Freedom & Control on the Electronic Frontier

The scene opens with slow-motion National Geographic-style images of Third World people and violent political unrest. It cuts to shots of White soldiers, First World governments, ancient architecture, corporate work, Buddhist monasteries and serene landscapes. All the while, a soothing and powerful male voice narrates:

"The revolution is in our destiny. This revolution, however, will not be fought with guns or swords. It will not be a war of words or of countries. This revolution will be about knowledge and access. About progress and opportunity. It would use information networks to make computing simple, more efficient and vastly more affordable... Where do we come in? We make the software that manages this information - that will enable anyone, anywhere to sit in the seat of knowledge. Oracle: enabling the information age."

In 1998 the utopian promise of the Internet was being aggressively marketed in North America. Oracle first broadcast the above "Revolution" advertisement (download here), and corporations like Cisco Systems ("Are You Ready?"), Microsoft ("Where Do You Want To Go Today?") and Nortel Networks ("Come Together") were following similar marketing strategies.

At the same time, the popular press focussed on issues of online privacy and hate propaganda. Libertarian positions on absolute freedom and (self) control of information clashed with legislative attempts to define and regulate problematic information.

If we follow Lessig (1999:4-8), we should not be surprised that cyberspace can be regulated by government. He conjures cybernetics - the root word of cyberspace - as the "vision of perfect regulation... a better way to direct" and he points out the contradiction in our "celebration of noncontrol over architectures born from the very ideal of control."

And he also introduces a temporal and transitional aspect - cyberspace is changing. The issues of freedom and control on the electronic frontier are being negotiated right now. Foundational values are threatened and new forms of governance are emerging.

"[T]he invisible hand of cyberspace is building an architecture that is quite the opposite of what it was at cyberspace's birth. The invisible hand, through commerce, is constructing an architecture that perfects control - an architecture that makes possible highly efficient regulation... Values that we now consider fundamental will not necessarily remain. Freedoms that were foundational will slowly disappear... In cyberspace we must understand how code regulates - how the software and hardware that make cyberspace what it is regulate cyberspace as it is... We can build, or architect, or code cyberspace to protect values that we believe are fundamental, or we can build, or architect, or code cyberspace to allow those values to disappear. There is no middle ground. There is no choice that does not include some kind of building. Code is never found; it is only ever made, and only ever made by us" (Lessig 1999:10).

Lessig's message is crucial. Cyberspace is a spatial and temporal construct - a place - that we are always already building.

The Internet vs. The Web

In order to examine the building taking place, we need to make the distinction between two often-conflated terms: the Internet and the Web. According to MainNet's I-Net Guide,

"the Internet is a library of information. In simplest terms possible, the Internet is a collection of protocols and smaller sub-networks all joined together. Within these sub-networks, volumes and volumes of information is hosted. The World Wide Web is part of the Internet. The web is one way of accessing those volumes of hosted information. You could think of the web as a gateway to all of the information floating around in cyberspace. The Internet is information, the web is an interface."

Although the difference can be quantitatively understood in terms of hardware and software, qualitative differences emerge in terms of usage. The Internet began as packet-switching technologies within the late-50s American military-industrial complex (Abbate 1999). Until the early 1980s, the Internet served a largely research-based community, using e-mail and file transfer protocols (FTP). In 1984, the Domain Name System (DNS) was introduced and moderated newsgroups entered USENET (Hobbes 2000; Kitchen1998; Ward 2000). The 80s Internet was dominated by communities like the Whole Earth 'Lectronic Link (WELL), Multi-User Dungeons/Domains (MUDs) and Multi-User Dimensions, Object Oriented (MOOs). These social spaces were self-regulated by codes of conduct, yet remained fiercely loyal to promises of disembodied communication, freedom and the politics of non-intervention (see Holmes 1997; Jones 1995; Jones 1998; Shields 1996). The founding communities of cyberspace valued the free sharing of information and open-source software, considering them to be integral to technological and social innovation.

Politics entered cyberspace in 1990 when the Electronic Frontier Foundation was founded. These libertarian positions were challenged in 1991 by the founding of the Commercial Internet eXchange (CIX) Association. In 1992 the World Wide Web interface was released, and in 1993 the Mosaic browser replaced the need for knowledge of programming code to access the Web - cyberspace became accessible to the layperson. By 1995, domain names were no longer free and the commercial promise of the Web was well underway. In 1996 the United States attempted to pass the Communications Decency Act - a sweeping proposal for Internet content regulation. And John Parry Barlow issued his infamous "Declaration of the Independence of Cyberspace."

By the late 1990s, the Internet had effectively shifted from its use by small, participatory communities to become, in public consciousness, the World Wide Web. And the Web is a qualitatively different social space from the Internet of communities like the WELL. Most importantly, the World Wide Web is proprietary - people own parts of it and they are not shared. Founded as a commercial venture, the Web has more in common with a shopping mall than with prior online communities. The potential for surveillence and control is considerably higher, and regulation has been built into the architecture.

Currently, there are four domains of law which apply in cyberspace: libel, slander, copyright (intellectual content) and property (DNS). One cannot defame another's character or actions in text or images; one cannot copy hardware, software or files without the author's permission; and one cannot access or alter domain content without the owner's permission. Additional regulations concerning hate propaganda and freedom of speech, child pornography and privacy of information are currently being negotiated internationally.

