Henry Brown

Commentary from Lauren Weinstein’s blog

USA Intellectual Property Theft Commission Recommends Malware!

Oh boy. The “Commission on the Theft of American Intellectual Property” has released its long awaited report, and it’s 90 or so pages of doom, gloom, and the bizarre — including one section that had me almost literally doing a “spit-take” onto my screens while sipping my morning coffee.

I’m not going to try critique the entire report here and now. As you’d expect, it presents a dire scenario of intellectual property theft run amok, and while offering only a few words of lip service to the grossly flawed measurement methodologies that vastly overstate dollar losses in various sectors, the report instead suggests that those exaggerations are actually understatements — that the problem is far, far worse than we ever imagined. Oh, the horror. The horror.

But we expected this sort of skew to massively hyperbolize the underlying actual problems of IP theft.

What you may not have expected, however, is that the authors of this report appear to have been smoking “funny cigarettes” during its drafting. OK, we don’t know this for a fact, but it’s otherwise difficult to wrap your mind around this specific proposal in the “cyber” section of the report:

“Additionally, software can be written that will allow only authorized users to open files containing valuable information. If an unauthorized person accesses the information, a range of actions might then occur. For example, the file could be rendered inaccessible and the unauthorized user’s computer could be locked down, with instructions on how to contact law enforcement to get the password needed to unlock the account. Such measures do not violate existing laws on the use of the Internet, yet they serve to blunt attacks and stabilize a cyber incident to provide both time and evidence for law enforcement to become involved.”

Booooing! Say what? Is this the parody section of the report? Something from “The Onion” or perhaps a “Saturday Night Live” skit?

I’m afraid they’re serious. And what they’re proposing is no less than the legitimizing of a form of malware that has attacked vast numbers of Internet users, costing them immense lost time, money, and grief.