7/31. The Senate amended and passed HR 5938 [LOC | WW], the "Former Vice President Protection Act of 2008", a bill to provide Secret Service protection to former Vice Presidents. However, the Senate added to this bill as Title II an amended version of S 2168 [LOC | WW], the "Identity Theft Enforcement and Restitution Act", which the Senate previously passed as a stand alone bill.

While the additional language does contain provisions related to identity theft, its primary function is to revise 18 U.S.C. § 1030, the computer hacking statute. Moreover, while its backers often use the term "cyber crime" in connection with this bill, it would affect both civil litigation, and criminal prosecutions, under Section 1030.

Sen. Patrick Leahy (D-VT) and Sen. Arlen Specter (R-PA) introduced S 2168 on October 16, 2007. On November 16, 2007, the Senate passed S 2168.

On May 14, 2008, Rep. Adam Schiff (D-CA) and other introduced HR 6060 [LOC | WW], the "Identity Theft Enforcement and Restitution Act of 2008", which is substantially identical to S 2168, as enacted by the Senate on November 16, 2007.

The House passed HR 5938 (former Vice Presidents' bill) on June 9, 2008, but without S 2168 or HR 6060, or any other provisions related to Section 1030. Neither the House, nor the House Judiciary Committee, have taken any action on Rep. Schiff's HR 6060.

Sen. Leahy stated in the Senate that "The key anti-cyber crime provisions that are included in this legislation will close existing gaps in our criminal law to keep up with the cunning and ingenuity of today's identity thieves." See, Congressional Record, July 31, 2008, at S7885-6.

Bill Summary. The "Identity Theft Enforcement and Restitution Act" as approved by the Senate on July 31 contains nine sections.

Section 201 only contains the title.

Section 202 provides for restitution to identity theft victims.

Section 203 deletes from Subsection 1030(a)(2)(C) the "interstate or foreign communication" requirement. Hence, this subsection would then provide that "(a) Whoever ... (2) intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains ... (C) information from any protected computer ... shall be punished".

Section 207 amends the definition of "protected computer", at Subsection 1030(e)(2)(B) so that it would provide that it be "used in or affecting interstate or foreign commerce". Currently, the words "or affecting" are not in the statute.

Sen. Leahy explained that the bill addresses "the increasing number of computer hacking crimes that involve computers located within the same State".

Section 204 is a long section titled "Malicious Spyware, Hacking and Keyloggers". However, the terms "spyware" and "keyloggers" appear in neither Section 1030 as currently written, nor as it would read after revision by this bill.

Sen. Leahy explained that "this legislation also addresses the growing problem of the malicious use of spyware to steal sensitive personal information, by eliminating the requirement that the loss resulting from the damage to a victim's computer must exceed $5,000 in order to federally prosecute the offense. The bill carefully balances this necessary change with the legitimate need to protect innocent actors from frivolous prosecutions and clarifies that the elimination of the $5,000 threshold applies only to criminal cases."

He added that the bill "addresses the increasing number of cyber attacks on multiple computers by making it a felony to employ spyware or keyloggers to damage 10 or more computers, regardless of the aggregate amount of damage caused."

Currently, subsection 1030(a)(5)(A) lists three types of acts, while subsection 1030(a)(5)(B) enumerates various types of injuries that might be caused by these acts. Currently, there is a criminal violation of subsection 1030(a)(5) only if there is both an act under subsection (A) and an injury listed in subsection (B) that was caused by the act.

This bill would eliminate subsection (B), which includes the current $5,000 threshold. However, the bill would add similar language to the sentencing section of the statute, so that the injury caused by the act would be relevant to the sentence, and hence the offense's classification as either felony or misdemeanor, but would not be an element of the offense.

The three prohibited acts under subsection (a)(5) currently are "knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer", "intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage" and "intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage". The bill would, in the third item, replace "damage" with "damage and loss".

