S 3288 Introduced – Cybercrime

Last month Sen. Graham (R,SC) introduced S 3288, the International Cybercrime Prevention Act. The bill would make a number of amendments to 18 USC that are intended to make it easier to prosecute a variety of cybercrimes and to effectively increase the punishments available for such crimes by allowing for seizures and forfeitures in conjunction with the prosecution of those crimes.

Racketeering

Section 2 of the bill would add language to 18 USC 1956 (Laundering of monetary instruments) that would include §2512 (Manufacture, distribution, possession, and advertising of wire, oral, or electronic communication intercepting devices prohibited) as a predicate act for §1956. It would additionally add language to §1961 (Definitions section of the RICO chapter) that would include violations of §1030 (Fraud and related activity in connection with computers) in the crimes which could be included in the definition of ‘racketeering activity’.

Forfeiture

Section 3 of the bill completely rewrites §2513 (Confiscation of wire, oral, or electronic

communication intercepting devices). First it expands the confiscation authority to include ‘other property’ to include “any property, real or personal, constituting or derived from any gross proceeds, or any property traceable to such property, that such person obtained or retained directly or indirectly” {new §2513(a)(1)(A)} as a result of a violation of §2511 (Interception and disclosure of wire, oral, or electronic communications prohibited) or §2512.

Section 3 provides for criminal forfeiture proceedings using the procedures established for controlled substance under 21 USC 853 and for civil forfeiture proceedings using the procedures established under 18 USC Chapter 46.

Botnets

Section 4 of the bill amends 18 USC 1345 (Injunctions against fraud). First it expands the heading of the section to read “Injunctions against fraud and abuse” {§4(a)(1)}. Then it adds a new subparagraph (a)(1)(D) which adds a violation of  §1030(a)(5) to the list of offenses under which §1345 allows the Attorney General to “commence a civil action in any Federal court to enjoin such violation” {existing §1345(a)(1)}. The §1030 offense may only included if it adversely affects 100 or more protected computers in a one-year period.

Critical Infrastructure Computer

Section 5 of the bill would add a new §1030A (Aggravated damage to a critical infrastructure computer) to 18 USC. This new section would make it separately illegal during the violation of §1030 “to knowingly cause or attempt to cause damage to a critical infrastructure computer” {new §1030A(a)} if the damage results in substantial impairment of:

• The operation of the critical infrastructure computer; or

• The critical infrastructure associated with such computer

The section uses the definition of ‘computer’ and ‘damage’ from §1030. The definition of ‘critical infrastructure’ is spelled out in §1030A(d)(2). In general it is a pretty generic definition except that it specifically adds “including voter registration databases, voting machines, and other communications systems that manage the election process or report and display results on behalf of State and local governments”.

18 USC 1030 Amended

Section 6 of the bill amends 18 USC 1030. First it adds a new subparagraph (8) to §1030(a) that essentially expands the list of potential offenses covered under this computer fraud statute. That new offense would be the trafficking “in the means of access to a protected computer” {new §1030(a)(8)}. While similar to §1030(a)(6), it does not include the ‘intent to defraud’ language of that section. It also includes a requirement that trafficker knows that the recipient of the means of access intends to use that access to “damage a protected computer in a manner prohibited by this section” or “violate section 1037 [Fraud and related activity in connection with electronic mail; link added] or 1343 [Fraud by wire, radio, or television; link added]”

Section 6 then goes on to add the same injunction provisions to §1030 added to §2513 by section 3 of the bill (described above).

Moving Forward

Graham is a member of the Senate Judiciary Committee and the Chair of the Subcommittee on Crime and Terrorism. It is very likely that he has sufficient influence to see this bill considered in Committee. His two Democratic cosponsors {Sen. Blumenthal (D,CT) and Sen. Whitehous (D,RI)} are also influential members of the Judiciary Committee, so it would appear that there will be at least some bipartisan support for the legislation.

I will be very surprised if this bill makes it through the Committee process this late in the session. It almost certainly will not make it to the floor of the Senate, because this is a complex bill that would require floor debate and an amendment process that would interfere with the work the Senate needs to complete before the end of the year.