Abstract
As previously mentioned, the Internet users’ intentions to stay anonymous in the Internet are manifold and range from legal to a wide range of illegal reasons.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
See Chap. 3.
- 2.
Pseudonymity is characterized by the use of a false name and for the most part eventuates in anonymity; see Sect. 1.1.
- 3.
- 4.
See Chap. 2, footnote 6.
- 5.
See exemplary attacks of “Anonymous” vs. Stratfor, Sect. 2.1.3.
- 6.
See Sect. 4.3.
- 7.
See Sect. 4.5.
- 8.
United States—Measures affecting the cross-border supply of gambling and betting services (US—Gambling), WT/DS285/R, Panel Report, para 6.467.
- 9.
Id. para 6.465.
- 10.
China—Measures affecting trading rights and distribution services for certain publications and audiovisual entertainment products, WT/DS363/R, Panel Report, para 7.763.
- 11.
US—Gambling, supra note 9, para 6.468.
- 12.
See Sect. 3.1.3.1.
- 13.
See Chap. 3.
- 14.
The group of appellants consists of a journalist, an active politician and two associates of a law firm (German Federal Constitutional Court 2008: Sects. 116–118) who blamed a personality right violation, precisely a violation of the fundamental right in confidentiality and integrity of information technology systems, also referred to as “right to online privacy” or “computer confidentiality and integrity right” (Weber 2011a, p. 128); for an evaluation of this decision see Weber 2008, pp. 94–97.
- 15.
See Chap. 3, footnote 8.
- 16.
ECHR: Autronic AG vs. Switzerland, judgment of 22 May 1990, No. 17/1989/175/231, § 57; Rekvényi vs. Hungary, judgment of 20 May 1999, No. 25390/94, § 34.
- 17.
ECHR, The Sunday Times I vs. The United Kingdom (Series A No. 30), judgment of 26 April 1979, §§ 54 ss.
- 18.
ECHR: Handyside vs. The United Kingdom, judgment of 7 June 1976, No. 5493/72, § 46; The Sunday Times I vs. United Kingdom (Series A No 30), judgment of 26 April 1979, § 59; The Observer and Guardian vs. The United Kingdom, judgment of 26 November 1991, No. 13585/88, § 59; Krone Verlag GmbH & Co. KG vs. Asustria, judgment of 26 February 2002, No. 34315/96, § 34.
- 19.
ECHR, Dichand and Others vs. Austria, judgment of 26 February 2002, No. 29271/95, § 1.
- 20.
ECHR: The Observer and Guardian vs. The United Kingdom, judgment of 26 November 1991, No. 13585/88, § 59; Thoma vs. Luxembourg, judgment of 29 March 2001, No. 38432/97, § 43; Perna vs. Italy, judgment of 25 July 2001, No. 48898/99, § 38.
- 21.
Non-consensual “searches” of a person are illegal unless authorized by law, i.e. by legislation or as a matter of common law, comp. Jackson 2011: 21.082.
- 22.
Human Rights Committee, International Covenant on Civil and Political Rights, 102nd Session, 12 September 2011, CCPR-C-GC/34, No. 23.
- 23.
ECHR: Kegan vs. Irland, judgment of 26 May 1994, No. 16969/90, § 49; McGinley and Egan vs. The United Kingdom, judgment of 9 June 1998, No. 10/1997/794/995–996, § 98; Guerra and Others vs. Italy, judgment of 19 February 1998, No. 14967/89, § 58; Christine Goodwin vs. The United Kingdom, judgment of 11 July 2002, No. 28957/95, §§ 71/2; compare also Weber and Sommerhalder 2007, p. 97.
- 24.
ECHR, Appleby and Others vs. The United Kingdom, judgment of 6 May 2003, No. 44306/98, § 39/40.
- 25.
ECHR, Appleby and Others vs. The United Kingdom, judgment of 6 May 2003, No. 44306/98, § 40.
- 26.
For more detailed information regarding the enforcement of copyright see Sect. 4.5.
- 27.
The four other spaces are land, sea, air and outer space.
- 28.
See homepage of the ITU, overview.
- 29.
HLEG Global Strategic Report 2008, http://www.itu.int/osg/csd/cybersecurity/gca/docs/global_strategic_report.pdf.
- 30.
The five work areas are legal measures, technical and procedural measures, organisational structures, capacity building and international cooperation, see supra note 30.
- 31.
The ITU launched the Child Online Protection Initiative together with several UN agencies. The initiative’s key objectives are among others the identification of risks to children in cyberspace, the creation of awareness and the development of practical tools for minimizing risks; see http://www.itu.int/osg/csd/cybersecurity/gca/cop/.
