SlideShare a Scribd company logo

Hacking tools, a criminal offence?

ResearchTalks [cultural & science speed-dating]
ResearchTalks [cultural & science speed-dating]

by Benjamin Henrion

Technology
1 of 14
Hacking Tools, a criminal offence? Benjamin Henrion (FFII.org), 22 Oct 2012
About ● Foundation for a Free Information Infrastructure eV ● Active on many law related subjects: ■ ACTA ■ Software Patents directive, now Unitary Patent ■ IPRED1 (civil) and IPRED2 (criminal) ■ Data retention ■ Network of software companies and developers ● Personal ■ zoobab.com @zoobab ■ VoIP industry ■ HackerSpace.be ■ JTAG and reverse-engineering
Proposed EU directive ● Judicial cooperation in criminal matters: combatting attacks against information systems (COD 2010/0273) ● Repealing Framework Decision JHA 2005 ● Lisbon treaty: new criminal competences for EU ● First reading, deal between Council and Parliament
Parliament press release "The proposal also target tools used to commit offences: the production or sale of devices such as computer programs designed for cyber-attacks, or which find a computer password by which an information system can be accessed, would constitute criminal offences."
EESC opinion "[...] it will include new elements: (a) It penalises the production, sale, procurement for use, import, distribution or otherwise making available of devices/tools used for committing the offences."
Problems ● Tools are "neutral" ● "Hacking" tools have positive/negative use ● Intent: criteria for a judge ● Following this logic, knifes or hammers should be banned? ● Publication of exploits is a crime ● Level of security is lowered ● Exodus of security companies abroad, attackers from foreign countries are safe
Amendment example - Final art7
Amendment example - Final art8
Amendment example - Art 8bis Responsabilité des fabriquants "Les États membres prennent les mesures nécessaires afin de garantir que les fabricants soient tenus pour pénalement responsables de la production, de la mise sur le marché, de la commercialisation, de l'exploitation, ou du défaut de sécurité suffisante, de produits et de systèmes qui sont défectueux ou qui présentent des faiblesses de sécurité avérées qui peuvent faciliter des cyberattaques ou la perte de données."
German law of 2007 ● "Many other German security researchers, meanwhile, have pulled their proof-of-concept exploit code and hacking tools offline for fear of prosecution."
Kismac WiFi scanner
Status of the proposed directive ● Deal in secret closed doors Tri-logue (EC, EP, CM) ● June 2012 ● Orientation vote in LIBE ● Blocked because of Schengen discussions ● Formality in LIBE ● Formality in Plenary?
Status of the proposed directive ● Deal in secret closed doors Tri-logue (EC, EP, CM) ● June 2012 ● Orientation vote in LIBE ● Blocked because of Schengen discussions ● Formality in LIBE ● Formality in Plenary?
Compromise deal ● Extracts ● "Intent" ● "Aiding abetting inciting" examples ● Still ambiguous ● "Minor act" not defined ● Liability for IT systems vendors gone ● Etc...

Recommended

Emerging internet trends that will shape the global economy
Emerging internet trends that will shape the global economyEmerging internet trends that will shape the global economy
Emerging internet trends that will shape the global economyWB_Research
 
Towela_Trans boundary issues in cybersecurity
Towela_Trans boundary issues in cybersecurityTowela_Trans boundary issues in cybersecurity
Towela_Trans boundary issues in cybersecurityAFRINIC
 
Eiba 16.12.2017
Eiba 16.12.2017Eiba 16.12.2017
Eiba 16.12.2017Fabio Marazzi
 
Gdpr applies slides june 2019 [autosaved]
Gdpr applies slides june 2019 [autosaved]Gdpr applies slides june 2019 [autosaved]
Gdpr applies slides june 2019 [autosaved]Martin O'Dwyer
 
Vodafone security priorities in Greece
Vodafone security priorities in GreeceVodafone security priorities in Greece
Vodafone security priorities in GreeceKevin Duffey
 
North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...DATA SECURITY SOLUTIONS
 
