SlideShare a Scribd company logo

Computer Crimes: An American Case Study

Eddan Katz
Eddan Katz

This document summarizes computer crime laws in the United States, including statutes governing child pornography, computer fraud, spam laws, criminal copyright provisions, and anti-circumvention measures. It also discusses constitutional issues regarding free speech and search/seizure. Key concepts covered include authorization, intent, and reasonable expectations of privacy in the context of unauthorized access and cybercrime conventions. The Computer Fraud and Abuse Act and its penalties are explained in detail.

1 of 20
Download to read offline
Computer Crimes: An American Case Study Eddan Katz International Affairs Director Electronic Frontier Foundation Thai Netizen Network Digital Rights Workshop July 26, 2009 Wednesday, December 29, 2010 1
Cybercrime Legal Regime Child Pornography Statutes Computer Fraud and Abuse Act CAN-SPAM Act Criminal Copyright Anti-Circumvention Provisions Electronic Communications Privacy Act Identity Theft Wednesday, December 29, 2010 2
Defining Computer Crime US Dep. of Justice: “any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or prosecution.” Applying Criminal Laws to actions taken with a computer crimes present primarily technical problems in prosecution Criminal acts as the use of and access to a computer system not connected to taking money or tangible items from a 3rd person. Unauthorized access to a computer Unauthorized use of computer-processing services Unauthorized tampering with data in a computer Unauthorized taking (copying & reading) of information from a computer Unauthorized acts that preclude access to a computer by other parties Wednesday, December 29, 2010 3
Constitutional Issues First Amendment - Freedom of Speech Fourth Amendment - Search and Seizure The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. Wednesday, December 29, 2010 4
Free Speech Issues Reno v. American Civil Liberties Union (ACLU) strict scrutiny for speech regulation Internet communications struck down Communications Decency Act provisions prohibiting transmission of “indecent” and “patently offensive” as being constitutionally vague and overbroad CAN-SPAM Act political and non-commercial speech Export Control Regulations Code is Speech Wednesday, December 29, 2010 5
Three Major Concepts Authorization Intent Expectation of Privacy Wednesday, December 29, 2010 6
Unauthorized Access new criminal concept define a computer system as a protected environment and make control of access to this environment a protected right define severity in terms of amount taken unclear in regards to intangible property Wednesday, December 29, 2010 7
Authorization Interactive Communication on the Internet Security Research & Quality Assurance No “Obtaining Anything of Value” Fair Use Anti-Competitive Behavior Wednesday, December 29, 2010 8
Intent Information Intermediaries to commit the act to commit the harm functionality of code Wednesday, December 29, 2010 9
Computer as Subject of Crime Spam - unsolicited bulk email Viruses - modifies other computer programs Worms - viruses that self-replicate Trojan Horses - contain hidden malicious code Logic Bombs - activate at specific time Sniffers - network analyzers Wednesday, December 29, 2010 10
Reasonable Expectation of Privacy public-private space distinction content of communications specificity of warrant Wednesday, December 29, 2010 11
Cybercrime Convention & Intermediaries Art. 9 - “making available,” “distributing,” and “transmitting” Art. 11 - aiding and abetting commission of offenses Explanatory Report Par. 119 - aided by another person who also intends that the crime be committed no duty on an intermediary to monitor Art. 12 - acting under its authority Par. 125 - customer, user. Not like an employee. Wednesday, December 29, 2010 12
Computer Fraud and Abuse Act (CFAA) 1. Access computer files without authorization and to subsequently transmit classified government information if information can be used. 2. prohibits obtaining, without authorization, information from financial institutions, the United States, or private computers that are used in interstate commerce. 3. intentionally accessing US department or agency nonpublic computer without authorization 4. accessing a protected computer, without authorization, with the intent to defraud or obtain something of value Wednesday, December 29, 2010 13
CFAA, continued 5. computer hacking knowingly causing the transmission of a program, code, or command, that intentionally causes damage to a protected computer. intentional access without authorization that results in damage but does not require intent 6. trafficking in passwords knowingly and with intent to defraud 7. illegal to transmit any threat to cause damage Wednesday, December 29, 2010 14
Computer Fraud and Abuse Act Penalties Wednesday, December 29, 2010 15
Criminal Copyright No Electronic Theft (NET) Act (1998) (i) existence of a valid copyright (ii) that the defendant willfully (iii) infringed (iv) either (1) for commercial advantage or private financial gain (2) by reproducing or distributing infringing copies with a retail value of over $1,000 over a 180-day period by distributing a work being prepared for commercial distribution by making it available on a publicly-accessible network. Wednesday, December 29, 2010 16
Digital Millennium Copyright Act (1998) §1201 Act of Circumvention to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner. Circumvention Device Ban No person may manufacture, import, offer to the public, provide, or otherwise traffic in a technology, product, service, or device that is used to circumvent such technological measures. primarily designed or produced to circumvent limited commercial use marketed for use in circumventing Wednesday, December 29, 2010 17
DMCA §1201 Exceptions non-profit library, archive, and educational institutions personal privacy reverse engineering security testing encryption research protection of minors Wednesday, December 29, 2010 18
Electronic Communication Privacy Act (1986) updating existing federal prohibitions against intercepting wire and electronic communications curb hacking activities by fortifying privacy rights of computer users enabling law enforcement officers to employ electronic surveillance in the course of investigating crimes Wednesday, December 29, 2010 19
Thank you. Eddan Katz eddan@eff.org Wednesday, December 29, 2010 20

