An Information Security Place

Here’s another law (trying to get passed in New York) to try to stop sex offenders from getting on social networking sites, and in particular those sites where they might contact minors.  I haven’t seen the bill yet, but from what I am reading, it is essentially useless.  Just like all of these laws, it is really just political posturing.

Here are some of the details I have:

• The bill is called E-STOP, which stands for Electronic Security and Targeting of Online Predators Act (very witty). 
• According to InformationWeek, the bill “requires paroled sex offenders to submit their e-mail addresses and online identities to a central registry that will be used to deny them access to social networking sites. The bill also would forbid sex offenders, on parole or probation, from communicating online with anyone under the age of 18 if the offender is classified level 3 (high-risk of re-offending) or if the offender’s crime involved the Internet or a minor.”
• According to cnet: “It would be a violation of parole for a convicted sex offender to change e-mail addresses without notifying authorities within five days.”

So from those last two points, we see that sex offenders must register their email, online ID’s etc., then the sites will deny access based on that database.  And also, it is a violation of parole if they CHANGE their email and don’t notify authorities within five days. 

First, notice the all caps above.  I sincerely hope there is a provision for adding emails and not just changing emails.  Second, it really doesn’t matter anyway because a criminal is a criminal.  If they are not reformed, then they are going to continue to do what they do.  Drug dealers BREAK laws.  Car thieves BREAK laws. And sex offenders BREAK laws.

I applaud the fact that this law is trying to be proactive and will probably stop a few people.  But for the most part, this is useless.  Sex offenders are going to get around this easily.  It is just too simple to fake your ID on the web.  But politicians have to justify their paycheck, so this won’t stop anytime soon.

Vet

I just wrote a post over at Computerworld entitled The Security of Web 2.0 - an Oxymoron. Then I find this story about Senators McCain and Schumer proposing legislation that will require sex offenders to register their IM names and email addresses. I need to read more about this bill. Like typical security legislation passed by our government, this one appears on the surface to be nothing but security theater and something else to boost Schumer and McCain’s appeal before the presidential elections.

Think about it. How difficult is it to create a different IM name or email address?

The registration provisions would make failure to notify the authorities of all e-mail addresses a felony punishable by up to 10 years in prison.

Uhhh, so? These perverts are already breaking the law and facing jail time and some serious nastiness in the big house (child molesters supposedly don’t fair well in prison - though I have no proof of that). What makes anyone think they are going to change their ways because of another law?

Don’t get me wrong. I am fully on board for catching these “people”. I have children and would unleash all hell if one of these sick, twisted individuals even came close to one of my kids. But another law on the books that effectively does nothing to help the situation is just words on paper. Just make the behavior illegal (which it is) and make the punishment such that if the perv is caught he never sees the light of day again (there are a couple of punishments that would fit that description - you decide which one is right for you).

Vet