TRIPS & WIPO
TRIPS & WIPOTRIPS & WIPO
TRIPS & WIPOAbhinandan Kumar
 
Cyber Academic Startup Accelerator Programme
Cyber Academic Startup Accelerator ProgrammeCyber Academic Startup Accelerator Programme
Cyber Academic Startup Accelerator ProgrammeDuncan Purves
 

Recommended

Emerging internet trends that will shape the global economy
Emerging internet trends that will shape the global economyEmerging internet trends that will shape the global economy
Emerging internet trends that will shape the global economyWB_Research
 
Towela_Trans boundary issues in cybersecurity
Towela_Trans boundary issues in cybersecurityTowela_Trans boundary issues in cybersecurity
Towela_Trans boundary issues in cybersecurityAFRINIC
 
Eiba 16.12.2017
Eiba 16.12.2017Eiba 16.12.2017
Eiba 16.12.2017Fabio Marazzi
 
Gdpr applies slides june 2019 [autosaved]
Gdpr applies slides june 2019 [autosaved]Gdpr applies slides june 2019 [autosaved]
Gdpr applies slides june 2019 [autosaved]Martin O'Dwyer
 
Vodafone security priorities in Greece
Vodafone security priorities in GreeceVodafone security priorities in Greece
Vodafone security priorities in GreeceKevin Duffey
 
North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...DATA SECURITY SOLUTIONS
 
TRIPS & WIPO
TRIPS & WIPOTRIPS & WIPO
TRIPS & WIPOAbhinandan Kumar
 
Cyber Academic Startup Accelerator Programme
Cyber Academic Startup Accelerator ProgrammeCyber Academic Startup Accelerator Programme
Cyber Academic Startup Accelerator ProgrammeDuncan Purves
 
Trustworthy Infrastructure for Personal Data Management
Trustworthy Infrastructure for Personal Data ManagementTrustworthy Infrastructure for Personal Data Management
Trustworthy Infrastructure for Personal Data ManagementIoannis Krontiris
 
Security Beyond Compliance: Using Tokenisation for Data Protection by Design ...
Security Beyond Compliance: Using Tokenisation for Data Protection by Design ...Security Beyond Compliance: Using Tokenisation for Data Protection by Design ...
Security Beyond Compliance: Using Tokenisation for Data Protection by Design ...TokenEx
 
Smartie - Project overview
Smartie - Project overview Smartie - Project overview
Smartie - Project overview DunavNET
 
International business law ch. 17
International business law ch. 17International business law ch. 17
International business law ch. 17Frank Cavaliere
 
dcb1222 - Feature3
dcb1222 - Feature3dcb1222 - Feature3
dcb1222 - Feature3Julie Shennan
 
SMARTIE
SMARTIESMARTIE
SMARTIEDunavNET
 
Trips
TripsTrips
TripsMalla Reddy College of Pharmacy
 
Trips plus edited
Trips plus editedTrips plus edited
Trips plus editedAltacit Global
 
CTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin KoyabeCTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin Koyabesegughana
 
TRIPS Agreement (Part-1)
TRIPS Agreement (Part-1)TRIPS Agreement (Part-1)
TRIPS Agreement (Part-1)A K DAS's | Law
 
Laws of interest to security professionals
Laws of interest to security professionalsLaws of interest to security professionals
Laws of interest to security professionalsShivani Gamit
 
Intellectual property in the wto and inter institutional cooperation
Intellectual property in the wto and inter institutional cooperationIntellectual property in the wto and inter institutional cooperation
Intellectual property in the wto and inter institutional cooperationSusan Isiko
 
Privacy post-Snowden
Privacy post-SnowdenPrivacy post-Snowden
Privacy post-Snowdenblogzilla
 
Trips
TripsTrips
TripsInstitute of Management in Kerala
 
Mobile Monday Brusselsmeeting220609
Mobile Monday Brusselsmeeting220609Mobile Monday Brusselsmeeting220609
Mobile Monday Brusselsmeeting220609Mobile Monday Brussels
 
Rin armenia icin 2020
Rin armenia icin 2020Rin armenia icin 2020
Rin armenia icin 2020Eduard Grasa
 
