Trojans, Agents and Tags: The New Generation of Investigators

You are Pwned:
On demand composable systems
and the law
A Kantian preface
• What can we know?
• What shall we do?
• What can we hope for?
• What does it mean to be human?
What can we hope for?
• To be secure in secure in our persons,
houses, papers, and effects
• From governments AND private companies
What must we do?
•
•
•
•
•
Security (criminal law)
Privacy (DP law, Human rights law)
Copyright (private law)
Bandwidth (public and administrative law
Delictual liability (private law)
Security
• Example issue: Computer Fraud and Abuse
Act
• „unauthorised access“
• United States v. Drew
• United States v. Nosal
• Data breach notification duties
• European Directive 2001/29/EC /DMCA
(DRM circumvention)
Privacy
•
•
•
•
Exemplary issues:
European data Protection Regulation
Privacy by design and by default
Data portability
Copyright
• Exemplary issue:
• "Oracle America, Inc. v. Google, Inc"
Bandwidth I: Old Infrastructure
• Exemplary issue: net neutrality, Title II
(common carrier) of the Communications
Act of 1934
Bandwidth II: new infrastructure
• Exemplary issue:Google and SpaceX
alliance
Liability
• Exemplary issue: negligence, forseability
and state of the art defence
• Exemplary issue: insurance market
• On populare demands: SLAs
• 2014 European Cloud SLA Standardisation
Guidelines from C-SIG, and the related
discussion by the ISO/IEC JTC1 Working Group
on international standards for SLAs
What can we know?
•
•
•
•
Security research culture and the law
Privacy as a research obstacle
Copyright as a research obstacle
Copyright (and other IP) as dissemination
obstacle/enabler
How copyright law could get you killed
• Exemplary issue: the tale of the hacked
insulin pump.