Upload
akashag11111
View
250
Download
1
Embed Size (px)
Citation preview
The [digital] Document That Will Not Die:
Attempted suppression & secrecy in the
Internet age David Vaile, Executive Director and Alana Maurashat, Deputy Director
Cyberspace Law and Policy CentreUNSW Law Faculty
http://cyberlawcentre.org/2008/AIJA/
Intro
Alana M - greetings from Canada!UNSW Cyberspace Law and Policy CentreAppreciate invitation address conferenceCentre’s interests overlap issues raisedMaterials available onlineThanks also to AustLII for hosting sites
Contents
Difficulties for legal attempts to suppress and/or keep secret critical documents
Suppression by courts, general problems Examples Wikileaks - court decision - tech blogs ‘Underbelly’: ineffective court order? Benbrika, Henson HD-DVD encryption code and Digg HK police corruption data Japan ‘Winny’ virus case
Scope
Suppression and secrecyFocus more on technical rather than legal
aspectsMaterials from: in court, subject of court
proceedings, subject to litigious claims/attempts to suppress, or justice system
Digital documents generally, including audiovisual, data, images, ‘documents’
Networking/Internet critically important
Why does this matter?
It’s easy to assume that Orders can just “make it happen”
Reality is increasingly recalcitrantUsers of Internet are ever younger,
more creative and more connectedIT security model is failing under the
assault of technical and human threatsPotential challenge to authority and
reputation of courts
Wikileaks & Julius Baer (Swiss bank)
Wikileaks in US – http://www.wikileaks.org/ Copies of internal JB documents: company helps
customers launder money illegally via Cayman Is.?
Ordered to remove domain name Not IP address: could still access with IP number Media coverage ‘Mirror’ sites – copies, blogs Re-register on foreign server Documents still found on Google, Google cache,
and Wayback machine (Internet Archive)
Google Cache
Based on Google spider indexing vast amounts of the web
Most recent version is retained, but also some arbitrary earlier version of some pages
Tend to be more recentLast item or so in Google result list entryIf ‘Cached’ link in Google list is not visible,
try ‘Similar Pages’
(current wikileaks screen)
(cached wikileaks screen)
(redirect)
(Cache screen)
Internet Archive/Wayback machine
Historical versions of many web pagesLike historical compilations of ActsGoes back many years6 months or more for pages to appear Sites can exclude by using Robots.txthttp://www.archive.org/
(wayback lawtech screen 0)
(Wayback CLPC list screen)
(clcp 2006 screen)
Suppression orders generally
Not comment on intrinsic merits of use of suppression for specific public policy goals
Some concerns among practitioners, particularly following media-sponsored Moss Report of the Independent Audit into the State of Free Speech in Aust. (Oct 2007)
Though ‘He would say that, wouldn’t he’Hostile to privacy claims too?
Suppression Order Data Analysis
State / Number of Orders 2004-2007NSW 107NT 9QLD 6SA 75WA 23VIC 697TAS 0TOTAL 917(Moss: News Limited – at 12 September 2007)
General limits to ‘open justice’
[I offer comments to flag issues, not as exhaustive treatment!]
Sub judice, inc. committal and bail proceedings Idoport v NAB 47 [2001] NSWSC: Einstein J’s six limitations
to principle of open justice for cases involving: Trade secrets, secret documents or communications Blackmail The need to maintain order in the court National security Administrative action better dealt with in chambers Court as a guardian of wards of state or mentally ill
Unclear to what extent court has power to make order which binds those not present in court in relation to reporting on, or publishing information about, the proceedings in question – no express statutory power? (Moss)
Stat. Prohibitions on Publication
(Moss 2007 Ch8 Annex B) Identification of victims of sexual assault ID parties, witnesses in family law proceedings ID children in criminal proceedings Matching organ donors and donees (ACT) Guardianship and Children's Court proceedings Adoption proceedings Coroners' general powers ID members of juries Statements cannot be proved true, adversely affect person's
reputation or cause others to shun or avoid (defamation) Online behaviour which is menacing harassing or offensive Monitoring or recording of private conversations or activities Spent Convictions Protection of information about Individuals (incl. info not
confidential) Telecommunications privacy (general) Health Privacy
‘Underbelly’
Attempt to prevent potential Vic. jurors seeing TV dramatisation of notorious crime
Shamelessly screened before trial over: “I am unaware of a television show actually airing at the same time as a criminal trial about precisely the same event ...”
Digital version of TV show apparently leaked either from lawyers or producers prior to broadcast, as well as copies made off-air
Estimates of nearly 100,000 downloads of episodes (Dr Rebecca Giblin, Monash U)
Goussis top slide
Goussis bottom half
Extension of Order 1.
Prosecutor mentioned a recording being played in a hotel; Order 1. was widened:
“The transmission, publication, broadcasting or exhibiting of the production referred to as “Underbelly” be prohibited in the State of Victoria, until after the completion of the trial and verdict in the matter of R v [A].”
Issues with Orders “Internet in Victoria” – problematic concept?
Victorian court jurisdiction, but global Internet Traditional mass-media central suppression model:
Easy to do with known and controllable playersUndermined by ‘everyone as their own TV station’
Who is subject to the order? Everyone? How notify everyone they were banned from uploading?
