Prank Raises Legal Questions

The case with which a computer hacker. Robert T. Morris '87-'88, levelled one of the nation's largest computer networks may be used to justify unreasonable Department of Defense (DOD) restrictions on computer access and exchange of information. said Vice President for Government and Community Affairs John Shattuck.

Shattuck said that although Morris was able to introduce a "virus" that disrupted computer systems nationwide into the Pentagon's unclassified computer network, the incident did not justify classifying more information. Instead. the Pentagon should tighten security measures for previously classified information.

The DOD has not announced plans to change classification procedures, but Shattuck said further tightening would be in keeping with past Reagan administration policy.

The vice president last year completed a study on "government information management," and said at the time that the Reagan administration has already classsifed information that constitutionally should be open to the public. including basic defense-oriented research.

"I would certainly hope [government officials] don't use this as justification for restrictions on more kinds of information, but they might very well." Shattuck said yesterday.

The laws governing computer information are vague, and some areas--such as the constitutionality of the government deciding whether looking at some types of information is a crime--need to be clarified in court. Shattuck said.

For that reason, he said, there is no clear precedent for prosecuting Morris.

The vice president, formerly head of the American Civil Liberties Union, said the case would probably fall under the 1986 Computer Fraud and Abuse Act. which deals with government computer systems and carries a maximum sentence of a year in prison. That law applies to the case only if it can be proved Morris intended to steal information from restricted computer files or to disrupt computer facilities.

There is no indication that the Harvard alumnus meant to harm the network, The New York Times reported Saturday.

While some files--such as medical records, industrial information and military data--should be restricted for privacy or national security interests, increasing the amount of classified information would not create a more secure system, the vice president said.

To do that, computer experts should work on preventing the type of break-in that occurred last week and possibly develop a new and safer system, Shattuck said.

The Pentagon currently relies on the Advanced Research Projects Agency Network (ARPAnet), which is also used by thousands of non--military organizations, including universities and private labs.

When asked if universities and private labs should create their own networks to replace ARPAnet, Shattuck said, "Decentralization is often a good idea, and relying on a huge network can be [problematic], as this case shows."

He added that the likelihood of misused information control was greater within government-run systems.