Jealousy Behind CyberAttacks & Smears

(MUMBAI, India) Cybercrime is usually perceived as the province of depraved men. But a disturbing trend has come to light of late. Increasingly, women are resorting to online tactics to achieve some nefarious end.

Recently, the woman CEO of a multinational corporation's India operations was detained by the police for cyber-harassment of a co-worker in HR - also a woman.

The CEO, aged 43, posted derogatory remarks about the HR executive, aged 39, on a consumer website to malign her. She described the victim as a sex pest who eyed newly recruited young men and was also "having a good time with a former employee", said an officer with the police's cyber crime investigation cell. The CEO was traced through the IP address from where the posts were made.

"In her police complaint, the victim, who is unmarried, told us that someone was posting comments about her character, or lack thereof, and that she was described as someone who frequently slept with her colleagues and 'spoiled' them," said a police officer.

"She said it all started when she found a change in the way her colleagues perceived her, so much so that she found it difficult to work with them. It was only when her friends and well-wishers asked her about the online posts that she realized what the matter was. She told us she was taken aback and did not know how to react." The police sought from the website the IP address from where the posts were submitted. "It was found to originate from an apartment in a residential complex in Goregaon. When we reached there, we were shocked to find that the house belonged to the CEO of the firm where the victim worked," the officer said. "Initially, the CEO was not cooperating. She accused us of harassing her. But we had technical proof. When we confronted her with it and emphasized that the IP address belonged to her own PC, she surrendered."

The CEO broke down at the police station. "She found herself in front of the victim, who she could not look in the eye. She even had tears," the officer said. "In a written apology, she said she was jealous as the victim was getting quick promotions. So, she started writing online posts, the website being one that is visited by private companies, to do background checks on potential recruits. She wanted the management to take note of the posts and initiate action against the victim." She was later let off.

original article can be found here

INTERNET PROVIDERS & REVENGE BOARDS MAY BE LIABLE FOR PREDATORS & HARASSERS

by Jonathan Bick

The economic difficulty of pursuing individuals for bad acts has led injured parties to seek legal remedies from the companies that facilitate the platform upon which the bad acts occur. In the past, internet facilitators could avoid contributory and vicarious liability by claiming users' bad acts were beyond the facilitator's ken and control. Now, widely available, low cost e-commerce technology diminishes the viability of said defenses.

Previously, passive internet service facilitators successfully argued that they do not "collaborate" with internet users to undertake bad acts because they were either unaware of the bad acts or could not act to prevent such bad acts in a timely fashion. Advances in internet technology, however, have increased the internet facilitator's capacity for ameliorating internet bad acts automatically. Failure to employ such technology may result in an increase in the facilitator's liability for not preventing bad acts on the internet.

Internet facilitators include service providers, hosting services, blogging platforms, 'gripe' sites and social network sites, to name just a few. These internet service suppliers allow email, instant messaging, peer-to-peer communications, blogs, broad internet access, chat rooms, intranets, interactive websites, and other electronic communications. They also allow various goods and services transactions.

These transactions may result in a myriad of bad internet acts, ranging from defamation, copyright infringement, failure to protect trade secrets, harassment (including hostile work-environment issues), to criminal accountability and loss of attorney-client privilege.

The nature and extent of internet bad acts is exacerbated by the fact that internet sites are accessible beyond national borders, and no international code of internet behavior exists. Additionally, user-generated content may be a substantial portion of an internet facilitator's site content and the international legal community has yet to standardize intellectual property rights; international intellectual property standards are governed by multilateral treaties.

In the past, internet facilitators could avoid secondary liability for not stopping bad acts by showing one of two types of defenses. First, if charged with vicarious liability, facilitators could show that they did not possess the ability to supervise those who engaged in bad acts using the facilitator's Internet assets. Second, if charged with contributory liability, they could show they did not have knowledge of the bad act involving the facilitator's internet assets. See MGM v. Grokster, 545 U.S. 913 (2005).

However, as internet technology increasingly allowed automated action to enable internet facilitators to prevent bad acts by third parties on their sites, the United States implemented a statute that provided a "safe harbor" provision protecting websites and web providers from secondary liability for certain bad acts, such as copyright violations performed by users on a facilitator's internet asset. The most wide-ranging safe-harbor provision is offered by the Digital Millennium Copyright Act of 2008, Pub. L. No. 105-304, 112 Stat. 2860 (codified at 17 § U.S.C. 101 et seq.) (DMCA).

Though the question of interpreting this part of the statute has yet to reach the Supreme Court, lower courts have been consistent in interpreting it broadly and have applied it to any entity that provides access to the internet. In particular, the court in ALS Scan, Inc. v. RemarQ Cmtys., Inc., 239 F.3d 619, 626 (4th Cir. 2001), found that a newsgroup website would fall under the definition of an internet facilitator. The court in Corbis Corp. v. Amazon.com, Inc., 351 F.Supp. 2d 1090, 1100 (W.D. Wash. 2004), found that Amazon.com fits within the definition as well.

However, the safe harbor also requires that the internet facilitator who is eligible for indemnification from secondary liability not have "actual knowledge" of the infringing material. The near universal use of internet technology, which provides actual knowledge of the content of the facilitator's site and the site's related transactions, may be used by plaintiffs to pierce the safe-harbor provision and require the internet facilitator to forfeit the protections of the safe harbor.

Internet technology that allows a facilitator to limit an internet user's bad acts is available. The three most important technologies are: automatic internet user monitoring systems, "net nannies," and internet tracking software.

Automatic internet user monitoring systems, such as screen capture utilities and key logger software, record all information that is sent to an internet facilitator's site. These monitoring systems can feed captured data to software tools which will prevent internet users from taking certain action to facilitate bad acts, such as installing malware and distributing unlawful spam, among other activities.

