C.S.: You consider the politicians who are supposed to sign the convention as incompetent, at the same time, you are stating a tendency towards a police state. Who is it then exerting an influence? Who follows what interests?
M.-M.: Banning the tools for attacks in electronic networks is a highly doubtful act. It may make sense to forbid conventional weapons, but even there it is questionable, if a ban of weapons protects from bank robbery. But in terms of computer networks it is a completely different story. Here, tools for attacks are the same tools as tools for security.
C.S.: I am still interested in the question what interests shall be put through by the Convention.
M.-M.: In large parts the Cybercrime Convention reads as the DMCA and the authorization of NIPC (National Infrastructure Protection Committee), which means USamerican ideas of how to guarantee computer security. That is securing systems not at a technical level, but by governmental surveillance. The main tendency of NIPC which has been founded to protect the national information highways from "cyberterrorism" goes into this direction. It is not about helping the operators of networked computer systems by handing out security tools, which would be the right way in my opinion, but about surveillance in order to be able to react to attacks. This won't work, and only justifies a police state but not computer security.
C.S.: The Cybercrime Convention should be signed after the summer break mid September. Is there any plans to take action against the signing?
M.-M.: Here at HAL we have been dealing with the history and the characteristics of the document, together with my British colleague Gus Hosein from GILC (Global Internet Liberty Campaign) who is much more familiar with it than me, and in a little workshop, we discussed strategies how to react to this for hackers highly alarming legislation. It is not yet decided if there will be a common resolution, or how we can address and educate our national politicians, and offer an interface for politics. One advantage hackers have in comparison to other organisations is that we do not only know how things work at a technical level, but we are dealing with it in an open way. We don't try to provide security by secrecy, but instead by merciless revelation. This is the only way to analyze the actual problems and to develop reasonable solutions.
European Council: www.coe.int
GILC - Global Internet Library Campaign: www.gilc.org
NIPC - National Infrastructure Protection Committee: nipc.gov
Published in: mute Magazine, Critical Information Services, issue 21, September 2001