The Case of Hackers

In order to demonstrate how the values of the early Internet communities conflict with the values of the commercial and proprietary Web, this project will focus on the practice of hacking and the construction of the hacker in popular discourse.

If the hacker is understood as the archetypal cyber-citizen, transitions in the meaning and practice of hacking can, in part, be correlated with the larger shift from Internet to Web communications. These changes can provide a cautionary tale - of what we have already lost and what we may yet stand to lose in the digital revolution.

Hackers According to Themselves

In the case of hackers, the Web provides a unique research opportunity - comprehensive archives of computer cultures have been maintained and are publicly shared online in the spirit of access to information. For example, the online hacker Jargon File "is in the public domain, to be freely used, shared, and modified. There are (by intention) no legal restraints on what you can do with it, but there are conventions about its proper use which help people get the best use out of it, and minimize hassles for the maintainers."

According to the Jargon File, Version 4.2.3, 23 November, 2000, a hacker is:

"1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary. 2. One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming. 3. A person capable of appreciating hack value. 4. A person who is good at programming quickly. 5. An expert at a particular program, or one who frequently does work using it or on it; as in `a Unix hacker'. (Definitions 1 through 5 are correlated, and people who fit them congregate.) 6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example. 7. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations. 8. [deprecated] A malicious meddler who tries to discover sensitive information by poking around. Hence `password hacker', `network hacker'. The correct term for this sense is cracker."

A cracker, in contrast, is defined as:

"One who breaks security on a system. Coined ca. 1985 by hackers in defense against journalistic misuse of hacker (q.v., sense 8)... While it is expected that any real hacker will have done some playful cracking and knows many of the basic techniques, anyone past larval stage is expected to have outgrown the desire to do so except for immediate, benign, practical reasons (for example, if it's necessary to get around some security in order to get some work done). Thus, there is far less overlap between hackerdom and crackerdom than the mundane reader misled by sensationalistic journalism might expect. Crackers tend to gather in small, tight-knit, very secretive groups that have little overlap with the huge, open poly-culture this lexicon describes; though crackers often like to describe themselves as hackers, most true hackers consider them a separate and lower form of life. Ethical considerations aside, hackers figure that anyone who can't imagine a more interesting way to play with their computers than breaking into someone else's has to be pretty losing... For a portrait of the typical teenage cracker, see warez d00dz."

And warez d00dz:

"A substantial subculture of crackers refer to themselves as `warez d00dz'... As `Ozone Pilot', one former warez d00d, wrote: Warez d00dz get illegal copies of copyrighted software. If it has copy protection on it, they break the protection so the software can be copied. Then they distribute it around the world via several gateways... They put up boards that distribute the latest ware, or pirate program. The whole point of the Warez sub-culture is to get the pirate program released and distributed before any other group... It gives them the right to say, "I released King's Quest IVXIX before you so obviously my testicles are larger"... The studly thing to do if one is a warez d00d, it appears, is emit `0-day warez', that is copies of commercial software copied and cracked on the same day as its retail release. Warez d00ds also hoard software in a big way, collecting untold megabytes of arcade-style games, pornographic JPGs, and applications they'll never use onto their hard disks. As Ozone Pilot acutely observes: [BELONG] is the only word you will need to know. Warez d00dz want to belong. They have been shunned by everyone, and thus turn to cyberspace for acceptance... Warez d00dz will never have a handle like "Pink Daisy" because warez d00dz are insecure. Only someone who is very secure with a good dose of self-esteem can stand up to the cries of fag and girlie-man. More likely you will find warez d00dz with handles like: Doctor Death, Deranged Lunatic, Hellraiser, Mad Prince, Dreamdevil, The Unknown, Renegade Chemist, Terminator, and Twin Turbo. They like to sound badass when they can hide behind their terminals."

These entries begin to show the complexity (and hierarchy) in hacker community values. Exploration, experimentation, creativity and dedication are associated with hacking. Disdain for cracking is obvious - the cracker is seen as unimaginative at best, and socially pathetic at worst. In part, these attitudes reflect generational differences. Exceptional and early players are considered to be demigods:

"with years of experience, a world-wide reputation, and a major role in the development of at least one design, tool, or game used by or known to more than half of the hacker community. To qualify as a genuine demigod, the person must recognizably identify with the hacker community and have helped shape it. Major demigods include Ken Thompson and Dennis Ritchie (co-inventors of Unix and C), Richard M. Stallman (inventor of EMACS), Larry Wall (inventor of Perl), Linus Torvalds (inventor of Linux), and most recently James Gosling (inventor of Java, NeWS, and GOSMACS) and Guido van Rossum (inventor of Python). In their hearts of hearts, most hackers dream of someday becoming demigods themselves, and more than one major software project has been driven to completion by the author's veiled hopes of apotheosis."

or net.gods:

"referring to anyone who satisfies some combination of the following conditions: has been visible on Usenet for more than 5 years, ran one of the original backbone sites, moderated an important newsgroup, wrote news software, or knows Gene, Mark, Rick, Mel, Henry, Chuq, and Greg personally... Net.goddesses such as Rissa or the Slime Sisters have (so far) been distinguished more by personality than by authority."