- 32.
The ITU considered the collaboration as “the world’s first comprehensive alliance against cyberthreats”; see speech by ITU Secretary-General Dr Hamadoun I. Touréhttp, opening ceremony of the WSIS Forum, 16 May 2011, http://www.itu.int/en/osg/speeches/Pages/2011-05-16.aspx.
- 33.
The Additional Protocol to the Convention on Cybercrime was adopted by the Council of Europe Committee of Ministers on 7 November 2002, open also to non-CoE-countries.
- 34.
States having ratified the Additional Protocol are requested to criminalize the dissemination of racist and xenophobic material and xenophobic-motivated threats and results through computer systems.
- 35.
Schjølberg and Ghernaouti-Hélie 2009 with a detailed proposal for a preliminary Model Law on Cybercrime Legislation based on the recommendations that were adopted in a broad agreement by the global High-Level Experts Group on Cybersecurity (for HLEG see 4.3.2.2), and recommendations on additional provisions due to the technological development since 2001.
- 36.
For more details regarding the U.S. Supreme Court’s standpoint regarding the relationship between the First Amendment and defamation see Solove 2007, p. 125.
- 37.
See Sect. 2.2 .
- 38.
Fraud and counterfeiting of non-cash means of payment often operate on an international scale.
- 39.
Claiming to be the “largest European hacker club” (CCC 2011a), the German hacker association CCC founded in Berlin, Germany, in 1981 and based in Germany and other German-speaking countries assesses itself as a mediator between the poles of technical and social development. According to its preamble, the CCC urges for the appreciation of the right to a worldwide, unhampered information exchange as being a human right since within today’s information society living and working without Internet access is almost inconceivable (CCC 2011b). Furthermore, the CCC stands up for more transparency in governments, freedom of information and fights for everyman’s right for free universal access to computers and technological infrastructure. The political activities of the Chaos Computer Club bear on the revelation of shortcomings and the disclosure of security loopholes, partially by intentionally breaking through existing safety appliances as undertaken in 1996 by demonstrating an attack against Microsoft’s ActiveX technology.
- 40.
Even though this description is misleading since the Greeks finessed the Trojans and not vice versa.
- 41.
As for instance applications that pretend to be antivirus programs.
- 42.
See R. Moir, Defining Malware: FAQ, 1 October 2003, http://technet.microsoft.com/en-us/library/dd632948.aspx.
- 43.
Trojan horses are often sent to a computers via email to legitimate users of the system.
- 44.
The often used term lawful interception, also referred to as wiretapping, directly at the source (“source wiretapping”) (CCC 2011a) of the communication, describes the monitoring of a suspect’s Internet telephony by accessing to one of the end-devices involved using Trojan horse software. By definition, this procedure can only be used for wiretapping Internet telephony; the solely usage for conducting a lawful interception has to be enforced by appropriate technical and legal means (CCC 2011a). Moreover, for the protection of the overheard person’s human rights, the conduct of a lawful interception requires a warrant; the Global Lawful Interception Industry Forum lists many of these different legislations, as does the Council of Europe secretariat. For example, in the United Kingdom the law is known as RIPA (Regulation of Investigatory Powers Act) and in the United States there is an array of federal and state criminal law, in particular the Communications Assistance for Law Enforcement Act (CALEA).
- 45.
See supra note 36.
- 46.
The investigated Trojan was developed by the company DigiTask; see exemplary Rosenbach, Stark and Winter 2011.
- 47.
The software in question was used by various state officials, see exemplary Rosenbach Stark and Winter 2011; German news agency 2011.
- 48.
The term “Bundestrojaner” is colloquially used to describe the government malware concept (CCC 2011a). The software is also referred to as R2D2, see exemplary: http://cetatti.com/blog/2011/10/german-officials-admit-to-using-r2d2-trojan-to-spy-on-citizens/.
- 49.
Telephone calls made by using the software application “Skype” to a recipient simultaneously using the application “Skype” are free of charge. Additionally, “Skype” enables its users to do instant messaging, to transfer files and to do videoconferencing over the Internet.
- 50.
See supra note 45.
- 51.
Beyond that the Bundestrojaner is said to be capable of monitoring traffic from 15 programs, see Constantin 2011.
- 52.
The command and control server is located on an IP address belonging to the provider Web intellects in Columbus, Ohio; (CCC 2011c, p. 3).
- 53.
Hence, the networks remote control and tempering by third parties cannot be precluded; (CCC 2011c, p. 4).
- 54.
See Sect. 4.2.2.
- 55.
The German Code of Criminal Procedure (StPO).
- 56.