Recommended

Thainetizennetwork slides day1
Thainetizennetwork slides day1Thainetizennetwork slides day1
Thainetizennetwork slides day1Eddan Katz
 
Copyrightcontraband cepe2007
Copyrightcontraband cepe2007Copyrightcontraband cepe2007
Copyrightcontraband cepe2007Eddan Katz
 
Copyrightcontraband
CopyrightcontrabandCopyrightcontraband
CopyrightcontrabandEddan Katz
 
Presentation on hadopi laws
Presentation on hadopi lawsPresentation on hadopi laws
Presentation on hadopi lawsbsookman
 
Streaming under the DMCA Disney Enter., Inc. et al. v. VidAngel, Inc.
Streaming under the DMCA Disney Enter., Inc. et al. v. VidAngel, Inc.Streaming under the DMCA Disney Enter., Inc. et al. v. VidAngel, Inc.
Streaming under the DMCA Disney Enter., Inc. et al. v. VidAngel, Inc.Workman Nydegger
 
Thinking Technology
Thinking TechnologyThinking Technology
Thinking Technologyrcic3607
 
Technology And Space
Technology And SpaceTechnology And Space
Technology And Spacekyuri
 
Essentials Of Cyberspace Law Cal Bar Cyberspace Commt
Essentials Of Cyberspace Law Cal Bar Cyberspace CommtEssentials Of Cyberspace Law Cal Bar Cyberspace Commt
Essentials Of Cyberspace Law Cal Bar Cyberspace CommtInternet Law Center
 

Recommended

Thainetizennetwork slides day1
Thainetizennetwork slides day1Thainetizennetwork slides day1
Thainetizennetwork slides day1Eddan Katz
 
Copyrightcontraband cepe2007
Copyrightcontraband cepe2007Copyrightcontraband cepe2007
Copyrightcontraband cepe2007Eddan Katz
 
Copyrightcontraband
CopyrightcontrabandCopyrightcontraband
CopyrightcontrabandEddan Katz
 
Presentation on hadopi laws
Presentation on hadopi lawsPresentation on hadopi laws
Presentation on hadopi lawsbsookman
 
Streaming under the DMCA Disney Enter., Inc. et al. v. VidAngel, Inc.
Streaming under the DMCA Disney Enter., Inc. et al. v. VidAngel, Inc.Streaming under the DMCA Disney Enter., Inc. et al. v. VidAngel, Inc.
Streaming under the DMCA Disney Enter., Inc. et al. v. VidAngel, Inc.Workman Nydegger
 