The hacker ethic is defined in the Jargon File as:

"1. The belief that information-sharing is a powerful positive good, and that it is an ethical duty of hackers to share their expertise by writing open-source and facilitating access to information and to computing resources wherever possible. 2. The belief that system-cracking for fun and exploration is ethically OK as long as the cracker commits no theft, vandalism, or breach of confidentiality.

Both of these normative ethical principles are widely, but by no means universally, accepted among hackers. Most hackers subscribe to the hacker ethic in sense 1, and many act on it by writing and giving away open-source software. A few go further and assert that all information should be free and any proprietary control of it is bad; this is the philosophy behind the GNU project.

Sense 2 is more controversial: some people consider the act of cracking itself to be unethical, like breaking and entering. But the belief that `ethical' cracking excludes destruction at least moderates the behavior of people who see themselves as `benign' crackers. On this view, it may be one of the highest forms of hackerly courtesy to (a) break into a system, and then (b) explain to the sysop, preferably by email from a superuser account, exactly how it was done and how the hole can be plugged -- acting as an unpaid (and unsolicited) tiger team.

The most reliable manifestation of either version of the hacker ethic is that almost all hackers are actively willing to share technical tricks, software, and (where possible) computing resources with other hackers. Huge cooperative networks such as Usenet, FidoNet and Internet can function without central control because of this trait; they both rely on and reinforce a sense of community that may be hackerdom's most valuable intangible asset."

But it was Steven Levy, in his book Hackers: Heroes of the Computer Revolution, who popularised the following hacker ethic almost 20 years ago:

• Access to computers should be unlimited and total.
• Always yield to the Hands-On Imperative. [computers should be accessible for "hands-on" work]
• All information should be free. [but not in the financial sense]
• Mistrust authority--promote decentralization.
• Hackers should be judged by their hacking. [and not by gender, race or religion]
• You can create art and beauty on a computer.
• Computers can change your life for the better.

The generational differences amongst hackers reflect both technological and moral dimensions. According to the Jargon File, the skills and attitudes of the early users of the Internet are seen to conflict with those of younger script kiddies:

"1. The lowest form of cracker; script kiddies do mischief with scripts and programs written by others, often without understanding the exploit. 2. People who cannot program, but who create tacky HTML pages by copying JavaScript routines from other tacky HTML pages. More generally, a script kiddie writes (or more likely cuts and pastes) code without either having or desiring to have a mental model of what the code does; someone who thinks of code as magical incantations and asks only "what do I need to type to make this happen?" "

and dark-side hackers:

"A criminal or malicious hacker; a cracker. From George Lucas's Darth Vader, "seduced by the dark side of the Force". The implication that hackers form a sort of elite of technological Jedi Knights is intended. "

Although malicious acts, like the deployment of viruses, occurred early-on in the development of the Internet, it was with the advent of the Web that the public image of the hacker shifted from one of technological wizard to criminal saboteur.

This shift reflects changes within the hacker community, changes in the ways that hackers have been portrayed in media, the types and targets of hacking, and government and industry responses.

Hackers According to the Media

Media representations of, and by, hackers can demonstrate the difference in ethics between the public Internet, as a free exchange of information and the proprietary Web, as part of the larger mass communications industry.

Hackers in popular culture have been described by Shift Magazine as part of the "techsploitation" genre. Human-computer interaction is portrayed in Hollywood movies as cliché and hacker chic. Speed, action and hyper-coolness surround movie hackers - although they are just as likely to be vilified as slobs, creepy voyeurs and criminals. Inevitably, distinctions between types of hackers are lost - the stereotypical movie hacker is more appropriately a cracker.

Level 9 - a short-lived hacker television drama took the perspective of an elite police task-force. Both ethical and reformed hackers acted as security experts who trapped dangerous crackers and re-established the proper balance of power in cyberspace.

In recent years, the mainstream press have become fascinated with the subject of hackers - although again, the word "hacker" has often been incorrectly applied to crackers. The lack of precise terminology reflects both an outsider perspective and the hegemonic influence of mass media.

In 1997 the Discovery Channel online created the Hackers' Hall of Fame. The project divides the history of hacking into five eras:

• PreHistory - before 1969 - exemplified by Richard Stallman, Dennis Ritchie and Ken Thompson
• Elder Days - 1970-1979 - characterised by Cap'n Crunch
• Golden Age - 1980-1991 - associated with Phiber Optik
• Crackdown - 1986-present - represented by Kevin Poulsen, Kevin Mitkick and Robert Morris
• Zero Tolerance - 1994-present - illustrated by Johan Helsingius and Vladmir Levin

The early ones are "true-hackers" - American creators of technology and great tinkerers - and the later ones are international phone phreaks and crackers. Accordingly, the qualities associated with hacking shifted alongside the emergence of the Web. Networking capabilities allowed virtually instantaneous global communication, and promised universal access. But as the non-commercial Internet gave way to the commercial Web, anti-proprietary and libertarian values became increasingly threatened. Some hackers became crackers, and by the late 1990s a new generation of hackers came of age.

