Thursday, November 29, 2007

New cyber crime law


If the Bangkok Post is to be believed, internet users in Thailand can expect to loose their anonymity in most cases of online surfing at internet cafes. Look at this excerpt on the new cyber crime law:

The new law requires all Internet access providers to keep a log for 90 days. An access provider can include a company that allows its employees to access the Internet or even a dormitory or coffee shop that does the same. Darun explained that while the law seemed to be open ended, calling for "any relevant information", in practice what it meant was that as long as a name could be provided to match an action, that would be enough.

He said that a network administrator keeping details of MAC addresses (hardware serial numbers associated with a network card) is useless if he cannot provide a name to that address.

"The idea is that people will be protected, but in return, you need to identify yourself. These are the rules you will have to follow for us to protect everyone in society," he said.

For a small organisation, the logs could even be a paper log with people signing in with their ID card details, but the ICT Ministry has been asked to create a standard piece of software to capture this information and distribute it to all cyber cafes and companies to use free of charge. Today if someone uses an Internet access point and the shopkeeper does not take down the name of the user, then the access provider is breaking the law.

It is not just access but all Internet services will need to keep a log with the name of whoever is transacting. This means a web board needs to keep names of anyone who posts a comment, an FTP server needs to keep names of anyone who uploads files and an email provider needs to be able to match emails and names.

Darun suggested that email logs should keep only headers and names and not the content because if the private content is leaked, it would open up the email provider to legal action.

Labels:

0 Comments:

Post a Comment

<< Home