Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!mips!pacbell.com!pacbell!well!tenney
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: comp.org.eff.news
Subject: Re: Busted for "possession"
Message-ID: <20817@well.sf.ca.us>
Date: 18 Sep 90 14:58:24 GMT
References: <16013@s.ms.uky.edu> <4628@graphite18.UUCP> <1990Sep17.105918@bert.llnl.gov>
Sender: tenney@well.sf.ca.us
Organization: IR
Lines: 28
Approved: comp-org-eff-news@well.sf.ca.us

In article <1990Sep17.105918@bert.llnl.gov> howell@bert.llnl.gov (Louis Howell) writes:
> In the discussion of the Rose case, several people have glibly tossed
> off the phrase "possession of proprietary source code" in contexts that
> make it sound like a terrible crime.  Just out of curiousity, what law
> is actually being broken here?  Is it some perversion of copyright law,
> an implied contract, or what?

Usually, copyright law.

As an example, an alleged Princeton graduate student allegedly broke
into an NYU computer a couple of years ago, using the sendmail debug
mode bug. He (allegedly) copied lots of proprietary AT&T, Berkeley, and
NYU source code. Computer trespass aside, he (allegedly) violated
copyright.

In contrast, if NYU had mailed him the sources, NYU would be violating
its contracts (licenses) with AT&T and Berkeley, as well as copyright.
Breach of contract isn't too serious, though.

> Wouldn't it
> be better if these cases were handled through civil law at the expense
> of the company which had been wronged?

You're right that it depends on the scale. The government should stick
its nose into prosecuting someone like Markus Hess; it's just a waste of
time when a prankster makes an illegal copy of Chutes & Ladders for his
IBM PC. I have no idea where the (alleged) Princeton case might fall on
this scale.

---Dan