Personal Security


In the "Digital Age"

I was driving home tonight and I was listening to "On Point, with Tom Ashbrook" (NPR). Today's topic was on "Cyberbullying", specifically a court case that may have far-reaching effects. Listen here.

The story starts with two Yale law students were harassed and libeled online by an internet community. This harassment and libel may have cost one or both of them job offers (by overly-sensitive prospective employers googleing them and having these nasty posts show first). There were also threats and stalking comments made (there were personal threats that made the individuals fear for their safety as the comments were made by people who had to have physically seen them).

To make matters worse, the host of these threads failed to act in a regulatory manner to take down these threads. Also, they (alegedly) deleted logs and subsequently disabled logging for users that post to threads, making it harder to find the anonymous culprits.

This last part troubles me. I believe in freedom of speech just like all Americans should. That being said, there are certain types of speech that should not be protected. When you feel threatened, you have a right to address that threat to ensure your personal safety and the safety of others. But if you don't know who is threatening you - other than the fact that it is some guy/girl with an internet connection - then what can you do? It is vital that the internet community self regulate certain content. If we, as hosts, don't self regulate then we may have to be regulated by an authority which is potentially far worse.

As a security practitioner, I feel that the failure of the host to pull the threads and put the users that caused this uproar on notice has caused there to be an open door for legislators to mandate certain restrictions on this type of content. This will make hosting less attractive for these new and exciting "Web 2.0" sites we all love (Why get involved in accounting for other people's words? Why become a legal target for lawsuits over content that someone else wrote?) . Also, security professionals will need to concern themselves with accounting for each logged in session. This detracts from the overall secuity of the site. Very bad news, indeed.

I hope this black mark can be sorted out without any far-reaching effects and I hope that hosts can learn to self regulate effectively enough to prevent any future legislation.

-Tim
Posted on 1:40 AM by Tim Cronin and filed under | 0 Comments »

0 comments: