The past year has been a tough one for Internet Service Providers (ISPs): their client base has shrunk as dotcoms have failed; creaking Californian power supplies have emphasised the importance of installing expensive back-up systems. Still, if John Keegan, "Britain's most distinguished military historian", has his way, things will get a whole lot tougher.
He wants cruise missiles to destroy the buildings which house "foreign Internet service providers" if they permit the transmission of encrypted messages, as he believes that the World Trade Centre atrocity was planned online.
If John Keegan's suggestion was to be taken up, all ISPs could have to close down or face attack, as they cannot prevent encrypted communications travelling on their networks. Strong encryption is an essential technology for the global economy as it enables professionals and businesses to transmit information securely and confidentially over open networks. If secure encryption was not available, banks, lawyers, accountants and governments could either try to build expensive closed systems which would be vulnerable to hacking attacks, or revert to slower forms of communication such as overnight post. In a modern society, knowledge cannot be unlearned. It would be far more desirable that people would forget how to build atomic bombs than forget how to use encryption systems such as PGP, but of course it is impossible.
Yet Keegan does raise a serious question. George Bush has promised a "different type of war" on terrorism and this war may be partially fought online. As a global network, it is hard to believe that the Internet would be immune to a global war. Following the World Trade Centre bombing, the US Federal Government issued a warning of the danger that "denial of service" attacks would be launched at sites run by "organisations associated with the perceived perpetrators". Such attacks overload servers and Internet infrastructure, causing "significant collateral damage".
It is easy to see why Western powers would be tempted to use viruses such as the Nimda virus, which caused disruption last week, as weapons of war, but it is more likely that the West would be the victim of such weapons than that it would use them.
Reform of Ireland's computer crime legislation is long overdue as it does not contain provisions dealing specifically with new forms of crimes such as denial of service attacks. Once passed, the Criminal Justice (Theft and Fraud Offences) Bill 2000 will improve things, particularly with regard to crimes of impersonation and Internet fraud, but it may well be that Ireland will not have an effective Internet crime act until it implements the Cybercrime Treaty. This has just been approved by the Council of Europe and should open for signatures at the end of November
However, Ireland does have draconian anti-terrorist laws that can deal with Internet terrorism, if it should become a real threat. If terrorists were to use websites to plan attacks, whether online or elsewhere, the Offences against the State Act 1998 could be implemented. The Act makes it an offence to collect, record or possess information which may be used by the members of an unlawful organisation to commit a serious offence. It is also an offence to withhold information that may be useful in preventing serious offences.
An ISP which hosts a hacker website might find itself in breach of the Offences Against the State Act 1939, which makes it an offence to distribute "incriminating documents", an offence which might also be committed by terrorists who possess the tools of the hackers' trade such as programs, passwords and manuals.
A key issue is whether loose congregations of terrorists, who may never meet face-to-face or know each others' real names, could be defined as members of an "unlawful organisation". But the 1939 Act defines these terms extremely broadly: unlawful activity may include the promotion of "the commission of any criminal offence"; organisations can be "combinations of persons of whatsoever nature or kind whether known or not known by a distinctive name".
If the Government feels these criteria are met, it can issue a "suppression order" against such an organisation. It is unclear what new groups might join the IRA and INLA on the Irish list, but the UK considerably extended the remit of its Prevention of Terrorism Act earlier this year, and banned 21 organisations, including Osama bin Laden's AlQaeda organisation.
Such changes may come at the behest of the EU, which is hoping to introduce tough new anti-terrorism measures by the end of the week.
Attention has, rightly, been focused on the appalling loss of life and deep distress caused by the destruction of the World Trade Centre, but this was also an attack on the global economy. It is an understandable reaction to this atrocity that new legislation and controls should be proposed, but these may ultimately hamper the working of the global economy and frustrate the development of the Internet. The Dβil has been debating a measure which could have such ill effects - section nine of The Criminal Justice (Theft and Fraud Offences) Bill 2000 - since before this attack.
It is important to keep in mind that curtailing the growth of the Internet and the global economy may well have been among the goals of these terrorists. It would be unwise to hastily legislate to curtail the use of the Internet or new technologies, particularly as Ireland already has extensive anti-terrorist legislation whose effectiveness has been proven over the years.
Denis Kelleher is a practising barrister and co-author of Information Technology Law in Ireland (Butterworths: Dublin).
www.ictlaw.com