Thankfully, law enforcement doesn’t use a horse drawn wagon to chase down criminals anymore. Instead, police vehicles are evaluated and updates based on what is faster and more fuel efficient, in order to keep with the changing times. In the same way, cyber crime not only needs more efficient ways to “chase” cyber criminals, they also need updates on cyber laws and regulations to keep pace with changing cyber crimes and issues.
The GAO cyber-crime report GAO-07-075 identified four major challenges in combating cyber crime:
- ensuring cyber-crime is reported;
- ensuring adequate analytical and technical capabilities for law enforcement;
- working in a borderless environment with laws of multiple jurisdictions; and
- implementing information security practices and raising awareness.
Robert Moore, author of Cybercrime: Investigating High-Technology Computer Crime, echoes this theme in his introduction: “Unfortunately while those who would abuse this new technology have been honing their techniques and improving their knowledge of how computers operate, many in the criminal justice community have been unable to keep pace.”
Lt. Rocky Costa, who heads the Southern California High Technology Task Force and is equally experienced, concurs: “Today computer or computer-related crime makes up perhaps a quarter of all crimes we see – a percentage that is bound to increase.
The 1984 Computer Fraud and Abuse Act (CFAA) was intended to combat hackers – those who seek to actually steal valuable data. The language of CFAA is inconsistent with the current world we live in. Trying to apply 1984 computer fraud law is what led to the Internet hysteria this summer, with a number of popular websites arguing a recent CFAA ruling would make their password sharing illegal. The reports were quickly refuted, but not before news outlets from NPR to Slate were reporting users could face jail time for sharing their Netflix passwords.
Netflix was quick to go to bat for its users clarifying, “As long as they aren’t selling them, members can use their passwords however they please.”
So, you won’t go to jail for sharing your Netflix password. But the CFAA makes it clear, if you’re not following the terms of service that apply to the websites you visit, you could find yourself on the other side of a court case some day in the future. Bases on recent CFAA court cases, here are three things to consider when conducting business via websites and trying to navigate the haziness of the CFAA:
- Monitor the website/computers/servers for any access outside of authorized users.
- Any time unauthorized access is detected, immediately notify the unauthorized user (if known), or the company providing the web service (so they can block IP addresses as appropriate).