[인터넷과 형법] - 무선인터넷 도용 (Stealing wireless internet, Wardriving)

Ⅰ. 문제제기

 현재 보안되지 않은 무선인터넷은 주변네트워크검색을 통해서 쉽게 접속하고 인터넷을 사용 할 수 가 있다. 이 인터넷에 접속하여 개인정보를 빼내거나 데이터를 조작하면 우리가 흔히 말하는 사이버범죄의 유형으로 처벌받게 되지만 단순사용은 지금까지 우리나라에서는 큰 문제가 되지 않는다. 또한 Wi-Fi를 통해 원하는 사람은 누구든지 자신의 무선인터넷을 공유하고 공유된 다른 사람의 인터넷을 쓰는 운동(?)이 전 세계적으로 확산되고 있지만 자신이 이용료를 내는 무선인터넷을 다른 사람이 이용하는 것을 원하지 않는 사용자 또한 있을 것이다. 또한 이론적으로 무선인터넷의 속도는 (최대속도/사용자 수) 이기 때문에 다른 사람의 무선인터넷을 도용하면 재산권을 침해 한 것인지 의문이 든다. 과연 보안되지 않은 무선인터넷을 사용하는 것은 범죄인가?
 
Ⅱ. 우리나라 현황
 
1. 무선인터넷 보안법 논란 -> 아직까지 별다른 진척 없음.
 
2. 현재 구성요건 적용 가능성이 있는 법규.
 
제48조 (정보통신망 침해행위 등의 금지)
누구든지 정당한 접근권한 없이 또는 허용된 접근권한을 넘어 정보통신망에 침입하여서는 아니 된다.
제72조 (벌칙)
① 다음 각 호의 어느 하나에 해당하는 자는 3년 이하의 징역 또는 3천만원 이하의 벌금에 처한다.
1. 제48조제1항을 위반하여 정보통신망에 침입한 자
 
Ⅲ. 외국의 사례
 
1. 싱가포르
 [사례] Garyl Tan Jia Luo, 17, is the first person to be charged with this crime under his country's Computer Misuse Act.
 
[COMPUTER MISUSE ACT]
Unauthorised use or interception of computer service6. —(1) Subject to subsection (2), any person who knowingly —
(a) secures access without authority to any computer for the purpose of obtaining, directly or indirectly, any computer service;
(b) intercepts or causes to be intercepted without authority, directly or indirectly, any function of a computer by means of an electro-magnetic, acoustic, mechanical or other device; or
(c) uses or causes to be used, directly or indirectly, the computer or any other device for the purpose of committing an offence under paragraph (a) or (b),
shall be guilty of an offence and shall be liable on conviction to a fine not exceeding $10,000 or to imprisonment for a term not exceeding 3 years or to both and, in the case of a second or subsequent conviction, to a fine not exceeding $20,000 or to imprisonment for a term not exceeding 5 years or to both.

[21/98]

(2) If any damage is caused as a result of an offence under this section, a person convicted of the offence shall be liable to a fine not exceeding $50,000 or to imprisonment for a term not exceeding 7 years or to both.

[21/98]

(3) For the purposes of this section, it is immaterial that the unauthorised access or interception is not directed at —
(a) any particular program or data;
(b) a program or data of any kind; or
(c) a program or data held in any particular computer.
[Canada CLAA 1985, s. 301.2 (1)]
 
2. 영국
[사례] In the UK Gregory Straszkiewicz is believed to be the first person to be convicted, in 2005, of wireless 'piggybacking' in breach of sections 125 and 126 of the Communications Act 2003 (dishonestly obtaining an electronic communications service). He was fined £500 and given a 12-month conditional discharge, with confiscation of his laptop.
 

[The Communications Act 2003]
125 Dishonestly obtaining electronic communications services

 
(1) A person who—
 
(a) dishonestly obtains an electronic communications service, and
(b) does so with intent to avoid payment of a charge applicable to the provision of that service,
 
is guilty of an offence.
 
