Computer Crime

• Author: Jeffrey Lehman, Shirelle Phelps

Page 62

The use of a computer to take or alter data, or to gain unlawful use of computers or services.

Because of the versatility of the computer, drawing lines between criminal and noncriminal behavior regarding its use can be difficult. Behavior that companies and governments regard as unwanted can range from simple pranks, such as making funny messages appear on a computer's screen, to financial or data manipulation producing millions of dollars in losses. Early prosecution of computer crime was infrequent and usually concerned EMBEZZLEMENT, a crime punishable under existing laws. The advent of more unique forms of abuse, such as computer worms and viruses and widespread computer hacking, has posed new challenges for government and the courts.

The first federal computer crime legislation was the Counterfeit Access Device and Computer Fraud and Abuse Act (18 U.S.C.A. § 1030), passed by Congress in 1984. The act safeguards certain classified government information and makes it a misdemeanor to obtain through a computer financial or credit information that federal laws protect. The act also criminalizes the use of computers to inflict damage to computer systems, including their hardware and software.

In the late 1980s, many states followed the federal government's lead in an effort to define and combat criminal computer activities. At least 20 states passed statutes with similar definitions of computer crimes. Some of those states might have been influenced by studies released in the late 1980s. One report, made available in 1987 by the accounting firm of Ernst and Whinney, estimated that computer abuse caused between $3 billion and $5 billion in losses in the United States annually. Moreover, some of those losses were attributable to newer, more complicated crimes that usually went unprosecuted.

The number of computer crimes continued to increase dramatically in the early 1990s. According to the Computer Emergency and

Page 63

Response Team at Carnegie-Mellon University, the number of computer intrusions in the United States increased 498 percent between 1991 and 1994. During the same time period, the number of network sites affected by computer crimes increased by 702 percent. In 1991, Congress created the National Computer Crime Squad within the FEDERAL BUREAU OF INVESTIGATION (FBI). Between 1991 and 1997, the Squad reportedly investigated more than 200 individual cases involving computer hackers.

Congress addressed the dramatic rise in computer crimes with the enactment of the National Information Infrastructure Act of 1996 as title II of the Economic Espionage Act of 1996, Pub. L. No. 104-294, 110 Stat. 3488. That Act strengthened and clarified provisions of the original Computer Fraud and Abuse Act, although lawmakers and commentators have suggested that as technology develops, new legislation might be necessary to address new methods for committing computer crimes. The new statute also expanded the application of the original statute, making it a crime to obtain unauthorized information from networks of government agencies and departments, as well as data relating to national defense or foreign relations.

Notwithstanding the new legislation and law enforcement's efforts to curb computer crime, statistics regarding these offenses remain stag-gering. According to a survey in 2002 conducted by the Computer Security Institute, in conjunction with the San Francisco office of the FBI, 90 percent of those surveyed (which included mostly large corporations and government agencies) reported that they had detected computer-security breaches. Eighty percent of those surveyed acknowledged that they had suffered financial loss due to computer crime. Moreover, the 223 companies and agencies in the survey that were willing to divulge information about financial losses reported total losses of $455 million in 2002 alone.

Concerns about TERRORISM have also included the possibility that terrorist organizations could perform hostile acts in the form of computer crimes. In 2001, Congress enacted the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (USA PATRIOT ACT), Pub. L. No. 107-56, 115 Stat. 277, to provide law enforcement with the necessary tools to combat terrorism. The Act includes provisions that allow law enforcement greater latitude in hunting down criminals who use computers and other communication networks. The Homeland Security Act of 2002, Pub. L. No. 107-296, 116 Stat. 2135 also directed the UNITED STATES SENTENCING...