The Commission on the Theft of American Intellectual Property has submitted a report to Congress containing a set of policy recommendations to combat the international theft of American intellectual property (IP). Some recommendations have raised public concerns, however, as they endorse the use of tactics used by cyber-criminals.
Among these recommendations the commission suggests that a form of malware known as ransomware be employed to recognise when IP theft is taking place and seize control of the perpetrator’s files and/or computer. The user would then only be able to regain access to their computer once they have turned themselves into the authorities:
Software can be written that will allow only authorized users to open files containing valuable information. If an unauthorized person accesses the information, a range of actions might then occur. For example, the file could be rendered inaccessible and the unauthorized user’s computer could be locked down, with instructions on how to contact law enforcement to get the password needed to unlock the account. Such measures do not violate existing laws on the use of the Internet, yet they serve to blunt attacks and stabilize a cyber incident to provide both time and evidence for law enforcement to become involved.
Furthermore the commission recommends US law be amended to allow access to someone’s computer so stolen information can be “actively” retrieved or an individual’s own computer camera system can be used to photograph them when engaging in IP theft, and physically disable or destroy the hacker’s computer and/or network:
While not currently permitted under U.S. law, there are increasing calls for creating a more permissive environment for active network defense that allows companies not only to stabilize a situation but to take further steps, including actively retrieving stolen information, altering it within the intruder’s networks, or even destroying the information within an unauthorized network. Additional measures go further, including photographing the hacker using his own system’s camera, implanting malware in the hacker’s network, or even physically disabling or destroying the hacker’s own computer or network.
Boing Boing have likened the commission’s findings to the Stop Online Piracy Act (SOPA), which last year led to Wikipedia shutting down for 24 hours and online activist Anonymous staging attacks against the FBI and Universal Music, amongst others, in a sign of protest.
The Commission on the Theft of American Intellectual Property is a bipartisan and independent
initiative comprised of Americans from the private sector, politics, academe, and public service in national security.
(via Boing Boing)