For accomplishing lawful interceptions and online surveillances.
- 57.
In November 2011, German authorities discovered a neo-Nazi terror cell in Germany.
- 58.
The National Democratic Party of Germany is a far-right political party in Germany.
- 59.
- 60.
See Tschentscher 2011 and miscellaneous online contributions exemplary: http://www.eurasiareview.com/15102011-switzerland-law-enforcement-admits-use-of-spy-software/ and http://worldradio.ch/wrs/news/wrsnews/switzerland-admits-using-spy-software~print.shtml.
- 61.
The Swiss Federal Council implemented the revised Regulation on the Surveillance of Post and Telecommunications Traffic starting January 1, 2012, see http://www.admin.ch/aktuell/00089/index.html?lang=de&msg-id=42332.
- 62.
See Sect. 4.4.1.2.
- 63.
See supra note 45.
- 64.
Commonly a warrant is needed to accomplish a lawful interception or online search.
- 65.
See Sect. 4.3.3.
- 66.
Article 19: Search and seizure of stored computer data.
- 67.
See Sect. 2.2.
- 68.
In recent years a number of attorneys specialized on copyright law whereby the dispatch of cease-and-desist letters increased.
- 69.
The purpose of “Kino.to” was to collect links to attractive audiovisual content and to promote these links at the website next to advertisements. These advertisements to a great extent contained illegal material themselves, such as links to destructive software or deceptive web services; for further details see Moeller 2011.
- 70.
“Megaupload.com” is led by Kim Dotcom, formerly known as Kim Schmitz or Kim Tim Jim Vestor, a German entrepreneur living in Auckland, New Zealand, and having his place in business in Hong Kong.
- 71.
See supra note 20.
- 72.
Anonymous’ “operation payback” describes a decentralized and coordinated group of attacks on opponents of Internet piracy and pro-copyright organisations starting in 2010.
- 73.
See Sect. 2.1.3.
- 74.
LOIC is an open source network stress testing and denial-of-service attack application.
- 75.
The subsequent passage is partly based on Weber 2011c.
- 76.
The business model of Logistep AG, a Swiss enterprise, consists in collecting IP addresses of Internet users who participate in P2P networks and make available works, protected by Copyright Law, to third persons without having the copyright holder’s permission. Acting (at least indirectly) on behalf of the right holders Logistep delivers the respective IP addresses to the prosecutors in criminal proceedings enabling them to request from the relevant Internet Service Providers the disclosure of the name of the respective Internet participant; for more detailed information see Weber 2011b.
- 77.
In that case both static and dynamic IP addresses were qualified as personal data.
- 78.
See Sect. 2.2.2.
- 79.
See Sect. 4.3.3.
References
Austrian Federal Ministry of Justice (2008) Final report of the Austrian working group on online surveillance. 9 April 2008. http://www.webinformation.at/material/AG_OnlineDurchsuchung_Endbericht.pdf. Accessed 31 Jan 2012
Barlow JP (1996) A declaration of the independence of cyberspace. 9 February 1996. http://w2.eff.org/Censorship/Internet_censorship_bills/barlow_0296.declaration. Accessed 31 Jan 2012
Berne Court of Appeal (2011) Decision of 22 March 2011. Canton of Berne. http://www.grundrechte.ch/2011/og_bk_11_9. Accessed 31 Jan 2012
Bobi E (2011) Trojanische Sitten: Der Bundestrojaner wurde ohne rechtliche Grundlage eingesetzt. profil online. 22 October 2011. http://www.profil.at/articles/1142/560/310153/bundestrojaner-trojanische-sitten. Accessed 31 Jan 2012
Braun F, Roggenkamp JD (2011) 0zapftis—(Un)Zulässigkeit von “Staatstrojanern”. Kommunikation Recht 11:681–686
Chaos Computer Club (2011) Chaos computer club analyzes government malware. 8 October 2011. http://ccc.de/en/updates/2011/staatstrojaner. Accessed 31 Jan 2012.(CCC 2011a)
Chaos Computer Club (2011) Bylaw. http://www.ccc.de/en/satzung. Accessed 31 Jan 2012. (CCC 2011b)
Chaos Computer Club (2011) Analyse einer Regierungs-Malware. 8 October 2011. http://www.ccc.de/system/uploads/76/original/staatstrojaner-report23.pdf. Accessed 31 Jan 2012. (CCC 2011c)
