ad info

 
CNN.com  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  

 

  Search
 
 

 
TECHNOLOGY
TOP STORIES

Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent

(MORE)

TOP STORIES

More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections

(MORE)

MARKETS
4:30pm ET, 4/16
144.70
8257.60
3.71
1394.72
10.90
879.91
 


WORLD

U.S.

POLITICS

LAW

ENTERTAINMENT

HEALTH

TRAVEL

FOOD

ARTS & STYLE



(MORE HEADLINES)
*
 
CNN Websites
Networks image


Senate committee approves watered-down anti-hacker bill

InfoWorld

(IDG) -- The U.S. Senate Judiciary Committee has approved a bill that clarifies federal law enforcement authority's power to prosecute hackers and other computer criminals and allocates more federal money to agencies that investigate cybercrimes.

The Internet Integrity and Critical Infrastructure Protection Act, introduced in May by Judiciary Committee Chairman Orrin Hatch, R-Utah, passed the committee Thursday. But many of its tougher provisions were amended or deleted at the behest of Vermont Senator Patrick Leahy, the ranking Democrat on the committee, who said, in its original form, the bill would have over-federalized minor computer abuses.

  MESSAGE BOARD
 

One of the provisions that was amended deals with current federal law's $5,000 damage threshold for cybercrimes. Current law says a crime that causes less than $5,000 does not fall under federal jurisdiction unless the crime causes injury to a person, is a threat to public safety, or in some way hampers medical treatment. The original bill would have eliminated the $5,000 threshold, raising a variety of minor computer crimes to the level of a federal offense.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  InfoWorld home page
  InfoWorld forums home page
  InfoWorld Test Center
  Hacking rises despite increased security spending
  Reviews & in-depth info at IDG.net
  E-BusinessWorld
  TechInformer
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletter for IT leaders
  Search IDG.net in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

The bill as amended retains the $5,000 threshold for federal jurisdiction over hacker attacks, the release of viruses and other common computer crimes, but it clarifies how the $5,000 in damage is calculated and limits civil damage actions to exclude negligent design or manufacture of computer hardware, software, and firmware. Firmware is the programmable software content in integrated circuits.

The original bill also would have made certain unauthorized access to a personal computer a federal crime. For example, a curious college student who accidentally deleted a file while searching a professor's unattended computer could have been prosecuted under federal law.

Leahy said in a statement that those provisions were overkill. Each of the 50 states has its own computer crime laws, and federal laws only need to reach the offenses for which federal jurisdiction is appropriate, Leahy said.

"Our federal laws do not need to reach each and every minor, inadvertent, and harmless computer abuse," Leahy said in the statement.

The committee also eliminated a proposed change that would have extended a provision of federal law on computer fraud and abuse to government employees. Leahy said the proposal was an ill-considered change that would have made it a federal crime if a federal employee who played a computer game at work accidentally allowed a virus into the system.

In addition, the amended bill dropped the original bill's attempt to strengthen the prosecution of juvenile computer crime offenders. For example, it would permit federal prosecutors to try juveniles in federal court for only the most serious felony computer crimes. The original bill would have authorized such prosecutions against juveniles for any felony computer crime, Leahy's statement said.

The amended bill eliminated a provision that would have prevented a defendant convicted of committing a computer crime from receiving federal money for college. It also retains a 6-month mandatory prison sentence for anyone convicted of the computer crime law, but only for serious felonies. Sentences will be left up to judges in cases that involve misdemeanor and non-serious felonies.

The bill is the first federal legislation aimed at the hackers, said Michael Harden, president of CyberGuardian, who tracked the legislation on behalf of his Fairfax, Va.-based security service company.

"More than half the states have enacted something on hacking," Harden said. "This is the first time the federal government has taken action on it."

Harden said it was not likely the bill would pass before Congress adjourns, but it would probably come up again in the next session.

The money provisions of the bill would authorize $100 million for the establishment of a National Cyber Crime Technical Support Center and 10 regional computer forensic laboratories. This new authorization would complement a bill Leahy and Senator Mike DeWine, R-Ohio, have introduced to authorize $25 million for forensic computer training for state and local law enforcement agencies. That bill was approved by the Senate Judiciary Committee on Sept. 21.

Additionally, the Internet Integrity and Critical Infrastructure Protection Act would set aside $5 million for the U.S. Department of Justice's Computer Crime and Intellectual Property (CCIP) division and raise the profile of the head of the CCIP by making him or her a deputy assistant attorney general.

The Internet Integrity and Critical Infrastructure Protection Act has no companion bill in the House. There has been speculation that the bill might be added to the Leahy-DeWine measure to establish a National Cyber Crime Technical Support Center, but that has not yet occurred, a spokeswoman for Leahy said.




RELATED STORIES:
Hacker warns Nasdaq.com of security holes
October 3, 2000
Hackers reject $10,000 offer to break code
September 18, 2000
New denial-of-service attack tool uses chat programs
September 6, 2000
Chinese company throws down gauntlet to hackers
August 28, 2000
Surf-for-pay sites jeopardized by hackers
August 18, 2000

RELATED IDG.net STORIES:
Cybervandal 'edits' Orange County Register's Web site
(The Industry Standard)
Fingerprint authentication solution primed for Microsoft
(Publish)
Bracing for the boom
(Computerworld)
Online security: Hype or complacency?
(CIO)
Hacking rises despite increased security spending
(IDG.net)
Tools and rules of Internet security
(PC World)
U.S. chooses new online lock and key
(The Industry Standard)
Firms fear federal security rules
(Computerworld)

RELATED SITES:
The U.S. Senate
U.S. Senate Judiciary Committee

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

 Search   

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.