Germany has just passed a new law that adds more "anti-hacker" provisions to the German criminal code by tightening up the existing sanctions and prohibiting any unauthorized user from disabling or circumventing computer security measures to access secure data. Manufacturing, programming, installing, or spreading software that can circumvent security measures is verboten, which means that some security scanning tools might become illegal. In addition, denial of service attacks are now explicitly illegal. People convicted under the new law could face ten years in prison and be held liable for monetary damages.
Although the new rules are meant to apply narrowly to hacking, critics are already complaining that they may prevent necessary security and network research. The Chaos Computer Club in Germany said of the decision, "Forbidding this software is about as helpful as forbidding the sale and production of hammers because sometimes they also cause damage." Chaos Computer Club spokesman Andy Mueller Maguhn said that "safety research can [now] take place only in an unacceptable legal gray area." The group is also concerned that the new legislation will make it easier for the police to obtain information by hacking - something that was outlawed by the courts a few months back.