Anonymity in Cyberspace: Finding the Balance
Date: July 09, 2006Source: Computer Crime Research Center
By:
... of the powers and procedures provided for in [Section 2 of the Convention pertaining to procedural law] are subject to conditions and safeguards” provided under the domestic law of each signatory country. These domestic laws and procedures shall include conditions or safeguards, which may be provided constitutionally, legislatively, judicially or otherwise. The modalities should include the addition of certain elements as conditions or safeguards that balance the requirements of law enforcement with the protection of human rights and liberties. As the Convention applies to Parties of many different legal systems and cultures, it is not possible to specify in detail the applicable conditions and safeguards for each power or procedure.[82] Parties shall ensure that these conditions and safeguards provide for the adequate protection of human rights and liberties. There are some common standards or minimum safeguards to which Parties to the Convention must adhere. These include standards or minimum safeguards arising pursuant to obligations that a Party has undertaken under applicable international human rights instruments.[83] These instruments include the 1950 European Convention for the Protection of Human Rights and Fundamental Freedoms and its additional Protocols No. 1, 4, 6, 7 and 12 (ETS N°s 005, 009, 046, 114, 117 and 177), in respect of European States that are Parties to them. It also includes other applicable human rights instruments in respect of States in other regions of the world (e.g. the 1969 American Convention on Human Rights and the 1981 African Charter on Human Rights and Peoples’ Rights) which are Parties to these instruments, as well as the more universally ratified 1966 International Covenant on Civil and Political Rights. In addition, there are similar protections provided under the laws of most States.[84]
Article 19 of this Convention aims at modernising and harmonising domestic laws on search and seizure of stored computer data for the purposes of obtaining evidence with respect to specific criminal investigations or proceedings.[85] Any domestic criminal procedural law includes powers for search and seizure of tangible objects. However, in a number of jurisdictions stored computer data per se will not be considered as a tangible object and therefore cannot be secured on behalf of criminal investigations and proceedings in a parallel manner as tangible objects, other than by securing the data medium upon which it is stored.[86]
The aim of this article is to establish an equivalent power relating to stored data which is contained either within a computer system or part of it (such as a connected data storage device), or on an independent data storage medium (such as a CD-ROM or diskette).
To strike a balance between privacy and security in cyberspace, article 8 of the European Convention on Human Rights and Fundamental Freedoms gives a right to respect for a citizen’s private life, his home and his correspondence. But the flexible notion of “respect” is informed by the interests of national security, public safety, the economic well-being of the country, prevention of disorder and crime.[87] Protection of public morals and the rights and freedoms of others. In the U.S.A. for example, there is no express right to privacy guaranteed by the Constitution. There, the recognition of the need for citizens to be able to communicate anonymously is derived from the right to speak freely, to dissent and criticize.[88]
Clear guidelines seem only to exist in the political context. Commercial interests are accorded reduced protection. There is no equivalent of the express reference to the economic well-being of the country as exists in the European Convention on Human Rights and Fundamental Freedoms.[89] It may be that the market will regulate itself. That may be trough compromising or the “spending” of privacy which becomes tantamount to an asset. The countervailing benefit is some form of financial gain. The market may also regulate itself through a professional body or association. For example, Yahoo! has policies that allow it to reveal the identities of its users when the service provider is subpoenaed, subjected to court orders or involved in a legal process.[90] The fact that these companies can and will identify Internet users when asked by a court to do so forces courts to decide whether to protect the anonymity of Internet users sued for crimes or require their identity to be revealed in order to have a more easily administered crime lawsuit. But here, as illustrated by Carr, [91] in connection with the Internet Watch Foundation, a private association may effectively block the door to the Internet or restrict permissible activities in the absence of any public debate or even in direct opposition to public demand. The danger of this sort of private intervention is that it may often occur because the trade body concerned fears government regulation. The government is able to abdicate its responsibilities in a politically unproductive or dangerous area by permitting a form of delegated legislation while avoiding any accountability.[92]
Yet fundamental to the regulation of anonymous Internet activity is the recognition that communication is not “geographically contained”. The nature of the medium dictates that the prevention of cybercrime for example, must be accompanied by a degree of international cooperation that has not so far been possible to attain in other contexts. Not only is it difficult, owing to political, cultural differences, to reach an international consensus on a list of alleged crimes that would justify a co-ordinated approach in their detection, but the process is further exacerbated by wide dissemination of evidence, the transient nature of much of the evidence and a trail that quickly turns cold. According to Sims,[93] various procedural means are available in common law countries to gain the courts’ assistance in breaking through identity barriers. Yet these methods can be hampered by a lack of formalized transitional co-operation.
The nature of cyberspace is not only a problem in securing a uniform approach to onlineanonymity.
Howells and Edwards argue that anonymity give an unfair advantage to lobby or interest groups who are able to band together and thereby to focus attention on influencing legal developments to their advantage at the expense of less cohesive or numerically manageable interests such as consumers. Ironically, it is consumers who are the major driving forces in the growth of e-commerce. Yet surveys have shown that they have little confidence in the medium, an attitude that is, perhaps, disproportionately affected by invasions of privacy such a spam and junk mail which, whilst they do little economic harm, can cause huge annoyance.
5 – THE CASE LAW
In the last few years, Internet libel suits involving anonymous statements have begun cropping up in courtrooms across the USA.94 The two notable cases discussed below exhibit different approaches to solving the problems presented by anonymous libel on the Internet.
One seems to provide a satisfying solution while the other creates practical problems that undermine the tort of defamation all together.[95]
Melvin v. Doe
In November 2000, the Court of Common Pleas of Allegheny County, PA, held that if the plaintiff could prove the identity of defendant was “ (1) material, relevant, and necessary, (2) cannot be obtained by alternative means, and (3) is crucial to plaintiff’s case,” the First Amendment would not protect the anonymity of the defendant.[96] In Melvin v. Doe, an unknown person published statements on a website that accused a local judge of political activity that was inappropriate for a judge in her position.[97] The plaintiff sued the unknown speaker for defamation and tried to obtain his identity during discovery.[98] The defendant petitioned the court for a protective order that would prevent this discovery. However, the order was denied.[99] The court reasoned that a state’s interest in discouraging defamatory statements about public officials by traditional media extended to statements made on the Internet. It held that because of this interest, there was no absolute immunity for Internet speakers with regard to the defamation tort.[100] The court then applied the three-part test discussed above to the request for the speaker’s identity.[101] Without much discussion about the test’s application to the specific facts of the case, the court held that the plaintiff’s interest outweighed the defendant’s, and the protective order should be denied.
The Ampex case
While the Melvin case was decided in 2000, more recently, a judge in California took a different approach to the Internet anonymity question.[102] The Contra Costa County Superior Court ruled that plaintiffs in libel actions must prove that the allegedly libellous statement is in fact libellous before the identity of the speaker will be revealed.[103] In this case, the plaintiff, Ampex, asked the judge to reveal the identity of an Internet speaker who posted anonymous messages about the company and its executives. Ampex claimed the messages were defamatory and said it needed the identity of the speaker so the lawsuit could proceed.[104] The judge rejected this request and gave Ampex a week to prove the statements were libellous before the plaintiff could obtain the speaker’s identity.[105]
6 – CONCLUSIONS
This article aimed to explore and analyze anonymity in cyberspace. It shows that there is no definite guideline to determine the boundaries of anonymity and interests that determine whether and to what extent limitations on anonymity are required or not. It shows that limitations on anonymity...
Add comment Email to a Friend