Publishing Court’s Order would reveal name of Goussis
If not everyone, how could it be effective?How to enforce against mass disobedience?
Already a breach of copyright, draconian penalties Unenforceable © laws bring other law to disrepute?
Appeal, revised Orders
General TV Corp v DPP & Anor [2008] VSCA 49 “We have little doubt that the broadcasting of Underbelly in the
weeks leading up to and during the trial would create a serious risk of prejudice to the conduct of a fair trial. The contemporaneous and graphic nature of the portrayal of central figures in the trial, their relationships with each other and the relevance of these relationships to the alleged motive to murder ...”
Revised Order 1: “… order was too wide. It purported to bind every person in Victoria.” Only need bind TV broadcaster.
But: “any person who, with knowledge of the order, sought deliberately to frustrate the effect of the order could be liable for a contempt of court.”
Appeal and revised orders (cont.)
Recast Order 2. (Internet publication): Now only “directed at the applicant, and specifically at
one aspect of a website within its control” [‘Family Tree’ website – not the TV shows]
Not at Victorians at large, nor all types of net publication “Although there is on the internet a large body of
material which relates in one way or another, whether accurately or not, to some of the issues which will be the subject of the trial, we have every confidence that the jury empanelled in this trial will abide by the directions of the judge.”
Drastically reduced scope and ambition of suppression? More sanguine view of risk to jury from Internet? Different impact accorded to TV broadcast cf. Internet?
Benbrika suppression contempt
Identity of US witness suppressed in terrorism offence trial
Witness’ plea bargain w. US authorities on Internet
Published in NSW, Queensland and New York Post
Publications occurred because of ‘long-accepted principle’ that magistrate in Victoria exercising power pursuant to Victorian Act cannot bind anyone in another state
Publishers in NSW and Qld (but not US) charged with breaching suppression order
Commonwealth DPP alleged that Victorian order made by Victorian magistrate pursuant to a Victorian Act applies in all other states
Henson case: suppression by inquiry?
Photographs of under-age models disappeared online very quickly after police visits/inquiries – search drew blank
In real life too: regional galleriesMore effective suppression than
Goussis case based on court order? Yet no court finding of illegality;
ultimate OFLC PG rating, no prosecutionNo avenue for appeal or adjudication of
the suppressive effect, no specific Order?
Other types of document never die
Data retention and destruction policy: problems for every organisation
Police corruption investigations in HK
Police ops Japan leaked by virusHacked codes for HD-DVD
encryption
Data retention and destruction
Difficulties making & implementing policy Business, government, courts Full scope of obligations is difficult to determine, esp.
predicting future technology and legal developments Most corporations find it nearly impossible to comply with
various conflicting data retention and destruction lawsTendency to over or under destroy; classification?Storage is cheap, loss is expensive: keep it forever?Temptation to make sure there are always backups
Potentially dangerous: destruction should be easierbut McCabe v BAT case issue!
Attempts to institute surveillance-assistance models: ISPs, telecom companies, web services...
‘Cloud’ computing: hosted outside jurisdiction
HK Police corruption investigations
20,000 complaint files against HK police leaked onto Internet www.china2easy.com
IT subcontractor requested "dummy data" for testing – unencrypted real thing on CD
Names, addresses and ID of complainants, date of complaint; a few, prev. convictions
Some: corruption, fraud and sexual abuseStill accessible several days later via the
Google Archives and Cache
Japan: leak mediated by Winny virus
Sensitive data leak to Internet from ‘Winny’ virus on Japanese police officer’s PC. Ehime prefecture 2006
Virus-prone ‘Winny’ file sharing software was culprit The files were apparently copied from a police
inspector's computer with Winny program installed Files with personal information on 4,400 people,
including crime victims and suspects. Names and addresses of victims, suspects and other
individuals, clandestine photos of suspects who are minors, witness testimonies. Some date back to 1984.
Data from police manuals revealing investigation tactics, vehicle monitoring system at highway point
HD-DVD encryption code & Digg
HD-DVD encryption cracked late 2006 Hacking software required a 16 digit code:
09-f9-11-02-9d-74-e3-5b-d8-41-56-c5-63-56-88-c0 Published on community sites, inc Digg early 2007 Digg: so-called "social news" site publishes stories and ranks
them according to votes by its users - Web 2.0 pioneer1% of total internet traffic in US
Litigation threats by HD-DVD developers: suppress the code Attempt to suppress by operators Mass disobedience: posting the code in subjects, images, etc. “The world's most popular technology news website collapsed
today after a revolt by its users” Digg gave up, said ‘we side with users’, not destroy own
business/community, “so sue me...” Ultimately failed to suppress: ‘09-f9’ in Google = 826,000 hits
http://www.secondpagemedia.com/confundo/index.php?s=74512073a9b9294d7d06a38b1d30159d&act=attach&type=post&id=7437
Why won’t it stay dead?
Persistence: technical (caches) and human (disobedience)
Limited scope of suppression order aids enforceability, but reduces effect
Security for networked digital systems is essentially illusory and unreliable
Human factors and technicalIgnorance of practices “in the wild” undermines
attempts at secrecy and suppression
Questions?
David Vaile, Executive Director and Alana Maurashat, Deputy Director
Cyberspace Law and Policy CentreUNSW Law Faculty
http://cyberlawcentre.org/2008/AIJA/