EU data protection issues in IoT
EU data protection issues in IoTEU data protection issues in IoT
EU data protection issues in IoTFrancesca Giannoni-Crystal
 
"Innovations" of copyright and intellectual properties
"Innovations" of copyright and intellectual properties"Innovations" of copyright and intellectual properties
"Innovations" of copyright and intellectual propertiesWendy Lile
 
Open Source Creativity
Open Source CreativityOpen Source Creativity
Open Source CreativitySara Cannon
 
The impact of innovation on travel and tourism industries (World Travel Marke...
The impact of innovation on travel and tourism industries (World Travel Marke...The impact of innovation on travel and tourism industries (World Travel Marke...
The impact of innovation on travel and tourism industries (World Travel Marke...Brian Solis
 
Reuters: Pictures of the Year 2016 (Part 2)
Reuters: Pictures of the Year 2016 (Part 2)Reuters: Pictures of the Year 2016 (Part 2)
Reuters: Pictures of the Year 2016 (Part 2)maditabalnco
 
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job? Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job? Stanford GSB Corporate Governance Research Initiative
 

More Related Content

What's hot

Trustworthy Infrastructure for Personal Data Management
Trustworthy Infrastructure for Personal Data ManagementTrustworthy Infrastructure for Personal Data Management
Trustworthy Infrastructure for Personal Data ManagementIoannis Krontiris
 
Security Beyond Compliance: Using Tokenisation for Data Protection by Design ...
Security Beyond Compliance: Using Tokenisation for Data Protection by Design ...Security Beyond Compliance: Using Tokenisation for Data Protection by Design ...
Security Beyond Compliance: Using Tokenisation for Data Protection by Design ...TokenEx
 
Smartie - Project overview
Smartie - Project overview Smartie - Project overview
Smartie - Project overview DunavNET
 
International business law ch. 17
International business law ch. 17International business law ch. 17
International business law ch. 17Frank Cavaliere
 
CTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin KoyabeCTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin Koyabesegughana
 
TRIPS Agreement (Part-1)
TRIPS Agreement (Part-1)TRIPS Agreement (Part-1)
TRIPS Agreement (Part-1)A K DAS's | Law
 
Laws of interest to security professionals
Laws of interest to security professionalsLaws of interest to security professionals
Laws of interest to security professionalsShivani Gamit
 
Intellectual property in the wto and inter institutional cooperation
Intellectual property in the wto and inter institutional cooperationIntellectual property in the wto and inter institutional cooperation
Intellectual property in the wto and inter institutional cooperationSusan Isiko
 
Privacy post-Snowden
Privacy post-SnowdenPrivacy post-Snowden
Privacy post-Snowdenblogzilla
 
Rin armenia icin 2020
Rin armenia icin 2020Rin armenia icin 2020
Rin armenia icin 2020Eduard Grasa
 
"Innovations" of copyright and intellectual properties
"Innovations" of copyright and intellectual properties"Innovations" of copyright and intellectual properties
"Innovations" of copyright and intellectual propertiesWendy Lile
 

What's hot (18)

Trustworthy Infrastructure for Personal Data Management
Trustworthy Infrastructure for Personal Data ManagementTrustworthy Infrastructure for Personal Data Management
Trustworthy Infrastructure for Personal Data Management
 
Security Beyond Compliance: Using Tokenisation for Data Protection by Design ...
Security Beyond Compliance: Using Tokenisation for Data Protection by Design ...Security Beyond Compliance: Using Tokenisation for Data Protection by Design ...
Security Beyond Compliance: Using Tokenisation for Data Protection by Design ...
 