Thinking Technology
Thinking TechnologyThinking Technology
Thinking Technologyrcic3607
 
Technology And Space
Technology And SpaceTechnology And Space
Technology And Spacekyuri
 
Essentials Of Cyberspace Law Cal Bar Cyberspace Commt
Essentials Of Cyberspace Law Cal Bar Cyberspace CommtEssentials Of Cyberspace Law Cal Bar Cyberspace Commt
Essentials Of Cyberspace Law Cal Bar Cyberspace CommtInternet Law Center
 
Greendeana unit 8 project cj216 copy
Greendeana unit 8 project cj216 copyGreendeana unit 8 project cj216 copy
Greendeana unit 8 project cj216 copyDee Green
 
Tacdconference actaslides
Tacdconference actaslidesTacdconference actaslides
Tacdconference actaslidesEddan Katz
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
 
Thainetizennetwork globalcybercrime 07272009
Thainetizennetwork globalcybercrime 07272009Thainetizennetwork globalcybercrime 07272009
Thainetizennetwork globalcybercrime 07272009Eddan Katz
 
Cyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesCyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesblogzilla
 
Systemic cybersecurity risk
Systemic cybersecurity riskSystemic cybersecurity risk
Systemic cybersecurity riskblogzilla
 
On the cybercrime act
On the cybercrime actOn the cybercrime act
On the cybercrime actCP-Union
 
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...blogzilla
 
Sit presentation - Hacking
Sit presentation - HackingSit presentation - Hacking
Sit presentation - Hackingmsolis0710
 
Computer crimes
Computer crimesComputer crimes
Computer crimesHarshith Reddy
 
Freecultureforum barcelona2009 acta
Freecultureforum barcelona2009 actaFreecultureforum barcelona2009 acta
Freecultureforum barcelona2009 actaEddan Katz
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeRanjana Adhikari
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeRajat Jain
 
Cyber crime
Cyber crimeCyber crime
Cyber crime24sneha
 
Privacy and Privacy Law in India By Prashant Mali
Privacy and Privacy Law in India By Prashant MaliPrivacy and Privacy Law in India By Prashant Mali
Privacy and Privacy Law in India By Prashant MaliAdv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Hacking Law Reform LAWS4305 2003
Hacking Law Reform LAWS4305 2003Hacking Law Reform LAWS4305 2003
Hacking Law Reform LAWS4305 2003Peter Timusk
 
Cyber Crimes.pdf
Cyber Crimes.pdfCyber Crimes.pdf
Cyber Crimes.pdfSunilSaklani6
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in GovernmentJacqueline Fick
 
Secure Computer Forensics and its tools
Secure Computer Forensics and its toolsSecure Computer Forensics and its tools
Secure Computer Forensics and its toolsKathirvel Ayyaswamy
 
Exceptions & Limitations in Copyright or Systemic Overhaul?
Exceptions & Limitations in Copyright or Systemic Overhaul?Exceptions & Limitations in Copyright or Systemic Overhaul?
Exceptions & Limitations in Copyright or Systemic Overhaul?blogzilla
 
Mapping A2K Advocacy: Towards a Coalition Against ACTA
Mapping A2K Advocacy: Towards a Coalition Against ACTAMapping A2K Advocacy: Towards a Coalition Against ACTA
Mapping A2K Advocacy: Towards a Coalition Against ACTAEddan Katz
 
Eddankatz publicvoice globalflowsofdata
Eddankatz publicvoice globalflowsofdataEddankatz publicvoice globalflowsofdata
Eddankatz publicvoice globalflowsofdataEddan Katz
 

More Related Content

Similar to Computer Crimes: An American Case Study

Greendeana unit 8 project cj216 copy
Greendeana unit 8 project cj216 copyGreendeana unit 8 project cj216 copy
Greendeana unit 8 project cj216 copyDee Green
 
