Digital environments and legislation
Brad Smith, Microsoft’s president, has come up with the idea of amending once again the Geneva Conventions to try to stop the mounting use of state-sponsored hacking.
I have always been critical of the tendency to over legislate, to rewrite laws to adapt them to the internet era. The internet does not require new laws or special laws, it simply requires that judges have the flexibility to interpret what is a crime or is not, albeit it in a different environment. The best way to assess whether something that happens on the internet might be punishable is first to remove the internet from the equation and consider how we would judge it if it had occurred in the physical world. A robbery is a robbery, wherever it takes place, defamation is defamation on the internet or social networks or on the street, and the same applies to an attack on a country, irrespective of whether it is launched through the internet or by a spy in mac and and dark glasses. That is why the idea of not promoting laws as such, but instead dealing with issues via discussion forums where things are called by their name and problems isolated, makes more sense to me than the idea of making new laws right and left when others already exist that are clearly sufficient and respond to a social consensus built up over a long period of time.
One of the main problems facing the internet is that as with all innovation there are groups of malicious or criminal people trying to take advantage of the characteristics of a new environment. Usually, the law is slow to respond to this kind of issue, particularly in countries whose legal codes are based on civil law rather than common law, which relies on precedent and that tend to be more flexible and adaptable. When the performance of people who distort the new environment for illicit benefit: dialers, spammers, scammers, phishers, identity thiefs, domainers or whatever, are a disincentive to innovation, and the law has to act quickly and decisively to stop these abuses immediately as it would against any other kind of crime.
The fact that we are seeing war carried out between countries through espionage and cyber attacks through the network and the international community is doing nothing to help typify and define this type of issues, identifying and separating them from possible grey areas, has a lot to do with what happens in defining crimes of other types.
Do we need to amend the Geneva Convention to adapt it to the digital environment? I do not know. International relations is a complex and undoubtedly convoluted area in legal terms, but establishing certain definitions in a document that is the product of consensus and that can be invoked, or used eventually as a sanctioning tool, would do not harm. And, in passing, we could address the slowness with which justice, in general, is adapting to these new environments defined by technology, and what the factors are in speeding things up.
(En español, aquí)
