Andreas Fink afink@list.fink.org 2009-03-17:
Collegues,
The federal adminstration wants to change the law about cyber crime.
See also:
(or especially Genehmigung und Umsetzung des Übereinkommens des Europarates über die Cyberkriminalität )
[...]
Note that according to the "Adressatenliste", SwiNOG was explicitly invited to comment on the proposed change of law.
I guess SwiNOG should comment on Art. 143bis Abs. 2 and request a clarification, in order to make sure that academical, commercial and private IT security research will not be affected by the change of law. The proposed wording of Abs. 2 currently does not adequatly honour the fact that security tools are dual-use goods by nature; i.e. they are not inherently good or evil. Or in other words, there is no practical way to distinguish a tool used by a professional penetration tester from a tool used by a blackhat. The difference between the two is not in the tools, it's in the contracts (i.e. approval of the target's owner).