For more than 10 years net-nanny software has been providing internet facilitators with a secure means to web filter to avoid the use of its site for purposes deemed inappropriate. Net nannies may be used to stop the distribution of images of an unlawful nature, deny access to internet users whom the internet facilitator deems to be undesirable, and generally censor unacceptable behavior automatically on behalf of the internet facilitator.

Existing internet user-tracking software can usually narrow the radius of geographical location of an internet user within several hundred feet, without requiring the user's permission. This is done by sending a message to the target, and using the time it takes to bounce back, the internet user's IP address and Google Map software. Knowing the likely geographic location of an internet user can allow the internet facilitator to prevent internet bad acts, such as allowing a site user to send goods into a state which has deemed such goods to be contraband.

In combination, automatic internet user monitoring systems, net nannies, and internet tracking software are capable of removing unlawful or unacceptable content and sending an electronic message to the bad actor informing that person of the violation that has been committed. Internet technology may also mete out sanctions automatically. In particular, certain internet technology may automatically bar a bad actor's access after determining that a violation of the terms of use agreement associated with the internet facilitator's sites has occurred.

While changes in internet technology may change internet facilitators' liability in the United States, such changes may be blunted in Europe due to the implementation of local law. The European Union has attempted to deal with the liability of internet facilitators by issuing a series of directives.

These directives are known as the E-Commerce Directive, and it grants liability exemptions to passive internet facilitators. See Directive 2000/31/EC, arts. 40-58, 2000 O.J. (L 178) 1 (EC). The E-Commerce Directive exemptions only apply if the internet facilitators do not "collaborate" with a user to undertake illegal acts and must act expeditiously to remove access to any illegal information upon receiving notice of such illegal activities.

While the directive is binding on member states as to the effect to be achieved, it allows the implementation process to be designed by each member state for implementation in its sovereign jurisdiction. The directive does not address internet technology, thus the use or failure to use such technology is not a factor in assessing internet facilitator liability.

Even if the use of monitoring and control technology were integrated into the E-Commerce Directive, the result is not clear, as evidenced by the three cases considering YouTube's liability for user copyright infringement that parallel Viacom International Inc. v. YouTube, Inc., in Spain, Germany, and Italy.

All three countries are members of the European Union and thus subject to the E-Commerce Directive. Yet the cases have resulted in a YouTube victory in Spain, but losses for YouTube in Germany and Italy.

original article found here

Should IPs Lead in Curbing Internet Defamation?

A friend once said to me, “the internet is good for two things: slander and porn.” For those who have been the target of electronic harassment and bullying, that sentiment could not ring truer.


Too often, individuals and groups on the Internet abuse the free flow of thoughts that is the promise of the Web to turn around and attack or demean others. Oftentimes, those affected can do little to protect themselves, and find themselves on the short end of the stick.

Why does this occur? Simply put, the US has made it easy for ISPs to skirt any responsibility when it comes to what is posted on their servers. Thus some providers will turn a blind eye when a victim comes a-complaining.

It’s a shame. Take for example Google: they will only remove information when it contains personal or copyrighted data, but it is quite difficult to get them to act otherwise. While I can understand Google’s position not to get involved, in the same token most times its pretty easy to discern a malicious site from a legitimate one.

These sites will often abuse Google’s ranking algorithms to gain higher prominence in results — such as the good ‘ol Googlebomb — which is hit or miss as whether the search giant will deal with it.

Other ISPs will provide lip service to the fact that they’ll deal with this type of content, then dance around the fact when you contact them. I’ve had slanderous content written about me, and I’ve contacted the ISP whose servers hosted the content in an attempt to hold them to their policies.

What I found was a “pass the buck” mentality. This particular ISP said that since they were only leasing an IP from them, their terms of use did not apply. Strange: the traffic is still passing through you, so why would you not enforce your own policies?

Kind of like saying, “oh, this website that uses one of our IPs is a piracy site which we specifically prohibit, but we’ll let them go since they aren’t on one of our servers.” Yeah, I think the RIAA or MPAA would buy that one!

In the end, why are we so powerless against defamation in many cases? It’s all thanks to Section 230(c)(1) of the Communications Decency Act, basically. That reads:

“No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.”

Essentially, ISPs don’t have to do anything, thanks to this clause. In our effort to protect the rights of everyone, we’re indirectly protecting hurtful speech as well. That’s just great.

Other countries have begun to clamp down on online defamation. For example, in Canada, the courts are now increasingly more apt to compel websites to reveal the identities of anonymous posters when defamation is involved.

These same countries are also beginning to force ISPs to identify who’s behind websites that are defamatory. While I am a strong supporter of staying anonymous in most cases (journalism depends heavily on those types of sources), when its for malicious purposes, you shouldn’t be getting any protection.

While I am not saying the ISP should tell the defamed who’s writing about them without the courts, the threat of disclosure may stop many from writing purposely hurtful missives about their victims.

Neither am I coming at this solely because this has happened to me. I’ve always been kind of disturbed by the fact that a lot of speech that people couldn’t get away with in real life seems to be free game on the Web. It doesn’t make sense.

It is a First Amendment right to be able to say what you want. So I can understand some people’s wariness of control over what people say. But can’t those of us who are subject to the malicious words of others get some relief?

What’s so wrong with dealing with stuff like this out of a court room, that’s what I want to know?

ORIGINAL ARTICLE

IP GLOBAL POSITIONING - Find Them!

Is that person you were talking to online playing hide & seek with you? Are you getting the feeling they are not giving you accurate information about where they live and or who they are?

Death by 1000 Papercuts posted a neat little tool that anyone can use to pop in someone's IP number and find out approximately where they are:



Warning Cyberpaths: You can't hide forever!