The effects of Section 5 of the bill would be to make it easier for prosecutors to bring criminal actions for variety have hacking activities, including use of malicious spyware and keyloggers. It would also make it easier for civil litigants to obtain judicial relief for the same sort of conduct.

It would also sweep within the scope of the statute certain non-malicious conduct that individuals may not understand to be prohibited, for example, in the context of employees accessing the computers of their employers.

Section 205 rewrites the cyber extortion subsection. Currently, subsection 1030(a)(7) provides that "(a) Whoever ... (7) with intent to extort from any person any money or other thing of value, transmits in interstate or foreign commerce any communication containing any threat to cause damage to a protected computer ... shall be punished".

The bill would maintain the clause "threat to cause damage to a protected computer", and add two other acts that would also constitute extortion under this subsection.

First, it would add this: "threat to obtain information from a protected computer without authorization or in excess of authorization or to impair the confidentiality of information obtained from a protected computer without authorization or by exceeding authorized access".

Second, it would add this: "demand or request for money or other thing of value in relation to damage to a protected computer, where such damage was caused to facilitate the extortion".

For example, if a person were to access a computer without authorization, damage the computer, and then demand payment to fix it, that too would be cyber extortion.

Section 206 addresses conspiracy. Currently, subsection 1030(b) provides that "Whoever attempts to commit an offense under subsection (a) ... shall be punished ...".

The just passed bill adds to this whoever "conspires to commit" an offense.

Section 208 adds a new subsection to Section 1030 providing for forfeiture of property used in Section 1030 criminal violations.

Finally, Section 209 gives detailed directives to the U.S. Sentencing Commission.

Robert Holleyman, head of the Business Software Alliance (BSA), praised the Senate's action. He wrote in a release that "For too long, cyber criminals around the world have taken advantage of legal loopholes and an under-resourced law enforcement community to rob consumers of their identities and their financial security. American consumers and businesses are the number one target of global cyber crime."

7/31. The House passed the conference report on HR 4137 [LOC | WW], the "College Opportunity and Affordability Act of 2008", by a vote of 380-49. See, Roll Call No. 544. The Senate approved the same conference report, by a vote of 83-8. See, Roll Call No. 194.

Two sections of this conference report [25 MB PDF file, 659 pages] address peer to peer copyright infringement on college campuses. One section requires universities to advise their students about P2P infringement, federal copyright law, and university policy. The other requires universities to have a plan for dealing with unauthorized distribution of copyrighted material.

Section 488 of the conference report amends 20 U.S.C. § 1092(a). This subsection of the statute requires that educational institutions participating in federal student financial assistance programs "shall carry out information dissemination activities for prospective and enrolled students (including those attending or planning to attend less than full time) regarding the institution and all financial assistance". The statute then enumerates many types of information that must be disseminated.

The conference report adds several new items, including one regarding copyright infringement.

The relevant language is as follows:

"(P) institutional policies and sanctions related to copyright infringement, including--
  (i) an annual disclosure that explicitly informs students that unauthorized distribution of copyrighted material, including unauthorized peer-to-peer file sharing, may subject the students to civil and criminal liabilities;
  (ii) a summary of the penalties for violation of Federal copyright laws; and
  (iii) a description of the institution's policies with respect to unauthorized peer-to-peer file sharing, including disciplinary actions that are taken against students who engage in unauthorized distribution of copyrighted materials using the institution's information technology system;"

Section 493 of the conference report amends 20 U.S.C. § 1094(a) to require that each participating university certifies that it "(A) has developed plans to effectively combat the unauthorized distribution of copyrighted material, including through the use of a variety of technology-based deterrents; and (B) will, to the extent practicable, offer alternatives to illegal downloading or peer-to-peer distribution of intellectual property, as determined by the institution in consultation with the chief technology officer or other designated officer of the institution.".

Patrick Ross, head of the Copyright Alliance, praised the Congess and these provisions in the bill. He wrote in a release that this bill "will educate students, encourage the use of legal alternatives, help campus networks function better, and ultimately help ensure that the high quality, good paying jobs in the creative industries that many college graduates hope to one day attain are more abundantly available."