Tacdconference actaslides
Tacdconference actaslidesTacdconference actaslides
Tacdconference actaslidesEddan Katz
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
 
Thainetizennetwork globalcybercrime 07272009
Thainetizennetwork globalcybercrime 07272009Thainetizennetwork globalcybercrime 07272009
Thainetizennetwork globalcybercrime 07272009Eddan Katz
 
Cyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesCyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesblogzilla
 
Systemic cybersecurity risk
Systemic cybersecurity riskSystemic cybersecurity risk
Systemic cybersecurity riskblogzilla
 
On the cybercrime act
On the cybercrime actOn the cybercrime act
On the cybercrime actCP-Union
 
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...blogzilla
 
Sit presentation - Hacking
Sit presentation - HackingSit presentation - Hacking
Sit presentation - Hackingmsolis0710
 
Freecultureforum barcelona2009 acta
Freecultureforum barcelona2009 actaFreecultureforum barcelona2009 acta
Freecultureforum barcelona2009 actaEddan Katz
 
Cyber crime
Cyber crimeCyber crime
Cyber crime24sneha
 
Hacking Law Reform LAWS4305 2003
Hacking Law Reform LAWS4305 2003Hacking Law Reform LAWS4305 2003
Hacking Law Reform LAWS4305 2003Peter Timusk
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in GovernmentJacqueline Fick
 
Secure Computer Forensics and its tools
Secure Computer Forensics and its toolsSecure Computer Forensics and its tools
Secure Computer Forensics and its toolsKathirvel Ayyaswamy
 
Exceptions & Limitations in Copyright or Systemic Overhaul?
Exceptions & Limitations in Copyright or Systemic Overhaul?Exceptions & Limitations in Copyright or Systemic Overhaul?
Exceptions & Limitations in Copyright or Systemic Overhaul?blogzilla
 

Similar to Computer Crimes: An American Case Study (20)

Greendeana unit 8 project cj216 copy
Greendeana unit 8 project cj216 copyGreendeana unit 8 project cj216 copy
Greendeana unit 8 project cj216 copy
 
Tacdconference actaslides
Tacdconference actaslidesTacdconference actaslides
Tacdconference actaslides
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
 
Thainetizennetwork globalcybercrime 07272009
Thainetizennetwork globalcybercrime 07272009Thainetizennetwork globalcybercrime 07272009
Thainetizennetwork globalcybercrime 07272009
 
Cyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesCyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responses
 
Systemic cybersecurity risk
Systemic cybersecurity riskSystemic cybersecurity risk
Systemic cybersecurity risk
 
On the cybercrime act
On the cybercrime actOn the cybercrime act
On the cybercrime act
 
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
 
Sit presentation - Hacking
Sit presentation - HackingSit presentation - Hacking
Sit presentation - Hacking
 
Computer crimes
Computer crimesComputer crimes
Computer crimes
 
Freecultureforum barcelona2009 acta
Freecultureforum barcelona2009 actaFreecultureforum barcelona2009 acta
Freecultureforum barcelona2009 acta
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Privacy and Privacy Law in India By Prashant Mali
Privacy and Privacy Law in India By Prashant MaliPrivacy and Privacy Law in India By Prashant Mali
Privacy and Privacy Law in India By Prashant Mali
 
Hacking Law Reform LAWS4305 2003
Hacking Law Reform LAWS4305 2003Hacking Law Reform LAWS4305 2003
Hacking Law Reform LAWS4305 2003
 
Cyber Crimes.pdf
Cyber Crimes.pdfCyber Crimes.pdf
Cyber Crimes.pdf
 
Cyber Crime in Government
Cyber Crime in GovernmentCyber Crime in Government
Cyber Crime in Government
 
Secure Computer Forensics and its tools
Secure Computer Forensics and its toolsSecure Computer Forensics and its tools
Secure Computer Forensics and its tools
 
Exceptions & Limitations in Copyright or Systemic Overhaul?
Exceptions & Limitations in Copyright or Systemic Overhaul?Exceptions & Limitations in Copyright or Systemic Overhaul?
Exceptions & Limitations in Copyright or Systemic Overhaul?
 

