Comment: virtual neighborhood watch: open source software and community policing against cybercrime.

• Author: Jones, Benjamin R.

1. INTRODUCTION

   One of the few constants of the Internet age is the recognition that technology and the law are not always the best dance partners. (1) From the effect of Internet file-sharing technologies on copyright law (2) to the impact of e-commerce on notions of jurisdiction, (3) there is often a fundamental disconnect between laws written to govern the corporeal world of "realspace" (the tangible, real world, as distinguished from the virtual world of cyberspace) and technological advances, which enable the almost instantaneous flow of information across the globe. From the time of the framing of the Constitution to the present, the development of new technologies has created challenges and opportunities beyond the conceptual scope of legislators and courts. Modern policymakers have struggled to close the gap between the technological world and the legal world. (4)

   Perhaps the most fundamental change wrought by the development of the Internet is the way in which information now moves. A user sitting in front of a computer connected to the Internet can access a virtually boundless stream of information--from the price of gold on the Tokyo currency exchange to the home movies of a Muscovite, back from a first vacation in Las Vegas--moving at nearly the speed of light. These changes in the flow of information have impacted almost every facet of society--from commerce to communication to government, reshaping many of the ways in which we interact.

   Not surprisingly, the impact of this revolution in the flow of information extends to the criminal world as well. Criminals and potential criminals have seized upon the power of the Internet to enable the commission of a host of crimes--from the sale of illegal drugs to the trafficking of child pornography--and to expand the criminal enterprise into the commission of an entirely new breed of crime, possible only in the virtual world of computer technology. (5) A quick scan of newspaper headlines over the past five years reveals the breadth and impact of cybercrime. (6) Indeed, the spread of cybercrime has reshaped the modern lexicon to include new definitions for words such as "identity theft," "worm," and "Troj an Horse." (7)

   Like the relationship between law and technology, the strategies and tactics of modern law enforcement also lag in responding to the new challenges posed by cybercrime. (8) Importantly, the reactive model of law enforcement--developed over centuries in response to traditional, realspace crime--is ill-equipped to combat the challenge of cybercrime, unbounded by the constraints of the physical world. (9) As one commentator notes, "Like the common law, the traditional model of law enforcement is a compilation of past practices that have been deemed effective in dealing with the phenomena it confronts. The model's general strategy, the reactive approach, is one that has been in use since antiquity." (10)

   This reactive approach, focused on identifying a crime, apprehending the perpetrator, and meting out some punishment through the justice system, emerged as a response to crimes in the real world, constrained by the simple laws of physics. Important among those limits are notions of proximity and scale. (11) For most crimes, the perpetrator must actually be physically proximate to his victim. (12) A pickpocket in nineteenth century London could not remove the wallet of a gentleman across town; he would have to get within close proximity of his unwitting victim, risking detection or failure. The scale of most crimes was also one-to-one; a single perpetrator targeted a single victim before he could move onto the next crime. (13) That same pickpocket could not simultaneously remove the wallets of a thousand Londoners. The limits of proximity and scope made it relatively easy to identify the perpetrator and the specific instances of crime, and law enforcement officers could focus on capturing the individual perpetrator. (14)

   It is increasingly clear, however, that those same constraints of proximity and scale do not bind criminals operating in the virtual world of cyberspace. (15) The Internet, which connects millions of computers (and computer users), allows criminals to commit crimes anonymously against victims thousands of miles away. (16) Importantly as well, those crimes are far from one-to-one in scale. (17) Our old friend the pickpocket, operating in twenty-first century London, could unleash a "worm" that affects computers around the world and causes millions of dollars in damage or that gains access to the computer system of a bank in Seattle and loots the accounts of hundreds of customers at the same time. The fundamental difference between cybercrime and crime in realspace means that the current strategies designed to combat realspace crime, particularly those predicated upon the reactive approach, are ill suited to combat the increasing problem of cybercrime.

   This Comment explores the notion that current strategies designed to prevent and punish cybercrimes are ineffective and argues that the community policing model may provide an alternative for more effectively deterring and punishing cybercrimes. Section II provides an introduction to the growing problem of cybercrime and its various forms. (18) Section III illustrates how current strategies focused on punishing perpetrators of cybercrime are ineffective. (19) Section IV describes the community policing model and demonstrates how this model can be applied to create effective deterrents to cybercrime. (20) Finally, Section V argues that the increased use of open source software--especially in the operating system and Internet browser markets--is an important tool in making the community policing model a success. (21)

2. WHAT IS CYBERCRIME?

   At the outset, it is helpful to describe exactly what is meant by the term cybercrime, as it is a label applied to acts ranging from the propagation of computer viruses to cyberstalking. (22) At the broadest level, cybercrime can be described as any crime committed through the use of a computer or computer technology, but a more specific taxonomy helps classify the different types of offenses. (23) Although specific definitions will vary, cybercrimes can be placed in four broad categories--unauthorized access to computer programs and files, unauthorized disruption, theft of identity, and carrying out of traditional offenses, such as distribution of child pornography, using a computer. (24)

   1. UNAUTHORIZED ACCESS

      Unauthorized access occurs whenever "an actor achieves entry into a target's files or programs without permission." (25) This access can be achieved either remotely--by gaining access to the target computer from another computer connected over a network--or physically, by using the target computer. (26) Interestingly, the crime of unauthorized access--however it is defined under federal or state criminal codes--is the unique crime of invading another's private workspace, in and of itself. (27) Malicious acts such as "causing harm to the files or programs or using the data improperly" are classified as separate crimes of their own. (28)

      The targets of unauthorized access are most commonly the government, corporations, or private individuals. (29) The government is an obvious target because its vast computer files contain a myriad of sensitive information, ranging from the Department of Defense plans for military contingencies to law enforcement information on individuals and criminal organizations. (30) Access to a corporation's computers places at risk information ranging from proprietary business documents and trade secrets to private customer information like credit card account numbers and social security numbers. (31) The unauthorized use of personal computers may reveal the same personal financial information as described above, but also risks harms to individual privacy. (32) Computer files may contain private information "as personal as love letters, as banal as grocery lists, or as tragic as unfinished drafts of law review articles," the loss of which creates a feeling of lost privacy in addition to any quantifiable economic harm. (33)

   2. UNAUTHORIZED DISRUPTION

      Unauthorized disruption, by comparison, occurs when an individual interferes with the operation of a computer system, whether by gaining unauthorized access or through some other means. (34) Such acts are at "the heart of what most people consider cybercrime." (35) These crimes occur when an actor--human or machine--interferes with computer hardware or software, without permission. (36) The different types of authorized disruption attacks--including viruses, worms, and Trojan horses--are now a familiar part of the lexicon, but again it is helpful to describe the unique features of each. (37)

      1. Viruses

         In its simplest form, "[a] virus is a program that modifies other computer programs." (38) The modifications ensure that the healthy computer will replicate the virus. (39) Once the now-infected computer is connected to another computer--via the Internet, a direct computer-to-computer connection, or a shared storage disk--the virus can be transferred onto the new computer. (40) Interestingly, viruses are not, in and of themselves, harmful. (41) Their harmful nature depends upon the additional elements, beyond the instructions for self-replication, written into their code. (42) Indeed, there are some viruses which have a benign or merely annoying effect on the computers they infect. (43) Others, however, have caused widespread damage. (44)

      2. Worms

         A worm is a stand-alone program that is able to replicate itself over a network without any action by the user, unlike a virus, which requires some human action, such as downloading an infected file or placing an infected disk in the computer. (45) Like viruses, the destructive nature of worm programs depends on the additional instructions inserted into the program code beyond the basic instructions for replication. (46)...