* Celia Wells(Bristol law school professor in UK) E-mail.
 
"we do have two Acts- the Communications Act 2003 governs telecommunications (which includes wireless networks but is wider than in application covering all telecommunications) and does include offences in relation to unauthorised access to networks. The 1990 Act addresses computers. This guide explains computer crime<http://www.parliament.uk/documents/upload/postpn271.pdf>
It is not theft because a network or service is not property within the definition of theft in the Theft Act 1968"
 
[Computer misuse offences]
1 Unauthorised access to computer material
(1) A person is guilty of an offence if—
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
 
(2) The intent a person has to have to commit an offence under this section need not be directed at—
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
 
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.

 
[Theft Act 1968]
4 “Property”

(1) “Property” includes money and all other property, real or personal, including things in action and other intangible property.
 
(2)A person cannot steal land, or things forming part of land and severed from it by him or by his directions, except in the following cases, that it to say—
(a)when he is a trustee or personal representative, or is authorised by power of attorney, or as liquidator of a company, or otherwise, to sell or dispose of land belonging to another, and he appropriates the land or anything forming part of it by dealing with it in breach of the confidence reposed in him; or
(b)when he is not in possession of the land and appropriates anything forming part of the land by severing it or causing it to be severed, or after it has been severed; or
(c)when, being in possession of the land under a tenancy, he appropriates the whole or part of any fixture or structure let to be used with the land.
For purposes of this subsection “land” does not include incorporeal hereditaments; “tenancy” means a tenancy for years or any less period and includes an agreement for such a tenancy, but a person who after the end of a tenancy remains in possession as staututory tenant or otherwise is to be treated as having possession under the tenancy, and “let” shall be construed accordingly.
 
(3)A person who picks mushrooms growing wild on any land, or who picks flowers, fruit or foliage from a plant growing wild on any land, does not (although not in possession of the land) steal what he picks, unless he does it for reward or for sale or other commercial purpose.
For purposes of this subsection “mushroom” includes any fungus, and “plant” includes any shrub or tree.
 
(4)Wild creatures, tamed or untamed, shall be regarded as property; but a person cannot steal a wild creature not tamed nor ordinarily kept in captivity, or the carcase of any such creature, unless either it has been reduced into possession by or on behalf of another person and possession of it has not since been lost or abandoned, or another person is in course of reducing it into possession.

 
 
 
3.미국
[사례]The 2004 conviction (in the US District Court for the Western District of North Carolina) of Paul Timmins on a single count of fraudulent and unauthorized Wi-Fi access to a private corporate network is believed to be the first wardriving conviction in the US. Legal specialists have argued that there is potential liability under the US federal Computer Fraud &Abuse Act, the Wiretap Act and some state legislation. ->단순 무선인터넷 접속이 아니라 타인의 무선인터넷을 도용하여 신용카드 정보를 빼내려고 한 사건.
 
[UNITED STATES CODE ANNOTATED TITLE 18. CRIMES AND CRIMINAL PROCEDURE
PART I--CRIMES CHAPTER 47--FRAUD AND FALSE STATEMENTS]
->무선인터넷이 아닌 컴퓨터 자체에 접속하는 구성요건임.
 
1) "WIRE AND ELECTRONIC COMMUNICATIONS INTERCEPTION AND INTERCEPTION OF ORAL COMMUNICATIONS" are covered at Title 18 of the U.S. Code at Chapter119http://www4.law.cornell.edu/uscode/html/uscode18/usc_sup_01_18_10_I_20_119.html. 
 
2) Chapter 121 covers "STORED WIRE AND ELECTRONIC COMMUNICATIONS AND TRANSACTIONAL RECORDS ACCESS"http://www4.law.cornell.edu/uscode/html/uscode18/usc_sup_01_18_10_I_20_121.html 
 
3)미국 각 주의 “Computer Hacking and Unauthorized Access Laws” 에 적용 될 수 있는지 여부.
 
