[Congressional Bills 107th Congress]
[From the U.S. Government Publishing Office]
[S. 1568 Introduced in Senate (IS)]
107th CONGRESS
1st Session
S. 1568
To prevent cyberterrorism.
_______________________________________________________________________
IN THE SENATE OF THE UNITED STATES
October 18, 2001
Mr. Hatch introduced the following bill; which was read twice and
referred to the Committee on the Judiciary
_______________________________________________________________________
A BILL
To prevent cyberterrorism.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Cyberterrorism Prevention Act of
2001''.
SEC. 2. DETERRENCE AND PREVENTION OF CYBERTERRORISM IN CONNECTION WITH
COMPUTERS.
(A) Clarification of Protection of Protected Computers.--Subsection
(a)(5) of section 1030 of title 18, United States Code, is amended--
(1) by inserting ``(i)'' after ``(A)'';
(2) by redesignated subparagraphs (B) and (C) as clauses
(ii) and (iii), respectively, of subparagraph (A);
(3) by adding ``and'' at the end of clause (iii), as so
redesignated; and
(4) by adding at the end the following new subparagraph:
``(B) whose conduct described in clause (i), (ii), or (iii)
of subparagraph (A) caused (or, in the case of an attempted
offense, would, if completed, have caused)--
``(i) loss to 1 or more persons during any 1-year
period (including loss resulting from a related course
of conduct affecting 1 or more other protected
computers) aggregating at least $5,000 in value;
``(ii) the modification or impairment, or potential
modification or impairment, of the medical examination,
diagnosis, treatment, or care of 1 or more individuals;
``(iii) physical injury to any person;
``(iv) a threat to public health or safety; or
``(v) damage affecting a computer system used by or
for a government entity in furtherance of the
administration of justice, national defense, or
national security;''.
(b) Protection From Extortion.--Subsection (a)(7) of that section
is amended by striking ``, firm, association, educational institution,
financial institution, governmental entity, or other legal entity,''.
(c) Penalties.--Subsection (c) of that section is amended--
(1) in paragraph (2)--
(A) in subparagraph (A)--
(i) by inserting ``except as provided in
subparagraph (B),'' before ``a fine'';
(ii) by striking ``(a)(5)(C)'' and
inserting ``(a)(5)(A)(iii)''; and
(iii) by striking ``and'' at the end;
(B) in subparagraph (B), by inserting ``or an
attempt to commit an offense punishable under this
subparagraph,'' after ``subsection (a)(2),'' in the
matter preceding cause (i); and
(C) in paragraph (C), by striking ``and'' at the
end;
(2) in paragraph (3)--
(A) by striking ``, (a)(5)(A), (a)(5)(B),'' both
places it appears; and
(B) by striking ``(a)(5)(C)'' and inserting
``(a)(5)(A)(iii)''; and
(3) by adding at the end the following new paragraph:
``(4)(A) a fine under this title, imprisonment for not more
than 10 years, or both, in the case of an offense under
subsection (a)(5)(A)(i), or an attempt to commit an offense
punishable under this subparagraph;
``(B) a fine under this title, imprisonment for not more
than 5 years, or both, in the case of an offense under
subsection (a)(5)(A)(ii), or an attempt to commit an offense
punishable under this subparagraph; and
``(C) a fine under this title, imprisonment for not more
than 20 years, or both, in the case of an offense under
subsection (a)(5)(A)(i) or (a)(5)(A)(ii), or an attempt to
commit an offense punishable under this subparagraph, that
occurs after a conviction for another defense under this
section.''.
(d) Definitions.--Subsection (e) of that section is amended--
(1) in paragraph (2)(B), by inserting ``, including a
computer located outside the United States that is used in a
manner that affects interstate or foreign commerce or communication of
the United States'' before the semicolon;
(2) in paragraph (7), by striking ``and'' at the end;
(3) by striking paragraph (8) and inserting the following
new paragraph (8):
``(8) the term `damage' means any impairment to the
integrity or availability of data, a program, a system, or
information;''
(4) in paragraph (9), by striking the period at the end and
inserting a semicolon; and
(5) by adding at the end the following new paragraphs:
``(10) the term `conviction' shall include a conviction
under the law of any State for a crime punishable by
imprisonment for more than 1 year, an element of which is
unauthorized access, or exceeding authorized access, to a
computer;
``(11) the term `loss' means any reasonable cost to any
victim, including the cost of responding to an offense,
conducting a damage assessment, and restoring the data,
program, system, or information to its condition prior to the
offense, and any revenue lost, cost incurred, or other
consequential damages incurred because of interruption of
service; and
``(12) the term `person' means any individual, firm,
corporation, educational institution, financial institution,
governmental entity, or legal or other entity.''.
(e) Damages in Civil Actions.--Subsection (g) of that section is
amended--
(1) by striking the second sentence and inserting the
following new sentences: ``A suit for a violation of this
section may be brought only if the conduct involves one of the
factors enumerated in clauses (i) through (v) of subsection
(a)(5)(B). Damages for a violation involving only conduct
described in subsection (a)(5)(B)(i) are limited to economic
damages.''; and
(2) by adding at the end the following new sentence: ``No
action may be brought under this subsection for the negligent
design or manufacture of computer hardware, computer software,
or firmware.''.
SEC. 3. ADDITIONAL DEFENSE TO CIVIL ACTIONS RELATING TO PRESERVING
RECORDS IN RESPONSE TO GOVERNMENT REQUESTS.
Section 2707(e)(1) of title 18, United States Code, is amended by
inserting after ``or statutory authorization'' the following:
``(including a request of a governmental entity under section 2703(f)
of this title)''.
SEC. 4. DEVELOPMENT AND SUPPORT OF CYBER SECURITY FORENSIC ACTIVITIES.
(a) The Director of the Federal Bureau of Investigation shall, in
consultation with the heads of other Federal law enforcement agencies,
take appropriate actions to develop at least 10 regional computer
forensic laboratories, and to provide support, education, and
assistance for existing computer forensic laboratories, in order that
such computer forensic laboratories have the capability--
(1) to provide forensic examinations with respect to seized
or intercepted computer evidence relating to criminal activity;
(2) to provide training and education for Federal, State,
and local law enforcement personnel and prosecutors regarding
investigations, forensic analyses, and prosecutions of
computer-related crime;
(3) to assist Federal, State, and local law enforcement in
enforcing Federal, State, and local criminal laws relating to
computer-related crime;
(4) to facilitate and promote the sharing of Federal law
enforcement expertise and information about the investigation,
analysis, and prosecution of computer-related crime with State
and local law enforcement personnel and prosecutors, including
the use of multijurisdictional task forces; and
(5) to carry out such other activities as the Attorney
General considers appropriate.
(b) Authorization of Appropriations.--There is hereby authorized to
be appropriated in each fiscal year $50,000,000 for purposes of
carrying out this section. Amounts appropriated pursuant to this
paragraph shall remain available until expended.
<all>