More from Eddan Katz

Mapping A2K Advocacy: Towards a Coalition Against ACTA
Mapping A2K Advocacy: Towards a Coalition Against ACTAMapping A2K Advocacy: Towards a Coalition Against ACTA
Mapping A2K Advocacy: Towards a Coalition Against ACTAEddan Katz
 
Eddankatz publicvoice globalflowsofdata
Eddankatz publicvoice globalflowsofdataEddankatz publicvoice globalflowsofdata
Eddankatz publicvoice globalflowsofdataEddan Katz
 
Eddankatz democratic culture_freecultureforum_slides
Eddankatz democratic culture_freecultureforum_slidesEddankatz democratic culture_freecultureforum_slides
Eddankatz democratic culture_freecultureforum_slidesEddan Katz
 
Leveraging the INDECT Project: An Activist Strategy to Implement Privacy Ethi...
Leveraging the INDECT Project: An Activist Strategy to Implement Privacy Ethi...Leveraging the INDECT Project: An Activist Strategy to Implement Privacy Ethi...
Leveraging the INDECT Project: An Activist Strategy to Implement Privacy Ethi...Eddan Katz
 

More from Eddan Katz (6)

Mapping A2K Advocacy: Towards a Coalition Against ACTA
Mapping A2K Advocacy: Towards a Coalition Against ACTAMapping A2K Advocacy: Towards a Coalition Against ACTA
Mapping A2K Advocacy: Towards a Coalition Against ACTA
 
Eddankatz publicvoice globalflowsofdata
Eddankatz publicvoice globalflowsofdataEddankatz publicvoice globalflowsofdata
Eddankatz publicvoice globalflowsofdata
 
Eddankatz democratic culture_freecultureforum_slides
Eddankatz democratic culture_freecultureforum_slidesEddankatz democratic culture_freecultureforum_slides
Eddankatz democratic culture_freecultureforum_slides
 
A2krussia
A2krussiaA2krussia
A2krussia
 
A2k rit
A2k ritA2k rit
A2k rit
 
Leveraging the INDECT Project: An Activist Strategy to Implement Privacy Ethi...
Leveraging the INDECT Project: An Activist Strategy to Implement Privacy Ethi...Leveraging the INDECT Project: An Activist Strategy to Implement Privacy Ethi...
Leveraging the INDECT Project: An Activist Strategy to Implement Privacy Ethi...
 