Mitch Bainwol, head of the Recording Industry Association of America (RIAA), stated in a release that this is a "common-sense provision that will help protect the integrity of taxpayer-funded university networks and encourage college fans to enjoy legal music and movies."

He added that "universities, as well as commercial ISPs, have an important role to play in deterring the abuse of their networks. The technological tools to protect online networks are available, viable and affordable."

7/29. Vonage's Board of Directors appointed Marc Lefar Chief Executive Officer. Jeffrey Citron, who had been the interim CEO, will be non-executive Chairman of the Board. See, Vonage release.

7/28. Alcatel-Lucent announced in a release that Non-Executive Chairman Serge Tchuruk "has decided to step down on October 1, 2008", that CEO Pat Russo "has decided to step down no later than the end of the year, and at the Board’s request will continue to run the company until a new CEO is in place", and that the Board of Directors "will commence a search for a new non-executive Chairman and CEO immediately".

7/24. Juniper Networks announced that Kevin Johnson will become its Chief Executive Officer and a member of the Board of Directors, in September. He previously worked for Microsoft as head of its Platforms & Services Division. See, Juniper release.

7/31. The U.S. District Court (DC) issued a Memorandum Opinion [11 pages in PDF] Nextel Spectrum Acquisition Corporation v. Hispanic Information and Telecommunications Network, Inc. This is a contract dispute involving the Educational Broadband Service (EBS) spectrum usage rights. Previously, the District Court dismissed the complaint. See, story titled "DC Court Rules for HITN and Clearwire in DC Spectrum Case" in TLJ Daily E-Mail Alert No. 1,630, August 29, 2007. Nextel then filed a motion to vacate, alter or amend. The just released item denies that motion. The case is D.C. No. 07-543 (RMC).

The House will not meet. It will next meet on September 8, 2008.

The Senate will not meet.

10:00 AM. The U.S. Court of Appeals (FedCir) will hear oral argument in Lexicon Medical v. Northgate Technologies, App. Ct. No. 2007-1420. This is an appeal from the U.S. District Court (NDIll) in a patent infringement case involving the post KSR v. Teleflex obviousness standard. Location: Courtroom 201, 717 Madison Place, NW.

10:00 AM. The U.S. Court of Appeals (FedCir) will hear oral argument in Griffin Broadband Communications v. U.S., App. Ct. No. 2008-5032. This is an appeal from the U.S. Court of Federal Claims in a 5th Amendment takings case involving government termination of a contract relationship regarding the provision of communications services on a military base. Location: Courtroom 402, 717 Madison Place, NW.

2:00 - 3:00 PM. The President's National Security Telecommunications Advisory Committee will hold a partially closed meeting by teleconference. See, notice in the Federal Register, June 19, 2008, Vol. 73, No. 119, at Pages 34945-34946.

The Senate will meet in pro forma session only.

10:00 AM. The U.S. Court of Appeals (FedCir) will hear oral argument in Qualcomm v. Broadcomm, App. Ct. No. 2007-1545. Location: Courtroom 402, 717 Madison Place, NW.

6:30 - 8:30 PM. The Federal Communications Bar Association's (FCBA) Young Lawyers Committee will host an event titled "Happy Hour". For more information, contact Devin Crock at dcrock at kelleydrye dot com or Tarah Grant at tsgrant at hhlaw dot com. Location: Tony and Joe’s Seafood Place at the Georgetown Waterfront, 3000 K St., NW.

Deadline to submit comments to the Department of Justice (DOJ) in response to its notice of proposed rulemaking regarding inspection of records relating to the depiction of simulated sexually explicit performances. See, notice in the Federal Register, June 6, 2008, Vol. 73, No. 110, at Pages 32262-32273. This notice states that this "means conduct engaged in by real human beings, not conduct engaged in by computer-generated images".

Deadline to submit reply comments to the Federal Communications Commission (FCC) in response to its Second Further Notice of Proposed Rulemaking regarding assignment of Educational Broadband Service (EBS) spectrum in the Gulf of Mexico. The FCC adopted this item on March 18, 2008, and released the text [111 pages in PDF] on March 20, 2008. This item is FCC 08-03 in WT Docket Nos. 03-66; 03-67, and 02-68, IB Docket No. 02-364, and ET Docket No. 00-258.

No events listed.

TIME? The U.S. Patent and Trademark Office's (USPTO) Patent Public Advisory Committee (PPAC) will meet. Location:?

Day one of a two day conference hosted by the U.S. Patent and Trademark Office (USPTO) titled "13th Annual Independent Inventors Conference". See, USPTO release. Location: USPTO, Alexandria, VA.

Deadline to submit comments to the U.S. Patent and Trademark Office (USPTO) in response to its request for comments regarding information collected in Board of Patent Appeals and Interferences (BPAI) actions. See, notice in the Federal Register, June 9, 2008, Vol. 73, No. 111, at Pages 32559-32561.

Deadline to submit comments to the National Institute of Standards and Technology's (NIST) Computer Security Division (CSD) regarding its SP 800-124 [48 pages in PDF] titled "Guidelines on Cell Phone and PDA Security (Draft)".

Deadline to submit initial comments to the Federal Communications Commission (FCC) in response to its Second Further Notice of Proposed Rulemaking regarding post-reconfiguration 800 MHz band plans for the Puerto Rico region. See, notice in the Federal Register, July 14, 2008, Vol. 73, No. 135, at Pages 40274-40276.

Day two of a two day conference hosted by the U.S. Patent and Trademark Office (USPTO) titled "13th Annual Independent Inventors Conference". See, USPTO release. Location: USPTO, Alexandria, VA.

Deadline to submit comments to the U.S. Patent and Trademark Office (USPTO) in response to its notice of proposed rulemaking (NPRM) regarding revising the Trademark Rules of Practice to set forth the requirements for signature of documents filed in the USPTO, recognition of representatives, and establishing and changing the correspondence address in trademark cases. See, notice in the Federal Register, June 12, 2008, Vol. 73, No. 114, at Pages 33345-33356.

Deadline to submit comments to the U.S. Patent and Trademark Office (USPTO) in response to its notice of proposed rulemaking (NPRM) regarding amending the Trademark Rules of Practice to clarify certain requirements for applications, intent to use documents, amendments to classification, requests to divide, and Post Registration practice. See, notice in the Federal Register, June 12, 2008, Vol. 73, No. 114, at Pages 33356-33372.

Extended deadline to submit reply comments to the Federal Communications Commission (FCC) in response to its further notice of proposed rule making (FNPRM) regarding service rules for licensed fixed and mobile services, including Advanced Wireless Services (AWS), in the 1915-1920 MHz, 1995-2000 MHz, 2155-2175 MHz, and 2175-2180 MHz bands. This FNPRM is FCC FCC 08-158 WT Docket Nos. 07-195 and 04-356. See, original notice in the Federal Register, June 25, 2008, Vol. 73, No. 123, at Pages 35995-36013, and notice of extension in the Federal Register, July 14, 2008, Vol. 73, No. 135, at Pages 40271-40272.

Tech Law Journal publishes a free access web site and subscription e-mail alert. The basic rate for a subscription to the TLJ Daily E-Mail Alert is $250 per year. However, there are discounts for subscribers with multiple recipients. Free one month trial subscriptions are available. Also, free subscriptions are available for journalists, federal elected officials, and employees of the Congress, courts, and executive branch. The TLJ web site is free access. However, copies of the TLJ Daily E-Mail Alert are not published in the web site until one month after writing. See, subscription information page.

Contact: 202-364-8882.
P.O. Box 4851, Washington DC, 20008.

Privacy Policy
Notices & Disclaimers
Copyright 1998-2008 David Carney, dba Tech Law Journal. All rights reserved.