Hollywood Wants Right to Use Malware Against Pirates
Thinks Congress Should Start Talking About it
The almost-respectfully-sounding Commission on the Theft of American Intellectual Property (read: the entertainment industry) has come up with a new 84 page report
(pdf) that has a few curious recommendations for Congress. Among them is the request by the industry that they be allowed to use malware, trojans, and other countermeasures against pirates. That includes the use of so-called "ransomware," which would allow the entertainment industry to lock down your computer and all of your files -- until you purportedly confess to downloading copyrighted materials:
Additionally, software can be written that will allow only authorized users to open files containing valuable information. If an unauthorized person accesses the information, a range of actions might then occur. For example, the file could be rendered inaccessible and the unauthorized user’s computer could be locked down, with instructions on how to contact law enforcement to get the password needed to unlock the account. Such measures do not violate existing laws on the use of the Internet, yet they serve to blunt attacks and stabilize a cyber incident to provide both time and evidence for law enforcement to become involved.
And it gets more interesting:
While not currently permitted under US law, there are increasing calls for creating a more permissive environment for active network defence that allows companies not only to stabilise a situation, but to take further steps, including actively retrieving stolen information, altering it within the intruder's networks or even destroying the information within an unauthorised network. Additional measures go further, including photographing the hacker using his own system's camera, implanting malware in the hacker's network, or even physically disabling or destroying the hacker's own computer or network.
While the report does proceed to suggest not all of these approaches may be practical right now, it does suggest that we begin having "informed deliberations" on allowing companies to take more aggressive counter-measures for those who engage in intellectual property theft.