[Congressional Bills 106th Congress]
[From the U.S. Government Publishing Office]
[S. 2448 Reported in Senate (RS)]






                                                       Calendar No. 941
106th CONGRESS
  2d Session
                                S. 2448

      To enhance the protections of the Internet and the critical 
      infrastructure of the United States, and for other purposes.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                             April 13, 2000

    Mr. Hatch (for himself, Mr. Schumer, Mr. Abraham, and Mr. Kyl) 
introduced the following bill; which was read twice and referred to the 
                       Committee on the Judiciary

            October 5 (legislative day, September 22), 2000

                Reported by Mr. Hatch, with an amendment
 [Strike out all after the enacting clause and insert the part printed 
                               in italic]

_______________________________________________________________________

                                 A BILL


 
      To enhance the protections of the Internet and the critical 
      infrastructure of the United States, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

<DELETED>SECTION 1. SHORT TITLE; TABLE OF CONTENTS.</DELETED>

<DELETED>    (a) Short Title.--This Act may be cited as the ``Internet 
Integrity and Critical Infrastructure Protection Act of 
2000''.</DELETED>
<DELETED>    (b) Table of Contents.--The table of contents for this Act 
is as follows:</DELETED>

<DELETED>Sec. 1. Short title; table of contents.
                    <DELETED>TITLE I--CYBER-HACKING

<DELETED>Sec. 101. Deterrence and prevention of fraud, abuse, and 
                            criminal acts in connection with computers.
<DELETED>Sec. 102. Criminal and civil forfeiture for computer fraud and 
                            abuse.
<DELETED>Sec. 103. Enhanced coordination of Federal agencies.
<DELETED>Sec. 104. Deterring juvenile involvement in computer crimes.
<DELETED>Sec. 105. Additional defense to civil actions relating to 
                            preserving records in response to 
                            government request.
<DELETED>Sec. 106. Authority to intercept wire, oral, and electronic 
                            communications relating to computer fraud 
                            and abuse.
<DELETED>Sec. 107. Forfeiture of devices used in computer software 
                            counterfeiting and intellectual property 
                            theft.
<DELETED>Sec. 108. Sentencing directives for computer crimes.
<DELETED>Sec. 109. Assistance to Federal, State, and local computer 
                            crime enforcement and establishment of 
                            National Cyber-Crime Technical Support 
                            Center.
               <DELETED>TITLE II--ANTI-FRAUD PROTECTIONS

<DELETED>Sec. 201. Protection from fraudulent unsolicited electronic 
                            mail.
      <DELETED>TITLE III--PRIVACY AND CONFIDENTIALITY PROTECTIONS

<DELETED>Sec. 301. Privacy protection concerning pen registers and trap 
                            and trace devices.
<DELETED>Sec. 302. Privacy protection for subscribers of satellite 
                            television services.
<DELETED>Sec. 303. Encryption reporting requirements.
<DELETED>Sec. 304. Fraud in online collection and dissemination of 
                            personally identifiable information.
<DELETED>Sec. 305. National media campaign on public awareness 
                            regarding online security and privacy.
<DELETED>Sec. 306. Fraudulent access to personally identifiable 
                            information.
   <DELETED>TITLE IV--NATIONAL SECURITY AND CRITICAL INFRASTRUCTURE 
                               PROTECTION

<DELETED>Sec. 401. Deputy Assistant Attorney General for Computer Crime 
                            and Intellectual Property.
<DELETED>Sec. 402. National Infrastructure Protection Center.
<DELETED>Sec. 403. Personnel exchange programs for critical 
                            infrastructure protection training.
       <DELETED>TITLE V--INTERNATIONAL COMPUTER CRIME ENFORCEMENT

<DELETED>Sec. 501. Short title. 
<DELETED>Sec. 502. Disclosure of computer crime evidence to foreign law 
                            enforcement authorities relating to 
                            enforcement of foreign computer crime laws. 

<DELETED>Sec. 503. Investigative assistance to foreign law enforcement 
                            authorities to obtain computer crime 
                            evidence relating to enforcement of foreign 
                            computer crime laws.
<DELETED>Sec. 504. Court orders to provide assistance to foreign law 
                            enforcement authorities relating to 
                            enforcement of foreign computer crime laws. 

<DELETED>Sec. 505. Limitations on activities under computer crime 
                            mutual assistance agreements. 
<DELETED>Sec. 506. Reimbursement.
<DELETED>Sec. 507. Judicial review. 
<DELETED>Sec. 508. Computer crime mutual assistance agreements.
<DELETED>Sec. 509. Preservation of existing authority. 
<DELETED>Sec. 510. Report to Congress. 
<DELETED>Sec. 511. Definitions. 
                    <DELETED>TITLE VI--SEVERABILITY

<DELETED>Sec. 601. Severability.

               <DELETED>TITLE I--CYBER-HACKING</DELETED>

<DELETED>SEC. 101. DETERRENCE AND PREVENTION OF FRAUD, ABUSE, AND 
              CRIMINAL ACTS IN CONNECTION WITH COMPUTERS.</DELETED>

<DELETED>    (a) Penalties.--Subsection (c) of section 1030 of title 
18, United States Code, is amended--</DELETED>
        <DELETED>    (1) in paragraph (2)--</DELETED>
                <DELETED>    (A) in subparagraph (A)--</DELETED>
                        <DELETED>    (i) by inserting ``except as 
                        provided in subparagraph (B),'' before ``a 
                        fine''; and</DELETED>
                        <DELETED>    (ii) by striking ``and'' at the 
                        end;</DELETED>
                <DELETED>    (B) in subparagraph (B), by inserting ``or 
                an attempt to commit an offense punishable under this 
                subparagraph,'' after ``subsection (a)(2),'' in the 
                matter preceding clause (i); and</DELETED>
                <DELETED>    (C) in subparagraph (C), by striking 
                ``and'' at the end;</DELETED>
        <DELETED>    (2) in paragraph (3)--</DELETED>
                <DELETED>    (A) by striking ``, (a)(5)(A), 
                (a)(5)(B),'' both places it appears; and</DELETED>
                <DELETED>    (B) by striking ``and'' at the end; 
                and</DELETED>
        <DELETED>    (3) by adding at the end the following new 
        paragraphs:</DELETED>
        <DELETED>    ``(4)(A) except as provided in subparagraph (B), a 
        fine under this title, imprisonment for not more than 3 years, 
        or both, in the case of an offense under subsection (a)(5)(A) 
        or (a)(5)(B) which does not occur after a conviction for 
        another offense under this section, or an attempt to commit an 
        offense punishable under this subparagraph;</DELETED>
        <DELETED>    ``(B) a fine under this title, imprisonment for 
        not more than 10 years, or both, in the case of an offense 
        under subsection (a)(5)(A) or (a)(5)(B), or an attempt to 
        commit an offense punishable under this subparagraph, if--
        </DELETED>
                <DELETED>    ``(i) the defendant used, or attempted to 
                use, a person less than 18 years of age to commit the 
                offense; or</DELETED>
                <DELETED>    ``(ii) the offense caused (or, in the case 
                of an attempted offense, would, if completed, have 
                caused)--</DELETED>
                        <DELETED>    ``(I) loss to one or more persons 
                        during any one-year period (including loss 
                        resulting from a related course of conduct 
                        affecting one or more other protected 
                        computers) aggregating at least $5,000 in 
                        value;</DELETED>
                        <DELETED>    ``(II) the modification or 
                        impairment, or potential modification or 
                        impairment, of the medical examination, 
                        diagnosis, treatment, or care of one or more 
                        individuals;</DELETED>
                        <DELETED>    ``(III) physical injury to any 
                        person;</DELETED>
                        <DELETED>    ``(IV) a threat to public health 
                        or safety; or</DELETED>
                        <DELETED>    ``(V) damage affecting a computer 
                        system used by or for a government entity in 
                        furtherance of the administration of justice, 
                        national defense, or national 
                        security;</DELETED>
        <DELETED>    ``(C) a fine under this title, imprisonment for 
        not more than 10 years, or both, in the case of an offense 
        under subsection (a)(5)(A) or (a)(5)(B), or an attempt to 
        commit an offense punishable under this subparagraph, that--
        </DELETED>
                <DELETED>    ``(i) would otherwise be punishable under 
                subparagraph (A); and</DELETED>
                <DELETED>    ``(ii) occurs after a conviction for 
                another offense under subsection (a)(5)(A) or (a)(5)(B) 
                for which the defendant was punished under subparagraph 
                (A); and</DELETED>
        <DELETED>    ``(D) a fine under this title, imprisonment for 
        not more than 20 years, or both, in the case of an offense 
        under subsection (a)(5)(A) or (a)(5)(B), or an attempt to 
        commit an offense punishable under this subparagraph, that--
        </DELETED>
                <DELETED>    ``(i) would otherwise be punishable under 
                subparagraph (B); and</DELETED>
                <DELETED>    ``(ii) occurs after a conviction for 
                another offense under subsection (a)(5)(A) or (a)(5)(B) 
                for which the defendant was punished under subparagraph 
                (B); and</DELETED>
        <DELETED>    ``(5) in the case of any felony offense under this 
        section, at the discretion of the court, termination of and 
        ineligibility for any financial assistance for post-secondary 
        education that is available under Federal law, which punishment 
        shall be in addition to any other punishment described in this 
        subsection.''.</DELETED>
<DELETED>    (b) Definitions.--Subsection (e) of that section is 
amended--</DELETED>
        <DELETED>    (1) in paragraph (2)(B), by inserting ``, 
        including a computer located outside the United States'' before 
        the semicolon;</DELETED>
        <DELETED>    (2) in paragraph (7), by striking ``and'' at the 
        end;</DELETED>
        <DELETED>    (3) by striking paragraph (8) and inserting the 
        following new paragraph (8):</DELETED>
        <DELETED>    ``(8) the term `damage' means any impairment to 
        the integrity or availability of data, a program, a system, or 
        information;'';</DELETED>
        <DELETED>    (4) in paragraph (9), by striking the period at 
        the end and inserting a semicolon; and</DELETED>
        <DELETED>    (5) by adding at the end the following new 
        paragraphs:</DELETED>
        <DELETED>    ``(10) the term `conviction' shall include an 
        adjudication of juvenile delinquency for a violation of this 
        section;</DELETED>
        <DELETED>    ``(11) the term `loss' means any reasonable cost 
        to any victim, including the cost of responding to an offense, 
        conducting a damage assessment, and restoring the data, 
        program, system, or information to its condition prior to the 
        offense, and any revenue lost, cost incurred, or other 
        consequential damages incurred because of interruption of 
        service;</DELETED>
        <DELETED>    ``(12) the term `person' means any person, firm, 
        educational institution, financial institution, government 
        entity, or other entity;''.</DELETED>
<DELETED>    (c) Damages in Civil Actions.--Subsection (g) of that 
section is amended in the second sentence by striking ``involving 
damage'' and all that follows through the end and inserting ``of 
subsection (a)(5) shall be limited to loss unless such action includes 
one of the elements set forth in subclauses (II) through (V) of section 
(c)(4)(B)(ii).''.</DELETED>
<DELETED>    (d) Certification.--That section is further amended--
</DELETED>
        <DELETED>    (1) by redesignating subsection (h) as subsection 
        (i); and</DELETED>
        <DELETED>    (2) by inserting after subsection (g) the 
        following new subsection (h):</DELETED>
<DELETED>    ``(h)(1) An offense, or an attempt to commit an offense, 
under subsection (a)(5)(A), (a)(5)(B), or (a)(5)(C) shall not be 
proceeded against under this section unless--</DELETED>
        <DELETED>    ``(A) the offense is punishable under subsection 
        (c)(4)(B); or</DELETED>
        <DELETED>    ``(B) the United States Attorney certifies to the 
        appropriate district court of the United States that there is a 
        substantial Federal interest in the offense that warrants the 
        exercise of Federal jurisdiction over the offense.</DELETED>
<DELETED>    ``(2) A certification under paragraph (1)(B) shall not be 
reviewable by any court.</DELETED>
<DELETED>    ``(3) The Attorney General shall submit to Congress on an 
annual basis a report on the number of prosecutions undertaken under 
paragraph (1)(B) during the year preceding the year in which such 
report is submitted.''.</DELETED>

<DELETED>SEC. 102. CRIMINAL AND CIVIL FORFEITURE FOR COMPUTER FRAUD AND 
              ABUSE.</DELETED>

<DELETED>    (a) Criminal Forfeiture.--Section 1030 of title 18, United 
States Code, as amended by section 101 of this Act, is further 
amended--</DELETED>
        <DELETED>    (1) by redesignating subsection (h) as subsection 
        (l); and</DELETED>
        <DELETED>    (2) by inserting after subsection (g) the 
        following new subsection (h):</DELETED>
<DELETED>    ``(h)(1) The court, in imposing sentence on any person 
convicted of a violation of this section, shall order, in addition to 
any other sentence imposed and irrespective of any provision of State 
law, that such person forfeit to the United States--</DELETED>
        <DELETED>    ``(A) the interest of such person in any property, 
        whether real or personal, that was used or intended to be used 
        to commit or to facilitate the commission of such violation; 
        and</DELETED>
        <DELETED>    ``(B) any property, whether real or personal, 
        constituting or derived from any proceeds that such person 
        obtained, whether directly or indirectly, as a result of such 
        violation.</DELETED>
<DELETED>    ``(2) The criminal forfeiture of property under this 
subsection, any seizure and disposition thereof, and any administrative 
or judicial proceeding relating thereto, shall be governed by the 
provisions of section 413 of the Comprehensive Drug Abuse Prevention 
and Control Act of 1970 (21 U.S.C. 853), except subsection (d) of that 
section.''.</DELETED>
<DELETED>    (b) Civil Forfeiture.--That section, as amended by 
subsection (a) of this section, is further amended by inserting after 
subsection (h) the following new subsection (i):</DELETED>
<DELETED>    ``(i)(1) The following shall be subject to forfeiture to 
the United States, and no property right shall exist in them:</DELETED>
        <DELETED>    ``(A) Any property, whether real or personal, that 
        is used or intended to be used to commit or to facilitate the 
        commission of any violation of this section.</DELETED>
        <DELETED>    ``(B) Any property, whether real or personal, that 
        constitutes or is derived from proceeds traceable to any 
        violation of this section.</DELETED>
<DELETED>    ``(2) The provisions of chapter 46 of this title relating 
to civil forfeiture shall apply to any seizure or civil forfeiture 
under this subsection.''.</DELETED>