[The 2009 Florida Statutes-CHAPTER 815 COMPUTER-RELATED CRIMES]
815.03 Definitions
(4) "Computer network" means any system that provides communications between one or more computer systems and its input or output devices, including, but not limited to, display terminals and printers that are connected by telecommunication facilities.
(6) "Computer services" include, but are not limited to, computer time; data processing or storage functions; or other uses of a computer, computer system, or computer network.
 
 
 
815.06 Offenses against computer users.--
 
(1) Whoever willfully, knowingly, and without authorization:
(a) Accesses or causes to be accessed any computer, computer system, or computer network;
 
http://www.leg.state.fl.us/Statutes/index.cfm?App_mode=Display_Statute&URL=Ch0815/ch0815.htm
http://wiki.answers.com/Q/3rd_degree_felony
 
[California-PENAL CODE SECTION 484-502.9]
(4) "Computer system" means a machine or collection of machines,
one or more of which contain computer programs and information, that
performs functions, including, but not limited to, logic, arithmetic,
information storage and retrieval, communications, and control.
(5) "Computer network" means an interconnection of two or more
computer systems.
->단순 접속은 구성요건이 아님.
 
[Michigan- FRAUDULENT ACCESS TO COMPUTERS, COMPUTER SYSTEMS, AND COMPUTER NETWORKS (EXCERPT)]
 
Act 53 of 1979
752.794 Prohibited access to computer program, computer, computer system, or computer network.
Sec. 4.
A person shall not intentionally access or cause access to be made to a computer program, computer, computer system, or computer network to devise or execute a scheme or artifice with the intent to defraud or to obtain money, property, or a service by a false or fraudulent pretense, representation, or promise.
 
http://www.legislature.mi.gov/(S(5kkk3145kxe5jk55vwtcsx55))/mileg.aspx?page=GetMCLDocument&objectname=mcl-752-794
 
[Maryland - Article - Criminal Law §7–302.]
(7) “Computer network” means the interconnection of one or more computers through:
(i) the use of a satellite, microwave, line, or other communication medium; and
(ii) terminals or a complex consisting of two or more interconnected computers regardless of whether the interconnection is continuously maintained.
(9) “Computer services” includes computer time, data processing, and storage functions.
(11) “Computer system” means one or more connected or unconnected computers, peripheral devices, computer software, data, or computer programs.
 
c) (1) A person may not intentionally, willfully, and without authorization:
(i) access, attempt to access, cause to be accessed, or exceed the person’s authorized access to all or part of a computer network, computer control language, computer, computer software, computer system, computer service, or computer database;
 
4.캐나다
[사례]Canadian police for example prosecuted a man in November 2003 after checking his car for a traffic infraction and discovering that he was naked from the waist down and was viewing child pornography accessed via a residential wireless hot spot. He was charged with theft of telecommunications and possession, distribution and creation of child porn. In March 2006 Ontario Provincial Police charged a man under Section 326 of the Ontario Criminal Code (Theft of Communications), alleging the man was "using his lap top computer to steal a wireless Internet connection" in Morrisburg.
 
A hotspot is a physical location that offers internet access over a wireless LAN through the use of a shared internet connection and a single router.

 
[Criminal Code ]
Theft of telecommunication service
326. (1) Every one commits theft who fraudulently, maliciously, or without colour of right,
(a) abstracts, consumes or uses electricity or gas or causes it to be wasted or diverted; or
(b) uses any telecommunication facility or obtains any telecommunication service.
 
http://laws.justice.gc.ca/eng/C-46/page-6.html#anchorbo-ga:l_IX-gb:s_322
 
The phrase ‘colour of right’ simply means a bona fide belief or an honest belief. And a bona fide belief or an honest belief may arise from a genuine mistake or in some cases even from ignorance. Therefore the phrase in the definition of theft, ‘without colour of right’, simply means the lack of a bona fide or honest belief. It is up to you to determine from the evidence whether the accused, in regard to Count No. 1 acted dishonestly and without colour of right when monies were taken, as is alleged, from the trust account of the company to the general account. You will note that the definition reads ‘fraudulently and without colour of right’ takes, not ‘fraudulently or [without] colour of right’ takes. If you find that the accused did take the monies and the actions of the accused were fraudulent and without colour of right, and that he took the said monies from the trust account with intent to deprive the owner, you must—you, in that case, would find the accused guilty of Count No. 1.
 
http://csc.lexum.umontreal.ca/en/1983/1983scr1-794/1983scr1-794.html
 
5. 무선인터넷 사용량.
 
 첨부파일 참조.
 
Ⅳ. 결론
 
 처음에는 무선인터넷 도용을 타인의 재산권을 침해하는 절도가 될 수 있거나 적어도 컴퓨터 관련 법 위반으로 처벌 할 수 있을 것이라는 가정 아래 조사를 하였다. 왜냐하면 내가 이용할 수 있는 무선인터넷 속도가 다른 사람이 무단으로 이용하여 내가 더 느린 서비스를 받아야 한다면 이건 불합리한 일이기 때문이다. 하지만 조사과정에서 “unauthorized access"로 초점이 옮겨지게 되었고 여러 컴퓨터 관련법들을 검토해 보았지만 단순히 타인의 무선인터넷에 접속해서 인터넷 서핑을 즐기는 등의 행위를 구성요건으로 끌어들이기에는 무리가 있어 보였다. 국가적 차원에서는 타인의 무선인터넷을 허락 없이 이용한다는 것에 초점이 있는 것이 아니라 타인의 무선인터넷망이 다른 범죄에 악용될 수 있다는 것에 초점이 맞추어져 있는 듯 했다. 이런 이유로 단순무선인터넷 도용도 범죄가 될 수 있다고 경고 하고 있을 뿐 이었다. 그렇다면 범죄가 될 수 없을까? 예를 들어 유스호스텔의 8인실에 침대를 사용하기로 하면 모든 시설은 공동 사용하지만 침대는 일정 기간 동안은 나만 사용할 수 있다. 물론 기간이 지나면 사용료를 지불한 다른 사람이 사용 할 수도 있다.  영화관에서도 마찬가지 아닐까? 그 영화가 상영되는 동안 내 좌석이 있는데 누군가 같이 좀 봅시다! 하면서 내 무릎에 앉는다든가 내 자리에 억지로 같이 앉으려고 몸을 밀어 넣는다면...? 위에서 언급한 예에서는 같이 쓸래! 라고 말이라도 했지만 무선인터넷 도용은 아무런 말도 없이 조용히 침대에 누워있는 나에게 다가와 살짝 눕는 것이다.
 지난 수업시간에 무선인터넷 보안법을 언급 했을 때 교수님께서 밥먹기 싫다는 사람한테 억지로 밥먹으라고 하는 것 과 같다. 라는 말씀을 하시며 고개를 흔드셨는데 실제로 군대에서는 밥을 먹지 않으면 영창에 간다. 왜냐하면 배가고프면 전투력이 낮아지는데 군대에서 추구하는 제일의 목표는 전투력 향상이기 때문이다. 밥먹을 자유와 전투력향상. 인터넷 이용의 권리와 보안. 결국 이 문제 인 것 같다.
 결론적으로 보면 타인이 자신의 무선인터넷을 이용하기를 원하지 않는 사람은 스스로 보안을 설정해서 타인이 이용하지 못하게 하거나 자신의 권리를 보호하면 되고, 인터넷의 무한공유 정신으로 같이 쓰자! 를 외치는 사람들은 나름대로의 커뮤니티를 만들어 이용하면 될 것이다. 보안이 설정되어 있는 무선인터넷망에 접속하는 것은 무선인터넷 사용은 문제가 되지 않을지라도 보안을 해치는 행위는 범죄가 분명하기 때문이다.
여기서 나오는 또 하나의 과제는 무한공유의 정신을 가진 사람들의 무선인터넷을 이용해서 제2, 제3의 범죄를 노리는 범죄자들을 어떻게 막을 것인가 인 것 같다.
 
-끝-