US Govt Pursue UK hacker

[Xiahou]

It's obvious that you have no idea of how computer networks work.

Really? Here I thought I worked in the IT industry, had a Bachelor's degree in Data Communications, a MCSE and a CCNA.... but it turns out I know nothing at all about networks.

I'm really not at all sure what your argument is... but it smells like a red herring. Of course its possible to 'accidently' connect to a system that you're not authorized to be on. But this clearly is not the case. He knew he was in areas that were confidential, he crashed systems and otherwise caused damage while nosing around with the specific intent to find classified information. Your argument that "He didnt know" is ludicrous. He knew what he was doing- that's not even in question.

Then, you're left with your absurd claim that if a computer is not adequately secure then there's nothing wrong with breaking in with intent to steal information. That idea is just laughable on the face of it and is very similar to the burglary and rape analogies others have made.

Just to be clear, you would see nothing wrong if he connected to a WAP setup by your average Joe who neglected to secure it and then proceeded to sift through his financial records, finding Joe's checking account information and posted it on the Internet for everyone to see before seeding Joe's system with viruses- because it wasnt secured? Because that's what you're saying.

[Don Corleone]

So how come they can't mention a single security protocol that they had? And since they seem to not have had any proper security it's very embarassing to them and they obviously know very little about computers so they call him a hacker. You can call someone terrorist if you don't like what they think, even if they've never used any violence. That doesn't make them guilty of being terrorists. It's when they beyond reasonable doubt plan or carry out such actions that they become terrorists. The problem in this case is that since there are no security protocols there's nothing in his communication that differs it enough from normal usage that you can formulate it into a general law. Only if you use passwords and accept any request message but respond to unauthorized with an access denied and question for password response message, can you clearly differ between when it's hacking and not hacking, in a way that can easily be formulated into a law.

You're not making any sense. He claims to have hacked into the system, admits he knew exactly what he was doing and that he was accessing systems he didn't have authorization to access, and you claim it's okay because 1) the DoD won't list their security protocols to the beeb and 2) he didn't have terrorist intentions?

Sorry man, no matter how much you want the 'free electronic frontier' and a free world for hackers as long as they don't have a political motive, it's still wrong, it's still illegal, and as your friend is about to find out, it's still punishable.

[English assassin]

The judges comments:

"I readily accept the probable sentence is likely to be appreciably harsher in the US than in comparable circumstances it would in the UK," the judge told the court. "But it must be obvious to any defendant that if you choose to commit a crime in a foreign country, you run the risk of being prosecuted in that country."

That's the beginning and end of it IMHO.

[Haudegen]

I´m just happy to live in a country where the constitution protects me from being delivered to non-european courts.

[Louis VI the Fat]

But it must be obvious to any defendant that if you choose to commit a crime in a foreign country, you run the risk of being prosecuted in that country

Was it commited in a foreign country? The question of international jurisdiction is always interesting, even more so with the advent of new technology. Where was this crime commited?
If you mug an American tourist in London, you obviously get trialed in the UK. But what if you plunder his bank account over the internet, from London, without the victim ever having set foot in Britain?

His acts are a criminal act within the UK as well. If it wasn't, I would see no reason whatsoever to not extradite him indeed. But as it stands, A UK law was broken in UK territory, and I believe extradition should be applied under the principle of subsidiarity, that is, if British legal means for prosecution are either exhausted or non-existent.


Mr McKinnon was originally tracked down and arrested under the Computer Misuse Act by the UK National Hi-Tech Crime Unit (NHTCU) in 2002, and later that year was also indicted by the United States government

[Louis VI the Fat]

I´m just happy to live in a country where the constitution protects me from being delivered to non-european courts.

Really? French law doesn't, which I fully support.

[Haudegen]

Yes, Sir! Look:

Article 16 [Citizenship; extradition]

(1) No German may be deprived of his citizenship. Citizenship may be lost only pursuant to a law, and against the will of the person affected only if he does not become stateless as a result.
(2) No German may be extradited to a foreign country. A different regulation to cover extradition to a Member State of the European Union or to an international court of law may be laid down by law, provided that constitutional principles are observed.

IMHO it´s a good thing. After all one of the reasons for having a nation is that it protects the individual from other nations. Exceptions are only made for our very good friends in the EU.