CNN.com published their April 1999 survey of hacking and computer security called "Insurgency on the Internet" - warning that malicious computer attacks are, in fact, "cyberwar" and that industry must be ready for the battle. A sense of "us" (society, industry) as opposed to "them" (hackers, crackers) was established, and an online discussion forum debated the ethics.

News stories about hackers are usually about male hackers, but in June 2000 ABCNews.com published "Female of the Species" and "Facing a Man's World" - two articles looking at female hackers. They are characterised as far-and-few-between, but as "queens of pirated software, anti-child porn crusaders, political activists and leaders of private online vendettas." Female hackers are reportedly attracted to the same thing as are male hackers: "the mastery of how things work," but the women report that they avoid the stereotypes and try to do good. They report having to compete with "scene whores" - hacker groupies - in the sense that they must prove to "the boys" that they are more than adoring sex objects. But for hackers, this still requires technological prowess, and unless a person can code well, they are denied community status.

Increasingly, as international denial-of service (DoS) and virus campaigns attacked the Web, the hacker in mainstream media emerged as an immature, but technologically adept, teenage male.

In April 2000, a 15-year-old male from Montreal, known by his handle "Mafiaboy," was arrested and charged with 64 counts of mischief to data as a result of DoS attacks, including ones against CNN.com, Yahoo.com, Amazon.com, eBay.com and ZDNet.com. In September 2001, he was sentenced to eight months in a youth detention centre. The judge also ordered the teenager to face one year of probation after his detention ends, and fined him $160. Needless to say, "Mafiaboy" cannot use a computer for this entire period.

The hacker community represented by 2600: The Hacker Quarterly, responded to the arrest by asking "Is Mafiaboy Real or a Creation of the Media?" and reporting that:

"When the name "mafiaboy" was first mentioned months ago, a couple of us hopped onto IRC using that nick. Sure enough, within seconds, we were being messaged by people who believed we were the person responsible. Amazingly, the person who fell for it the hardest is the very person now being quoted widely in the media as having caught the perpetrator. Now perhaps this is all just a big coincidence. But as you can see from the IRC logs below [entire transcript is published], we dropped a few clues that the person was in a country with snow and at one point "accidentally" spoke French to imply the province of Quebec. We were amazed when the blame actually landed on someone from Montreal."

Their position is somewhat typical of hacker web sites: they seek to reply to accusations, to clarify ideas and practices and to advocate a skeptical view of the "establishment." The 2600 web site now devotes a substantial amount of its publication to legal issues facing the Hacker Quarterly, arguing for non-proprietory (open source) software and freedom from regulation - the values of the original Internet communities facing off against corporate interests on the Web. Interestingly, when forced to remove (illegal) DVD-decoding source code from its site, 2600 responded with:

"Looking for a copy of DeCSS? The easiest way is to go to Disney's search engine and search for DeCSS. They will then LINK you to thousands of sites, something we're no longer allowed to do. It's possible we may not even be allowed to tell you this! You can still access our old list of mirror sites sans the links."

Aside from the humour of using Disney services to engage in illegal acts, the case against 2600 provides a good example of the difficulty in regulating the Internet - even when one source of information is blocked, it is still available from any number of other sources.

Also in contrast to mainstream media, Attrition.org is:

"a computer security Web site dedicated to the collection, disemination and distribution of information about the industry for anyone interested in the subject. They maintain one of the largest catalogs of security advisories, cryptography, text files, and denial of service attack information. They are also known for the largest mirror of Web site defacements and their crusade to expose industry frauds and inform the public about incorrect information in computer security articles."

Attrition has compiled a broad selection of articles on hacker ethics written by members of the hacker community and others. As pointed out by Taylor (1999) the hacking ethic is fundamentally opposed to that of the proprietory Web and of the computer-security industry.

But hacker ethics are also conflicting - and more than a little influenced by cyberpunk aesthetics. According to the Callisti Manifesto,

"To be a hacker is to identify with a proud past of research scientist [sic] and late night all night hacking parties at universities like MIT and UCBerkeley. However, to be a cracker is to identify with the cold hard street and street level back alley technology. So choose carefully wether [sic] your identity is that of the dangerou [sic] innovative reseach scientist or the cold hearted street level tech outlaw making phone calls to Hong Kong on the unaccounted for phones in Alphabet City. Do you choose to be in a lab or on the street?... I myself am and always will be a cracker."

The mainstream media, with their corporate ties to the commerical Web, have a vested interest in reproducing hegemonic structures of control online. The hacker is necessarily constructed as a dangerous "other" - one who threatens values associated with property and authority. The hacker community distinguishes between hackers and crackers, yet as producers of online media, hackers and crackers come together in opposition. They openly resist practices of capitalist ownership and regulation. Their interest lies in furthering the agenda of non-proprietory values associated with the early Internet.

CBC's The Fifth Estate investigated hackers and cyber-terrorists in 2000. The broadcast included interviews with hackers, computer security consultants and members of the legal community and offered a real-time chat after the program. In keeping with other mainstream press accounts, hackers were constructed as dangerous "others." As such, the broadcast took the position of "what to do about hackers."

