There are many proposals floating around Capitol Hill that will purport to beef up our nation’s current cybercrime laws, first and foremost the Computer Fraud and Abuse Act. I have recently read two very good articles that do a nice job of explaining many of the inadequacies of the proposed legislation and is well worth the read:
As for me, the first thing I want Congress to do is make it clear what is really an improper access under the Computer Fraud and Abuse Act and tell us to whom it is really intended to apply (yeah, I know, different Congress = different intent … but hey, if I’m a wishin’ I’m a gonna wish good!).
Beyond that pipe-dream, I am wondering if the most effective thing Congress could do isn’t to simply amend the Computer Fraud and Abuse Act to provide that (1) a “loss” required for a civil claim includes having one’s personally identifiable private information compromised, and (2) the person who’s information was compromised has a civil claim against both the hacker of the information and the person or entity from which the information was hacked.
Make this happen and some very enterprising plaintiff’s lawyers will take care of the rest.
As I asked in my post last week: Who’s Gonna Get It? Mark my words, at some point, somebody will. My hunch is that if Congress made these couple of amendments we’d find out the answer to that question a whole lot easier and quicker!
- Senate Committee Hearing on Updating the Computer Fraud and Abuse Act (shawnetuma.com)
- 3 Recent Computer Fraud and Abuse Act Cases Worth Noting (shawnetuma.com)
- Using a fake login to access a website may violate the Computer Fraud and Abuse Act (shawnetuma.com)
- “News of the World” Phone Hacks A Violation of Computer Fraud and Abuse Act? (shawnetuma.com)