[Louis VI the Fat]

'No German may be extradited to a foreign country'

Meh, German preoccupation with the 'Volk' again?

These things work in two directions. Agreements over extradition of suspects also means that those who break your own laws do not get to live happy lives in Argentina or Paraguay without fear for prosecution.

[Haudegen]

'No German may be extradited to a foreign country'

Meh, German preoccupation with the 'Volk' again?

Sorry, I think it´s not at all nationalistic. And mind you: The EC-contract demands us not to discriminate against EC-cititzens, therefore we grant them the same rights, i.e. a Frenchman, Englishman, ... is protected by Art 16 II, too.

And all other nationalities at least can rest assured they will not be extradited to some place where a fair trial and human rights are not guaranteed. However this doesn´t follow from Article 16 but Article 1 I Grundgesetz.

These things work in two directions. Agreements over extradition of suspects also means that those who break your own laws do not get to live happy lives in Argentina or Paraguay without fear for prosecution.

If a German criminal is caught in, say Argentina, there wouldn´t be a problem. Argentina could agree to extradite him, as we could offer them the same.

In the case that the crimanal is not a German: German criminal law doesn´t have the ambition to punish offenders everywhere and under every circumstance.

If the price we have to pay for our Article 16 is, that we don´t get offenders from others countries delivered as efficiently as others do, then so be it.

[Ser Clegane]

In the case that the crimanal is not a German: German criminal law doesn´t have the ambition to punish offenders everywhere and under every circumstance.

Actually I think German criminal law should have the ambition to punish offenders who commit crimes in Germany, even if they are not of German nationality

[Louis VI the Fat]

Sorry, I think it´s not at all nationalistic.

It isn't nationalistic. Nor is Germany in general.

No, what struck me, is the extend to which German law is personal, not territorial. That laws and jurisdiction are tied to membership of a Volk and not a territory is in sharp contrast to the underlying principles of French law.

[Haudegen]

Actually I think German criminal law should have the ambition to punish offenders who commit crimes in Germany, even if they are not of German nationality

German authorities will if they can get him.

But if the offender flees to a foreign country that doesn´t want to extradite him, what shall we do?

Perhaps the other state simply refuses the extradition because the state thinks that itself can take care of the criminal. Germany handles it this way, see § 7 II Strafgesetzbuch.

Anyway: If Article 16 infringes Germany´s ability to punish offenders who have fled to other countries, as Louis mentioned, I´ll say it´s okay for me. I´m glad we have Article 16.

[Haudegen]

It isn't nationalistic. Nor is Germany in general.

No, what struck me, is the extend to which German law is personal, not territorial. That laws and jurisdiction are tied to membership of a Volk and not a territory is in sharp contrast to the underlying principles of French law.

All our laws are naturally only applicable on German territory, therefore Art 16 is strictly territorial. Other nations are not bound by it, of course.

[English assassin]

His acts are a criminal act within the UK as well. If it wasn't, I would see no reason whatsoever to not extradite him indeed.

This is a basic requirement of extradition generally. I seem to recall we used to have specific problems in the UK with something that the Americans call (IIRC) wire fraud (?wire something, anyway) which was an offence in the US but not here at the time, due to peculiarities in the Theft Acts. The long and the short of it was we didn't extradite people for wire fraud until we had amended our own criminal law to catch up.

I didn't know the German position, although I did know other countries took the same approach (You might remember ex-president Alberto Fujimori suddenly rememberd he had Japanese citizenship and fled to Japan when it looked as if Peru would indite him for corruption).

Given that no state could afford to deny a territorial basis of jurisdiction (since that would mean that Germans were perfectly free to commit crimes in the UK and we would have to leave it to the German state to deal with them) I would have thought that the personal approach should give way in time, since they clearly clash. What happens if a German commits a murder in, say, Morroco, and makes it back to Germany before being arrested? Is he really not extradited? Do you try him in Germany instead? if so, according to the law of Germany or of Morroco? Do you fly the witnesses over?

[Haudegen]

Is he really not extradited? Do you try him in Germany instead?

Yes, that´s right.

if so, according to the law of Germany or of Morroco?

German courts will always apply German criminal laws. (Unlike in civil law, where courts eventually apply foreign laws)

Do you fly the witnesses over?

Yes

[English assassin]

Golly. Well, its consistent, anyway. A lot of effort IMHO, but there you go.

(Note to self: if you commit a serious crime in a country you would rather not go to prison in, flee to Germany immediately.)

Hey, hang on. Why doesn't this hacker jump on the Eurostar and head for Germany? He'd be sorted even now. Can this REALLY be right? it seems very odd.

[Louis VI the Fat]

He is not German, therefore the German constitution does not prevent extradition by Germany.



EA, let us discuss international jurisdiction a bit more. I'm quite interested by it and you're a lawyer.

- Englishman X sets up an online shop selling ecstacy-tablets. He sells and ships to customers in the UK itself, the US, France, and Wallis and Fortuna. He is arrested in the UK. Where should he be prosecuted?
- Frenchman VI travels to Dover, and fires a long-range cannon that kills a man in Calais. VI immidiately gets arrested for it in England. Where should VI be prosecuted?

[Rodion Romanovich]

Really? Here I thought I worked in the IT industry, had a Bachelor's degree in Data Communications, a MCSE and a CCNA.... but it turns out I know nothing at all about networks.

Then it's law you don't know anything about. You need a formal definition of when it's a crime, not just "it feels like he's not nice". As we'll see below, your statements are of that form

I'm really not at all sure what your argument is... but it smells like a red herring. Of course its possible to 'accidently' connect to a system that you're not authorized to be on. But this clearly is not the case. He knew he was in areas that were confidential, he crashed systems and otherwise caused damage while nosing around with the specific intent to find classified information. Your argument that "He didnt know" is ludicrous. He knew what he was doing- that's not even in question.

Then, you're left with your absurd claim that if a computer is not adequately secure then there's nothing wrong with breaking in with intent to steal information. That idea is just laughable on the face of it and is very similar to the burglary and rape analogies others have made.

Just to be clear, you would see nothing wrong if he connected to a WAP setup by your average Joe who neglected to secure it and then proceeded to sift through his financial records, finding Joe's checking account information and posted it on the Internet for everyone to see before seeding Joe's system with viruses- because it wasnt secured? Because that's what you're saying.

Apart from your judgement of his intention, based on him admitting, can you point to any exact difference in the communication between his communication and normal communication? What would be the exact definition of when it becomes a crime? What could be a sensible motivation for a law. Assume the guy hadn't confessed, would he be innocent in your eyes then? No, he wouldn't. So I'm again asking you what in the actual communication you think he's doing that is illegal. Normal procedure on the Internet for finding out whether you have permission or not for a service is to request the service, and get a negative or affirmative response. All I'm asking is for you to explain an exact definition of when his actual communication becomes a crime, in a way so that it differs his communication from that of an innocent. Please explain why this guy should be sentenced even if he hadn't confessed he had bad intentions in whatever he was doing. Why is requesting a service you're allowed to access without password illegal. So far I've seen arguments along this line mentioned from you and others in this thread (of course the arguments weren't clearly formulated either, since you obviously turn it into an ad hominem attack race instead of a civilized discussion, so I've been forced to try and read your mind):
- he knew he wasn't allowed into that particular data. How? Is there any list of which data you aren't allowed to check? Normal procedure is, again, to ask for the service and get a response on whether you've got permission or not. Because law is based on the principle that you can't say you didn't know what the law is, the law is responsible for providing full info for knowing exactly when you've committed a crime or not.
- he made many attempts and for a long time. "Long" is very subjective, there must be an exact time or number of requests or similar before it gets illegal. But if the .org server is down and I type in www.totalwar.org and it doesn't respond the first time, I'll keep reloading until I receive the page or I get "access denied", or until I get bored and/or realize the server is down, and try later some other time. If I get "access denied" without being informed that I no longer was allowed to visit www.totalwar.org, then I'd certainly try a few times more because I'd believe the access denied message was a bug or some failure at www.totalwar.org. If I keep trying for a long time different days I'd realize I had lost permission if I got the same access denied message each time. So where is the exact line drawn for when it's illegal action to make a request for a service?

[English assassin]

He is not German, therefore the German constitution does not prevent extradition by Germany.



EA, let us discuss international jurisdiction a bit more. I'm quite interested by it and you're a lawyer.

