Content

Debate: The Computer Fraud and Abuse Act is out of date

In this month's debate, experts discuss whether the Computer Fraud and Abuse Act is out of date, and if punishments are disproportionate to offenses. 

PRO

Jeffrey Hartman, partner, 4Discovery

Intellectual property theft and cyber breaches have a significant impact on our fragile economy, causing $250 billion in damages to countless artists, technology developers and companies last year. The CFAA is a necessary tool for combating these offenses.  

The law is a unique deterrent against those who trespass into a computer system to steal property or cause damage. Aren't the IP rights of inventors and shareholders just as worthy of protection as the rights of those who would access a computer system with intent to take what is not theirs?

Yes, the CFAA has been tragically misapplied recently, but tossing out a law that has so much potential to protect our economy and the heritage of our inventors is a knee-jerk response to over-zealous prosecutors and provides justice for no one. 

Let's tweak the law, removing the criminality of terms of service violations, leaving intact the CFAA's ability to punish real “bad guys.”


CON

Nicole Muryn, director, The Financial Services Roundtable 

The CFAA deters frauds and attacks perpetrated in cyber space. This law recognizes the importance of consumers' financial information and allows for prosecution based on the intent to defraud. Deterrents are essential to decrease and to stop frauds. 

Attacks continue to increase leaving few institutions out of the line of fire. CFAA needs to be enhanced, not replaced.

A cyber criminal would only face up to five years, while the “old fashioned” bank robber would face up to 10 years for the same amount of stolen funds. This must be rectified. 

The CFAA should clarify criminal penalties to include damage to critical infrastructure computers and for unauthorized trafficking of passwords. These legal protections should be extended to intellectual property.  

In addition, we must elevate our ability to prosecute individuals outside of our country's borders. This effort must come from America's leadership and diplomatic interactions with foreign countries.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds