WASHINGTON -- Some forms of illegal hacking would be punished by life imprisonment under a proposal that Congress will debate on Tuesday.
A House Judiciary subcommittee will consider the Cyber Security Enhancement Act (CSEA), which ups the penalties for computer intrusions, funds surveillance research and encourages Internet providers to turn over more information to police.
CSEA, sponsored by Crime Subcommittee chairman Lamar Smith (R-Texas), is one of Congress' more recent responses to the Sept. 11 terrorist attacks. Smith introduced the bill in December 2001, saying that it will "combat cybercrime and cyberterrorism and send the signal that if you engage in cybercrime or cyberterrorism, you will be punished."
The hearing begins at 4 p.m. EST. Streaming audio will be available from the committee's website.
Smith, whose voting record has received a 7-percent rating from the ACLU and a 100-percent rating from the Christian Coalition, seems to want to put the fear of God in anyone contemplating tampering with networked computers. In cases where miscreants attempt "to cause death or serious bodily injury" through electronic means, the punishment is life imprisonment.
Even for less serious offenses, CSEA orders the U.S. Sentencing Commission to rewrite sentencing guidelines for computer hacking offenses with an eye to making them stiffer than before. (Federal law already says anyone who "intentionally accesses a computer without authorization or exceeds authorized access" is a felon facing up to 10 years in Club Fed.)
CSEA would reorganize the Justice Department's Office of Science and Technology (OST) and make it more important. Its new purpose would be to "improve the safety and effectiveness of law enforcement technology" and its advisory groups would be immune from federal sunshine laws.
Among the technology the office would research is "equipment for particular use in counterterrorism, including devices and technologies to disable terrorist devices." According to Smith's aide, terrorist devices "could be anything from a bomb to a computer." The group is also tasked with researching better "investigative and forensic technologies," including electronic surveillance methods.
Since 1968, the office has been housed inside the National Institute of Justice (NIJ), also part of the Justice Department. Brad Bennett, a spokesman for Smith, said: "NIJ was created when technology was not the overriding priority. Today, technology is a priority and the establishment of OST as an independent office will ensure that technology is treated as a priority."
----
You're being watched: Currently it's illegal for an Internet provider to "knowingly divulge" what you're doing except in some specific circumstances, such as when troubleshooting glitches, receiving a court order or tipping off police that a crime's in progress. The bill expands that list to include when "an emergency involving danger of death or serious physical injury to any person requires disclosure of the information without delay."
As an incentive for Internet providers not to be overly zealous in handing over terabytes of data to the feds, current law allows customers to sue for damages. But if CSEA took effect, an Internet provider's "good faith determination" that something smelled fishy would immunize it from lawsuits by irate customers.
Rachel King, legislative counsel for the ACLU, calls that section of the bill "disturbing."
"It's our position that information held by a third party is protected under the Fourth Amendment. It cannot just be divulged without permission and the government shouldn't get access to it," King said, unless investigators obtain a warrant or a grand jury subpoena.
Technology lobbyists are far more enthusiastic.
Jason Mahler, general counsel for the Computer and Communications Industry Association, says of CSEA: "We see it largely as a technical amendment to existing cyber-security laws."
"CCIA supports the bill," Mahler said. "We believe that ISPs should be protected when they're cooperating with law enforcement investigations." CCIA's members include AOL Time Warner, AT&T, Nortel and Oracle.
Tuesday's hearing is scheduled to include four witnesses: John Malcom from the Department of Justice, Microsoft's Susan Kelley Koeppen, Worldcom vice president Clint Smith and Alan Davidson from the Center for Democracy and Technology.
In October, President Bush signed the USA Patriot Act, granting investigators unprecedented powers that have been applauded by police groups but condemned by civil libertarians.
Robert Zarate contributed to this report.