Chaos Computer Club (2011) Chaos computer club analyzes new German government spyware. 26 October 2011. http://www.ccc.de/en/updates/2011/analysiert-aktueller-staatstrojaner. Accessed 31 Jan 2012. (2011d)
Chaos Computer Club (2011) 0zapftis—Teil 2, Analyse einer Regierungs-Malware: Drei Jahre sind in der IT eine wirklich lange Zeit. 26 October 2011. http://www.ccc.de/system/uploads/83/original/staatstrojaner-report42.pdf. Accessed 31 Jan 2012. (CCC 2011e)
Chaos Computer Club (2011) Chaos computer club analysiert aktuelle Version des Staatstrojaners. 26 October 2011. http://www.ccc.de/de/updates/2011/analysiert-aktueller-staatstrojaner. Accessed 31 Jan 2012. (CCC 2011f)
Cottier T, Delimatsis P, Diebold NF (2008) Article XIV GATS. In: Wolfrum R, Stoll PT, Feinäugle C (eds) WTO—Trade in services. Martinus Nijhoff Publishers, Leiden and Boston
Council of Europe (1950) European convention for the protection of human rights and fundamental freedoms. 4 November 1950. http://conventions.coe.int/treaty/Commun/QueVoulezVous.asp?NT=005&CL=ENG. Accessed 31 Jan 2012
Council of Europe (2004) Convention on cybercrime. 23 Nov 2001. http://conventions.coe.int/Treaty/Commun/QueVoulezVous.asp?NT=185&CM=8&DF=02/06/2010&CL=ENG. Accessed 31 Jan 2012
Council of Europe (2006) The additional protocol to the convention on cybercrime, concerning the criminalization of acts of a racist and xenophobic nature committed through computer systems. http://conventions.coe.int/treaty/Commun/QueVoulezVous.asp?NT=189&CL=ENG. Accessed 31 Jan 2012
Council of the European Union (2001) Council framework decision of 28 May 2001 combating fraud and counterfeiting of non-cash means of payment. http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2001:149:0001:0004:EN:PDF. Accessed 31 Jan 2012
Council of the European Union (2005) Council framework decision 2005/222/JHA of 24 February 2005 on attacks against information systems. http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2005:069:0067:0071:EN:PDF. Accessed 31 Jan 2012
Council of the European Union (2008) Amendment of the framework decision on combating terrorism. 18 April 2008. http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/08/255. Accessed 31 Jan 2012
European Parliament (1995) Directive 95/46/EC of the European parliament and of the council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on free movement of such data. http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:1995:281:0031:0050:EN:PDF. Accessed 31 Jan 2012
Federal Assembly of the Swiss Confederation (2000) Federal Law on the surveillance of post and telecommunications traffic. SR780.1. http://www.admin.ch/ch/d/sr/780_1/index.html. Accessed 31 Jan 2012
Federal Constitution of the Swiss Confederation (1999) SR 101. http://www.admin.ch/ch/e/rs/101/index.html. Accessed 31 Jan 2012
Fontana K (2011) Enge Grenzen für “Trojaner”. Neue Zürcher Zeitung. No. 275. 24 Nov 2011: 12
Gercke M (2011) 10 years convention on cybercrime: achievements and failures of the council of europe’s instrument in the fight against internet-related crimes. Comput Law Rev Int 5:142–149
German Federal Constitutional Court (2008) 1 BvR 370/07, 1 BvR 595/07. 27 February 2008. http://www.bverfg.de/entscheidungen/rs20080227_1bvr037007.html. Accessed 31 Jan 2012
Graham J, Howard R, Olson R (eds) (2011) Cyber security essentials. Auerbach Publications, Boca Raton
High-Level Experts Group (HLEG) (2008) Report of the chairman of HLEG. 3 September 2008. http://www.itu.int/osg/csd/cybersecurity/gca/docs/Report_of_the_Chairman_of_HLEG_to_ITU_SG_03_sept_08.pdf. Accessed 31 Jan 2012
Horwitz S, Kang C (2012) Federal indictment claims popular Web site Megaupload.com shared pirated material. The Washington Post. 20 January 2012. http://www.washingtonpost.com/business/economy/federal-indictment-claims-popular-web-site-shared-pirated-material/2012/01/19/gIQA4rDwBQ_print.html. Accessed 31 Jan 2012
International Telecommunication Union (ITU) (2007) Global cybersecurity agenda: framework for international cooperation in cybersecurity. http://www.ifap.ru/library/book169.pdf. Accessed 31 Jan 2012
Jackson M (2011) Right to privacy, unlawful search and surveillance. In: Chan J, Lim CL (eds) Law of the Hong Kong constitution. Sweet and Maxwell, Hong Kong
