Who should regulate the internet?

Gary McKinnon (picture Wilsha)

The discussion about the extradition to the United States of Gary McKinnon, the alleged computer hacker, provokes an interesting question of territoriality and extra-territoriality. One of the arguments put forward in his behalf is that he should be tried in the UK, not in America. (The NatWest three tried and failed with a similar argument in their own case.) If an alleged crime is committed using the internet, where should the prosecution take place?

The actions were undertaken in the UK, in that the keyboard and the mouse were based here, but the consequence of the actions was felt in America. One can see that an argument might be put forward for the supremacy of either jurisdiction.

Furthermore, there is also the possibility that a hacker did not know that the computers he was hacking were American. It would become impossible to use the internet with any legal confidence if one might, unknowingly, become subject to the law of any country that happens to be the location of a server through which internet traffic passes.

For example, what is the location of the server which hosts this blog that you are reading right now? Do you know? I don’t, and I set it up and write it. What if we suddenly found that we were in breach of the law of Yemen, or Paraguay, or Ruritania, because that’s where a server was? I would hope that Ruritanian law treated writers of blogs more generously than readers of blogs, I suppose, but we shouldn’t really be hounded by Ruritanian law at all.

But the allegation does not relate to the expression of opinions or the communication of facts but to actual criminal damage. This makes it much more akin to the actions of the Ploughshares movement, who damaged Hawk fighter jets that were due to be exported to Indonesia, than to those of Frederick Toben, the Australian who was wanted for trial in Germany on charges of posting holocaust denial material on the internet.

The acts which amount, in American eyes, to possible offences took place in the UK, but the alleged damage was done in the United States itself. In a world of national criminal jurisdictions, each country has got to be entitled to protect property against criminal damage by using the criminal law.

Imagine a hacker in a country that actually welcomes the disruption of other countries’ military computer systems and thus does not consider it a particularly serious crime. Should those other countries be required to accept that their computer systems might go effectively unprotected by the law? No, each country has to be entitled to protect its own infrastructure using its own law, but it does need to be clear which national law protects which computers (to cope with the point about not knowing that I mentioned above).

So, in the case of Mr McKinnon, one can see why the High Court reached the conclusion that it did. The concerns that have been expressed about whether Mr McKinnon would receive humane treatment or a fair trial in the US actually raise a different and perhaps more serious matter, namely whether the United States and the UK, while ostensibly fighting side by side for freedom and democracy in Afghanistan and elsewhere, still have the same ideas of freedom and democracy in mind.

About the Author