In Winter 2001, The Learning Channel broadcast Hackers: Computer Outlaws. The accompanying web site features famous hackers and hacker lingo, as well as articles on hacking and interactive polls. Also in 2001, PBS's Frontline broadcast Hackers: a report on the exploits of hackers and how they have highlighted the internet's insecurities.

Discourse analysis of both the TV broadcasts and the accompanying web sites would provide greater insight into the depth and breadth of the moral parameters applied.

The architecture of the Internet has been changing, and the original promises of freedom and a digital revolution in knowledge and access are slowly being replaced by restrictions and punishments upheld by the architecture of the Web. A deeper understanding of the practices of surveillence and control among users of the Internet and the World Wide Web would be helpful.

How society-at-large responds to hackers/crackers is indicative of the values influencing emerging information technologies, practices and policies.

Hackers According to the Powers That Be

There have emerged three distinct, but related, approaches to the "problem" of hackers. The educational/advocacy approach teaches moral and pro-social values for online behaviour. The approach of the computer security industry seeks to protect property in cyberspace. And legislative approaches are based on the articulation of rules and punishment for cyber-crimes.

Education and Advocacy

For online educational/advocacy purposes, the hacker is only one of various problems, and is considered an inappropriate, if not criminal, cyberspace role model for young people. In 1999, the Anti-Defamation League released Poisoning the Web: Hatred online, a report on Internet bigotry, extremism and violence. The Simon Wiesenthal Centre just released Digital Hate 2001: internet report and analysis, where "manipulation of the net" and "mayhem, anarchy, bombs" were two of seven categories of cyberhate. Both reports connect hacking - and its various intents - with hatred. Hackers are seen to offer, or provide access to inappropriate and/or illegal information, such as making bombs or overthrowing the government. In one sense this approach seeks to censor information which could be used to commit illegal acts. In another sense, anti-authoritarian practices are considered hateful. At issue are the ethics of free speech (Canada may have hate laws, but what legally constitutes hate will never be settled) and larger ethical issues regarding the rights of citizens, civil disobedience and democratic media.

Less contentious moral judgments have been used in North American public education initiatives. The United States Department of Justice's Internet Do's & Don'ts web site teaches kids to be "good netizens." After quizzing kids on privacy and copyright issues, they remind young people that they "can get in trouble for hacking!" The Cybercitizen Partnership claims that 48% of kids do not consider hacking to be a crime. Their "Surf like a hero. Not a zero" initiative was developed to teach online citizenship - in the sense of civil and responsible behaviour. They cite the Computer Ethics Institute code of cyber-ethics:

As such, hacking is equated with stealing and/or the destruction of property; counterfeiting and pirating warez are seen as the equivalent of stealing tapes or CDs; and denial-of-service attacks are said to have the real-world effect of blocking a tunnel. No distinction is made between the actual and the virtual; the same rules for "acceptable" behaviour in real-life are applied to cyberspace. This raises questions regarding the power relations implied in these rules of social etiquette, and the connection made with existing norms and laws. A preliminary observation might suggest that hegemonic values of the White, professional class will prove to be yet another barrier to universal online access and digital democracy.

Computer Security

The computer security industry tends to approach hackers in similar fashion: they are seen as a threat to private property and a potential danger to computer networks and systems.

The hacking of commercial and government web sites, and the use of email to spread hostile viruses, are treated as acts of terrorism. In the online Computers and Security journal, Hinde (2000) finds it "worrying that a 15-year-old [Mafiaboy] could bring down so many web sites with such apparent ease. Just think what a concerted attack by criminals, anarchists, activists, a hostile country or other 'cyberterrorists' could achieve."

The issue of denial-of-service (DoS) attacks is viewed in terms of potential risk for a security breach, and the ability of web site or network owners to prevent such an intrusion. Security professionals debate if crackers can be reformed and used as ethical hackers protecting systems from malicious attacks - and conclude that hiring convicted cyber-criminals is ethically out of the question. Nonetheless, they value the hacker skill-set and recognise how those skills can (and even should) be used to protect, rather than to violate, online and offline property (Hancock 2000). Hacker conferences have become favourite recruiting events for the computer security industry. Such events would provide interesting opportunities for ethnographic research.

Legislation and punishment of offenders

At the National Computer Security Conference held in Washington D.C. Denning (1990) reported that:

"Hackers are learners and explorers who want to help rather than cause damage, and who often have very high standards of behavior. My findings also suggest that the discourse surrounding hacking belongs at the very least to the gray areas between larger conflicts that we are experiencing at every level of society and business in an information age where many are not computer literate. These conflicts are between the idea that information cannot be owned and the idea that it can, and between law enforcement and the First and Fourth Amendments. Hackers have raised serious issues about values and practices in an information society."

Ten years later, a new response to cyber-crime is the European Committee On Crime Problems' Draft Convention on Cyber-crime (Draft No.24, Rev.2, 19 November 2000). It is based on the conviction "of the need to pursue, as a matter of priority, a common criminal policy aimed at the protection of society against cyber-crime, inter alia by adopting appropriate legislation and fostering international co-operation." The Global Internet Liberty Campaign issued an open letter in response to the proposal, stating:

"We believe that the draft treaty is contrary to well established norms for the protection of the individual, that it improperly extends the police authority of national governments, that it will undermine the development of network security techniques, and that it will reduce government accountability in future law enforcement conduct... These provisions pose a significant risk to the privacy and human rights of Internet users and are at odds with well established principles of data protection such as the Data Protection Directive of the European Union. Similar communications transaction information has been used in the past to identify dissidents and to persecute minorities. We urge you not to establish this requirement in a modern communication network."