Smartie - Project overview
Smartie - Project overview Smartie - Project overview
Smartie - Project overview
 
International business law ch. 17
International business law ch. 17International business law ch. 17
International business law ch. 17
 
dcb1222 - Feature3
dcb1222 - Feature3dcb1222 - Feature3
dcb1222 - Feature3
 
SMARTIE
SMARTIESMARTIE
SMARTIE
 
Trips
TripsTrips
Trips
 
Trips plus edited
Trips plus editedTrips plus edited
Trips plus edited
 
CTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin KoyabeCTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin Koyabe
 
TRIPS Agreement (Part-1)
TRIPS Agreement (Part-1)TRIPS Agreement (Part-1)
TRIPS Agreement (Part-1)
 
Laws of interest to security professionals
Laws of interest to security professionalsLaws of interest to security professionals
Laws of interest to security professionals
 
Intellectual property in the wto and inter institutional cooperation
Intellectual property in the wto and inter institutional cooperationIntellectual property in the wto and inter institutional cooperation
Intellectual property in the wto and inter institutional cooperation
 
Privacy post-Snowden
Privacy post-SnowdenPrivacy post-Snowden
Privacy post-Snowden
 
Trips
TripsTrips
Trips
 
Mobile Monday Brusselsmeeting220609
Mobile Monday Brusselsmeeting220609Mobile Monday Brusselsmeeting220609
Mobile Monday Brusselsmeeting220609
 
Rin armenia icin 2020
Rin armenia icin 2020Rin armenia icin 2020
Rin armenia icin 2020
 
EU data protection issues in IoT
EU data protection issues in IoTEU data protection issues in IoT
EU data protection issues in IoT
 
"Innovations" of copyright and intellectual properties
"Innovations" of copyright and intellectual properties"Innovations" of copyright and intellectual properties
"Innovations" of copyright and intellectual properties
 

Viewers also liked

Open Source Creativity
Open Source CreativityOpen Source Creativity
Open Source CreativitySara Cannon
 
The impact of innovation on travel and tourism industries (World Travel Marke...
The impact of innovation on travel and tourism industries (World Travel Marke...The impact of innovation on travel and tourism industries (World Travel Marke...
The impact of innovation on travel and tourism industries (World Travel Marke...Brian Solis
 
Reuters: Pictures of the Year 2016 (Part 2)
Reuters: Pictures of the Year 2016 (Part 2)Reuters: Pictures of the Year 2016 (Part 2)
Reuters: Pictures of the Year 2016 (Part 2)maditabalnco
 
The Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post FormatsThe Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post FormatsBarry Feldman
 
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldaba
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika AldabaLightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldaba
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldabaux singapore
 
The Outcome Economy
The Outcome EconomyThe Outcome Economy
The Outcome EconomyHelge Tennø
 

Viewers also liked (7)

Open Source Creativity
Open Source CreativityOpen Source Creativity
Open Source Creativity
 
The impact of innovation on travel and tourism industries (World Travel Marke...
The impact of innovation on travel and tourism industries (World Travel Marke...The impact of innovation on travel and tourism industries (World Travel Marke...
The impact of innovation on travel and tourism industries (World Travel Marke...
 
Reuters: Pictures of the Year 2016 (Part 2)
Reuters: Pictures of the Year 2016 (Part 2)Reuters: Pictures of the Year 2016 (Part 2)
Reuters: Pictures of the Year 2016 (Part 2)
 
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job? Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
 
The Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post FormatsThe Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post Formats
 
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldaba
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika AldabaLightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldaba
Lightning Talk #9: How UX and Data Storytelling Can Shape Policy by Mika Aldaba
 
The Outcome Economy
The Outcome EconomyThe Outcome Economy
The Outcome Economy
 

Similar to Hacking tools, a criminal offence?

Ethical hacking, the way to get product & solution confidence and trust in an...
Ethical hacking, the way to get product & solution confidence and trust in an...Ethical hacking, the way to get product & solution confidence and trust in an...
Ethical hacking, the way to get product & solution confidence and trust in an...Pierre-Jean Verrando
 
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...South Tyrol Free Software Conference
 
Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) ClubHack
 
Software Patents in Europe via caselaw of a Central Patent Court
Software Patents in Europe via caselaw of a Central Patent CourtSoftware Patents in Europe via caselaw of a Central Patent Court
Software Patents in Europe via caselaw of a Central Patent Courtzoobab
 
Cybersecurity and Internet Governance
Cybersecurity and Internet GovernanceCybersecurity and Internet Governance
Cybersecurity and Internet GovernanceKenny Huang Ph.D.
 