Moore R (2011) Cybercrime: investigating high-technology computer crime, 2nd edn. Anderson Publishing, Burlington
Munin N (2010) Legal guide to GATS. Kluwer Law International, The Netherlands
Ralph T (2012) Hacker collective anonymous shuts down department of justice website, among others. GlobalPost. 19 January 2012. http://www.globalpost.com/dispatch/news/business-tech/technology-news/120119/anonymous-hacks-DOJ-universal-websites-megaupload. Accessed 31 Jan 2012
Rosenbach M, Stark H, Winter S (2011) The shady past of Germany’s Spyware. Spiegel online international. 17 October 2011. http://www.spiegel.de/international/germany/0,1518,792276,00.html. Accessed 31 Jan 2012
Ryga BM (1995) Cyberporn: Contemplating the first amendment in cyberspace. Seton Hall Const Law J 6:221–223
Schaffner D (2011) Sommaruga setzt der Überwachung im Internet nun Grenzen. Tagesanzeiger. 24 Nov 2011: 4
Schefer M (2001) Die Kerngehalte von Grundrechten: Geltung, Dogmatik, inhaltliche Ausgestaltung. Stämpfli, Berne
Schjølberg S, Ghernaouti-Hélie S (2011) Potential new global legal mechanisms on combating cybercrime and global cyberattacks. A presentation at the ISPAC International Conference on Cybercrime: Global Phenomenon and its Challenges. 2–4 December 2011. http://cybercrimelaw.net/documents/ISPAC.pdf. Accessed 31 Jan 2012
Solove DJ (2007) The Future of Reputation: Gossip, Rumor, and Privacy on the Internet. Yale University Press, New Haven
Swiss Federal Council (2001) Regulation on the surveillance of post and telecommunications traffic. SR.780.11. http://www.admin.ch/ch/d/sr/780_11/index.html. Accessed 31 Jan 2012
Swiss Federal Court (2010) Decision of 8 September 2010. http://jumpcgi.bger.ch/cgi-bin/JumpCGI?id=08.09.2010_1C_285/2009. Accessed 31 Jan 2012
Swiss Federal Data Protection Commissioner (2010/2011) Progress report 18: revision of the federal law on the surveillance of post and telecommunications traffic. http://www.edoeb.admin.ch/dokumentation/00445/00509/01732/01753/index.html?lang=de. Accessed 31 Jan 2012
Tschentscher A (2011) Computer-Grundrecht gegen “Staatstrojaner”. Neue Zürcher Zeitung. 9 Nov 2011: 21
United Nations (1966) International covenant on civil and political rights. 16 December 1966. http://www2.ohchr.org/english/law/ccpr.htm. Accessed 31 Jan 2012
United States Department of Justice (2012) Justice department charges leaders of megaupload with widespread online copyright infringement. Office of Public Affairs. 19 January 2012. http://www.justice.gov/opa/pr/2012/January/12-crm-074.html. Accessed 31 Jan 2012
Weber RH, Sommerhalder M (2007) Das Recht der personenbezogenen Information. Schulthess/Nomos, Zurich
Weber RH (2008) Grundrecht auf Vertraulichkeit und Integrität. Digma 2:94–97
Weber RH (2009) Internet governance: regulatory challenges. Schulthess, Zurich
Weber RH (2011a) The right to be forgotten: more than a Pandora’s Box? J Intellect Property Inf Technol E-Commer Law 2:120–130 (Weber 2011a)
Weber RH (2011b) Switzerland: private use of discovery software for IP addresses. Comput Law Rev Int 6:191–192 (Weber 2011b)
Weber RH (2011c) Legality of IP-address discovery software—Logistep. Comput Law Rev Int 1:28–29 (Weber 2011c)
Weber RH, Wolf CA, Heinrich UI (2012) Neue Brennpunkte im Verhältnis von Informationstechnologien, Datensammlungen und flexibilisierter Rechtsordnung. Jusletter. 12 March 2012. http://jusletter.weblaw.ch/article/de/_10019. Accessed 11 April 2012
Wildhaber L, Breitenmoser S (1992) Art. 8 EMRK. In: Golsong H, Karl W (eds) Internationaler Kommentar zur Europäischen Menschenrechtskommission. Commentary. Carl Heymanns Verlag, Cologne
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2012 The Author(s)
About this chapter
Cite this chapter
Weber, R.H., Heinrich, U.I. (2012). Limitations of Anonymization. In: Anonymization. SpringerBriefs in Cybersecurity. Springer, London. https://doi.org/10.1007/978-1-4471-4066-5_4
Download citation
DOI: https://doi.org/10.1007/978-1-4471-4066-5_4
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-4471-4065-8
Online ISBN: 978-1-4471-4066-5
eBook Packages: Computer ScienceComputer Science (R0)