The Commission on the Theft of American Intellectual Property has creating a bit of a buzz with an 89 page report that has been submitted to the US Congress. The report talks about proposals for anti-piracy measures, and the one method that stands out is the consideration for the use of government-sanctioned malware and rootkits.
The proposal basically talks about legalising the use of malware and rootkits among others, so that companies can punish people who they believe are copying content illegally. The method stated is to load software onto computers that will somehow figure out if the user is a pirate, and if found guilty, will lock the computer up and take the user’s files as hostage. This is an infamous way in which hackers work; it is called ransomware.
According to studios and publishers out in the market who are running huge losses due to intellectual losses, piracy stands as a huge problem for both jobs and the economies. They also point out that there is no real way to combat the same within the current framework of the US constitution.
The IP theft commission proposes the use of government-sanctioned malware to catch pirates… (photo credit: variety)
Ransomware has in the past seen a lot of use by organised crime and criminals as a method of extortion. Now, the commission is considering the same, saying in the report that “IP theft” to the tune of “hundreds of billions of dollar per year” severely compromises the US economy, and there must be various methods considered to fight it, including the covert installation of spyware. Thus, if the malware detects the illegal copying of content, it will shut the user’s system down, and ask either for a monetary penalty, or a password which users can only get from their local authorities.
The worrisome fact is that whether you are a pirate of not, the malware will be installed on your computer, discreetly keeping an eye on everything you get off the Internet. And it will be within the rights of the relevant authorities to approve or disapprove what your actions are and whether you can be penalised for the same.
While the report also puts in a disclaimer saying that it is not recommending these measures at this point in time, because there is no legal precedent and they are concerned about innocent third parties becoming collateral damage, the thought of legally used ransomeware has been put.
The report talks about assessing the current law framework, with authorities being given the leeway to use “threat-based deterrence systems that operate at network speed against authorised intrusions into national security and critical infrastructure networks.” Evidently, this also includes cracking down on peer to peer platforms where movies, music or any other content can be found.
Another point that is worrisome is another part of the report which talks about the companies having the legal ability to access a pirate’s server. As stated in the report, companies should be allowed access” without damaging the intruder's own network, companies that experience cyber theft ought to be able to retrieve their electronic files or prevent the exploitation of their stolen information.”
But the most important, and potentially the scariest point of the report, remains the commission’s thought on deploying malware, which the report states in its conclusion. Whether this takes root in the near future is a decision that may have far reaching consequences.