- Englishman X sets up an online shop selling ecstacy-tablets. He sells and ships to customers in the UK itself, the US, France, and Wallis and Fortuna. He is arrested in the UK. Where should he be prosecuted?
- Frenchman VI travels to Dover, and fires a long-range cannon that kills a man in Calais. VI immidiately gets arrested for it in England. Where should VI be prosecuted?

Re the hacker, yes it does because he's an EU citizen and there is a principle of non-discrimination on the ground of nationality, which Haudegen also confirmed. Unless you could argue that did not apply as EU law is generally non-competent in the criminal sphere? Hmm. These are deep waters, Watson.

I'd be interested to answer your questions, but unfortunately I have a pressing meeting in the pub in five minutes. I could probably look up the murder qu fairly quickly (though not after having been in the pub). The internet qu is going to be more interesting (eg "I don't know") and I might see if I can slip it past an IT lawyer here in the guise of a real enquiry. I'll let you know what they say.

Who do I send the bill to?

[Redleg]

Your arguement falls flat on its face LegioXXXUlpiaVictrix the individual admitted to hacking into the Department of Defense Computer system.

Having at one time had access to different aspects of the military internet - I can safely state that to go where the individual alledgely stated to have gone requires a password. If he didn't have a password granted by the administrator of the site, one would have to agree that his access was in violation of the law.



Now here is the internet page that is open to all to view.

http://www.defenselink.mil/

Now there are several links on that site that if you click on requires the individual to have the correct access authorization and is password protected.

Now back to the article and the hackers quotes.

Mr McKinnon has admitted that he spent almost two years exploring these networks but has said he was motivated by a search for what he called "suppressed technology".

Now searching the sites is acceptable - just look at the information available that does not require a password to access, one can find out all kinds of information. Now his admittance of exploring networks could mean something beyond the completely innocent search of internet web pages... All this information one can gather without logging into the system - because its free access information.

In a recent BBC interview, Mr McKinnon said he had got close to getting pictorial evidence of technologies that could be of huge benefit to everyone but the US government was not releasing.

This is where he does himself in. Those sites require some type of password to access from outside. That he admits to being close means that he cracked the security that was in place. If I shut and lock my door, even though it is a paper door, breaking that door is still against the law.

In numerous interviews about the case, Mr McKinnon has resisted attempts to portray him as a hacking mastermind. By contrast he said he was a "bumbling hacker" that exploited the lax security policies of the US military.

Again he does himself in with this admittance of wrong doing. Lax security policies - ie the paper door, still requires someone to knowly continue .

Speaking after the hearing ended, he said: "My intention was never to disrupt security. The fact that I logged on with no password showed there was no security to begin with."

and finally he shows a major contradiction in his statements. If your the network expert you should be able to figure out the contradiction in his statements from the article.

Evidently his arguement was not convincing enough for an English judge hearing the matter in the English Courts.

[Rodion Romanovich]

Your arguement falls flat on its face LegioXXXUlpiaVictrix the individual admitted to hacking into the Department of Defense Computer system.

Having at one time had access to different aspects of the military internet - I can safely state that to go where the individual alledgely stated to have gone requires a password. If he didn't have a password granted by the administrator of the site, one would have to agree that his access was in violation of the law.



Now here is the internet page that is open to all to view.

http://www.defenselink.mil/

Now there are several links on that site that if you click on requires the individual to have the correct access authorization and is password protected.

Thanks! Finall someone answering my question seriously. Minus this part:

Your arguement falls flat on its face LegioXXXUlpiaVictrix the individual admitted to hacking into the Department of Defense Computer system.

I already said above that "what would differ his actions from that of normal actions IN AN ALTERNATE SCENARIO WHERE HE HADN'T ADMITTED.

This part is the first serious answer I've gotten to that question:

Having at one time had access to different aspects of the military internet - I can safely state that to go where the individual alledgely stated to have gone requires a password. If he didn't have a password granted by the administrator of the site, one would have to agree that his access was in violation of the law.

To all who just responded to me with sneer smilies and irrelevant ad hominem attacks and various red herrings I can say that it would aid the discussion if next time you actually listened to the questions I made, and answered like Redleg did, answering the specific question I posted and not something else you made up I said. Or if you don't understand my question please ask what I mean instead of choosing an arbitrary interpretation.

