Grassley, Franken Win Passage of Common Sense Amendment to Curb Over-Criminalization Of Computer Use
Copyright Â© 2011 Vanguard of Freedom
Did you know you could go to jail for not using your own name on Facebook?
Kerr says in a hypothetical situation, that “President Obama could order the arrest of anyone who broke a promise on the Internet. So you could be jailed for lying about your age or weight on an Internet dating site. Or you could be sent to federal prison if your boss told you to work but you used the company’s computer to check sports scores online. Imagine that Eric Holder’s Justice Department urged Congress to raise penalties for violations, making them felonies allowing three years in jail for each broken promise. Fanciful, right? Think again. Congress is now poised to grant the Obama administration’s wishes in the name of “cybersecurity.”
Kerr is referring to The Computer Fraud and Abuse Act (â€œCFAAâ€),” an amendment made in 1986 to the Counterfeit Access Device and Abuse Act that was passed in 1984 and essentially states that, whoever intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains information from any protected computer if the conduct involved an interstate or foreign communication shall be punished under the Act.
“In 1996 the CFAA was, again, broadened by an amendment that replaced the term â€œfederal interest computerâ€ with the term â€œprotected computer.â€ Â While the CFAA is primarily a criminal law intended to reduce the instances of malicious interferences with computer systems and to address federal computer offenses, an amendment in 1994 allows civil actions to brought under the statute, as well.” Â (Source: Wikipedia)
There are seven types of criminal activity enumerated in the CFAA:
1. obtaining national security information,
2. compromising confidentiality,
3. trespassing in a government computer,
4. accessing to defraud and obtain value,
5. damaging a computer or information,
6. trafficking in passwords,
7. threatening to damage a computer.
Attempts to commit these crimes are also criminally punishable.
Protected Computer the term â€œprotected computerâ€ means a computer:
(1) exclusively for the use of a financial institution or the United States Government, or, in the case of a computer not exclusively for such use, used by or for a financial institution or the United States Government and the conduct constituting the offense affects that use by or for the financial institution or the Government; or
(2) which is used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States.
Under a reading of current law argued in federal court by the Department of Justice, something as simple as checking your personal email account at work may be against the law. Â By extension, this reading could also make it a federal felony for a father to use his sonâ€™s Facebook password to log into the sonâ€™s Facebook account and check messages and photos; for a 17 year-old to claim she is 18 in order to sell goods in certain online marketplaces; or even for using instant messenger on a computer at work
Kerr elaborates: Â “If that sounds far-fetched, consider a few recent cases. In 2009, the Justice Department prosecuted a woman for violating the “terms of service” of the social networking site MySpace.com. The woman had been part of a group that set up a MySpace profile using a fake picture. The feds charged her with conspiracy to violate the Computer Fraud and Abuse Act. Prosecutors say the woman exceeded authorized access because MySpace required all profile information to be truthful. But people routinely misstate the truth in online profiles, about everything from their age to their name. What happens when each instance is a felony?”
Kerr issues a dire warning: Â “Remarkably, the law doesn’t even require devices to be connected to the Internet. Since 2008, it applies to pretty much everything with a microchip. So if you’re visiting a friend and you use his coffeemaker without permission, watch out: You may have committed a federal crime.”
In response to this two U.S. Senators have added an amendment to the law to “decriminalize” possible unintended violations that under current law could lead to severe legal, and possibily criminal ramifications for computer users.
Senators Chuck Grassley and Al Franken won approval of a common sense amendment that would clarify that the definition of â€œexceeds authorized accessâ€ in the Computer Fraud and Abuse Act does not include violations of internet terms of service agreements or non-government employment agreements restricting computer access.
The amendment was accepted by voice vote to the Personal Data Privacy and Security Act that is being considered by the Senate Judiciary Committee.
â€œWhen we sit down at home or at work, we check our email, read the news and generally go about our routine. Â What we donâ€™t know is that we may be in violation of federal criminal law based upon a violation of internet terms of service agreements or employment agreements for misusing computers,â€ Grassley said. Â â€œThis is a common sense solution that helps clean up some of the expansive provisions of our criminal code and ensures that innocent computer users are not federal criminals.â€
â€œOur laws should protect peopleâ€”not turn them into criminals for doing something as basic as checking Facebook or their Fantasy Football scores,â€ said Franken. â€œThe amendment I introduced with Sen. Grassley does something very simple: it makes sure that if the only thing youâ€™ve done wrong is violate a websiteâ€™s Terms of Service or your employerâ€™s computer use policy, you canâ€™t be charged with a crime or sued in federal court.â€