Both Congress and the courts have always played catch up with Internet crime, from credit-card theft to child porn. The fast pace of new Web software provides a challenge to slow-moving law. The latest example: a court order against Web giant Google.
Google Inc. hasn't committed a crime, but it did argue before a federal judge in recent days that it should not be ordered to turn over some general information about personal search logs to the Department of Justice. Federal investigators say they need the information to help make a case that Web porn is a threat to children. On Tuesday, a federal judge sided with the government.
Google has warned that, despite its huge database of information on users, it cannot go down "the slippery slope" of letting government mine that data for possible crimes, both for the sake of customer privacy and to keep its technology secret.
The case points up the public's contrary expectations about the Internet: Americans want this information highway to be private, but they also want government to have enough access to it to protect them, and society at large, from criminal acts. The very nature of the Internet as a loose, private affiliation of cooperating computer networks - unlike, say, a public highway - can make it a legal twilight zone. Finding a balance between Internet privacy and protection isn't always clear in current law or to lawmakers who must quickly write new laws.
And yet cybercrime is now considered a greater worry than physical crime among US businesses, according to a new IBM survey. Nearly 9 out of 10 companies experienced a computer security incident in 2005, the FBI has found, with viruses, computer theft, and other such crimes costing US firms more than $67 billion a year. And the latest worry to individual PC owners is a type of "spyware" that can remotely follow a person's keystrokes to steal a password or other vital information.
Google itself is quite aware of potential abuse by new software, and how much governments, from Washington to Beijing, want to control or snoop on Google users.
It is primarily up to Congress to pass new laws that can provide the tools to fight cybercrime while also balancing privacy concerns. One pending bill would provide national standards for companies to notify customers if personal data on their computers has been breached. About half the states have such laws. Another bill would provide protection against spyware intrusion on PCs.
With cybercriminals now increasingly operating outside the US, the Senate also needs to pass the Convention on Cybercrime in order to be a global leader in fighting this problem. The treaty, which would not require any new US laws, became international law in 2004. Ratification would help the FBI better coordinate with other countries in tracking and prosecuting cybercriminals, but final passage has mysteriously been held up by two senators.
The Internet's benefits should not be hindered by public fear of crime or by lax law enforcement against cybercriminals. Internet privacy is best protected if government can quickly react to each new criminal intrusion, and thus avoid a broader government hand in the Web.