Now that I finally got the facts I asked for, I can make a proper judgement, and according to these facts I now know that there was a difference between this hacker's behavior and normal behavior, so now I can agree that the facts imply that he committed a crime. Trying to read your minds from your not very explicit posts (even if this message is quoting Redleg, the following comment is not directed at Redleg), it seems like you immediately thought that my opinion was that he was innocent in any case. The opinion I expressed and still hold, is that:
- until I've heard proof of a difference between his requests and normal operation, I'll wait with judging him
- if there are no laws for computer crimes yet, it's necessary to apply the mildest interpretation until proper laws are made. If you discover a loophole in the law, you should change the law, but only apply the new law to future cases
- the law definitions must be made carefully so that they protect innocents from accidentally committing crimes they didn't want to, and make sure it's very easy to differ crime from innocence, both for a user, and for people working with law in court or as policemen.
- computer technology is developing so fast that it requires new laws. In many cases these aren't fully built out, which gives a problematic situation. For safety of citizens, the mildest interpretation must always be chosen until the proper laws have been made. Changed laws can only apply to cases of crime committed AFTER the new law was passed, and not apply to earlier cases.
- I've now seen a difference between his behavior and normal behavior. If there are proper law definitions according to above points, then he can and should be sentenced according to what the law says. I doubt American law recommends life sentence in prison for crimes like these, so the American reaction seems exaggerated and not according to American law, but rather a statement made in a state of emotional rage.
- it's unclear whether American or British law should apply to this case. For Internet related crimes this is a serious flaw that international law, maybe through UN, should correct. It should be more clear what applies in a situation like this.

[Redleg]

Thanks! Finall someone answering my question seriously. Minus this part:

I already said above that "what would differ his actions from that of normal actions IN AN ALTERNATE SCENARIO WHERE HE HADN'T ADMITTED.

This part is the first serious answer I've gotten to that question:

Of course I took it serious - however you are missing the point the admission of guilt alreadly takes presedence over all other evidence. The scenerio you are attempting to paint would still find the individual facing the consequences of his own acts. Hacking into secure systems - even those with a paper door security - is still an illegal activity.

Now that I finally got the facts I asked for, I can make a proper judgement, and according to these facts I now know that there was a difference between this hacker's behavior and normal behavior, so now I can agree that the facts imply that he committed a crime. Trying to read your minds from your not very explicit posts (even if this message is quoting Redleg, the following comment is not directed at Redleg), it seems like you immediately thought that my opinion was that he was innocent in any case. The opinion I expressed and still hold, is that:

Oh I don't hold it against you at all - the evidence was reviewed in a court of law and they found enough evidence to warrant a continuing of the legal process. I just found your arguement weak on its face, because of the individuals own admissions of guilt.

- until I've heard proof of a difference between his requests and normal operation, I'll wait with judging him
- if there are no laws for computer crimes yet, it's necessary to apply the mildest interpretation until proper laws are made. If you discover a loophole in the law, you should change the law, but only apply the new law to future cases
- the law definitions must be made carefully so that they protect innocents from accidentally committing crimes they didn't want to, and make sure it's very easy to differ crime from innocence, both for a user, and for people working with law in court or as policemen.
- computer technology is developing so fast that it requires new laws. In many cases these aren't fully built out, which gives a problematic situation. For safety of citizens, the mildest interpretation must always be chosen until the proper laws have been made. Changed laws can only apply to cases of crime committed AFTER the new law was passed, and not apply to earlier cases.
- I've now seen a difference between his behavior and normal behavior. If there are proper law definitions according to above points, then he can and should be sentenced according to what the law says. I doubt American law recommends life sentence in prison for crimes like these, so the American reaction seems exaggerated and not according to American law, but rather a statement made in a state of emotional rage.
- it's unclear whether American or British law should apply to this case. For Internet related crimes this is a serious flaw that international law, maybe through UN, should correct. It should be more clear what applies in a situation like this.

In bold is what several posters have stated. The evidence warrants futher review and possible trail - which is what the English Judge in essence stated.

[Rodion Romanovich]

Of course I took it serious - however you are missing the point the admission of guilt alreadly takes presedence over all other evidence.

I was discussing what laws should exist for such cases more than the specific case.

The scenerio you are attempting to paint would still find the individual facing the consequences of his own acts. Hacking into secure systems - even those with a paper door security - is still an illegal activity.

Only when the communication can be clearly distinguished from normal usage or accidents. And when we're discussing how laws should be, we need to find a clear definition on exactly where the line is drawn. Given that it appeared that several drew their line were vaguely, I pointed out the inner workings of computer networks and the legal necessity of clearly drawn lines. Not until a technical description of something that showed the difference was provided, was anything really found that could differentiate the two cases from both a legal and computer engineering point of view.

In bold is what several posters have stated. The evidence warrants futher review and possible trail - which is what the English Judge in essence stated.

Yes, and that's why I find it quite funny that they, unlike you, responded to my posts with flaming instead of answering my question Quite strange, considering their opinion was almost the same as mine, but they tried as hard as they could to interpret it differently and ignored most of what I wrote.

[Redleg]

I was discussing what laws should exist for such cases more than the specific case.

The prosecution could not proceed without laws alreadly having been established.

Only when the communication can be clearly distinguished from normal usage or accidents. And when we're discussing how laws should be, we need to find a clear definition on exactly where the line is drawn. Given that it appeared that several drew their line were vaguely, I pointed out the inner workings of computer networks and the legal necessity of clearly drawn lines. Not until a technical description of something that showed the difference was provided, was anything really found that could differentiate the two cases from both a legal and computer engineering point of view.

That is what the legal process is for, the process seems to be working correctly in this individuals case. An allegation of wrong doing has occured, the legal process has been started, and now it will go to trail to determine if there was a clear crossing of the legal boundries. I would find more credence with your argument if he was not being charged under existing statues (SP)

Yes, and that's why I find it quite funny that they, unlike you, responded to my posts with flaming instead of answering my question Quite strange, considering their opinion was almost the same as mine, but they tried as hard as they could to interpret it differently and ignored most of what I wrote.

Happens more then we like..

[Louis VI the Fat]

I'd be interested to answer your questions, but unfortunately I have a pressing meeting in the pub in five minutes. I could probably look up the murder qu fairly quickly (though not after having been in the pub). The internet qu is going to be more interesting (eg "I don't know") and I might see if I can slip it past an IT lawyer here in the guise of a real enquiry. I'll let you know what they say.

Alas, but an ale should take preference over murder.

The internet qu is all the more interesting because I think it the better analogy to the hacker case.

Who do I send the bill to?

You can send the bill to:

Monsieur Louis le Gros
35, rue du faubourg Saint-Honoré
75383 Paris

[Rodion Romanovich]

The prosecution could not proceed without laws alreadly having been established.

That is true, but only half the truth. In computer related and other fast changing businesses there are seldom specially designed laws to fully cover up the fast changes, so then they often have to stick to old laws in many situations. From the start of the discussion it seemed likely that there could have been such problems in this particular case, but given more facts it doesn't seem to apply. Still, an important point to remember: that in some cases no longer modern laws can end up having to be applied. In some cases of unmodern laws the old laws are even ignored or considered invalid, did you for example know that in some countries there are still laws from the Medieval period about nobles, swords, horse theft and so on? Not many people take those laws seriously these days

[Xiahou]

Then it's law you don't know anything about. You need a formal definition of when it's a crime, not just "it feels like he's not nice". As we'll see below, your statements are of that form

Again you're the one showing your apparent ignorance- this is your opening statement.

Actually, if there's no password protecting a computer system, it's generally considered to be free to visit for everyone, and it isn't an offense to do so.

This is factually wrong. It is a crime to knowingly access a non-public system that you are not authorized to access, particularly when you do so to steal private information and to cause damage to the system.

I'm very confused how you got from that first statement to having the same opinion as me...

Quite strange, considering their opinion was almost the same as mine, but they tried as hard as they could to interpret it differently and ignored most of what I wrote.

But as long as you now understand that the legality of an intrusion isnt dependant on the security in place, all is well.

[Haudegen]

Louis and English Assassin,

before anyone plans an extended holiday in Germany , I would like to add a bit.

IMHO Article 16 combined with the EC contract doesn´t protect other EC citizens from being extradtited to their home countries. This is because the idea of Article 16 is that a person should be tried in his home country. Therefore it´s not discriminating to extradite them to their home countries. They are only protected from extraditions to non-EU states.