According to the Department of Justice Canada, on November 23, 2001 Canada signed the Council of Europe Convention on Cyber-Crime, which requires states to criminalize certain forms of abuse of computer systems and certain crimes, like hacking, when they are committed through the use of computer systems. The convention also supports international cooperation to detect, investigate and prosecute these criminal offences, as well as to collect electronic evidence of any criminal offence, including terrorist crimes, terrorist financing and money laundering offences. Some of the other prohibited activities covered by the Convention include interference of computer systems, computer fraud and forgery.

For purposes of legislation, hackers are necessarily defined as criminals. Computer crimes perpetrated by hackers are most likely to be crimes against property. The hacker ethics associated with online freedom of speech and access to information directly conflict with the application of proprietary law to cyberspace. Such legislation extends to Internet usage, such as email and BBSs, as well as to property owned and hosted on the Web. As such, legislative efforts represent the greatest threat to the ethics of the original online communities and hackers.

Hacking since September 11

On September 19, the Electronic Frontier Foundation joined over 150 members of the In Defense of Freedom coalition to oppose the American Depart of Justice's proposed Anti-Terrorism law, on the grounds that it seriously violates electronic civil liberties. EFF's chief concerns are the addition of low-level computer intrusion and defacement of web pages to the list of offences that allow wiretaps, something that seems unrelated to terrorism, and the increase in the amount of surveillance of e-mail that can be done without serious court review.

Bill C-36, Canada's Anti-Terrorism Act, has received Royal Assent and includes the following provisions:

• The investigatory powers currently in the Criminal Code and in Bill C-24 that make it easier to use electronic surveillance against criminal organizations will be applied to terrorist groups. This includes eliminating the need to demonstrate that electronic surveillance is a last resort in the investigation of terrorists. The proposed legislation will extend the period of validity of a wiretap authorization from the current 60 days to up to one year when police are investigating a terrorist group offence. A Superior Court judge will still have to approve the use of electronic surveillance to ensure that these powers are used appropriately. Further, the requirement to notify a target after surveillance has taken place can be delayed for up to three years.

• The National Defence Act will be amended to clarify the mandate of the Communications Security Establishment (CSE), under strict controls, to: intercept the communications of foreign targets abroad; and undertake security checks of government computer networks to protect them from terrorist activity. The permission of the Minister of National Defence will be required to authorize any interception of private communications of foreign targets abroad in order to ensure that the privacy of individual Canadians is protected.

• Amending the Criminal Code to allow the courts to order the deletion of publicly available hate propaganda from computer systems such as an Internet site. Individuals who post the material will be given the opportunity to convince the court that the material is not hate propaganda. The provision applies to hate propaganda that is located on Canadian computer systems, regardless of where the owner of the material is located or whether he or she can be identified.

• Amending the Canadian Human Rights Act to clarify that the prohibition against spreading repeated hate messages by telephonic communications includes all telecommunications technologies.

Convictions under these offences carry ten year to life sentences.

Implications for Internet Governance

On the most basic level of any discussion of cyberspace are the distinctions made between the virtual and the real, the actual and the potential (see Hillis 1999 and Nunes 1997). In other words, is cyberspace the electronic frontier promised by the Internet founders? Is it a public space at all? Is it qualitatively different enough from real-life to justify a total absence of government regulation?

My project argues that the original Internet and its associated participatory communities and ethics were largely pushed aside by the advent of the proprietory World Wide Web. With the commercialisation of the Internet came ethics of property and ownership, directly opposing the libertarian philosophies of the first cyber-citizens.

As such, the case of hackers can be used to evaluate promises of a digital democracy.

Discourse surrounding hacking, and the construction of hackers in mass media can be seen to indicate shifting ethics. But as Hague and Loader (1999:3) point out, both notions of digital utopias and surveillence societies rely too heavily on technological determinism. New information technologies emerge from interactions between technology and society (see Lunenfeld 2000). We build the social space of the Internet with hardware, software and wetware.

When it comes to matters of access and participation, even the utopian vision of the Internet has boundaries - one must have the right technologies and the right ethics to participate in an online community. And the architecture of the Web makes data management more important than information exchange. So where is this revolution taking us?

Online discourse and decision-making often remain in the hands of corporate media and information technologies, and not in the hands of the people (Malina 1999). Globalisation raises issues of access and regulation, as well as the potential for political agency (see Loader 1998).

If the case of hacking and its associated ethic are any indication of the future of cyber-democracy, then the situation is not entirely positive. Hegemonic processes regarding ownership and authority are already replacing original online freedoms. Particular philosophies and politics are increasingly labelled anti-capitalist and extremist, creating "others" that need to be controlled if hegemony is to be maintained.

Conversely, it is hackers who have demonstrated the potentials of cyber-democracy and who may provide ethical models for both technological innovation and strategies for social change.

The revolution is not over yet.

