About CVE

Terminology
Documents
FAQs
CVE List

About CVE Identifiers
Obtain a CVE Identifier
Search CVE
Search NVD
CVE In Use

CVE Adoption
CVE-Compatible Products
NVD for CVE Fix Information
More . . .
News & Events

Calendar
Free Newsletter
Community

CVE Editorial Board
Sponsor
Contact Us

Search the Site

CVE Community

Editorial Board
Mail List & Meetings Archive
Roles, Tasks, & Qualifications
Adding New Members
Sponsor

CVE In Use

CVE Compatible Products and Services
More . . .

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cybercrime treaty

To: "Magdych, Jim" <Jim_Magdych@nai.com>
Subject: Re: Cybercrime treaty
From: Dave Mann <dmann@bindview.com>
Date: Fri, 05 May 2000 09:51:11 -0400
CC: "'Russ'" <Russ.Cooper@rc.on.ca>, cve-editorial-board-list@lists.mitre.org
Delivery-Date: Fri May 5 09:53:20 2000
References: <150C5D516A43D211A5EF00A0C99D758F02101590@ca-exchange3.nai.com>
Sender: owner-cve-editorial-board-list@lists.mitre.org

"Magdych, Jim" wrote:
> Sorry if that sounded dismissive...  I am absolutely NOT saying that
> it doesn't matter.  I just wanted to point out that some of the
> arguments (particularly the one I made earlier) were fairly
> US-centric.  It IS, for example, a crime to own a gun in some
> European countries.

Good point.

I'm still struggling with whether or not the ambiguity of
the language is a problem or not!

First, I note that I am not well versed in the issues of how public
policy is shaped by international treaties.  And at the risk of being
inflamatory, I will suggest that the CVE Editorial Board does not
have ANY experts on international law on it.   This is NOT a
criticism, nor is it meant to suggest that we should do nothing.
But, I would suggest that we, as a Board, seek the advice and
input of those who may be able to shed light on the pros and
cons of ambiguous treaty language.

BTW, the example of gun ownership is precisely what is motivating
me here.  Some countries may choose to make it illegal to ban
exploit code in much the same way that they ban guns.   While
I may strongly disagree with both of these (Mike, you aren't
the only gun totin' redneck here), I recognize that it is within
their soverign right to do so.   This leads me to question the
purpose of such a treaty.  Are there higher purposes that are
served by drafting a internation treaty that is vague enough
to allow *some* countries to ban exploit code while
allowing other countries not to ban it?   Is the ambiguity
the result of a political comprimise to gain broader acceptance
or is it misguided bumbling by beaurocrats who don't understand
the technology?

I'm not sure and would love to hear some input from some folks
who regularly deal with policy issues at the federal level.

Steve Christey, perhaps MITRE could open a dialogue with somebody
like Jeffery Hunker and bring him into the discussion by acting
as his proxy to the board.  Perhaps others could suggest good
sources from outside of the US to gain a broader international
perspective.

Dave

--
==============================================================
Dave Mann                ||   e-mail:  dmann@bos.bindview.com
Senior Security Analyst  ||    phone:  508-485-7737   x254
BindView Corporation     ||      fax:  508-485-0737

References:
- RE: Cybercrime treaty
  - From: "Magdych, Jim" <Jim_Magdych@nai.com>

Prev by Date: Re: Cybercrime treaty
Next by Date: Re: Cybercrime treaty
Prev by thread: RE: Cybercrime treaty
Next by thread: Re: Cybercrime treaty
Index(es):
- Date
- Thread

Page Last Updated: May 22, 2007