Strike and Counterstrike: The Law on Automated Intrusions and Striking Back presented at BlackHatWindows 2003

by Curtis Karnow,

Summary : There is a growing interest in self help mechanisms to counter internet mediated threats. Content providers such as record labels and movie studios favor proposed federal legislation that would allow them to disable copyright infringers computers. Software licensors endorse state laws that permit the remote disabling of software in use by the licensee when the license terms are breached. Internet security professionals debate the propriety and legality of striking back at computers which launch worms, viruses, and other intrusions.
The presentation focuses on automated intrusions from routine search bots and screen scraping to intentional network assaults such as DDoS. Then it discusses legal doctrines used by the courts to evaluate claims that the assaults are illegal, as well as evolving legal issues of striking back at the attacking system. Courts are reaching back centuries for legal analogies in these cutting edge cases, and this presentation explores in plain English the rapidly developing issues in litigation such as the Intel spam case, the eBay/Bidders edge screen scraping matter, and then the application of self defense and self help theories to strike back at automated intrusions such as worms and viruses.