<DELETED>SEC. 103. ENHANCED COORDINATION OF FEDERAL AGENCIES.</DELETED>

<DELETED>    Section 1030(d) of title 18, United States Code, is 
amended--</DELETED>
        <DELETED>    (1) by striking ``subsections (a)(2)(A), 
        (a)(2)(B), (a)(3), (a)(4), (a)(5), and (a)(6) of''; 
        and</DELETED>
        <DELETED>    (2) by striking ``which shall be entered into by'' 
        and inserting ``between''.</DELETED>

<DELETED>SEC. 104. DETERRING JUVENILE INVOLVEMENT IN COMPUTER 
              CRIMES.</DELETED>

<DELETED>    Section 5032 of title 18, United States Code, is amended 
in clause (3) of the first undesignated paragraph--</DELETED>
        <DELETED>    (1) by striking ``or section 1002(a)'' and 
        inserting ``section 1002(a)''; and</DELETED>
        <DELETED>    (2) by inserting after ``of this title,'' the 
        following: ``section 1030(a)(1), (a)(2)(B), (a)(3), 
        (a)(5)(A)(i), or (a)(5)(A)(ii) of this title,''.</DELETED>

<DELETED>SEC. 105. ADDITIONAL DEFENSE TO CIVIL ACTIONS RELATING TO 
              PRESERVING RECORDS IN RESPONSE TO GOVERNMENT 
              REQUEST.</DELETED>

<DELETED>    Section 2707(e) of title 18, United States Code, is 
amended--</DELETED>
        <DELETED>    (1) by redesignating paragraphs (2) and (3) as 
        paragraphs (3) and (4), respectively; and</DELETED>
        <DELETED>    (2) by inserting after paragraph (1) the following 
        new paragraph (2):</DELETED>
        <DELETED>    ``(2) a request of a governmental entity under 
        section 2703(f) of this title;''.</DELETED>

<DELETED>SEC. 106. AUTHORITY TO INTERCEPT WIRE, ORAL, AND ELECTRONIC 
              COMMUNICATIONS RELATING TO COMPUTER FRAUD AND 
              ABUSE.</DELETED>

<DELETED>    Section 2516(1)(c) of title 18, United States Code, is 
amended by striking ``and section 1341 (relating to mail fraud),'' and 
inserting ``section 1341 (relating to mail fraud), a felony violation 
of section 1030 (relating to computer fraud and abuse),''.</DELETED>

<DELETED>SEC. 107. FORFEITURE OF DEVICES USED IN COMPUTER SOFTWARE 
              COUNTERFEITING AND INTELLECTUAL PROPERTY THEFT.</DELETED>

<DELETED>    (a) In General.--Section 2318(d) of title 18, United 
States Code, is amended--</DELETED>
        <DELETED>    (1) by inserting ``(1)'' before 
        ``When'';</DELETED>
        <DELETED>    (2) in paragraph (1), as so designated, by 
        inserting ``, and of any replicator or other device or thing 
        used to copy or produce the computer program or other item to 
        which the counterfeit labels have been affixed or which were 
        intended to have had such labels affixed'' before the period; 
        and</DELETED>
        <DELETED>    (3) by adding at the end the following:</DELETED>
<DELETED>    ``(2) The forfeiture of property under this section, 
including any seizure and disposition of the property, and any related 
judicial or administrative proceeding, shall be governed by the 
provisions of section 413 (other than subsection (d) of that section) 
of the Comprehensive Drug Abuse Prevention and Control Act of 1970 (21 
U.S.C. 853).''.</DELETED>
<DELETED>    (b) Conforming Amendment.--Section 492 of such title is 
amended in the first undesignated paragraph by striking ``or 1720,'' 
and inserting ``, 1720, or 2318''.</DELETED>

<DELETED>SEC. 108. SENTENCING DIRECTIVES FOR COMPUTER CRIMES.</DELETED>

<DELETED>    (a) Amendment of Sentencing Guidelines Relating to Certain 
Computer Crimes.--Pursuant to its authority under section 994(p) of 
title 28, United States Code, the United States Sentencing Commission 
shall amend the Federal sentencing guidelines and, if appropriate, 
shall promulgate guidelines or policy statements or amend existing 
policy statements to address--</DELETED>
        <DELETED>    (1) the potential and actual loss resulting from 
        an offense under section 1030 of title 18, United States Code 
        (as amended by section 101 of this Act);</DELETED>
        <DELETED>    (2) the level of sophistication and planning 
        involved in such an offense;</DELETED>
        <DELETED>    (3) the growing incidence of offenses under such 
        subsections and the need to provide an effective deterrent 
        against such offenses;</DELETED>
        <DELETED>    (4) whether or not such an offense was committed 
        for purposes of commercial advantage or private financial 
        benefit;</DELETED>
        <DELETED>    (5) whether or not the defendant involved a 
        juvenile in the commission of such an offense;</DELETED>
        <DELETED>    (6) whether or not the defendant acted with 
        malicious intent to cause harm in committing such an 
        offense;</DELETED>
        <DELETED>    (7) the extent to which such an offense violated 
        the privacy rights of individuals harmed by the offense; 
        and</DELETED>
        <DELETED>    (8) any other factor the Commission considers 
        appropriate in connection with any amendments made by this Act 
        with regard to such subsections.</DELETED>
<DELETED>    (b) Amendment of Sentencing Guidelines Relating to Certain 
Computer Fraud and Abuse.--Pursuant to its authority under section 
994(p) of title 28, United States Code, the United States Sentencing 
Commission shall amend the Federal sentencing guidelines to ensure that 
any individual convicted of a violation of section 1030(a)(5)(A)(iii), 
of title 18, United States Code (as so amended), can be subjected to 
appropriate penalties, without regard to any mandatory minimum term of 
imprisonment.</DELETED>
<DELETED>    (c) Amendment of Sentencing Guidelines Relating to Use of 
Encryption.--Pursuant to its authority under section 994(p) of title 
28, United States Code, the United States Sentencing Commission shall 
amend the Federal sentencing guidelines and, if appropriate, shall 
promulgate guidelines or policy statements or amend existing policy 
statements to ensure that the guidelines provide sufficiently stringent 
penalties to deter and punish persons who intentionally use encryption 
in connection with the commission or concealment of criminal acts 
sentenced under the guidelines.</DELETED>
<DELETED>    (d) Emergency Authority.--The Commission may promulgate 
the guidelines or amendments provided for under this section in 
accordance with the procedures set forth in section 21(a) of the 
Sentencing Act of 1987, as though the authority under that Act had not 
expired.</DELETED>

<DELETED>SEC. 109. ASSISTANCE TO FEDERAL, STATE, AND LOCAL COMPUTER 
              CRIME ENFORCEMENT AND ESTABLISHMENT OF NATIONAL CYBER-
              CRIME TECHNICAL SUPPORT CENTER.</DELETED>

<DELETED>    (a) National Cyber-Crime Technical Support Center.--
</DELETED>
        <DELETED>    (1) Construction required.--The Director of the 
        Federal Bureau of Investigation shall provide for the 
        construction and equipping of the technical support center of 
        the Federal Bureau of Investigation referred to in section 
        811(a)(1)(A) of the Antiterrorism and Effective Death Penalty 
        Act of 1996 (Public Law 104-132; 110 Stat. 1312; 28 U.S.C. 531 
        note).</DELETED>
        <DELETED>    (2) Naming.--The technical support center 
        constructed and equipped under paragraph (1) shall be known as 
        the ``National Cyber-Crime Technical Support 
        Center''.</DELETED>
        <DELETED>    (3) Functions.--In addition to any other 
        authorized functions, the functions of the National Cyber-Crime 
        Technical Support Center shall be--</DELETED>
                <DELETED>    (A) to serve as a centralized technical 
                resource for Federal, State, and local law enforcement 
                and to provide technical assistance in the 
                investigations of computer-related criminal 
                activities;</DELETED>
                <DELETED>    (B) to assist Federal, State, and local 
                law enforcement in enforcing Federal, State, and local 
                criminal laws relating to computer-related 
                crime;</DELETED>
                <DELETED>    (C) to provide training and education for 
                Federal, State, and local law enforcement personnel 
                regarding investigative techniques and forensic 
                analyses pertaining to computer-related 
                crime;</DELETED>
                <DELETED>    (D) to conduct research and to develop 
                technologies for assistance in investigations and 
                forensic analyses of evidence related to computer-
                related crimes;</DELETED>
                <DELETED>    (E) to facilitate and promote efficiencies 
                in the sharing of Federal law enforcement expertise and 
                investigative technologies and forensic analysis 
                pertaining to computer-related crimes with State and 
                local law enforcement personnel, prosecutors, regional 
                computer forensic laboratories and multijurisdictional 
                computer crime task forces; and</DELETED>
                <DELETED>    (F) to carry out such other activities as 
                the Director considers appropriate.</DELETED>
<DELETED>    (b) Development and Support of Computer Forensic 
Activities.--The Director shall take appropriate actions to develop at 
least 10 regional computer forensic laboratories, and to provide 
support, education, and assistance for existing computer forensic 
laboratories, in order that such computer forensic laboratories have 
the capability--</DELETED>
                <DELETED>    (1) to provide forensic examinations with 
                respect to seized or intercepted computer evidence 
                relating to criminal activity;</DELETED>
                <DELETED>    (2) to provide training and education for 
                Federal, State, and local law enforcement personnel and 
                prosecutors regarding investigations, forensic 
                analyses, and prosecutions of computer-related 
                crime;</DELETED>
                <DELETED>    (3) to assist Federal, State, and local 
                law enforcement in enforcing Federal, State, and local 
                criminal laws relating to computer-related 
                crime;</DELETED>
                <DELETED>    (4) to facilitate and promote the sharing 
                of Federal law enforcement expertise and information 
                about the investigation, analysis, and prosecution of 
                computer-related crime with State and local law 
                enforcement personnel and prosecutors, including the 
                use of multijurisdictional task forces; and</DELETED>
                <DELETED>    (5) to carry out such other activities as 
                the Director considers appropriate.</DELETED>
<DELETED>    (c) Grants to State and Local Law Enforcement.--</DELETED>
        <DELETED>    (1) In General.--Subject to the provisions of 
        appropriations Acts, the Assistant Attorney General for the 
        Office of Justice Programs of the Department of Justice shall 
        make a grant to each State, which shall be used by the State, 
        in conjunction with units of local government, State and local 
        courts, other States, or combinations thereof, to establish and 
        develop programs to--</DELETED>
                <DELETED>    (A) assist State and local law enforcement 
                agencies in enforcing State and local criminal laws 
                relating to computer crime;</DELETED>
                <DELETED>    (B) assist State and local law enforcement 
                agencies in educating the public to prevent and 
                identify computer crime;</DELETED>
                <DELETED>    (C) educate and train State and local law 
                enforcement officers and prosecutors to conduct 
                investigations and forensic analyses of evidence and 
                prosecutions of computer crime;</DELETED>
                <DELETED>    (D) assist State and local law enforcement 
                officers and prosecutors in acquiring computer and 
                other equipment to conduct investigations and forensic 
                analysis of evidence of computer crimes; and</DELETED>
                <DELETED>    (E) facilitate and promote efficiencies in 
                the sharing of Federal law enforcement expertise and 
                information about the investigation, analysis, and 
                prosecution of computer crimes with State and local law 
                enforcement officers and prosecutors, including the use 
                of multijurisdictional task forces.</DELETED>
        <DELETED>    (2) Assurances.--To be eligible to receive a grant 
        under this subsection, a State shall provide assurances to the 
        Attorney General that the State--</DELETED>
                <DELETED>    (A) has in effect laws that penalize 
                computer crime, such as penal laws prohibiting--
                </DELETED>
                        <DELETED>    (i) fraudulent schemes executed by 
                        means of a computer system or 
                        network;</DELETED>
                        <DELETED>    (ii) the unlawful damaging, 
                        destroying, altering, deleting, removing of 
                        computer software, or data contained in a 
                        computer, computer system, computer program, or 
                        computer network; or</DELETED>
                        <DELETED>    (iii) the unlawful interference 
                        with the operation of or denial of access to a 
                        computer, computer program, computer system, or 
                        computer network;</DELETED>
                <DELETED>    (B) an assessment of the State and local 
                resource needs, including criminal justice resources 
                being devoted to the investigation and enforcement of 
                computer crime laws; and</DELETED>
                <DELETED>    (C) a plan for coordinating the programs 
                funded under this subsection with other Federally 
                funded technical assistant and training programs, 
                including directly funded local programs such as the 
                Local Law Enforcement Block Grant program (described 
under the heading ``Violent Crime Reduction Programs, State and Local 
Law Enforcement Assistance'' of the Departments of Commerce, Justice, 
and State, the Judiciary, and Related Agencies Appropriations Act, 1998 
(Public Law 105-119)).</DELETED>
        <DELETED>    (3) Matching funds.--The Federal share of a grant 
        received under this subsection may not exceed 90 percent of the 
        total cost of a program or proposal funded under this 
        subsection unless the Attorney General waives, wholly or in 
        part, the requirements of this paragraph.</DELETED>
        <DELETED>    (4) Grants to indian tribes.--Notwithstanding any 
        other provision of this subsection, the Attorney General may 
        use amounts made available under this subsection to make grants 
        to Indian tribes for use in accordance with this 
        subsection.</DELETED>
        <DELETED>    (5) Funding.--</DELETED>
                <DELETED>    (A) In general.--Of the amount authorized 
                to be appropriated by subsection (d), $25,000,000 shall 
                be available for grants under this 
                subsection.</DELETED>
                <DELETED>    (B) Limitations.--Of the amount made 
                available under subparagraph (A) to carry out this 
                subsection not more than 3 percent may be used by the 
                Attorney General for salaries and administrative 
                expenses.</DELETED>
                <DELETED>    (C) Minimum amount.--Unless all eligible 
                applications submitted by any State or units of local 
                government within a State for a grant under this 
                subsection have been funded, the State, together with 
                grantees within the State (other than Indian tribes), 
                shall be allocated not less than 0.75 percent of the 
                total amount made available under subparagraph (A) for 
                grants pursuant to this subsection, except that the 
                United States Virgin Islands, American Samoa, Guam, and 
                the Northern Mariana Islands each shall be allocated 
                0.25 percent.</DELETED>
<DELETED>    (d) Authorization of Appropriations.--</DELETED>
        <DELETED>    (1) Authorization.--There is hereby authorized to 
        be appropriated for fiscal year 2001, $125,000,000 for purposes 
        of carrying out this section, of which $20,000,000 shall be 
        available solely for activities under subsection (b) and of 
        which $25,000,000 shall be available solely for activities 
        under subsection (c).</DELETED>
        <DELETED>    (2) Availability.--Amounts appropriated pursuant 
        to the authorization of appropriations in paragraph (1) shall 
        remain available until expended.</DELETED>

          <DELETED>TITLE II--ANTI-FRAUD PROTECTIONS</DELETED>

<DELETED>SEC. 201. PROTECTION FROM FRAUDULENT UNSOLICITED ELECTRONIC 
              MAIL.</DELETED>

<DELETED>    (a) Violations.--Subsection (a) of section 1030 of title 
18, United States Code, as amended by section 101 of this Act, is 
further amended by inserting after paragraph (7) the following new 
paragraph (8):</DELETED>
        <DELETED>    ``(8) intentionally and without consent or 
        authorization of the recipient initiates the transmission of an 
        unsolicited commercial electronic mail advertisement to one or 
        more protected computers with knowledge that such advertisement 
        falsifies an Internet domain, header information, date or time 
        stamp, originating electronic mail address, or other 
        identifier;''.</DELETED>
<DELETED>    (b) Punishment.--Subsection (c)(2) of that section, as so 
amended, is further amended--</DELETED>
        <DELETED>    (1) in subparagraph (A)--</DELETED>
                <DELETED>    (A) by inserting ``(i)'' after ``in the 
                case of an offense''; and</DELETED>
                <DELETED>    (B) by inserting after ``an offense 
                punishable under this subparagraph;'' the following: 
                ``or (ii) under subsection (a)(8) which results in 
                damage to a protected computer''; and</DELETED>
        <DELETED>    (2) by adding at the end the following new 
        subparagraph:</DELETED>
        <DELETED>    ``(D) in the case of a violation of subsection 
        (a)(8), actual monetary loss and statutory damages of $15,000 
        per violation, or an amount of up to $10 per message per 
        violation whichever is greater;''.</DELETED>
<DELETED>    (c) Definitions.--Subsection (e) of that section, as so 
amended, is further amended by adding after paragraph (12) the 
following new paragraphs:</DELETED>
        <DELETED>    ``(13) the term `initiates the transmission', in 
        the case of an unsolicited commercial electronic mail 
        advertisement, means to originate the commercial electronic 
        mail advertisement, and excludes the actions of any interactive 
        computer service whose facilities or services are used by 
        another person to transmit, relay, or otherwise handle such 
        advertisement;</DELETED>
        <DELETED>    ``(14) the term `Internet domain' means a specific 
        computer system (commonly referred to as a `host') or 
        collection of computer systems attached to or able to be 
        referenced from the Internet which are assigned a specific 
        reference point on the Internet (commonly referred to as an 
        `Internet domain name') and registered with an organization 
        recognized by the Internet industry as a registrant of Internet 
        domains;</DELETED>
        <DELETED>    ``(15) the term `unsolicited commercial electronic 
        mail advertisement' means any electronic mail message or 
        advertisement that is part of a plan, program, or campaign 
        conducted to induce purchases of goods or services, but does 
        not include electronic mail initiated by any person to others 
        with whom such person has a prior relationship, including a 
        prior business relationship, or electronic mail sent by a 
        source to recipients where such recipients, or their designees, 
        have at any time affirmatively requested to receive 
        communications from that source; and</DELETED>
        <DELETED>    ``(16) the term `Internet' has the meaning given 
        that term in section 230(f)(1) of the Communications Act of 
        1934 (47 U.S.C. 230(f)(1)).''.</DELETED>

 <DELETED>TITLE III--PRIVACY AND CONFIDENTIALITY PROTECTIONS</DELETED>

<DELETED>SEC. 301. PRIVACY PROTECTION CONCERNING PEN REGISTERS AND TRAP 
              AND TRACE DEVICES.</DELETED>

<DELETED>    (a) Annual Reports.--The text of section 3126 of such 
title is amended to read as follows:</DELETED>
<DELETED>    ``(a) Annual Reports.--The Attorney General shall submit 
to Congress on an annual basis a report on the exercise of the 
authority under this chapter with respect to pen registers and trap and 
trace devices.</DELETED>
<DELETED>    ``(b) Contents of Reports.--Each report under subsection 
(a) shall set forth, for the period covered by such report, the 
following:</DELETED>
        <DELETED>    ``(1) The number of orders for pen registers and 
        for trap and trace devices applied for by law enforcement 
        agencies, and the number and duration of any extensions of such 
        orders.</DELETED>
        <DELETED>    ``(2) The identity and location of the 
        investigative or law enforcement agency making each 
        application.</DELETED>
        <DELETED>    ``(3) The offense specified in each order or 
        application, or extension of order.</DELETED>
        <DELETED>    ``(4) The number and nature of the facilities 
        affected.''.</DELETED>
<DELETED>    (b) Applications for Orders.--Section 3122(b) of such 
title is amended--</DELETED>
        <DELETED>    (1) by striking ``and'' at the end of paragraph 
        (1);</DELETED>
        <DELETED>    (2) by striking the period at the end of paragraph 
        (2) and inserting ``; and''; and</DELETED>
        <DELETED>    (3) by adding at the end the following new 
        paragraph:</DELETED>
        <DELETED>    ``(3) a description of the facts on which the 
        certification described in paragraph (2) is based.''.</DELETED>

<DELETED>SEC. 302. PRIVACY PROTECTION FOR SUBSCRIBERS OF SATELLITE 
              TELEVISION SERVICES.</DELETED>

<DELETED>    (a) In General.--Section 631 of the Communications Act of 
1934 (47 U.S.C. 551) is amended by adding at the end the 
following:</DELETED>

<DELETED>``SEC. 631A. PRIVACY OF SUBSCRIBER INFORMATION FOR SUBSCRIBERS 
              OF SATELLITE TELEVISION SERVICE.</DELETED>

<DELETED>    ``(a) Notice to Subscribers Regarding Personally 
Identifiable Information.--At the time of entering into an agreement to 
provide any satellite home viewing service to a subscriber, and not 
less often than annually thereafter, a satellite carrier or distributor 
shall provide notice in the form of a separate, written or electronic 
statement to the subscriber that clearly and conspicuously informs the 
subscriber of--</DELETED>
        <DELETED>    ``(1) the nature of personally identifiable 
        information collected or to be collected with respect to the 
        subscriber as a result of the provision of such service and the 
        nature of the use of such information;</DELETED>
        <DELETED>    ``(2) the nature, frequency, and purpose of any 
        disclosure that may be made of such information, including an 
        identification of the types of persons to whom the disclosure 
        may be made;</DELETED>
        <DELETED>    ``(3) the period during which such information 
        will be maintained by the satellite carrier or 
        distributor;</DELETED>
        <DELETED>    ``(4) the times and place at which the subscriber 
        may have access to such information in accordance with 
        subsection (d); and</DELETED>
        <DELETED>    ``(5) the limitations provided by this section 
        with respect to the collection and disclosure of information by 
        the satellite carrier or distributor and the right of the 
        subscriber under this section to enforce such 
        limitations.</DELETED>
<DELETED>    ``(b) Collection of Personally Identifiable Information.--
</DELETED>
        <DELETED>    ``(1) In general.--Except as provided in paragraph 
        (2), a satellite carrier or distributor shall not use its 
        satellite system to collect personally identifiable information 
        concerning any subscriber without the prior written or 
        electronic consent of such subscriber.</DELETED>
        <DELETED>    ``(2) Exception.--A satellite carrier or 
        distributor may use its satellite system to collect information 
        described in paragraph (1) in order--</DELETED>
                <DELETED>    ``(A) to obtain information necessary to 
                render a satellite service provided by the satellite 
                carrier or distributor to the subscriber; or</DELETED>
                <DELETED>    ``(B) to detect unauthorized reception of 
                satellite communications.</DELETED>
<DELETED>    ``(c) Disclosure of Personally Identifiable Information.--
</DELETED>
        <DELETED>    ``(1) In general.--Except as provided in paragraph 
        (2), a satellite carrier or distributor--</DELETED>
                <DELETED>    ``(A) may not disclose personally 
                identifiable information concerning any subscriber 
                without the prior written or electronic consent of such 
                subscriber; and</DELETED>
                <DELETED>    ``(B) shall take such actions as are 
                necessary to prevent unauthorized access to such 
                information by a person other than such subscriber or 
                the satellite carrier or distributor.</DELETED>
        <DELETED>    ``(2) Exceptions.--A satellite carrier or 
        distributor may disclose information described in paragraph (1) 
        only if the disclosure is--</DELETED>
                <DELETED>    ``(A) necessary to render, or conduct a 
                legitimate business activity related to, a cable or 
                satellite service or other service provided by the 
                satellite carrier or distributor to the 
                subscriber;</DELETED>
                <DELETED>    ``(B) to a law enforcement agency pursuant 
                to a warrant issued under the Federal Rules of Criminal 
                Procedures, or equivalent State warrant, a Federal or 
                State grand jury subpoena or equivalent process 
                authorized by a Federal or State statute, or a court 
                order issued in accordance with paragraph (3); 
                and</DELETED>
                <DELETED>    ``(C) a disclosure of the names and 
                addresses of subscribers to any other provider of 
                satellite service or other service, if--</DELETED>
                        <DELETED>    ``(i) the satellite carrier or 
                        distributor has provided the subscriber the 
                        opportunity to prohibit or limit such 
                        disclosure; and</DELETED>
                        <DELETED>    ``(ii) the disclosure does not 
                        reveal, directly or indirectly--</DELETED>
                                <DELETED>    ``(I) the extent of any 
                                viewing or other use by the subscriber 
                                of satellite service or other service 
                                provided by the satellite carrier or 
                                distributor; or</DELETED>
                                <DELETED>    ``(II) the nature of any 
                                transaction made by the subscriber over 
                                the satellite system of the satellite 
                                carrier or distributor.</DELETED>
        <DELETED>    ``(3) Court orders.--</DELETED>
                <DELETED>    ``(A) Limitations.--(i) A disclosure under 
                paragraph (2)(B) may be made only--</DELETED>
                        <DELETED>    ``(I) with prior notice to the 
                        subscriber, except that delayed notice may be 
                        given pursuant to section 2705 of title 18, 
                        United States Code; and</DELETED>
                        <DELETED>    ``(II) if the law enforcement 
                        agency shows that there is probable cause to 
                        believe that the information sought is relevant 
                        to an ongoing criminal investigation being 
                        conducted by the agency.</DELETED>
                <DELETED>    ``(ii) In the case of a State government 
                authority, such a court order shall not issue if 
                prohibited by the law of such State.</DELETED>
                <DELETED>    ``(B) Quash or modification.--A court 
                issuing a court order pursuant to this paragraph, on a 
                motion made promptly by the satellite carrier or 
                distributor, may quash or modify the order if the 
                information requested is unreasonably voluminous in 
                nature or if compliance with the order otherwise would 
                cause an unreasonable burden on the satellite carrier 
                or distributor, as the case may be.</DELETED>
<DELETED>    ``(d) Subscriber Access to Information.--A satellite 
subscriber shall be provided access to all personally identifiable 
information regarding that subscriber that is collected and maintained 
by a satellite carrier or distributor. Such information shall be made 
available to the subscriber at reasonable times and at a convenient 
place designated by such satellite carrier or distributor. A satellite 
subscriber shall be provided reasonable opportunity to correct any 
error in such information.</DELETED>
<DELETED>    ``(e) Relief.--</DELETED>
        <DELETED>    ``(1) In general.--Any person aggrieved by any act 
        of a satellite carrier or distributor in violation of this 
        section may bring a civil action in a district court of the 
        United States.</DELETED>
        <DELETED>    ``(2) Damages and costs.--In any action brought 
        under paragraph (1), the court may award a prevailing plaintiff 
        actual damages but not less than liquidated damages computed at 
        the rate of $100 a day for each day of violation or $1,000, 
        whichever is greater.</DELETED>
<DELETED>    ``(f) Definitions.--In this section:</DELETED>
        <DELETED>    ``(1) Distributor.--The term `distributor' has the 
        meaning given that term in section 119(d)(1) of title 17, 
        United States Code.</DELETED>
        <DELETED>    ``(2) Other service.--The term `other service' 
        includes any wire, electronic, or radio communications service 
        provided using any of the facilities of a satellite carrier or 
        distributor that are used in the provision of satellite home 
        viewing service.</DELETED>
        <DELETED>    ``(3) Personally identifiable information.--The 
        term `personally identifiable information' does not include any 
        record of aggregate data that does not identify particular 
        persons.</DELETED>
        <DELETED>    ``(4) Satellite carrier.--The term `satellite 
        carrier' has the meaning given that term in section 119(d)(6) 
        of title 17, United States Code.''.</DELETED>
<DELETED>    (b) Notice With Respect to Certain Agreements.--</DELETED>
        <DELETED>    (1) In general.--Except as provided in paragraph 
        (2), a satellite carrier or distributor who has entered into 
        agreements referred to in section 631(a) of the Communications 
        Act of 1934, as amended by subsection (a), before the date of 
        enactment of this Act, shall provide any notice required under 
        that section, as so amended, to subscribers under such 
        agreements not later than 180 days after that date.</DELETED>
        <DELETED>    (2) Exception.--Paragraph (1) shall not apply with 
        respect to any agreement under which a satellite carrier or 
        distributor was providing notice under section 631(a) of the 
        Communications Act of 1934, as in effect on the day before the 
        date of enactment of this Act, as of such date.</DELETED>

<DELETED>SEC. 303. ENCRYPTION REPORTING REQUIREMENTS.</DELETED>

<DELETED>    Section 2519(2)(b) of title 18, United States Code, is 
amended by striking ``and (iv)'' and inserting ``(iv) the number of 
orders in which encryption was encountered and whether such encryption 
prevented law enforcement from obtaining the plaintext of 
communications intercepted pursuant to any such order, (v) the 
approximate nature, amount, and cost of the manpower and other 
resources used in obtaining the plaintext of intercepted communications 
that were encrypted, and (vi)''.</DELETED>

<DELETED>SEC. 304. FRAUD IN ONLINE COLLECTION AND DISSEMINATION OF 
              PERSONALLY IDENTIFIABLE INFORMATION.</DELETED>

<DELETED>    Section 1030 of title 18, United States Code, as amended 
by section 102(b) of this Act, is further amended by inserting after 
subsection (i) the following new subsection (j):</DELETED>
<DELETED>    ``(j)(1) Except as otherwise provided in this subsection, 
an interactive computer service may not disclose to a person other than 
the consumer concerned any personally identifiable information, 
unless--</DELETED>
        <DELETED>    ``(A) the interactive computer service discloses 
        to the consumer, in a notice consistent with paragraph (2), the 
        types of persons to whom such information may be disclosed; 
        and</DELETED>
        <DELETED>    ``(B) the consumer is given--</DELETED>
                <DELETED>    ``(i) the opportunity, before the time 
                that such information is initially disclosed, to direct 
                that such information not be disclosed to such person; 
                and</DELETED>
                <DELETED>    ``(ii) an explanation of how the consumer 
                can exercise that nondisclosure option available under 
                clause (i).</DELETED>
<DELETED>    ``(2) At the time of establishing a customer relationship 
with a consumer and before collecting any personally identifiable 
information from the consumer, an interactive computer service shall 
provide to the consumer a disclosure, which shall appear on the first 
webpage of the interactive computer service or be accessible by a 
hypertext link from such first webpage, of the policies and practices 
of the interactive computer service with respect to--</DELETED>
        <DELETED>    ``(A) the collection and use of personally 
        identifiable information from customers who visit or use the 
        website of the interactive computer service;</DELETED>
        <DELETED>    ``(B) the disclosure of such personally 
        identifiable information to persons other than such customers; 
        and</DELETED>
        <DELETED>    ``(C) the protection of the confidentiality and 
        security of such personally identifiable information.</DELETED>
<DELETED>    ``(3) This subsection shall not prohibit the disclosure of 
personally identifiable information regarding a consumer if such 
disclosure is--</DELETED>
        <DELETED>    ``(A) with the consent or at the direction of the 
        consumer (including the use of an electronic agent to provide 
        such consent or direction);</DELETED>
        <DELETED>    ``(B) to protect the confidentiality or security 
        of the records of the interactive computer service pertaining 
        to the consumer;</DELETED>
        <DELETED>    ``(C) to protect against or prevent actual or 
        potential fraud or unauthorized transactions;</DELETED>
        <DELETED>    ``(D) to persons holding a legal or beneficial 
        interest relating to the consumer;</DELETED>
        <DELETED>    ``(E) to persons acting in a fiduciary or 
        representative capacity on behalf of the consumer; or</DELETED>
        <DELETED>    ``(F) required--</DELETED>
                <DELETED>    ``(i) to comply with Federal, State, or 
                local laws or regulations, or other applicable legal 
                requirements;</DELETED>
                <DELETED>    ``(ii) to comply with a properly 
                authorized civil, criminal, or regulatory investigation 
                or subpoena by Federal, State, or local authorities; 
                or</DELETED>
                <DELETED>    ``(iii) to respond to judicial process or 
                government regulatory authorities for examination, 
                compliance, or other purposes as authorized by 
                law.</DELETED>
<DELETED>    ``(4) Nothing in this subsection may be construed to 
prohibit an interactive computer service from using, disclosing, or 
permitting access to aggregate subscriber information from which 
personally identifiable information has been removed.</DELETED>
<DELETED>    ``(5) The Attorney General, any United States Attorney, or 
any State Attorney General may maintain a civil action against any 
person who violates this subsection for appropriate civil or equitable 
relief.</DELETED>
<DELETED>    ``(6) In this subsection:</DELETED>
        <DELETED>    ``(A) The term `consumer' means an individual who 
        visits or transacts with an interactive computer service for 
        personal, family, or household purposes, and also means the 
        legal representative of such an individual.</DELETED>
        <DELETED>    ``(B) The term `customer', with respect to an 
        interactive computer service, means any consumer (or authorized 
        representative of a consumer) of a commercial product or 
        service provided by such interactive computer 
        service.</DELETED>
        <DELETED>    ``(C) the term `customer information of an 
        interactive computer service' means any personally identifiable 
        information maintained by or for an interactive computer 
        service which is provided by a customer to an interactive 
        computer service.</DELETED>
        <DELETED>    ``(D) The term `time of establishing a customer 
        relationship' means the time when the website of an interactive 
        computer service is visited by a consumer.</DELETED>
        <DELETED>    ``(E) The term `interactive computer service' 
        means any person who--</DELETED>
                <DELETED>    ``(i) operates, or on whose behalf is 
                operated, a website located on the Internet or an 
                online service; and</DELETED>
                <DELETED>    ``(ii) collects or maintains personal 
                information from or about the users of or visitors to 
                such website or online service, or on whose behalf such 
                information is collected or maintained, where such 
                website or online service is operated for commercial 
                purposes, including any person offering products or 
                services for sale through that websites or online 
                service, involving commerce--</DELETED>
                        <DELETED>    ``(I) among the several States or 
                        with 1 or more foreign nations; and</DELETED>
                        <DELETED>    ``(II) in any territory of the 
                        United States or in the District of Columbia, 
                        or between any such territory and--</DELETED>
                                <DELETED>    ``(aa) another such 
                                territory;</DELETED>
                                <DELETED>    ``(bb) any State or 
                                foreign nation; or</DELETED>
                                <DELETED>    ``(cc) between the 
                                District of Columbia and any State, 
                                territory, or foreign nation.</DELETED>
        <DELETED>    ``(F) The term `personally identifiable 
        information' means any of the following information provided 
        online by a consumer to an interactive computer 
        service:</DELETED>
                <DELETED>    ``(i) A first and last name.</DELETED>
                <DELETED>    ``(ii) A home or other physical address, 
                including a street name and name of a city or 
                town.</DELETED>
                <DELETED>    ``(iii) An electronic mail 
                address.</DELETED>
                <DELETED>    ``(iv) A telephone number.</DELETED>
                <DELETED>    ``(v) A Social Security number.</DELETED>
                <DELETED>    ``(vi) A credit card number or charge 
                card, and any related access code.</DELETED>
                <DELETED>    ``(vii) A photograph.''.</DELETED>

<DELETED>SEC. 305. NATIONAL MEDIA CAMPAIGN ON PUBLIC AWARENESS 
              REGARDING ONLINE SECURITY AND PRIVACY.</DELETED>

<DELETED>    (a) National Media Campaign Authorized.--</DELETED>
        <DELETED>    (1) Campaign authorized.--The Attorney General, 
        after consultation with the Deputy Assistant Attorney General 
        for Computer Crime and Intellectual Property, may carry out a 
        national media campaign for purposes of raising public 
        awareness of existing rights, laws, and regulations relating to 
        Internet security and the privacy of personally identifiable 
        information over the Internet.</DELETED>
        <DELETED>    (2) Outside assistance.--The Attorney General 
        may--</DELETED>
                <DELETED>    (A) carry out the campaign in cooperation 
                with appropriate non-Federal persons and entities; 
                and</DELETED>
                <DELETED>    (B) seek and utilize non-Federal funds and 
                in-kind donations in carrying out the 
                campaign.</DELETED>
<DELETED>    (b) Objectives of Campaign.--The objectives of the 
campaign shall be--</DELETED>
        <DELETED>    (1) to heighten and increase public awareness of 
        the occurrence and extent of the collection and dissemination 
        of personally identifiable information, and the security of 
        such information, by commercial, private, and public entities 
        that maintain Internet websites;</DELETED>
        <DELETED>    (2) to encourage Americans to learn of and become 
        familiar with actions that can be taken to protect their 
        personally identifiable information from being transferred 
        without their consent or otherwise misused by a third 
        party;</DELETED>
        <DELETED>    (3) to inform Americans of their rights with 
        respect to their personally identifiable information; 
        and</DELETED>
        <DELETED>    (4) to inform Americans of Federal crimes relating 
        to computer fraud and abuse, and of the punishments for such 
        crimes.</DELETED>
<DELETED>    (c) Elements of Campaign.--Subject to subsection (d), the 
campaign shall be carried out through such means as the Attorney 
General considers appropriate, including--</DELETED>
        <DELETED>    (1) public service announcements;</DELETED>
        <DELETED>    (2) advertisements on television and 
        radio;</DELETED>
        <DELETED>    (3) banners on the World Wide Web that are 
        adoptable by commercial and community Internet 
        websites;</DELETED>
        <DELETED>    (4) newspapers and magazines, including 
        advertisements and submittals to editorial pages;</DELETED>
        <DELETED>    (5) out-of-home message sites, including 
        billboards, posters, and signs;</DELETED>
        <DELETED>    (6) information through a toll-free telephone 
        number (commonly referred to as an ``800'' number); 
        and</DELETED>
        <DELETED>    (7) other appropriate media and outlets.</DELETED>
<DELETED>    (d) Limitation on Use of Funds for Campaign.--</DELETED>
        <DELETED>    (1) In general.--No funds available for the 
        campaign may be used as follows:</DELETED>
                <DELETED>    (A) To propose, influence, favor, or 
                oppose any change in any statute, rule, regulation, 
                treaty, or other provision of law.</DELETED>
                <DELETED>    (B) For any partisan political 
                purpose.</DELETED>
                <DELETED>    (C) Except as provided in paragraph (2), 
                to feature any elected official, person seeking elected 
                office, cabinet-level official, or Federal official 
                employed pursuant to Schedule C under section 213 of 
                title 5, Code of Federal Regulations.</DELETED>
                <DELETED>    (D) In violation of section 1913 of title 
                18, United States Code.</DELETED>
        <DELETED>    (2) Exception.--Funds available for the campaign 
        may be used as described in paragraph (1)(C) if, not later than 
        15 days before the use of such funds in that manner, a notice 
        regarding the use of such funds in that manner is submitted to 
        the Committees on Appropriations and the Judiciary of the 
        Senate and House of Representatives.</DELETED>
<DELETED>    (e) Assessment of Campaign.--</DELETED>
        <DELETED>    (1) Requirement.--The Attorney General shall enter 
        into an agreement with a qualified certified public accountant 
        for purposes of obtaining an assessment of the campaign, 
        including--</DELETED>
                <DELETED>    (A) an accounting of the amounts 
                (including Federal funds, other funds, and any in-kind 
                donations) received for purposes of conducting the 
                campaign; and</DELETED>
                <DELETED>    (B) an objective assessment of the effects 
                of the campaign, including the cost-effectiveness of 
                the campaign.</DELETED>
        <DELETED>    (2) Report.--The Attorney General shall submit to 
        the Committees on Appropriations and the Judiciary of the 
        Senate and House of Representatives a report on the assessment 
        obtained under paragraph (1). The report shall be submitted not 
        later than 270 days after the termination of the campaign under 
        subsection (f).</DELETED>
        <DELETED>    (3) Availability of funds.--Of the amount 
        available for the campaign under subsection (h), not more than 
        an amount equal to 5 percent of such amount shall be available 
        to cover the costs of the assessment obtained under this 
        subsection.</DELETED>
<DELETED>    (f) Termination of Campaign.--Activities under the 
campaign, other than the assessment under subsection (e), shall 
terminate not later than three years after the date of the enactment of 
this Act.</DELETED>
<DELETED>    (g) Personally Identifiable Information Defined.--In this 
section, the term ``personally identifiable information'', has the 
meaning given that term in section 1030(j)(6)(F) of title 18, United 
States Code (as amended by section 304(a) of this Act).</DELETED>
<DELETED>    (h) Authorization of Appropriation.--</DELETED>
        <DELETED>    (1) Authorization.--There is hereby authorized to 
        be appropriated for the Department of Justice for each of 
        fiscal years 2001, 2002, and 2003, $25,000,000 for purposes of 
        the campaign under this section.</DELETED>
        <DELETED>    (2) Availability.--Amounts appropriated pursuant 
        to the authorization of appropriations in paragraph (1) shall 
        remain available until expended.</DELETED>

<DELETED>SEC. 306. FRAUDULENT ACCESS TO PERSONALLY IDENTIFIABLE 
              INFORMATION.</DELETED>

<DELETED>    (a) In General.--Section 1030 of title 18, United States 
Code, as amended by this Act, is further amended by inserting after 
subsection (j) the following new subsection (k):</DELETED>
<DELETED>    ``(k)(1) Except as provided in paragraphs (2) and (3), 
whoever knowingly with intent to defraud obtains, or causes to be 
disclosed to any person, personally identifiable information of an 
interactive computer service relating to another person without such 
person's consent or authorization--</DELETED>
        <DELETED>    ``(A) by making a false, fictitious, or fraudulent 
        statement or representation to an officer, employee, or agent 
        of an interactive computer service;</DELETED>
        <DELETED>    ``(B) by making a false, fictitious, or fraudulent 
        statement or representation to a customer of an interactive 
        computer service; or</DELETED>
        <DELETED>    ``(C) by providing any document to an officer, 
        employee, or agent of an interactive computer service, knowing 
        that the document is forged, counterfeit, or stolen, was 
        fraudulently obtained, or contains a false, fictitious, or 
        fraudulent statement or representation,</DELETED>
<DELETED>shall be punished as provided in subsection (c).</DELETED>
<DELETED>    ``(2) No provision of this subsection shall be construed 
to prevent any interactive computer service, or any officer, employee, 
or agent of an interactive computer service, from obtaining personally 
identifiably information of such interactive computer service in the 
course of--</DELETED>
        <DELETED>    ``(A) testing the security procedures or systems 
        of such interactive computer service for maintaining the 
        confidentiality of personally identifiable 
        information;</DELETED>
        <DELETED>    ``(B) investigating allegations of misconduct or 
        negligence on the part of any officer, employee, or agent of 
        such interactive computer service; or</DELETED>
        <DELETED>    ``(C) recovering customer information of such 
        interactive computer service which was obtained or received by 
        another person in any manner described in paragraph 
        (1).</DELETED>
<DELETED>    ``(3) No provision of this section shall be construed to 
prevent any insurance institution, or any officer, employee, or agency 
of an insurance institution, from obtaining information as part of an 
insurance investigation into criminal activity, fraud, material 
misrepresentation, or material nondisclosure that is authorized for 
such institution under State law, regulation, interpretation, or 
order.''.</DELETED>
<DELETED>    (b) Attempted Offenses.--Subsection (b) of that section is 
amended by striking ``subsection (a)'' and inserting ``subsection (a) 
or (k)''.</DELETED>

   <DELETED>TITLE IV--NATIONAL SECURITY AND CRITICAL INFRASTRUCTURE 
                          PROTECTION</DELETED>

<DELETED>SEC. 401. DEPUTY ASSISTANT ATTORNEY GENERAL FOR COMPUTER CRIME 
              AND INTELLECTUAL PROPERTY.</DELETED>

<DELETED>    (a) Establishment of Position.--(1) Chapter 31 of title 
28, United States Code, is amended by inserting after section 507 the 
following new section:</DELETED>
<DELETED>``Sec. 507a. Deputy Assistant Attorney General for Computer 
              Crime and Intellectual Property</DELETED>
<DELETED>    ``(a) The Attorney General shall appoint a Deputy 
Assistant Attorney General for Computer Crime and Intellectual 
Property.</DELETED>
<DELETED>    ``(b) The Deputy Assistant Attorney General shall be the 
head of the Computer Crime and Intellectual Property Section (CCIPS) of 
the Department of Justice.</DELETED>
<DELETED>    ``(c) The duties of the Deputy Assistant Attorney General 
shall include the following:</DELETED>
        <DELETED>    ``(1) To advise Federal prosecutors and law 
        enforcement personnel regarding computer crime and intellectual 
        property crime.</DELETED>
        <DELETED>    ``(2) To coordinate national and international 
        activities relating to combatting computer crime.</DELETED>
        <DELETED>    ``(3) To provide guidance and assistance to 
        Federal, State, and local law enforcement agencies and 
        personnel, and appropriate foreign entities, regarding 
        responses to threats of computer crime and cyber-
        terrorism.</DELETED>
        <DELETED>    ``(4) To serve as the liaison of the Attorney 
        General to the National Infrastructure Protection Center 
        (NIPC), the Department of Defense, the National Security 
        Agency, and the Central Intelligence Agency on matters relating 
        to computer crime.</DELETED>
        <DELETED>    ``(5) To coordinate training for Federal, State, 
        and local prosecutors and law enforcement personnel on laws 
        pertaining to computer crime.</DELETED>
        <DELETED>    ``(6) To propose and comment upon legislation 
        concerning computer crime, intellectual property crime, 
encryption, electronic privacy, and electronic commerce, and concerning 
the search and seizure of computers.</DELETED>
        <DELETED>    ``(7) Any other duties carried out by the head of 
        the Computer Crime and Intellectual Property Section of the 
        Department of Justice as of the date of the enactment of the 
        Internet Integrity and Critical Infrastructure Protection Act 
        of 2000.</DELETED>
        <DELETED>    ``(8) Such other duties as the Attorney General 
        considers appropriate.''.</DELETED>
<DELETED>    (2) The table of sections at the beginning of such chapter 
is amended by inserting after the item relating to section 507 the 
following new item:</DELETED>

<DELETED>``507a. Deputy Assistant Attorney General for Computer Crime 
                            and Intellectual Property.''.
<DELETED>    (b) First Appointment to Position of Deputy Assistant 
Attorney General.--(1) The individual who holds the position of head of 
the Computer Crime and Intellectual Property Section (CCIPS) of the 
Department of Justice as of the date of the enactment of this Act shall 
act as the Deputy Assistant Attorney General for Computer Crime and 
Intellectual Property under section 507a of title 28, United States 
Code, until the Attorney General appoints an individual to hold the 
position of Deputy Assistant Attorney General for Computer Crime and 
Intellectual Property under that section.</DELETED>
<DELETED>    (2) The individual first appointed as Deputy Assistant 
Attorney General for Computer Crime and Intellectual Property after the 
date of the enactment of this Act may be the individual who holds the 
position of head of the Computer Crime and Intellectual Property 
Section of the Department of Justice as of that date.</DELETED>
<DELETED>    (c) Authorization of Appropriations for CCIPS.--There is 
hereby authorized to be appropriated for the Department of Justice for 
fiscal year 2001, $5,000,000 for the Computer Crime and Intellectual 
Property Section of the Department for purposes of the discharge of the 
duties of the Deputy Assistant Attorney General for Computer Crime and 
Intellectual Property under section 507a of title 28, United States 
Code (as so added), during that fiscal year.</DELETED>

<DELETED>SEC. 402. NATIONAL INFRASTRUCTURE PROTECTION CENTER.</DELETED>

<DELETED>    (a) In General.--The Director of the National 
Infrastructure Protection Center (NPIC) within the Federal Bureau of 
Investigation shall use amounts authorized to be appropriated under 
subsection (b) for the following purposes:</DELETED>
        <DELETED>    (1) To gather and analyze information concerning 
        threats to, and the vulnerability of, the national critical 
        infrastructure.</DELETED>
        <DELETED>    (2) To provide assessments, warnings, and 
        emergency response information to other governmental entities, 
        and other owners and operators of critical infrastructure, 
        concerning threats to the national critical 
        infrastructure.</DELETED>
        <DELETED>    (3) To provide assistance to law enforcement in 
        investigating and prosecuting attacks against the national 
        critical infrastructure.</DELETED>
        <DELETED>    (4) To develop and disseminate, in collaboration 
        with the private sector, technology and security procedures for 
        shielding the national critical infrastructure against 
        attack.</DELETED>
        <DELETED>    (5) Such other purposes as the Director considers 
        appropriate.</DELETED>
<DELETED>    (b) Authorization of Appropriations.--There is hereby 
authorized to be appropriated for the Federal Bureau of Investigation 
for the purposes set forth in subsection (a) the following:</DELETED>
        <DELETED>    (1) For fiscal year 2001, $45,000,000.</DELETED>
        <DELETED>    (2) For each of fiscal years 2002 through 2005, 
        such sums as may be necessary for such fiscal years.</DELETED>

<DELETED>SEC. 403. PERSONNEL EXCHANGE PROGRAMS FOR CRITICAL 
              INFRASTRUCTURE PROTECTION TRAINING.</DELETED>

<DELETED>    Section 3371(4) of title 5, United States Code, is 
amended--</DELETED>
        <DELETED>    (1) by striking ``or'' at the end of subparagraph 
        (C);</DELETED>
        <DELETED>    (2) by striking the period at the end of 
        subparagraph (D) and inserting ``; or''; and</DELETED>
        <DELETED>    (3) by adding at the end the following new 
        subparagraph:</DELETED>
                <DELETED>    ``(E) a provider of wire or electronic 
                communication service, provider of data encryption or 
                related services, or other entity, for the purpose of 
                furthering the objectives of the Internet Integrity and 
                Critical Infrastructure Protection Act of 
                2000.''.</DELETED>

  <DELETED>TITLE V--INTERNATIONAL COMPUTER CRIME ENFORCEMENT</DELETED>

<DELETED>SEC. 501. SHORT TITLE.</DELETED>

<DELETED>    This title may be cited as the ``International Computer 
Crime Enforcement Assistance Act of 2000''.</DELETED>

<DELETED>SEC. 502. DISCLOSURE OF COMPUTER CRIME EVIDENCE TO FOREIGN LAW 
              ENFORCEMENT AUTHORITIES RELATING TO ENFORCEMENT OF 
              FOREIGN COMPUTER CRIME LAWS.</DELETED>

<DELETED>    (a) In General.--Subject to subsection (b) and section 
505, the Attorney General of the United States may provide computer 
crime (other than trade secrets or propriety information otherwise not 
disclosable by the Attorney General) to a foreign law enforcement 
authority to assist the foreign law enforcement authority--</DELETED>
        <DELETED>    (1) in determining whether a person has violated 
        or is about to violate a foreign computer crime law 
        administered or enforced by the foreign law enforcement 
        authority; or</DELETED>
        <DELETED>    (2) in enforcing such a foreign computer crime 
        law.</DELETED>
<DELETED>    (b) Computer Crime Mutual Assistance Agreement Required.--
The Attorney General may not provide evidence to a foreign law 
enforcement authority under subsection (a) except pursuant to the 
provisions of a computer crime mutual assistance agreement with respect 
to the foreign law enforcement authority that is in effect under this 
title.</DELETED>

<DELETED>SEC. 503. INVESTIGATIVE ASSISTANCE TO FOREIGN LAW ENFORCEMENT 
              AUTHORITIES TO OBTAIN COMPUTER CRIME EVIDENCE RELATING TO 
              ENFORCEMENT OF FOREIGN COMPUTER CRIME LAWS.</DELETED>

<DELETED>    (a) In General.--Subject to the provisions of this section 
and section 505, the Attorney General of the United States may exercise 
any authority set forth in subsection (b) to assist a foreign law 
enforcement authority--</DELETED>
        <DELETED>    (1) in determining whether a person has violated 
        or is about to violate a foreign computer crime law 
        administered or enforced by the foreign law enforcement 
        authority; or</DELETED>
        <DELETED>    (2) in enforcing such a foreign computer crime 
        law.</DELETED>
<DELETED>    (b) Covered Authorities.--</DELETED>
        <DELETED>    (1) In general.--The authorities referred to in 
        this subsection are the authorities of the Attorney General as 
        follows:</DELETED>
                <DELETED>    (A) To investigate possible violations of 
                the Federal computer crime laws.</DELETED>
                <DELETED>    (B) To provide evidence obtained as a 
                result of an investigation under subparagraph (A) to 
                the foreign law enforcement authority 
                concerned.</DELETED>
        <DELETED>    (2) Scope of authority.--An investigation may be 
        conducted under subparagraph (A) of paragraph (1), and evidence 
        obtained through such investigation may be provided under 
        subparagraph (B) of that paragraph, without regard to whether 
        the conduct investigated violates any Federal computer crime 
        law.</DELETED>
<DELETED>    (c) Computer Crime Mutual Assistance Agreement Required.--
The Attorney General may not exercise any authority set forth in 
subsection (b) on behalf of a foreign law enforcement authority except 
pursuant to the provisions of a computer crime mutual assistance 
agreement with respect to the foreign law enforcement authority that is 
in effect under this title.</DELETED>
<DELETED>    (d) Requests.--</DELETED>
        <DELETED>    (1) Submittal.--A foreign law enforcement 
        authority seeking the assistance of the Attorney General under 
        this section shall submit a request for such assistance to the 
        Attorney General.</DELETED>
        <DELETED>    (2) Response.--The Attorney General may approve or 
        deny, in whole or in part, a request submitted under paragraph 
        (1).</DELETED>
        <DELETED>    (3) Prohibition on action following denial.--The 
        Attorney General may not take any action under subsection (a) 
        with respect to any part of a request under this subsection 
        that has been denied by the Attorney General under paragraph 
        (2).</DELETED>
<DELETED>    (e) Rights and Privileges Preserved.--A person may not be 
compelled in connection with an investigation under this section to 
give testimony or a statement, or to produce a document or other thing, 
in violation of any legally applicable right or privilege.</DELETED>

<DELETED>SEC. 504. COURT ORDERS TO PROVIDE ASSISTANCE TO FOREIGN LAW 
              ENFORCEMENT AUTHORITIES RELATING TO ENFORCEMENT OF 
              FOREIGN COMPUTER CRIME LAWS.</DELETED>

<DELETED>    (a) Authority of the District Courts.--On application of 
the Attorney General of the United States made in accordance with a 
computer crime mutual assistance agreement in effect under this title, 
the United States district court for the district in which a person 
resides, is found, or transacts business may order the person to give 
testimony or a statement, or to produce a document or other thing, to 
the Attorney General in order to assist a foreign law enforcement 
authority covered by the agreement--</DELETED>
        <DELETED>    (1) in determining whether a person has violated 
        or is about to violate a foreign computer crime law 
        administered or enforced by the foreign law enforcement 
        authority; or</DELETED>
        <DELETED>    (2) in enforcing such a foreign computer crime 
        law.</DELETED>
<DELETED>    (b) Limitation on Applications.--The making of 
applications by the Attorney General under subsection (a) is subject to 
the provisions of section 505.</DELETED>
<DELETED>    (c) Contents of Order.--</DELETED>
        <DELETED>    (1) Use of appointee to receive evidence.--
        </DELETED>
                <DELETED>    (A) In general.--An order issued under 
                subsection (a) may direct that testimony or a statement 
                be given, or a document or other thing be produced, to 
                a person who shall be recommended by the Attorney 
                General and appointed by the court.</DELETED>
                <DELETED>    (B) Powers.--A person appointed with 
                respect to an order under subparagraph (A) shall have 
                the power to administer any oath necessary under the 
                order and the power to take testimony or 
                statements.</DELETED>
        <DELETED>    (2) Practice and procedure.--</DELETED>
                <DELETED>    (A) In general.--An order issued under 
                subsection (a) may prescribe the practice and procedure 
                for taking testimony and statements and for producing 
                documents and other things.</DELETED>
                <DELETED>    (B) Scope.--The practice and procedure 
                prescribed for an order under subparagraph (A) may be 
                in whole or in part the practice and procedure of the 
                foreign state, or the regional economic integration 
                organization, represented by the foreign law 
                enforcement authority with respect to which the 
                Attorney General requests the order.</DELETED>
                <DELETED>    (C) Default.--To the extent an order does 
                not prescribe otherwise, any testimony and statements 
                required to be taken shall be taken, and any documents 
                and other things required to be produced, shall be 
                produced, in accordance with the Federal Rules of Civil 
                Procedure.</DELETED>
<DELETED>    (c) Rights and Privileges Preserved.--A person may not be 
compelled under an order issued under subsection (a) to give testimony 
or a statement, or to produce a document or other thing, in violation 
of any legally applicable right or privilege.</DELETED>
<DELETED>    (d) Voluntary Conduct.--This section shall not be 
construed to preclude a person in the United States from voluntarily 
giving testimony or a statement, or producing a document or other 
thing, in any manner acceptable to the person for use in an 
investigation by a foreign law enforcement authority.</DELETED>

<DELETED>SEC. 505. LIMITATIONS ON ACTIVITIES UNDER COMPUTER CRIME 
              MUTUAL ASSISTANCE AGREEMENTS.</DELETED>

<DELETED>    (a) Determinations Required.--The Attorney General of the 
United States may not disclose evidence under section 502, exercise any 
authority under section 503, or apply for an order under section 504 
with respect to a computer crime mutual assistance agreement unless the 
Attorney General determines in the particular instance that--</DELETED>
        <DELETED>    (1) the foreign law enforcement authority 
        concerned--</DELETED>
                <DELETED>    (A) will satisfy the assurances, terms, 
                and conditions under the agreement that are specified 
                in paragraphs (1), (2), and (5) of section 508(b); 
                and</DELETED>
                <DELETED>    (B) is capable of complying with and will 
                comply with the confidentiality requirements applicable 
                under the agreement with respect to any requested 
                computer crime evidence;</DELETED>
        <DELETED>    (2) providing any requested computer crime 
        evidence will not violate a limitation in section 508(c); 
        and</DELETED>
        <DELETED>    (3) disclosing the evidence, exercising the 
        authority, or applying for the order, as the case may be, is 
        consistent with the public interest of the United States, 
        taking into consideration whether the foreign state or regional 
        economic integration organization represented concerned holds 
        any proprietary interest that could benefit or otherwise be 
        affected by the disclosure, the exercise of the authority, or 
        the granting of the order.</DELETED>
<DELETED>    (b) Limitation on Disclosure of Certain Computer Crime 
Evidence.--The Attorney General may not disclose in violation of a 
computer crime mutual assistance agreement any computer crime evidence 
received under the agreement, except that the agreement may not prevent 
the disclosure of computer crime evidence to a defendant in an action 
or proceeding brought by the Attorney General for a violation of any 
Federal law if the disclosure would otherwise be required by Federal 
law.</DELETED>
<DELETED>    (c) Required Disclosure of Notice Received.--If the 
Attorney General receives a notice described in section 508(b)(8), the 
Attorney General shall transmit the notice to the person that provided 
the evidence with respect to which the notice is received.</DELETED>

<DELETED>SEC. 506. REIMBURSEMENT.</DELETED>

<DELETED>    The Attorney General of the United States is authorized to 
receive from a foreign law enforcement authority, or from the foreign 
state or regional economic integration organization represented by such 
foreign law enforcement authority, reimbursement of the costs incurred 
by the Attorney General in disclosing evidence under section 502, 
exercising any authority under section 503, or applying for an order 
under section 504 with respect to a computer crime mutual assistance 
agreement.</DELETED>

<DELETED>SEC. 507. JUDICIAL REVIEW.</DELETED>

<DELETED>    (a) Determinations.--A determination made under paragraph 
(1), (2), or (3) of section 505(a) shall not be subject to judicial 
review.</DELETED>
<DELETED>    (b) Citations to and Descriptions of Confidentiality 
Laws.--Whether a computer crime mutual assistance agreement satisfies 
the requirement set forth in section 508(b)(3) shall not be subject to 
judicial review.</DELETED>
<DELETED>    (c) Rules of Construction.--</DELETED>
        <DELETED>    (1) Administrative procedure act.--The 
        requirements in section 508(d), with respect to publication and 
        request for public comment, shall not be construed to create 
        any availability of judicial review under chapter 7 of title 5, 
        United States Code.</DELETED>
        <DELETED>    (2) Excluded elements.--Nothing in this section 
        shall be construed to affect the availability of judicial 
        review under laws referred to in section 508(c).</DELETED>

<DELETED>SEC. 508. COMPUTER CRIME MUTUAL ASSISTANCE 
              AGREEMENTS.</DELETED>

<DELETED>    (a) In General.--</DELETED>
        <DELETED>    (1) Description generally.--Subject to the 
        provisions of this section, a computer crime mutual assistance 
        agreement for purposes of this title shall consist of a written 
        agreement, or written memorandum of understanding, that is 
        entered into by the United States and a foreign state or 
        regional economic integration organization with respect to the 
        foreign law enforcement authorities of the foreign state or 
        organization (and such other governmental entities of the 
        foreign state or organization as the Attorney General 
        determines may be necessary in order to provide the assistance 
        described in subsection (b)(1)) for purposes of carrying out 
        activities authorized by sections 502, 503, and 504, on a 
        reciprocal basis.</DELETED>
        <DELETED>    (2) Officials.--A computer crime mutual assistance 
        agreement shall be entered into jointly by the Attorney General 
        of the United States and a foreign law enforcement 
        authority.</DELETED>
<DELETED>    (b) Elements.--A computer crime mutual assistance 
agreement shall contain the following elements:</DELETED>
        <DELETED>    (1) An assurance that any foreign law enforcement 
        authority covered by the agreement will provide to the Attorney 
        General assistance that is comparable in scope to the 
        assistance the Attorney General provides under the 
        agreement.</DELETED>
        <DELETED>    (2) An assurance that any foreign law enforcement 
        authority covered by the agreement--</DELETED>
                <DELETED>    (A) is subject to laws and procedures that 
                are adequate to maintain securely the confidentiality 
                of computer crime evidence that may be received under 
                section 502, 503, or 504; and</DELETED>
                <DELETED>    (B) will give protection to such evidence 
                that is not less than the protection that would be 
                provided such evidence under the laws of the United 
                States.</DELETED>
        <DELETED>    (3) Citations to and brief descriptions of the 
        laws of the United States, and the laws of the foreign state or 
        regional economic integration organization concerned, that 
        protect the confidentiality of computer crime evidence that may 
be provided under the agreement, which citations and descriptions shall 
set forth the enforcement mechanisms and penalties applicable under 
such laws and, in the case of a regional economic integration 
organization, the applicability of such laws, enforcement mechanisms, 
and penalties to the foreign states composing the 
organization.</DELETED>
        <DELETED>    (4) Citations to the Federal computer crime laws 
        and the foreign computer crime laws with respect to which the 
        agreement applies.</DELETED>
        <DELETED>    (5) Terms and conditions that specifically require 
        using, disclosing, or permitting the use or disclosure of 
        computer crime evidence received under the agreement only--
        </DELETED>
                <DELETED>    (A) for the purpose of administering or 
                enforcing the foreign computer crime laws concerned; 
                or</DELETED>
                <DELETED>    (B) with respect to a specified disclosure 
                or use requested by a foreign law enforcement authority 
                and essential to a significant law enforcement 
                objective, in accordance with the prior written consent 
                given by the Attorney General after--</DELETED>
                        <DELETED>    (i) determining that such computer 
                        crime evidence is not otherwise readily 
                        available with respect to such 
                        objective;</DELETED>
                        <DELETED>    (ii) making the determinations 
                        described in paragraphs (2) and (3) of section 
                        505(a), with respect to such disclosure or use; 
                        and</DELETED>
                        <DELETED>    (iii) making the determinations 
                        applicable to a foreign law enforcement 
                        authority under section 505(a)(1) (other than 
                        the determination regarding the assurance 
                        described in paragraph (1) of this subsection), 
                        with respect to each additional governmental 
                        entity, if any, to be provided such computer 
                        crime evidence in the course of such disclosure 
                        or use, after having received adequate written 
                        assurances applicable to each such governmental 
                        entity.</DELETED>
        <DELETED>    (6) An assurance that computer crime evidence 
        received under section 502, 503, or 504 from the Attorney 
        General, and all copies of such evidence, in the possession or 
        control of any foreign law enforcement authority covered by the 
        agreement will be returned to the Attorney General at the 
        conclusion of the foreign investigation or proceeding with 
        respect to which such evidence was so received.</DELETED>
        <DELETED>    (7) Terms and conditions that specifically provide 
        that the agreement will be terminated if--</DELETED>
                <DELETED>    (A) the confidentiality required under the 
                agreement is violated with respect to computer crime 
                evidence; and</DELETED>
                <DELETED>    (B) adequate action is not taken to 
                minimize any harm resulting from such violation and to 
                ensure that the confidentiality required under the 
                agreement is not violated again.</DELETED>
        <DELETED>    (8) Terms and conditions that specifically provide 
        that if the confidentiality required under the agreement is 
        violated with respect to computer crime evidence, notice of the 
        violation will be given--</DELETED>
                <DELETED>    (A) by the foreign law enforcement 
                authority concerned promptly to the Attorney General 
                with respect to computer crime evidence provided by the 
                Attorney General; and</DELETED>
                <DELETED>    (B) by the Attorney General to the person 
                (if any) that provided such evidence to the Attorney 
                General.</DELETED>
<DELETED>    (c) Exclusions.--A computer crime mutual assistance 
agreement may not cover any of the following computer crime 
evidence:</DELETED>
        <DELETED>    (1) Computer crime evidence in a matter occurring 
        before a grand jury and with respect to which disclosure is 
        prevented by Federal law, except that for the purpose of 
        applying Rule 6(e)(3)(C)(iv) of the Federal Rules of Criminal 
        Procedure with respect to this paragraph--</DELETED>
                <DELETED>    (A) a foreign law enforcement authority 
                with respect to which a particularized need for such 
                computer crime evidence is shown shall be considered to 
                be an appropriate official of any of the several 
                States; and</DELETED>
                <DELETED>    (B) a foreign computer crime law 
                administered or enforced by the foreign law enforcement 
                authority shall be considered to be a State criminal 
                law.</DELETED>
        <DELETED>    (2) Computer crime evidence that is specifically 
        authorized under an Executive Order to be kept secret in the 
        interest of national defense or foreign policy and--</DELETED>
                <DELETED>    (A) that is classified pursuant to such 
                order or a successor order; or</DELETED>
                <DELETED>    (B) with respect to which a determination 
                of classification is pending under such order or 
                successor order.</DELETED>
        <DELETED>    (3) Computer crime evidence that is classified 
        under the Atomic Energy Act of 1954 (42 U.S.C. 2011 et 
        seq.).</DELETED>
<DELETED>    (d) Publication Requirements.--</DELETED>
        <DELETED>    (1) Prior to entry.--Not later than 45 days before 
        a computer crime mutual assistance agreement is entered into 
        for purposes of this title, the Attorney General shall publish 
        in the Federal Register--</DELETED>
                <DELETED>    (A) the proposed text of the agreement; 
                and</DELETED>
                <DELETED>    (B) a request for public comment with 
                respect to the text.</DELETED>
        <DELETED>    (2) Prior to modification.--Not later than 45 days 
        before the entry into any agreement that makes a modification 
        of a computer crime mutual assistance agreement for purposes of 
        this title, the Attorney General shall publish in the Federal 
        Register--</DELETED>
                <DELETED>    (A) the proposed text of the modification; 
                and</DELETED>
                <DELETED>    (B) a request for public comment with 
                respect to the modification.</DELETED>
        <DELETED>    (3) Other significant events.--Not later than 45 
        days after a computer crime mutual assistance agreement for 
        purposes of this title is entered into or terminated, or an 
        agreement that makes a modification of a computer crime mutual 
        assistance agreement is entered into, the Attorney General 
        shall publish in the Federal Register--</DELETED>
                <DELETED>    (A) the text of the agreement or 
                modification, or the terms of the termination, as the 
                case may be; and</DELETED>
                <DELETED>    (B) in the case of an agreement that makes 
                a modification to a computer crime mutual assistance 
                agreement, a notice containing--</DELETED>
                        <DELETED>    (i) citations to the locations of 
                        publication in the Federal Register of the text 
                        of the computer crime mutual assistance 
                        agreement that is so modified, and of any 
                        previous modification to such agreement; 
                        and</DELETED>
                        <DELETED>    (ii) a description of the manner 
                        in which a copy of the computer crime mutual 
                        assistance agreement, as so modified, may be 
                        obtained from the Attorney General.</DELETED>
        <DELETED>    (4) Condition for validity.--A computer crime 
        mutual assistance agreement, or an agreement that makes a 
        modification to a computer crime mutual assistance agreement, 
        with respect to which publication does not occur in accordance 
        with paragraph (1), (2), or (3), as applicable, shall not be 
        considered to be in effect for purposes of this 
        title.</DELETED>

<DELETED>SEC. 509. PRESERVATION OF EXISTING AUTHORITY.</DELETED>

<DELETED>    The authority provided by this title is in addition to any 
other authority vested in the Attorney General of the United States, or 
any other officer of the United States.</DELETED>

<DELETED>SEC. 510. REPORT TO CONGRESS.</DELETED>

<DELETED>    Not later than 3 years after the date of the enactment of 
this Act, the Attorney General of the United States shall submit to the 
Committees on the Judiciary of the Senate and House of Representatives 
a report--</DELETED>
        <DELETED>    (1) describing the effects of the operation of 
        this title on the enforcement of the Federal computer crime 
        laws;</DELETED>
        <DELETED>    (2) describing the extent to which foreign law 
        enforcement authorities have complied with the confidentiality 
        requirements applicable under computer crime mutual assistance 
        agreements in effect for purposes of this title;</DELETED>
        <DELETED>    (3) specifying separately the identities of the 
        foreign states and regional economic integration organizations 
        that have entered into such agreements and the identities of 
        the foreign law enforcement authorities with respect to which 
        such foreign states and organizations have entered into such 
        agreements;</DELETED>
        <DELETED>    (4) specifying the identity of each foreign state, 
        and each regional economic integration organization, that has 
        in effect a law similar to this title;</DELETED>
        <DELETED>    (5) setting forth the approximate number of 
        requests made by the Attorney General under such agreements to 
        foreign law enforcement authorities for computer crime 
        investigations and for computer crime evidence;</DELETED>
        <DELETED>    (6) setting forth the approximate number of 
        requests made to the Attorney General by foreign law 
        enforcement authorities under such agreements for disclosures 
        of evidence under section 502, the exercise of any authority 
        under section 503, or for applications for orders under section 
        504; and</DELETED>
        <DELETED>    (7) describing any significant problems or 
        concerns of which the Attorney General is aware with respect to 
        the operation of this title.</DELETED>

<DELETED>SEC. 511. DEFINITIONS.</DELETED>

<DELETED>    In this title:</DELETED>
        <DELETED>    (1) Computer crime evidence.--The term ``computer 
        crime evidence'' means information, testimony, statements, 
        documents, or other things that are obtained in anticipation 
of, or during the course of, an investigation or proceeding under any 
Federal computer crime law or foreign computer crime law.</DELETED>
        <DELETED>    (2) Federal computer crime law.--The term 
        ``Federal computer crime law'' means any law designated by the 
        Attorney General as a Federal computer crime law under 
        regulations prescribed by the Attorney General for purposes of 
        this title not later than 90 days after the date of the 
        enactment of this Act and modified by the Attorney General from 
        time to time after notice to Congress of such 
        modification.</DELETED>
        <DELETED>    (3) Foreign computer crime law.--The term 
        ``foreign computer crime law'' means a law of a foreign state, 
        or of a regional economic integration organization, that is 
        substantially similar to a Federal computer crime law and 
        prohibits conduct similar to conduct prohibited by a Federal 
        computer crime law.</DELETED>
        <DELETED>    (4) Foreign law enforcement authority.--The term 
        ``foreign law enforcement authority'' means a governmental 
        entity of a foreign state or regional economic integration 
        organization that is vested by such state or organization with 
        authority to enforce the foreign computer crime laws of such 
        state or organization.</DELETED>
        <DELETED>    (5) Regional economic integration organization.--
        The term ``regional economic integration organization'' means 
        an organization--</DELETED>
                <DELETED>    (A) that is constituted by, and composed 
                of, foreign states; and</DELETED>
                <DELETED>    (B) on which such foreign states have 
                conferred sovereign authority to make decisions that 
                are binding on such foreign states and directly 
                applicable to and binding on persons within such 
                foreign states, including decisions with respect to--
                </DELETED>
                        <DELETED>    (i) administering or enforcing the 
                        foreign computer crime laws of such 
                        organization; and</DELETED>
                        <DELETED>    (ii) prohibiting and regulating 
                        disclosure of information that is obtained by 
                        such organization in the course of 
                        administering or enforcing such laws.</DELETED>

               <DELETED>TITLE VI--SEVERABILITY</DELETED>

<DELETED>SEC. 601. SEVERABILITY.</DELETED>

<DELETED>    If any provision of this Act (including an amendment made 
by this Act), or the application thereof, to any person or 
circumstance, is held invalid, the remainder of this Act (including the 
amendments made by this Act), and the application thereof, to other 
persons or circumstances shall not be affected thereby.</DELETED>

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Internet Integrity and Critical 
Infrastructure Protection Act of 2000''.

SEC. 2. DEPUTY ASSISTANT ATTORNEY GENERAL FOR COMPUTER CRIME AND 
              INTELLECTUAL PROPERTY.

    (a) Establishment of Position.--(1) Chapter 31 of title 28, United 
States Code, is amended by inserting after section 507 the following 
new section:
``Sec. 507a. Deputy Assistant Attorney General for Computer Crime and 
              Intellectual Property
    ``(a) The Attorney General shall appoint a Deputy Assistant 
Attorney General for Computer Crime and Intellectual Property.
    ``(b) The Deputy Assistant Attorney General shall be the head of 
the Computer Crime and Intellectual Property Section (CCIPS) of the 
Department of Justice.
    ``(c) The duties of the Deputy Assistant Attorney General shall 
include the following:
            ``(1) To advise Federal prosecutors and law enforcement 
        personnel regarding computer crime and intellectual property 
        crime.
            ``(2) To coordinate national and international law 
        enforcement activities relating to combatting computer crime.
            ``(3) To provide guidance and assistance to Federal, State, 
        and local law enforcement agencies and personnel, and 
        appropriate foreign entities, regarding responses to threats of 
        computer crime and cyber-terrorism.
            ``(4) To serve as the liaison of the Attorney General to 
        the National Infrastructure Protection Center (NIPC), the 
        Department of Defense, the National Security Agency, and the 
        Central Intelligence Agency on matters relating to computer 
        crime.
            ``(5) To coordinate training for Federal, State, and local 
        prosecutors and law enforcement personnel on laws pertaining to 
        computer crime.
            ``(6) To propose and comment upon legislation concerning 
        computer crime, intellectual property crime, encryption, 
        electronic privacy, and electronic commerce, and concerning the 
        search and seizure of computers.
            ``(7) Such other duties as the Attorney General may 
        require, including duties carried out by the head of the 
        Computer Crime and Intellectual Property Section of the 
        Department of Justice as of the date of the enactment of the 
        Internet Integrity and Critical Infrastructure Protection Act 
        of 2000.''.
    (2) The table of sections at the beginning of such chapter is 
amended by inserting after the item relating to section 507 the 
following new item:

``507a. Deputy Assistant Attorney General for Computer Crime and 
                            Intellectual Property.''.
    (b) First Appointment to Position of Deputy Assistant Attorney 
General.--(1) The individual who holds the position of head of the 
Computer Crime and Intellectual Property Section (CCIPS) of the 
Department of Justice as of the date of the enactment of this Act shall 
act as the Deputy Assistant Attorney General for Computer Crime and 
Intellectual Property under section 507a of title 28, United States 
Code, until the Attorney General appoints an individual to hold the 
position of Deputy Assistant Attorney General for Computer Crime and 
Intellectual Property under that section.
    (2) The individual first appointed as Deputy Assistant Attorney 
General for Computer Crime and Intellectual Property after the date of 
the enactment of this Act may be the individual who holds the position 
of head of the Computer Crime and Intellectual Property Section of the 
Department of Justice as of that date.
    (c) Authorization of Appropriations for CCIPS.--There is hereby 
authorized to be appropriated for the Department of Justice for fiscal 
year 2001, $5,000,000 for the Computer Crime and Intellectual Property 
Section of the Department for purposes of the discharge of the duties 
of the Deputy Assistant Attorney General for Computer Crime and 
Intellectual Property under section 507a of title 28, United States 
Code (as so added), during that fiscal year.

SEC. 3. DETERRENCE AND PREVENTION OF FRAUD, ABUSE, AND CRIMINAL ACTS IN 
              CONNECTION WITH COMPUTERS.

    (a) Clarification of Protection of Protected Computers.--Subsection 
(a)(5) of section 1030 of title 18, United States Code, is amended--
            (1) by inserting ``(i)'' after ``(A)'';
            (2) by redesignated subparagraphs (B) and (C) as clauses 
        (ii) and (iii), respectively, of subparagraph (A);
            (3) by adding ``and'' at the end of clause (iii), as so 
        redesignated; and
            (4) by adding at the end the following new subparagraph:
            ``(B) the conduct described in clause (i), (ii), or (iii) 
        of subparagraph (A) caused (or, in the case of an attempted 
        offense, would, if completed, have caused)--
                    ``(i) loss to 1 or more persons during any 1-year 
                period (including loss resulting from a related course 
                of conduct affecting 1 or more other protected 
                computers) aggregating at least $5,000 in value;
                    ``(ii) the modification or impairment, or potential 
                modification or impairment, of the medical examination, 
                diagnosis, treatment, or care of 1 or more individuals;
                    ``(iii) physical injury to any person;
                    ``(iv) a threat to public health or safety; or
                    ``(v) damage affecting a computer system used by or 
                for a government entity in furtherance of the 
                administration of justice, national defense, or 
                national security;''.
    (b) Protection From Extortion.--Subsection (a)(7) of that section 
is amended by striking ``, firm, association, educational institution, 
financial institution, governmental entity, or other legal entity,''.
    (c) Penalties.--Subsection (c) of that section is amended--
            (1) in paragraph (2)--
                    (A) in subparagraph (A)--
                            (i) by inserting ``except as provided in 
                        subparagraph (B),'' before ``a fine'';
                            (ii) by striking ``(a)(5)(C)'' and 
                        inserting ``(a)(5)(A)(iii)''; and
                            (iii) by striking ``and'' at the end;
                    (B) in subparagraph (B), by inserting ``or an 
                attempt to commit an offense punishable under this 
                subparagraph,'' after ``subsection (a)(2),'' in the 
                matter preceding clause (i); and
                    (C) in subparagraph (C), by striking ``and'' at the 
                end;
            (2) in paragraph (3)--
                    (A) by striking ``, (a)(5)(A), (a)(5)(B),'' both 
                places it appears; and
                    (B) by striking ``and'' at the end; and
            (3) by adding at the end the following new paragraphs:
            ``(4)(A) a fine under this title, imprisonment for not more 
        than 10 years, or both, in the case of an offense under 
        subsection (a)(5)(A)(i), or an attempt to commit an offense 
        punishable under this subparagraph;
            ``(B) a fine under this title, imprisonment for not more 
        than 5 years, or both, in the case of an offense under 
        subsection (a)(5)(A)(ii), or an attempt to commit an offense 
        punishable under this subparagraph;
            ``(C) a fine under this title, imprisonment for not more 
        than 20 years, or both, in the case of an offense under 
        subsection (a)(5)(A)(i) or (a)(5)(A)(ii), or an attempt to 
        commit an offense punishable under this subparagraph, that 
        occurs after a conviction for another offense under this 
        section; and
            ``(5) in the case of any felony offense under this section, 
        at the discretion of the court, termination of and 
        ineligibility for any financial assistance for education at a 
        post-secondary institution that is available under Federal law, 
        which punishment shall be in addition to any other punishment 
        described in this subsection.''.
    (d) Definitions.--Subsection (e) of that section is amended--
            (1) in paragraph (2)(B), by inserting ``, including a 
        computer located outside the United States'' before the 
        semicolon;
            (2) in paragraph (7), by striking ``and'' at the end;
            (3) by striking paragraph (8) and inserting the following 
        new paragraph (8):
            ``(8) the term `damage' means any impairment to the 
        integrity or availability of data, a program, a system, or 
        information;''
            (4) in paragraph (9), by striking the period at the end and 
        inserting a semicolon; and
            (5) by adding at the end the following new paragraphs:
            ``(10) the term `conviction' shall include--
                    ``(A) an adjudication of juvenile delinquency for a 
                violation of this section; and
                    ``(B) a conviction under the law of any State for a 
                crime punishable by imprisonment for more than 1 year, 
                an element of which is unauthorized access, or 
                exceeding authorized access, to a computer;
            ``(11) the term `loss' means any reasonable cost to any 
        victim, including the cost of responding to an offense, 
        conducting a damage assessment, and restoring the data, 
        program, system, or information to its condition prior to the 
        offense, and any revenue lost, cost incurred, or other 
        consequential damages incurred because of interruption of 
        service;
            ``(12) the term `person' means any individual, firm, 
        corporation, educational institution, financial institution, 
        governmental entity, or legal or other entity;''.
    (e) Damages in Civil Actions.--Subsection (g) of that section is 
amended--
            (1) by striking the second sentence and inserting the 
        following new sentences: ``A suit for a violation of subsection 
        (a)(5) may be brought only if the conduct involves one of the 
        factors enumerated in subsection (a)(5)(B). Damages for a 
        violation involving only conduct described in subsection 
        (a)(5)(B)(i) are limited to economic damages.''; and
            (2) by adding at the end the following new sentence: ``No 
        action may be brought under this subsection for the negligent 
        design or manufacture of computer hardware, computer software, 
        or firmware.''.

SEC. 4. CRIMINAL AND CIVIL FORFEITURE FOR COMPUTER FRAUD AND ABUSE.

    (a) Criminal Forfeiture.--Section 1030 of title 18, United States 
Code, as amended by section 102 of this Act, is further amended--
            (1) by redesignating subsection (h) as subsection (l); and
            (2) by inserting after subsection (g) the following new 
        subsection (h):
    ``(h)(1) The court, in imposing sentence on any person convicted of 
a violation of this section, shall order, in addition to any other 
sentence imposed and irrespective of any provision of State law, that 
such person forfeit to the United States--
            ``(A) the interest of such person in any personal property 
        that was used or intended to be used to commit or to facilitate 
        the commission of such violation; and
            ``(B) any property, whether real or personal, constituting 
        or derived from any proceeds that such person obtained, whether 
        directly or indirectly, as a result of such violation.
    ``(2) The criminal forfeiture of property under this subsection, 
any seizure and disposition thereof, and any administrative or judicial 
proceeding relating thereto, shall be governed by the provisions of 
section 413 of the Comprehensive Drug Abuse Prevention and Control Act 
of 1970 (21 U.S.C. 853), except subsection (d) of that section.''.
    (b) Civil Forfeiture.--That section, as amended by subsection (a) 
of this section, is further amended by inserting after subsection (h) 
the following new subsection (i):
    ``(i)(1) The following shall be subject to forfeiture to the United 
States, and no property right shall exist in them:
            ``(A) Any personal property that is used or intended to be 
        used to commit or to facilitate the commission of any violation 
        of this section.
            ``(B) Any property, whether real or personal, that 
        constitutes or is derived from proceeds traceable to any 
        violation of this section.
    ``(2) The provisions of chapter 46 of this title relating to civil 
forfeiture shall apply to any seizure or civil forfeiture under this 
subsection.''.

SEC. 5. ENHANCED COORDINATION OF FEDERAL AGENCIES.

    Section 1030(d) of title 18, United States Code, is amended--
            (1) by striking ``subsections (a)(2)(A), (a)(2)(B), (a)(3), 
        (a)(4), (a)(5), and (a)(6) of''; and
            (2) by striking ``which shall be entered into by'' and 
        inserting ``between''.

SEC. 6. JUVENILE INVOLVEMENT IN COMPUTER CRIMES.

    Section 5032 of title 18, United States Code, is amended in clause 
(3) of the first undesignated paragraph--
            (1) by striking ``or section 1002(a)'' and inserting 
        ``section 1002(a)''; and
            (2) by inserting after ``of this title,'' the following: 
        ``or is a violation of section 1030(a)(1), (a)(2)(B), (a)(3), 
        or (a)(5)(A)(i) of this title,''.

SEC. 7. ADDITIONAL DEFENSE TO CIVIL ACTIONS RELATING TO PRESERVING 
              RECORDS IN RESPONSE TO GOVERNMENT REQUESTS.

    Section 2707(e)(1) of title 18, United States Code, is amended by 
inserting after ``or statutory authorization'' the following: 
``(including a request of a governmental entity under section 2703(f) 
of this title)''.

SEC. 8. AUTHORITY TO INTERCEPT WIRE, ORAL, AND ELECTRONIC 
              COMMUNICATIONS RELATING TO COMPUTER FRAUD AND ABUSE.

    Section 2516(1)(c) of title 18, United States Code, is amended by 
striking ``and section 1341 (relating to mail fraud),'' and inserting 
``section 1341 (relating to mail fraud), a felony violation of section 
1030 (relating to computer fraud and abuse),''.

SEC. 9. FORFEITURE OF DEVICES USED IN COMPUTER SOFTWARE COUNTERFEITING 
              AND INTELLECTUAL PROPERTY THEFT.

    (a) In General.--Section 2318(d) of title 18, United States Code, 
is amended--
            (1) by inserting ``(1)'' before ``When'';
            (2) in paragraph (1), as so designated, by inserting ``, 
        and of any replicator or other device or thing used to copy or 
        produce the computer program or other item to which the 
        counterfeit labels have been affixed or which were intended to 
        have had such labels affixed'' before the period; and
            (3) by adding at the end the following:
    ``(2) The forfeiture of property under this section, including any 
seizure and disposition of the property, and any related judicial or 
administrative proceeding, shall be governed by the provisions of 
section 413 (other than subsection (d) of that section) of the 
Comprehensive Drug Abuse Prevention and Control Act of 1970 (21 U.S.C. 
853).''.
    (b) Conforming Amendment.--Section 492 of such title is amended in 
the first undesignated paragraph by striking ``or 1720,'' and inserting 
``, 1720, or 2318''.

SEC. 10. SENTENCING DIRECTIVES FOR COMPUTER CRIMES.

    (a) Amendment of Sentencing Guidelines Relating to Certain Computer 
Crimes.--Pursuant to its authority under section 994(p) of title 28, 
United States Code, the United States Sentencing Commission shall amend 
the Federal sentencing guidelines and, if appropriate, shall promulgate 
guidelines or policy statements or amend existing policy statements to 
address--
            (1) the potential and actual loss resulting from an offense 
        under section 1030 of title 18, United States Code (as amended 
        by this Act);
            (2) the level of sophistication and planning involved in 
        such an offense;
            (3) the growing incidence of offenses under such 
        subsections and the need to provide an effective deterrent 
        against such offenses;
            (4) whether or not such an offense was committed for 
        purposes of commercial advantage or private financial benefit;
            (5) whether or not the defendant involved a juvenile in the 
        commission of such an offense;
            (6) whether or not the defendant acted with malicious 
        intent to cause harm in committing such an offense;
            (7) the extent to which such an offense violated the 
        privacy rights of individuals harmed by the offense; and
            (8) any other factor the Commission considers appropriate 
        in connection with any amendments made by this Act with regard 
        to such subsections.
    (b) Amendment of Sentencing Guidelines Relating to Certain Computer 
Fraud and Abuse.--Pursuant to its authority under section 994(p) of 
title 28, United States Code, the United States Sentencing Commission 
shall amend the Federal sentencing guidelines to ensure that any 
individual convicted of a violation of section 1030(a)(5)(A)(ii) or 
1030(a)(5)(A)(iii) of title 18, United States Code (as amended by 
section 3 of this Act), can be subjected to appropriate penalties, 
without regard to any mandatory minimum term of imprisonment.
    (c) Amendment of Sentencing Guidelines Relating to Use of 
Encryption.--Pursuant to its authority under section 994(p) of title 
28, United States Code, the United States Sentencing Commission shall 
amend the Federal sentencing guidelines and, if appropriate, shall 
promulgate guidelines or policy statements or amend existing policy 
statements to ensure that the guidelines provide sufficiently stringent 
penalties to deter and punish persons who intentionally use encryption 
in connection with the commission or concealment of criminal acts 
sentenced under the guidelines.
    (d) Emergency Authority.--The Commission may promulgate the 
guidelines or amendments provided for under this section in accordance 
with the procedures set forth in section 21(a) of the Sentencing Act of 
1987, as though the authority under that Act had not expired.

SEC. 11. ASSISTANCE TO FEDERAL, STATE, AND LOCAL COMPUTER CRIME 
              ENFORCEMENT AND ESTABLISHMENT OF NATIONAL CYBER CRIME 
              TECHNICAL SUPPORT CENTER.

    (a) National Cyber Crime Technical Support Center.--
            (1) Construction required.--The Director of the Federal 
        Bureau of Investigation shall provide for the construction and 
        equipping of the technical support center of the Federal Bureau 
        of Investigation referred to in section 811(a)(1)(A) of the 
        Antiterrorism and Effective Death Penalty Act of 1996 (Public 
        Law 104-132; 110 Stat. 1312; 28 U.S.C. 531 note).
            (2) Naming.--The technical support center constructed and 
        equipped under paragraph (1) shall be known as the ``National 
        Cyber Crime Technical Support Center''.
            (3) Functions.--In addition to any other authorized 
        functions, the functions of the National Cyber Crime Technical 
        Support Center shall be--
                    (A) to serve as a centralized technical resource 
                for Federal, State, and local law enforcement and to 
                provide technical assistance in the investigation of 
                computer-related criminal activities;
                    (B) to assist Federal, State, and local law 
                enforcement in enforcing Federal, State, and local 
                criminal laws relating to computer-related crime;
                    (C) to provide training and education for Federal, 
                State, and local law enforcement personnel regarding 
                investigative technologies and forensic analyses 
                pertaining to computer-related crime;
                    (D) to conduct research and to develop technologies 
                for assistance in investigations and forensic analyses 
                of evidence related to computer-related crimes;
                    (E) to facilitate and promote efficiencies in the 
                sharing of Federal law enforcement expertise, 
                investigative technologies, and forensic analysis 
                pertaining to computer-related crime with State and 
                local law enforcement personnel, prosecutors, regional 
                computer forensic laboratories, and multijurisdictional 
                computer crime task forces; and
                    (F) to carry out such other activities as the 
                Director considers appropriate.
    (b) Development and Support of Computer Forensic Activities.--The 
Director shall take appropriate actions to develop at least 10 regional 
computer forensic laboratories, and to provide support, education, and 
assistance for existing computer forensic laboratories, in order that 
such computer forensic laboratories have the capability--
                    (1) to provide forensic examinations with respect 
                to seized or intercepted computer evidence relating to 
                criminal activity;
                    (2) to provide training and education for Federal, 
                State, and local law enforcement personnel and 
                prosecutors regarding investigations, forensic 
                analyses, and prosecutions of computer-related crime;
                    (3) to assist Federal, State, and local law 
                enforcement in enforcing Federal, State, and local 
                criminal laws relating to computer-related crime;
                    (4) to facilitate and promote the sharing of 
                Federal law enforcement expertise and information about 
                the investigation, analysis, and prosecution of 
                computer-related crime with State and local law 
                enforcement personnel and prosecutors, including the 
                use of multijurisdictional task forces; and
                    (5) to carry out such other activities as the 
                Director considers appropriate.
    (c) Authorization of Appropriations.--
            (1) Authorization.--There is hereby authorized to be 
        appropriated for fiscal year 2001, $100,000,000 for purposes of 
        carrying out this section, of which $20,000,000 shall be 
        available solely for activities under subsection (b).
            (2) Availability.--Amounts appropriated pursuant to the 
        authorization of appropriations in paragraph (1) shall remain 
        available until expended.
                                                       Calendar No. 941

106th CONGRESS

  2d Session

                                S. 2448

_______________________________________________________________________

                                 A BILL

      To enhance the protections of the Internet and the critical 
      infrastructure of the United States, and for other purposes.

_______________________________________________________________________

            October 5 (legislative day, September 22), 2000

                       Reported with an amendment