[ISN] Conflict holding up hacker bill

From: mea culpa (jerichoat_private)
Date: Fri Feb 12 1999 - 16:15:08 PST

  • Next message: mea culpa: "[ISN] Army Signal Command protecting networks from hackers"

    Forwarded From: William Knowles <erehwonat_private>
    (Daily Yomiuri On-Line) [2.9.99] The National Police Agency and the Posts
    and Telecommunications Ministry are sharply divided over a bill to deal
    with the problem of hackers, which the two bodies are expected to submit
    jointly during the current Diet session.
    The bill is to be based on two drafts that they prepared separately and
    announced in November.
    The NPA argues in favor of logs of messages sent through computer
    networks, as they would be useful in tracing transactions and could
    provide information in police investigations.
    The Posts and Telecommunications Ministry, however, argues against them,
    saying such logs would constitute an invasion of privacy, which is
    The two bodies agree in principle that the government must take action
    against hackers. As there is no law prohibiting people from breaking into
    networks, the United States and some European countries have expressed
    fears that Japan could become a haven for hackers. 
    The most intense conflict has been over the issue of whether the
    government should make it obligatory for Internet servers and other
    companies to keep logs. 
    According to the NPA draft, firms would have to keep a record of, for
    example, users' IDs, passwords and their messages for up to three months.
    They would also be required to report instances of access to their
    The ministry's draft, on the other hand, emphasizes privacy rights and
    keeping companies' responsibilities to a minimum. Records need only
    contain fees charged to users and specific measures taken to prevent
    people from accessing their networks, it says.
    Its draft would allow companies to decide for themselves how long to
    preserve such information, and stipulates that when the records no longer
    serve any purpose, they should be erased. 
    The NPA and the ministry have held several rounds of talks on the issue.
    "Without detailed logs, it will be impossible to prove cases of hacking,
    thus defeating the purpose of the new law," an NPA official said.
    However, a ministry official said that logs should be erased if they are
    no longer of any use and contain no information related to hacking, as
    they would constitute a violation of privacy rights.
    Another government official said the debate between the NPA and the
    ministry reveals differences in their respective philosophies, rather than
    in their approach to discussing points of policy.
    The two bodies have posted their drafts on Web sites to test public
    opinion, which has also been divided on the issue of keeping logs.
    The Japan Federation of Bar Associations opposes the NPA draft. 
    "The draft is potentially dangerous in that police may keep watch over a
    wide range of online activities," it said.
    The Japan Local Access Providers Association is largely in favor of the
    NPA's plan. However, some members fear that the administrative work
    involved would pose a huge burden.
    In December 1997, the European Union laid down a general guideline that
    Internet service providers should immediately erase records concerning
    user messages.
    At the Group of Eight summit meeting in Britain last year, it was resolved
    that logs should be kept, but in a manner that does not violate users'
    However, no international agreements have been reached on the issue, and
    only a few countries, such as Belgium, have made moves to draw up
    legislation against hacking.
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:19:02 PDT