California has passed what is likely the most comprehensive anti-virus legislation in the country. That provision broadly defines computer contaminant to include any set of computer instructions that are designed to modify, damage, destroy, record, or transmit information within a computer, computer system, or computer network without the intent or permission of the owner of the information. (Cal. Penal Code § 502(b)(10). The definition expressly includes, but does not limit itself to, what are commonly called viruses or worms.) A subsequent provision makes it an offense to knowingly introduce any computer contaminant into any computer, computer system, or computer network (§ 502(c)(8)). A first offense that does not result in damage gives rise to a fine not to exceed $250. A second offense, or one which causes victim expenditures of $5,000 or less, may compel a term of imprisonment of up to one year or a fine not to exceed $5,000. For offenses that cause victim expenditures in excess of $5,000, the court may impose imprisonment for up to three years and fines not to exceed $10,000. (§ 502(d)(3)). Effective Protection from Multiple Approaches A comprehensive computer crime response may prohibit unauthorized access (to cover outsiders), unauthorized use (to cover outsiders and insiders), and the insertion of malicious programming code. Indeed, the varied types of harms to be addressed call for such a multifaceted response, and some states are in fact taking just such an approach. Floridas comprehensive scheme sets forth separate statutory sections enumerating [o]ffenses against intellectual property, [o]ffenses against computer equipment or supplies, and [o]ffenses against computer users (Fla. Stat. §§ 815.04, 815.05, 815.06). Offenses against intellectual property do not depend on an access threshold; this information is directly protected from modification, destruction, or unlawful disclosure. Similar coverage is available under the laws of Louisiana, Mississippi, Missouri, and Wyoming. California, in its comprehensive approach, maintains a number of specialized provisions aimed at protecting a variety of interests. Some are predicated on an act of knowing, unauthorized access, such as those that prohibit alteration, damage, or deletion of hardware or data from the defined protected environment. Other provisions bypass the access or use threshold to directly reach those who, knowingly, and without permission, disrupt computer services to authorized users, provide a means of accessing a computer in violation of the section, or knowingly introduce computer contaminants. Still another provision reaches knowing use, without permission, of computer services. Ohio, for example, takes a novel approach with several provisions that define what constitutes [u]nauthorized use of property, including use or operation of the property of another without consent (Ohio Rev. Code Ann. § 2913.04) and [t]ampering with records, which prohibit among other things, the falsification, destruction, removal, concealment or mutilation of software or data ( Id. § 2913.42). SUMMARY Laws prohibiting computer-related offenses are evolving and must continue to do so to keep pace with rapidly developing technology. Congress in passing, amending, and considering additional amendments to the Computer Fraud and Abuse Act has expressed its concern for the security of computers and the integrity of the information they contain. Along with more conventional statutes aimed at prohibiting wire fraud, illegal interceptions of wire and electronic communications, and unlawful access to or disclosure of stored electronic communications, the act provides an effective means of protecting computers deemed to be in the federal interest. However, federal laws are not the only recourse for victims of computer-related offenses. State enactments are often conceptually broader and are more frequently amended to address specific areas of difficulty. State laws may proscribe unauthorized access to or use of a specified protected environment, or they may enumerate offenses arising from the introduction of intrusive code. Some states seek to provide complete coverage of computer-related offenses by concurrently maintaining more than one type of protection. These protections can achieve maximum effectiveness, however, only when those victimized by computer-related offenses report significant violations and offer cooperation to local, state, and federal law enforcement authorities. Adequate solutions to computer security problems can be achieved, in part, through the enactment and enforcement of computer crime legislation and with the development of increasingly effective means of investigating and prosecuting cases under these laws.
|
We are proud to bring to all of our members a legal copy of this outstanding book. Of course this version is getting a bit old and may not contain all of the info that the latest version are covering, however it is one of the best tool you have to review the basics of security. Investing in the latest version would help you out in your studies and also show your appreciation to Auerbach for letting me use their book on the site.