally found an unsecured wireless network.  Some moron bought a wireless router and just plugged it into the wall without configuring any of the router’s security settings.  Mr. Moron is now providing free wireless internet to anyone within range and has just opened up his network to anyone who wants to use it.  A wardriver will hop in the car and seek out these unsecured networks, perhaps for nefarious purposes.

The crooks in this case apparently decided to wardrive down to their local strip mall and were probably pleasantly surprised to find that the computers used by retailers – those would be the one’s with all our debit and credit card information – were hooked up to wireless networks.  Why not just download all the information and go shopping?

To be fair, these retailers’ wireless networks were probably not completely unsecured – at least I hope not.  The crooks probably found ways to get around the security of these wireless networks.  Given enough time and computing power any wireless network can be cracked.  By definition a wireless network is constantly transmitting and receiving data over-the-air and anyone with the right equipment can receive it.

I have always been uncomfortable with the use of wireless networks in a business setting where confidentiality of information is an issue – and when is it not an issue?  Do you really want your competitors reading your email or seeing what websites you browse?  If you process thousands or millions of credit cards, security is paramount. 

Wireless networks have security and encryption settings and certainly they should always be used, but by their nature wireless networks are never totally secure.  I’m not sure I would ever trust them to keep my credit card information secret.  Several large retailers just learned this lesson the hard way – and 41 million consumers are paying the price.

As I mentioned in yesterday’s blog, two towns in Missouri have already passed cyberbullying ordinances.  Local ordinances are likely to be ineffective against an international medium like the Internet.  State or federal regulations are likely to be more effective, but face some of the same difficult issues.  Any cyberbully laws would have to be very carefully drafted to protect free speech.  It is also important to consider whether we want to differentiate conduct on the Internet from other conduct.  Is cyberbullying really that different from regular old-fashioned bullying?  Do we want to outlaw all bullying?  How do we define bullying or harrassment as opposed to say, just being a jerk?  Lawmakers need to proceed very cautiously.