RIP: a well-intentioned act that only hits the good guys

Jack Schofield


The European proposals on cybercrime, reported in last week's issue, are strangely similar to Jack Straw's...

Jack Schofield


The European proposals on cybercrime, reported in last week's issue, are strangely similar to Jack Straw's Regulation of Investigatory Powers (RIP) Act.

What they have in common is that they originated with groups of people who may be sincere in their intentions - even the Home Office deserves the benefit of the doubt, sometimes - but are clueless with regard to outcomes.

This is not unusual, and the last "Old Labour" government was famous for this approach.

For example, Labour naturally wanted to protect the rented accommodation inhabited by many of its low-paid supporters.

Fair enough. But its rent acts actually drove rented accommodation off the market, and sparked the creation of a nation of Thatcherite homeowners.

The same government wished to prevent British funds flowing overseas, so it introduced exchange control regulations that also had the opposite effect to the one intended. People able to move their funds overseas promptly did so.

So it's no surprise to see New Labour doing things to drive e-commerce overseas while claiming - and even believing - the reverse.

Now the Council of Europe's Convention on Crime in Cyberspace is threatening to make European systems less secure by preventing us from using "cracking" tools.

But if I install, say, a firewall, the first thing I want to do is test it.

And, I would be an idiot not to test it using the readily available tools that crackers in other countries will obviously use when they are attempting to break in.

And, if I am going to use a commercial password protection system, I want to know how secure it is.

I will obviously trawl the Web to find out whether there are utilities that claim to break that protection, and try them to see if they work. It's only common sense.

But one striking difference between "the old days" and today is that the new "electronic laws" can easily be ignored by anyone who does not wish to comply with them. The Internet makes them, in effect, optional.

Any competent IT person can quickly figure out how to defeat the RIP Act, while any intelligent user can obtain cracking tools in anonymous ways.

And laws that damage the interests of the good guys, while having no impact on the bad guys are basically bad laws, no matter how well intentioned they may have been.

Jack Schofield is computer editor of The Guardian

Read more on Hackers and cybercrime prevention