So if Mr McKinnon had come to Germany he would have been brought to the UK.

[English assassin]

Yes, but then from the UK he would be extradited to the US. So, if he was a UK citizen in Germany, he might wind up in the US, (albeit in a two stage process) whereas if he was german he would not.

Put it like this, if I ever find myself facing 20 years in a Turkish jail, (I haven't forgotten what they did to Laurence of Arabia) I'd at least pop over to Berlin and try my luck. Nothing to lose.

Now, as for Louis qu, this turned out to be quite interesting. according to the books, the traditional basis of English criminal jurisdiction is territorial, it being the function of the criminal courts to maintain the Queen's peace within the realm. Save for statutory exemptions (I'll come to those) the courts were not concerned with conduct abroad.

Pausing there, I cannot help observing that that means so far as traditional English criminal law was concerned, it was perfectly acceptable to pop accross the channel, slap a Frenchman, and pop back. Which of course is more or less what we had spent about 800 years doing.

Anyway, then a more sophisticated rule took hold, that the existence of any geographical limitation to an offence could only come from the rules of international comity, which only call for a state ("England") to refrain from punishing conduct in another state ("France") where the conduct has no harmful consequences in England. What we might call a "Mind you own business" rule. Therefore on that aproach if EITHER a criminal act OR its consequences occur in England, the English courts wil try it, if not, not.

The modern law is that where a substantial part of a crime occurs in England then it may be tried in England, except in an exceptional case where some other state ought to be given a crack at it. In particular it is not necessary that the "final act" or gist of the crime occurs in England. So relating that to the hacker, it would seem we COULD have tried him here if we had wanted, thiough very possibly international comity and the fact that it was US defence computers he was messing with point to us declining jurisdiction.

However Louis's example of murder is subject to a longstanding statutory exception to these common law rules in the Offences Against the Person Act 1861, s.9:

Where any murder or manslaughter shall be committed on land out of the United Kingdom, whether within the Queen’s dominions or without, and whether the person killed were a subject of Her Majesty or not, every offence committed by any subject of Her Majesty, in respect of any such case, whether the same shall amount to the offence of murder or of manslaughter … may be dealt with, inquired of, tried, determined and punished … in England or Ireland … Provided, that nothing herein contained shall prevent any person from being tried in any place out of England or Ireland for any murder or manslaughter committed out of England or Ireland, in the same manner as such person might have been tried before the passing of this Act

Of course if Louis had put his victim not in Calais but in a boat the answer would have been even more interesting:

Where a man in a boat at a short distance from the shore was shot by a person on the shore, and died instantly, it was held that the shot and death were both upon the high seas, and therefore triable under the Offences at Sea Act 1536 (rep.): R. v. Coombes (1785) 1 Leach 388; and see 1 Hawk. c. 37, s. 17

Well, I think its interesting.

[Soulforged]

Well, I think its interesting.

I think that all issues of jurisdiction and competence are subject to theoretical and dogmatic struggles. In the end the one who wins is the state with more power in the concret case. For example in a recent case, an argentian was killed in one of the beaches of Brazil. There was a dispute about the place in wich it will be tried, one alleging nationality principle and the other territorial principle where the crime was commited. Brazil won, not only because the criminals were brazilian but because they could get them faster than the argentinian state.

About the boat case... It's really difficult. I think that in that case it would depend of the distance from the shore, of wich country was that shore, of the nationality of the criminal and of the victim. What the positive law of any country states about the issue could become moot, because one could state in their Constitution that all crimes commited in their territory should be tried by the judge of his last residence, always in that territory. While the other states that anyone with X nationality should be tried in X country wheter the crime occured in X, Y or Z. This should be subject to international law and a dispute between the two states.

But I think it could be even more complicated. Let's take the boat case for example. Subject X, of nationality Z, shoots B, of nationality Q, in point A, near the shore of Y. Unfortunately B doesn't die there, he keeps on sailiing until point T near the shore of C, when he dies of bloodlost. Even better, reaching point C another subject I, of nationality O, shoots him again, and then he dies. We could even add that X and I were conspirating to commit murder against B, and there's enough theories to justify the involvement of every jurisdiction in the case.