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...44CON
 
Cybercrime Risks Eu
Cybercrime Risks EuCybercrime Risks Eu
Cybercrime Risks Eumanelmedina
 
20161201 witdom bdva summit
20161201 witdom bdva summit20161201 witdom bdva summit
20161201 witdom bdva summitElsa Prieto
 
CTO-CybersecurityForum-2010-Richard Simpson
CTO-CybersecurityForum-2010-Richard SimpsonCTO-CybersecurityForum-2010-Richard Simpson
CTO-CybersecurityForum-2010-Richard Simpsonsegughana
 
Introduction to new technologies
Introduction to new technologiesIntroduction to new technologies
Introduction to new technologiesTracey Roberts
 
20CS2024 Ethics in Information Technology
20CS2024 Ethics in Information Technology20CS2024 Ethics in Information Technology
20CS2024 Ethics in Information TechnologyKathirvel Ayyaswamy
 
L12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxL12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxtalhajann43
 
International Cybercrime (Part 1)
International Cybercrime (Part 1)International Cybercrime (Part 1)
International Cybercrime (Part 1)GrittyCC
 
EU Data Protection Regulation 26 June 2012
EU Data Protection Regulation 26 June 2012EU Data Protection Regulation 26 June 2012
EU Data Protection Regulation 26 June 2012Chris Marsden
 
Legal certainty as a tool for the spread of the internet of things
Legal certainty as a tool for the spread of the internet of thingsLegal certainty as a tool for the spread of the internet of things
Legal certainty as a tool for the spread of the internet of thingsGuido Noto La Diega
 
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Black Duck by Synopsys
 
The potential impact of legislation on AI and Machine Learning (New Zealand f...
The potential impact of legislation on AI and Machine Learning (New Zealand f...The potential impact of legislation on AI and Machine Learning (New Zealand f...
The potential impact of legislation on AI and Machine Learning (New Zealand f...Daniil Ivshin
 

Similar to Hacking tools, a criminal offence? (20)

Ethical hacking, the way to get product & solution confidence and trust in an...
Ethical hacking, the way to get product & solution confidence and trust in an...Ethical hacking, the way to get product & solution confidence and trust in an...
Ethical hacking, the way to get product & solution confidence and trust in an...
 
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
SFScon19 - Eugenio Bettella Marco Reguzzoni - Internet of Things & cybersecur...
 
Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 )
 
Day 02 - EDPS Technology & Privacy unit.pdf
Day 02 - EDPS Technology & Privacy unit.pdfDay 02 - EDPS Technology & Privacy unit.pdf
Day 02 - EDPS Technology & Privacy unit.pdf
 
Software Patents in Europe via caselaw of a Central Patent Court
Software Patents in Europe via caselaw of a Central Patent CourtSoftware Patents in Europe via caselaw of a Central Patent Court
Software Patents in Europe via caselaw of a Central Patent Court
 
Cybersecurity and Internet Governance
Cybersecurity and Internet GovernanceCybersecurity and Internet Governance
Cybersecurity and Internet Governance
 
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
 
Cybercrime Risks Eu
Cybercrime Risks EuCybercrime Risks Eu
Cybercrime Risks Eu
 
20161201 witdom bdva summit
20161201 witdom bdva summit20161201 witdom bdva summit
20161201 witdom bdva summit
 
CTO-CybersecurityForum-2010-Richard Simpson
CTO-CybersecurityForum-2010-Richard SimpsonCTO-CybersecurityForum-2010-Richard Simpson
CTO-CybersecurityForum-2010-Richard Simpson
 
Introduction to new technologies
Introduction to new technologiesIntroduction to new technologies
Introduction to new technologies
 
20CS2024 Ethics in Information Technology
20CS2024 Ethics in Information Technology20CS2024 Ethics in Information Technology
20CS2024 Ethics in Information Technology
 
L12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptxL12. Digital Forensics BS.pptx
L12. Digital Forensics BS.pptx
 
International Cybercrime (Part 1)
International Cybercrime (Part 1)International Cybercrime (Part 1)
International Cybercrime (Part 1)
 
