AN AUSTRALIAN TEENAGER is learning the hard truth about being accused of defacing websites, a very serious crime that can result in decades spent in prison.
We've seen multi-decade prison sentences threatened for years. Gary McKinnon spent a decade pondering as much as 60 years in a US prison, and Aaron Swartz faced a similar prison sentence for releasing documents belonging to an organisation that didn't want to see him prosecuted.
Everywhere you look butterflies are being broken on wheels. Now in Australia a 17 year old apparently is in big trouble for allegedly accessing and defacing some websites.
According to a statement from the Australian Federal Police, the unnamed youth is allegedly associated with Anonymous, and allegedly took part in a computer hacking and defacement spree as part of a protest.
"Protesting through computer intrusions and website defacements is not an appropriate method to raise public awareness about any issue," said local cyber crime police Commander Glen McEwen.
"The AFP investigates various types of cybercrime and will continue to take a strong stance against these perpetrators."
In this case the alleged miscreant faces 20 counts of various kinds of computer access and impairment that add up to 25 years.
He will appear in Children's court in mid-May to face six charges of unauthorised modification of data to cause impairment, one count of unauthorised access with intent to commit a serious offence, one count of possession of data with intent to commit a computer offence, and 12 counts of unauthorised access to restricted data.
In the US there are moves to strengthen computer crime laws, but also increasing pressure to resist them.
The suicide of Aaron Swartz could have been the the high-water mark in the debate, and ever since then a softening of rules and penalties has been on the agenda for some.
In a letter (PDF) released earlier this week and aimed at regulators, groups including the ACLU, the Electronic Frontier Foundation, and the Center for Internet and Society appealed against plans to amend the Computer Fraud and Abuse Act (CFAA) to make it even more draconian.
"Unfortunately, the draft under discussion is a significant expansion of the CFAA at a time when public opinion is demanding the law be narrowed," it warned.
According to the letter the expanded CFAA would muddy up the waters further. It warns that it would "obliterate the sensible line between criminal attackers and legitimate users" who have some authorisation to alter information, but might do so in a manner "disfavored by the server owner", for example.
It is also likely to increase sentences at a time when people are already appalled at the decades being threatened.
It warned that the new CFAA would "substantially increase maximum penalties for many violations to 20 years or more - giving prosecutors a heavy hammer to hang over individuals charged with borderline offenses, and ensuring even minor violations with little or no economic harm will be punished as felonies".
The authors of the letter, of which there are many, said that they cannot support the proposed additions, but would back ones that reflect changes in society and the move we all recently made into the 21st century.
"We therefore urge the Committee to reject the proposed draft language, including increased penalties," they said in closing.
"Instead, this Committee should adopt amendments that would bring the CFAA into the 21st century, with sensible fixes that will protect the ordinary Internet user, while addressing the serious problem of malicious computer attacks." µ
Plus, it's goodbye to Device Assist
Vulnerabilities in the iOS sandbox thankfully found by the good guys
Data watchdog will make sure firm is being fully transparent about the controversial move
Chinese firm reportedly forces staff to do 82 hours of overtime a month