Bibliography

Abbate, J. 1999. Inventing the Internet. Cambridge, MA: MIT Press.

Hague, B. and B. Loader (eds). 1999. Digital Democracy: Discourse and decision making in the information age. New York: Routledge.

Hancock, Bill. 2000. Is a Convicted Hacker Really Reformed and Should You Hire Them? Computers and Security 19 (6): 491-493.

Hillis, K. 1999. Digital Sensations: Space, identity and embodiment in virtual reality. Minneapolis: University of Minnesota Press.

Hinde, Stephan. 2000. Smurfing, Swamping, Spamming, Spoofing, Squatting, Slandering, Surfing, Scamming and Other Mischiefs of the World Wide Web. Computers and Security 19 (4): 312-320.

Holmes, D. (ed). 1997. Virtual Politics: Identity and community in cyberspace. London: Sage.

Jones, S. (ed). 1995. Cybersociety. London: Sage.

Jones, S. (ed). 1998. Cybersociety 2.0: Revisiting computer mediated communication and technology. London: Sage.

Kitchen, Rob. 1998. The History and Growth of Cyberspace. In R. Kitchen (ed). Cyberspace. London: Wiley.

Lessig, L. 1999. Code and Other Laws of Cyberspace. New York: Basic Books.

Loader, Brian (ed). 1998. Cyberspace Divide: Equality, Agency and Policy in the Information Society. London: Routledge.

Lunenfeld, Peter. (ed). 2000. The Digital Dialectic. Cambridge, MA: MIT Press.

Malina, Anna. 1999. Perspectives on citizen democritsation and alienation in the virtual public sphere. In B. Hague and B. Loader (eds). Digital Democracy: Discourse and decision making in the information age. New York: Routledge.

Nunes, Mark. 1997. What Space is Cyberspace? in D. Holmes (ed). Virtual Politics: Identity and community in cyberspace. London: Sage.

Shields, R. (ed). 1996. Cultures of Internet. London: Sage.

Taylor, P. 1999. Hackers. New York: Routledge.

Ward, Katie. 2000. The Emergence of the Hybrid Community: Rethinking the Physical-Virtual Dichotomy. Virtual Space and Organizational Networks; Space and Culture 4/5: 71-86.

Recommended Further Reading

Alexander, C. and L. Pal (eds). 1998. Digital Democracy: Politics and policy in the wired world. Oxford: Oxford University Press.

Alexander, Y. 1999. Cyberterrorism and Information Warfare. Dobbs Ferry, NY: Oceana Publications.

Axford, B. and Higgins, R. (eds). 2000. The New Media and Politics. London: Sage.

Barrett, N. 1997. Digital Crime: Policing the cybernation. London: Kogan Page.

Bell, D. and B. Kennedy (eds). 2000. The Cybercultures Reader. London: Routledge.

Bey, Hakim. 1991. T.A.Z. Temporary Autonomous Zone, Ontological Anarchy, Poetic Terrorism. Brooklyn, NY: Autonomedia.

Boele-Woelki, K., C. Kessedjian and M. Pelichet (eds). 1998. Internet: Which court decides, which law applies? The Hague: Kluwer Law International.

Caldwell, J. (ed). 2000. Electronic Media and Technoculture. New Brunswick, NJ: Rutgers University Press.

Critical Art Ensemble. 1996. Electronic Civil Disobedience and Other Unpopular Ideas. Brooklyn, NY: Autonomedia.

De Landa, M. 1991. War in the Age of Intelligent Machines. New York: Zone Books.

Della Porta, D., H. Kriesi and D. Rucht (eds). 1999. Social Movements in a Globalizing World. Basingstoke. UK: MacMillan.

Denning, D. and P. Denning (eds). 1998. Internet besieged: Countering cyberspace scofflaws. New York: ACM Press.

Der Derian, J. 1992. Antidiplomacy: spies, terror, speed and war. Cambridge, MA: Blackwell.

Dodge, M. and R. Kitchen. Mapping Cyberspace. 2000. London: Routledge.
Dutton, W. (ed). 1999. Society on the Line: Information politics in the digital age. Oxford: Oxford University Press.

Ebo, B. (ed). 1998. Cyberghetto or cybertopia? Race, class and gender on the internet. Westport, CT: Praeger. Edwards, L. and C. Waelde (eds). 1997. Law and the Internet: Regulating cyberspace. Oxford: Hart Publishing.

Everard, J. 1999. Virtual States: The internet and the boundaries of the nation state. London: Routledge.

Gauntlett, D. (ed). 2000. Web.Studies: Rewiring media studies for the digital age. Oxford: Oxford University Press.

Grabosky, P. 1998. Crime in the digital age: Controlling telecommunications and cyberspace illegalities. New Brunswick, NJ: Transaction Publishers.

Grossman, W. 1997. Net.Wars. New York: New York University Press.

Gutstein, D. 1999. E.con: how the internet undermines democracy. Toronto: Stoddart.

Hacker, K. (ed). 2000. Digital Democracy: Issues of theory and practice. London: Sage.

Hague, B. and B. Loader (eds). 1999. Digital Democracy: Discourse and decision making in the information age. New York: Routledge.

Harvey, F. and A. Griffiths (eds). 1999. Foreign and security policy in the information age. Halifax, NS: Centre for Foreign Policy Studies, Dalhousie University.

Henry, R. and C.E. Peartree (eds). 1997. The Information Revolution and International Security. Washington: Center for Strategic & International Studies.

Herman, A. and T. Swiss (eds). 2000. The World Wide Web and Contemporary Social Theory. New York: Routledge.

Hill, K. and J. Hughes. 1998. Cyberpolitics: Citizen activism in the age of the internet. Lanham, MD: Rowman and Littlefield.

Huber, P. 1997. Law and Disorder in Cyberspace: Abolish the FCC and let common law rule the telecosm. Oxford: Oxford University Press.

Industry Canada. 1997. Cyberspace is not a "no law land": A study of the issues of liability for content circulating on the internet. Ottawa: Industry Canada.
Johnson, S. 1997. Interface Culture. New York: HarperEdge.

Jones, S. (ed). 1997. Virtual Culture: Identity and Community in Cybersociety. London: Sage.

Jordan, T. 1999. Cyberpower: The culture and politics of cyberspace and the internet. London: Routledge.

Kahin, B and C. Nesson (eds). 1996. Borders in Cyberspace: Information policy and the global information infrastructure. Cambridge, Mass: MIT Press.

Kizza, J. 1998. Civilizing the Internet: Global concerns and efforts toward regulation. Jefferson, NC: McFarland.

Kolko, B., L. Nakamura and G. Rodman (eds). 2000. Race in Cyberspace. London: Routledge.

Lipschultz, J. 2000. Free Expression in the Age of the Internet: Social and legal boundaries. Boulder, CO: Westview Press.

Loader, B. (ed). 1997. The Governance of Cyberspace: Politics, technology and global restructuring. New York: Routledge.

Ludlow, P. (ed). 1996. High Noon on the Electronic Frontier: Conceptual issues in cyberspace. Cambridge, MA: MIT Press.

Mackay, H. and T. O'Sullivan (eds). 1999. The Media Reader: Continuity and Transformation. London: Sage.

Margolis, M. and D. Resnick. 2000. Politics as Usual: The cyberspace 'revolution'. London: Sage.

Miller, S. 1996. Civilizing Cyberspace: Policy, power and the Information Superhighway. ACM Press.

Morley, D. and K. Robbins. 1995. Spaces of Identity: Global media, electronic landscapes and cultural boundaries. London: Routledge.

Negroponte, N. 1996. Being Digital. Toronto: Random House Canada.

O Tuathail, G. 1996. Critical Geopolitics. Minneapolis: University of Minnesota Press.

Plant, S. 1997. Zeroes and Ones: Digital women and the new technoculture. New York: Doubleday.

Poster, M. 1995. The Second Media Age. Cambridge, UK: Polity Press.

Rash, W. 1997. Politics on the Net: Wiring the political process. New York: Computer Science Press.

Rosenoer, J. 1996. Cyberlaw: The law of the internet. New York: Springer.

Ryan, M. (ed). 1998. Cyberspace Textuality: Computer technology and literary theory. Bloomington: University of Indiana Press.

Sardar, Z. and J. Ravetz (eds). 1996. Cyberfutures: Culture and politics on the information superhighway. Pluto Press.

Shapiro, A. 1999. The Control Revolution: How the internet is putting individuals in charge and changing the world we know. New York: Public Affairs.

Smith, M. and P. Kollock (eds). 1999. Communities in Cyberspace. London: Routledge.

Stefik, M. (ed). 1997. Internet Dreams: Archetypes, myths, and metaphors. Cambridge, MA:MIT Press.

Stefik, M. 1999. The Internet Edge: Social, technical, and legal challenges for a networked world. Cambridge, MA: MIT Press.

Stichler, R. and R. Hauptman (eds). 1998. Ethics, Information and Technology: Readings. Jefferson, NC: McFarland.

Stone, A.R. 1996. The War of Desire and Technology at the Close of the Mechanical Age. Cambridge, MA: MIT Press.

Thussu, D.K. (ed). 1998. Electronic Empires: Global media and local resistance. Oxford: Oxford University Press.

Tsagarousianou, R., D. Tambiani and C. Bryan. 1998. Cyberdemocracy: Technology, cities and civic networks. New York: Routledge.

Turkle, S. 1996. Life on the Screen: Identity in the age of the internet. New York: Simon and Schuster.

Valvovic, T. 2000. Digital Mythologies: The hidden complexities of the internet. New Brunswick, NJ: Rutgers University Press.

Wise, J.M. 1997. Exploring technology and social space. Thousand Oaks, CA: Sage.

Background

This is an ongoing project last updated 27 January, 2002.

Originally submitted as "Hackers: a cautionary tale" for:

New Media & Virtual Spaces
Sociology 53.566
Prof. Rob Shields
Carleton University
Ottawa, Ontario, Canada
4 December, 2000

Copyright

Copyright © 2000-2002 Anne Galloway

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being "Freedom and Control on the Electronic Frontier," "Hackers According to Themselves," "Hackers According to the Media," "Hackers According to the Powers That Be," and "Implications for Internet Governance," with no Front-Cover Texts, and with no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License".