Computer crimes.

AuthorAudal, Joseph
PositionTwenty-Third Annual Survey of White Collar Crime
  1. INTRODUCTION A. Defining Computer Crime B. Types of Computer-Related Offenses 1. Object of Crime 2. Subject of Crime a. Spare b. Viruses c. Worms d. Trojan Horses e. Logic Bombs f. Sniffers g. Denial of Service Attacks h. Web Bots & Spiders 3. Instrument of Crime II. GENERAL ISSUES A. Constitutional Issues 1. First Amendment 2. Fourth Amendment B. Other Issues III. FEDERAL APPROACHES A. Sentencing Guidelines B. Federal Statutes 1. Child Pornography Statutes a. Communications Decency Act of 1996 b. Child Pornography Prevention Act of 1996 2. Computer Fraud and Abuse Act a. Offenses Under the Statute b. Jurisdiction c. Defenses d. Penalties 3. Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 4. Copyright Statutes a. Criminal Copyright Infringement in the Copyright Act i. Defenses ii. Penalties b. Digital Millennium Copyright Act 5. Electronic Communications Privacy Act a. Stored Communications Act b. Title III (Wiretap Act) i. Defenses ii. Penalties c. Statutory Issues 6. Identity Theft a. Penalties 7. Wire Fraud Statute C. Enforcement IV. STATE APPROACHES A. Overview of State Criminal Codes B. Jurisdiction C. Enforcement V. INTERNATIONAL APPROACHES A. Issues B. Solutions I. INTRODUCTION

    This Article discusses federal, state, and international developments in computer-related criminal law. This Section defines computer crimes. Section II covers the constitutional issues concerning computer crimes. Section HI describes the federal approaches used for prosecuting computer crime, and analyzes enforcement strategies. Section IV examines state approaches to battling computer crime and the resulting federalism issues. Lastly, Section V addresses international approaches to regulating computer crimes.

    1. Defining Computer Crime

      The U.S. Department of Justice ("DOJ") broadly defines computer crime as "any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or prosecution." (1) Because of the diversity of computer-related offenses, a narrower definition would be inadequate. While the term "computer crime" includes traditional crimes committed with the use of a computer, (2) the rapid emergence of computer technologies and the exponential expansion of the Internet (3) spawned a variety of new, technology-specific criminal behaviors that must also be included in the category of "computer crimes." (4) To combat these new criminal behaviors, Congress passed specialized legislation:

      Experts have had difficulty calculating the damage caused by computer crimes due to: the difficulty in adequately defining "computer crime;" (6) victims' reluctance to report incidents for fear of losing customer confidence; (7) the dual system of prosecution; (8) and, the lack of detection. (9) In 2006, DOJ's Bureau of Justice Statistics and the Department of Homeland Security's National Cyber Security Division began a joint effort to estimate the number of cyber attacks and the number of incidents of fraud and theft of information. (10)

    2. Types of Computer-Related Offenses

      1. Object of Crime

        DOJ divides computer-related crimes into three categories according to the computer's role in the particular crime. (11) First, a computer may be the "object" of a crime. (12) This category primarily refers to theft of computer hardware or software. Under state law, computer hardware theft is generally prosecuted under theft or burglary statutes. (13) Under federal law, computer hardware theft may be prosecuted under 18 U.S.C. [section] 2314 (2000), which regulates the interstate transportation of stolen or fraudulently obtained goods. (14) Computer software theft is only included in this category if it is located on a tangible piece of hardware because the theft of intangible software is not prosecutable under 18 U.S.C. [section] 2314.

      2. Subject of Crime

        Second, a computer may be the "subject" of a crime. (15) In this category, the computer is akin to the pedestrian who is mugged or the house that is robbed, it is the subject of the attack and the site of any damage caused. These are computer crimes for which there is generally no analogous traditional crime and for which special legislation is needed. This category encompasses spam, viruses, worms, Trojan horses, logic bombs, sniffers, distributed denial of service attacks, and unauthorized web bots or spiders. In the past, malice or mischief rather than financial gain motivated most offenders in this category. Now, many crimes are driven by personal profit or malice. (16) These types of crimes were frequently committed by juveniles, disgruntled employees, and professional hackers as a means of showing off their skills. (17) Disgruntled employees are widely thought to pose the biggest threat to company computer systems. (18) Teenage hackers remain a problem as well. (19) Courts have had a hard time finding appropriate punishments for teenage hackers. (20) In recent years, more of these crimes have been committed for financial gain. (21)

