| title |
|---|
Cyber Laws |
Criminal activity in cyberspace.
- Can directly or indirectly involve technology (e.g., session stealing v. piracy)
Remember — All tools can be used maliciously.
Prohibits unauthorized access to certain protected computers of interest to the federal government.
- Protected: Computers used in or affecting interstate or foreign commerce and computers used by the federal government and financial institutions.
On "Without Authorization" — Because it isn't always an outsider without authorization committing crime (stereotypical hacker). Sometimes it is someone authorized [exceeding their authorization]{.underline}.
Important — Seven crimes can be prosecuted by the CFAA.
TODO
| Offense | Section | Sentence |
|---|---|---|
| Obtaining National Security Information | ||
| Accessing a Comuter and Obtaining Information | ||
| Trespassing in a Government Computer | ||
| Accessig na Computer to Defraud and Obtain Value | ||
| Intentionally Damaging by Knowing Transmission | ||
| Recklessly Damaging by Intentional Accesss | ||
| Negligently Causing Damange and Loss By Intentional Access | ||
| Trafficking in Passwords | ||
| ??? |
Electronic communicates should be handled by the government in the same way telephone communication is handled.
- Prohibits [any person]{.underline} from making an illegal interception or disclosing or using illegally intercepted material.
- Very complex, and has few exceptions.
History
- Originally applied to telephone taps.
- Amended in 1986 to cover electronic communications.
- This intentionally broad term catches all computer network communications.
Remember — This applies to any person, not just law enforcement.
- Consent of Party: If the interceptor is party to the communication, or one of the parties consents.
- If you are planning to do illegal things, this exception doesn't hold.
- Provider Exception: Telecom providers can intercept/disclose/use "information necessary to deliver services".
- Random monitoring is only allowed for quality control.
- Good Faith: There are three "Good Faith" defenses:
- Warrant, court order, subpoena, and legislative or statutory authorization.
- Request of an investigative or law enforcement officer.
- Good faith determination that the act permitted the behavior in question.
- Class D felony
- Maximum Penalty: 5 years imprisonment and afine
- Fines generally don't exceed:
- $250k for individuals, and
- $500k for organizations
- Can be bigger if loss is substantial.
- Unauthorized disclosure,
- Identity theft,
- CAN-SPAM,
- Wire fraud,
- et cetera
Protects data, email, and voicemail from unauthorized access.
- Protects communications stored by providers pending the delivery to intended recipients w.r.t. to the CIA triad.
Greatly expanded government powers in response to the September 11 attacks to allow mass monitoring of civilians.
- Divided into ten titles.
On Title II: Allows interception of wire/oral/electronic communications to get evidence for (1) specified chemical weapons or terrorism offenses; and (2) computer fraud and abuse. Among other things, allows for:
- Bulk collection of electronic data.
- Nationwide search warrants.
- Surveillance of citizens and non citizens.
- Roving wiretaps.
Also relaxes requirements for permission to surveil, and expands scope of subpoenas of electronic data.
Sunset and FREEDOM ACT:
- Although the Patriot act was allowed to Sunset in 2005, the Freedom Acct reinstated most of the powers of the Patriot act.
- Computer Virus: TODO
- Botnet: TODO
- Spyware: TODO
- Malware: Inclusive term for all of the above.
TODO Article notes (read articles linked on Canvas).
- Click Fraud
- Advanced Fee Scam
- Lottery Scams
- Reshipping Fraud
- Freebie Scams
"The easy, bad, and scary."
All sexually explicit content is subject to federal regulation.
- Prohibitions:
- 18 USB 1466A and 18 USC2252: Child Pornography
- 18 USC 2257: Levies specific record keeping requirements on the adult industry (to ensure people in explicit pictures/movies are of legal age).
- 42 USC 13032: Electronic communications service providers 9ISPs) must report child pornography to the NCMEC.
- And more federal, state, and local laws and regulations.
Remember — Never investigate something yourself, report immediately to NCMEC or FBI.
Pirated copies of proprietary commercial software, typically distributed over the internet after any copyright protection mechanisms have been disabled.
- Music, movies, and games.
In the same vein as property theft, copyright infringement, piracy, illegal sports streaming, etc.
Digital Evidence: Information stored or transmitted in binary form than is associated with electronic crimes, and it used to prosecute all types of crimes.
???
- Do you know your footprint?
- Do you have incriminating digital evidence?
- What online activity is sus?