EU Data Protection Regulation 26 June 2012
EU Data Protection Regulation 26 June 2012EU Data Protection Regulation 26 June 2012
EU Data Protection Regulation 26 June 2012
 
Legal certainty as a tool for the spread of the internet of things
Legal certainty as a tool for the spread of the internet of thingsLegal certainty as a tool for the spread of the internet of things
Legal certainty as a tool for the spread of the internet of things
 
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
 
Gikii23 Marsden
Gikii23 MarsdenGikii23 Marsden
Gikii23 Marsden
 
The potential impact of legislation on AI and Machine Learning (New Zealand f...
The potential impact of legislation on AI and Machine Learning (New Zealand f...The potential impact of legislation on AI and Machine Learning (New Zealand f...
The potential impact of legislation on AI and Machine Learning (New Zealand f...
 
CTO Cybersecurity Forum 2013 Auguste Yankey
CTO Cybersecurity Forum 2013 Auguste YankeyCTO Cybersecurity Forum 2013 Auguste Yankey
CTO Cybersecurity Forum 2013 Auguste Yankey
 

Recently uploaded

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 

Recently uploaded (20)

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 

Hacking tools, a criminal offence?

  • 1. Hacking Tools, a criminal offence? Benjamin Henrion (FFII.org), 22 Oct 2012
  • 2. About ● Foundation for a Free Information Infrastructure eV ● Active on many law related subjects: ■ ACTA ■ Software Patents directive, now Unitary Patent ■ IPRED1 (civil) and IPRED2 (criminal) ■ Data retention ■ Network of software companies and developers ● Personal ■ zoobab.com @zoobab ■ VoIP industry ■ HackerSpace.be ■ JTAG and reverse-engineering
  • 3. Proposed EU directive ● Judicial cooperation in criminal matters: combatting attacks against information systems (COD 2010/0273) ● Repealing Framework Decision JHA 2005 ● Lisbon treaty: new criminal competences for EU ● First reading, deal between Council and Parliament
  • 4. Parliament press release "The proposal also target tools used to commit offences: the production or sale of devices such as computer programs designed for cyber-attacks, or which find a computer password by which an information system can be accessed, would constitute criminal offences."
  • 5. EESC opinion "[...] it will include new elements: (a) It penalises the production, sale, procurement for use, import, distribution or otherwise making available of devices/tools used for committing the offences."
  • 6. Problems ● Tools are "neutral" ● "Hacking" tools have positive/negative use ● Intent: criteria for a judge ● Following this logic, knifes or hammers should be banned? ● Publication of exploits is a crime ● Level of security is lowered ● Exodus of security companies abroad, attackers from foreign countries are safe
  • 7. Amendment example - Final art7
  • 8. Amendment example - Final art8
  • 9. Amendment example - Art 8bis Responsabilité des fabriquants "Les États membres prennent les mesures nécessaires afin de garantir que les fabricants soient tenus pour pénalement responsables de la production, de la mise sur le marché, de la commercialisation, de l'exploitation, ou du défaut de sécurité suffisante, de produits et de systèmes qui sont défectueux ou qui présentent des faiblesses de sécurité avérées qui peuvent faciliter des cyberattaques ou la perte de données."
  • 10. German law of 2007 ● "Many other German security researchers, meanwhile, have pulled their proof-of-concept exploit code and hacking tools offline for fear of prosecution."
  • 12. Status of the proposed directive ● Deal in secret closed doors Tri-logue (EC, EP, CM) ● June 2012 ● Orientation vote in LIBE ● Blocked because of Schengen discussions ● Formality in LIBE ● Formality in Plenary?
  • 13. Status of the proposed directive ● Deal in secret closed doors Tri-logue (EC, EP, CM) ● June 2012 ● Orientation vote in LIBE ● Blocked because of Schengen discussions ● Formality in LIBE ● Formality in Plenary?
  • 14. Compromise deal ● Extracts ● "Intent" ● "Aiding abetting inciting" examples ● Still ambiguous ● "Minor act" not defined ● Liability for IT systems vendors gone ● Etc...