Computer Crimes: An American Case Study

  • 1. Computer Crimes: An American Case Study Eddan Katz International Affairs Director Electronic Frontier Foundation Thai Netizen Network Digital Rights Workshop July 26, 2009 Wednesday, December 29, 2010 1
  • 2. Cybercrime Legal Regime Child Pornography Statutes Computer Fraud and Abuse Act CAN-SPAM Act Criminal Copyright Anti-Circumvention Provisions Electronic Communications Privacy Act Identity Theft Wednesday, December 29, 2010 2
  • 3. Defining Computer Crime US Dep. of Justice: “any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or prosecution.” Applying Criminal Laws to actions taken with a computer crimes present primarily technical problems in prosecution Criminal acts as the use of and access to a computer system not connected to taking money or tangible items from a 3rd person. Unauthorized access to a computer Unauthorized use of computer-processing services Unauthorized tampering with data in a computer Unauthorized taking (copying & reading) of information from a computer Unauthorized acts that preclude access to a computer by other parties Wednesday, December 29, 2010 3
  • 4. Constitutional Issues First Amendment - Freedom of Speech Fourth Amendment - Search and Seizure The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. Wednesday, December 29, 2010 4
  • 5. Free Speech Issues Reno v. American Civil Liberties Union (ACLU) strict scrutiny for speech regulation Internet communications struck down Communications Decency Act provisions prohibiting transmission of “indecent” and “patently offensive” as being constitutionally vague and overbroad CAN-SPAM Act political and non-commercial speech Export Control Regulations Code is Speech Wednesday, December 29, 2010 5
  • 6. Three Major Concepts Authorization Intent Expectation of Privacy Wednesday, December 29, 2010 6
  • 7. Unauthorized Access new criminal concept define a computer system as a protected environment and make control of access to this environment a protected right define severity in terms of amount taken unclear in regards to intangible property Wednesday, December 29, 2010 7
  • 8. Authorization Interactive Communication on the Internet Security Research & Quality Assurance No “Obtaining Anything of Value” Fair Use Anti-Competitive Behavior Wednesday, December 29, 2010 8
  • 9. Intent Information Intermediaries to commit the act to commit the harm functionality of code Wednesday, December 29, 2010 9
  • 10. Computer as Subject of Crime Spam - unsolicited bulk email Viruses - modifies other computer programs Worms - viruses that self-replicate Trojan Horses - contain hidden malicious code Logic Bombs - activate at specific time Sniffers - network analyzers Wednesday, December 29, 2010 10
  • 11. Reasonable Expectation of Privacy public-private space distinction content of communications specificity of warrant Wednesday, December 29, 2010 11
  • 12. Cybercrime Convention & Intermediaries Art. 9 - “making available,” “distributing,” and “transmitting” Art. 11 - aiding and abetting commission of offenses Explanatory Report Par. 119 - aided by another person who also intends that the crime be committed no duty on an intermediary to monitor Art. 12 - acting under its authority Par. 125 - customer, user. Not like an employee. Wednesday, December 29, 2010 12
  • 13. Computer Fraud and Abuse Act (CFAA) 1. Access computer files without authorization and to subsequently transmit classified government information if information can be used. 2. prohibits obtaining, without authorization, information from financial institutions, the United States, or private computers that are used in interstate commerce. 3. intentionally accessing US department or agency nonpublic computer without authorization 4. accessing a protected computer, without authorization, with the intent to defraud or obtain something of value Wednesday, December 29, 2010 13
  • 14. CFAA, continued 5. computer hacking knowingly causing the transmission of a program, code, or command, that intentionally causes damage to a protected computer. intentional access without authorization that results in damage but does not require intent 6. trafficking in passwords knowingly and with intent to defraud 7. illegal to transmit any threat to cause damage Wednesday, December 29, 2010 14
  • 15. Computer Fraud and Abuse Act Penalties Wednesday, December 29, 2010 15
  • 16. Criminal Copyright No Electronic Theft (NET) Act (1998) (i) existence of a valid copyright (ii) that the defendant willfully (iii) infringed (iv) either (1) for commercial advantage or private financial gain (2) by reproducing or distributing infringing copies with a retail value of over $1,000 over a 180-day period by distributing a work being prepared for commercial distribution by making it available on a publicly-accessible network. Wednesday, December 29, 2010 16
  • 17. Digital Millennium Copyright Act (1998) §1201 Act of Circumvention to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner. Circumvention Device Ban No person may manufacture, import, offer to the public, provide, or otherwise traffic in a technology, product, service, or device that is used to circumvent such technological measures. primarily designed or produced to circumvent limited commercial use marketed for use in circumventing Wednesday, December 29, 2010 17
  • 18. DMCA §1201 Exceptions non-profit library, archive, and educational institutions personal privacy reverse engineering security testing encryption research protection of minors Wednesday, December 29, 2010 18
  • 19. Electronic Communication Privacy Act (1986) updating existing federal prohibitions against intercepting wire and electronic communications curb hacking activities by fortifying privacy rights of computer users enabling law enforcement officers to employ electronic surveillance in the course of investigating crimes Wednesday, December 29, 2010 19
  • 20. Thank you. Eddan Katz eddan@eff.org Wednesday, December 29, 2010 20