Gary McKinnon was mentioned in the House of Lords Report Stage debate on the Police and Justice Bill, on Tuesday 10th October 2006, regarding its dual use "jhacker tools" amendment to the Computer Misuse Act 1990,.
The Earl of Erroll said:
[...]
Will it work? It will not, I am afraid. It is one of those things that sounds good but will do nothing. What it will do is cause a lot of trouble to large companies that supply perfectly legitimate tools to help people to carry out remote maintenance or use remote access. It will not help parliamentary staff because if someone supplies the tools to them, whereby they can shadow you working on your own terminal in Parliament and thereby help you solve the problem that you just got trapped in, those sorts of tools might be forbidden under the supply rule.
The Home Office response to this is: "Well of course we won't chase the good guys. We won't go after them. We are only after the bad guys." The trouble with that is that it is all well until an enforcer trying to achieve some other aim threatens someone. I do not think that, as Parliament, we should be passing laws that give power to enforcement agencies to blackmail companies into doing other things for them because they know they can use something like this against them. It is too much of a blanket power.
Further, it is useful for penetration testing—for instance, people testing to see whether their company systems can be hacked. A typical example of this is phishing. Last week I was sitting next door to a chap called Gary McKinnon, who is the person the Americans are trying to extradite and put in jail for 60 years because he put post-it notes all over the Department of Defense systems. Five years ago he got into their systems because he thought it would be fun to see how good their passwords were. He ran a little program and discovered that a large number of people with Windows access had not bothered to use passwords. For the Department of Defense in America not to check that its stuff was moderately secure and that its senior people at least had passwords to prevent access is stupid. So he thought he would show them how stupid they were.
As a result of that Gary has got into hot water. I will not go into the merits of the case or whatever, but the department should have been using tools like this to ensure their own security was all right long before Gary got there. And so should we. However, it will make these things illegal and large groups, large banks and so on should be testing that their systems are secure. In fact Parliament should. But, under this provision, whoever supplies you with that tool to test that will be committing an offence. It is all very well to say, "They are the good guys, we won't prosecute them", but I do not think that is good enough. I have great trouble with laws that hand over powers to the enforcers and say, "It is at our discretion whether we are going to prosecute you".
I stand very strongly on that, having seen and heard of many incidents where people have been told that unless they comply with something else there is an obscure rule and they can throw the book at a company for something else. I know that there will be efforts made at the European level to reverse this provision if we pass it in this form. I was informed of that by some international companies.
I would prefer to see the amendment of the noble Earl, Lord Northesk, go through and remove the provision altogether. I do not think it will do any good. It is a waste of time. It will not allow you to do anything effective against enforcing what you want. However, I believe that the Minister will not allow that. Therefore, I would suggest that you should either say "more likely than not" if that is what you mean. I suggested last time using the word "primarily"; this time I suggest using "principally". We are looking at the objective of the people supplying or trying to sell these tools. If it is principally to sell it to the hacker community, I do not have a problem. In which case say so in the Bill. We know these things are likely to be used. If the Government mean that it is more likely than not, then they should say more likely than not.
[...]
The Third Reading debate, is scheduled for next Wednesday 18th October 2006, which will apart from the Computer Misuse Act amendments, also probably leave in the Lords' previous amendments regarding the Extradition Act 2003 and the US-UK Extradition Treaty.
No doubt the Labour Government will attempt to overturn these when the Bill returns to the House of Commons.
Nefertiti
Here is how they voted. For the most part the labour party are careerist, uncaring wankers. No wonder Clare Short is sick of trying to make a difference from the inside.
http://www.publicwhip.org.uk/division.php?date=2006-10-24&number=320&showall=yes#voters
Takis. H. from Athens-Greece
Since Gary's true intence was not to obtain money, not steal, not transfer any information to other hands, well, the internet community should be a civilised and friendly community since it joins people and anyone who uses internet knows that very well.. Some of us rely on friendly internet if not all of us.. So I say: Free internet not only Gary! Free and unify the community of world.. Military existance motives are defence and attack only to defence and protect reasons!. Gary didn't attack anyone, Gary yelled that he needs freedom, that he needs to know what is happening..just that! Gary didn't offence me or anyone on this planet, instead of this he was happy-as I was too-to learn that Man has made a glorious step in front with this technology US has accieved.. By this sense of secure Garry managed to offer me and you and everyone on this planet, the feeling that we are more gratefull-and Gary is too-to this step we made as human beings..So please don't change that condition of let's say it "US people know what they do for us" to a state of crime and punishment.. People of this earth know allready that things are changing to even better and they should be.. Try to imagine the future: People in future must be more clever and compete to each other only for common gain.. No one in the future whould like to remember that in the Days Of Change someone payed just because he didnt know that the toys were mean and harmfull. Should we dis-allow battle games for pc's? What is the penalty for this? Kids that are playing or manufacturers? And beyond these all Governers please show your kids that the world you're building is for their safety.. Please do! Remember that internet is made to join, I am sure Garry wont do that again even if I dont know him.. I am scared to know that some Big Father upon us is claiming and asking only for justice just because another kid of his was playing the bad games.. People of Nasa please dont harm us since we all know how much you like what you do and what I mean is that really hard working people can and should know how to forgive. Don't punish Mr Gary cause he is one of us, one of you, a man of today with same fears same knowledge same feelings and same love for what he really likes..Finally if none of us ever tried something similar in life..then do whatever you like. But innosense should judge! Not fear!... Thanks people, thank you Gary, thanks Nasa!