        1. Spam

          Spam is unsolicited bulk commercial email from a party with no preexisting business relationship. (22) In 2003, the Senate estimated that spam would account for more than 50% of global email traffic by the end of the year. (23) Additionally, hackers often use spam as a way of distributing viruses, spyware, and other malicious software. (24)

        2. Viruses

          A virus is a program that modifies other computer programs, causing them to perform the task for which the virus was designed. (25) It usually spreads from one host to another when a user transmits an infected file by e-mail, over the Internet, across a company's network, or by disk. (26)

        3. Worms

          Worms are like viruses, but they use computer networks or the Internet to self-replicate and "send themselves" to other users, generally via e-mail, while viruses require human action to spread from one computer to the next. (27) Worms have far more destructive potential than viruses because they can spread so much faster. (28)

        4. Trojan Horses

          Trojan horses are programs with legitimate functions that also contain hidden malicious code. (29) Like its namesake, a Trojan horse dupes a user into installing the seemingly innocent program on his or her computer system, and then activates the hidden code, which may release a virus or allow an unauthorized user access to the system. (30) Hackers use Trojan horses as the primary way they transmit viruses. (31)

        5. Logic Bombs

          Logic bombs are programs that activate when a specific event occurs, such as the arrival of a particular date or time. (32) They can be destructive but software companies commonly use them to protect against violation of licensing agreements by disabling the program upon detection of a violation. (33)

        6. Sniffers

          Sniffers, also known as network analyzers, can read electronic data as it travels through a network. (34) Network administrators use them to monitor networks and troubleshoot network connections. (35) Sniffers can help network administrators find and resolve network problems. (36) However, a hacker can break into a network and install a sniffer that logs all activity across a network, including the exchange of passwords, credit card numbers, and other personal information. (37)

        7. Denial of Service Attacks

          In a denial of service attack, hackers bombard the target website with an overwhelming number of simple requests for connection, thus rendering the site unable to respond to legitimate users. (38) In distributed denial of service attacks, hackers use the networks of innocent third parties to overwhelm websites and prevent them from communicating with other computers. (39) After breaking into several network systems, the individual makes one system the "Master" system and turns the others into agent systems. (40) Once activated, the Master directs the agents to launch a denial of service attack. (41) The use of third party "agents" makes it particularly difficult to identify the culprit. (42)

        8. Web Bots & Spiders

          "Web bots" or "spiders" are data search and collection programs that can create searchable databases that catalogue a website's activities. (43) Although seemingly innocuous, too many spiders on the same web site can effectively be a denial of service attack. In addition, they can steal data from the websites that they search. (44)

      3. Instrument of Crime

        Third, a computer may be an "instrument" used to commit traditional crimes. (45) These traditional crimes include identity theft, (46) child pornography, (47) copyright infringement, (48) and mail or wire fraud. (49)

  2. GENERAL ISSUES

    1. Constitutional Issues

      This Section addresses general constitutional issues with computer crimes. Specific constitutional issues with federal and state statutes are discussed in the relevant Sections of this article. Constitutional issues related to computer crimes usually fall under either the First Amendment or the Fourth Amendment. There are also some federalism issues. In particular, how much the federal government can regulate intrastate behavior under the Commerce Clause. This is discussed more fully in the following Section on federal child pornography statutes. (50)

      1. First Amendment

        The First Amendment (51) protects the same forms of speech in cyberspace that it does in the real world. Hate speech and other forms of racist speech receive the same protection on the Internet as they have always received under traditional First Amendment analysis. (52) The guarantee of the First Amendment extends well beyond personally held beliefs to include speech that advocates conduct, even when that conduct is illegal. (53) Racist speech is also probably protected on the Internet, as it is not likely to fit within the "fighting words" exception to the First Amendment. (54)

        There is an exception to this general Free Speech principle for "true threats," (55) such as sending threatening e-mail messages to a victim or even a public announcement on the Internet of an...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT