It does not come as a surprise to read (in Swedish here) that Sweden is on it’s way to criminalise denial of service attacks. This is unsurprising since it is simply another step in the obvious direction of EU harmonisation following the framework decision on attacks against information systems. The latter framework decision is part of a general scheme to fight against terrorism and organised crime within the information society.
The problem is that criminalising DoS attacks in this way makes all DoS attacks illegal. Even if an attack is carried out in the form of political protest, in other words, not terrorism, not organised crime. For example, in a case settled in 2006 where the Frankfurt Appelate Court found the groups â??Libertadâ?? and â??Kein Mensch ist illegalâ?? (No Human is Illegal) had carried out a legitimate form of political protest when they organised 13000 people in an online blockade (With a script- client- based distributed denial of service attack) of the airline Lufthansa. The protest was against the companies part in the deportation of asylum seekers (for more see links below).
When states now criminalise the act of DoS they also make sure that this tool cannot be used as a form of political protest. Therefore the regulators go far beyond their intention and scope of preventing terrorism and organised crime.
A more paranoid person may suspect that the regulator is using the label of terrorism to create rules which limit our ability to use technology in political communications… Read more about the “unintended” negative consequences for democracy, which occur when regulators attempt to control technology in my thesis: Disruptive Technology.
Decision by the Frankfurt Appellate Court (in German only, 22.05.2006)
Statement by Libertad on the ruling (in German only, 1.06.2006)