[Congressional Bills 109th Congress]
[From the U.S. Government Publishing Office]
[H.R. 744 Referred in Senate (RFS)]

  1st Session
                                H. R. 744


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                              May 24, 2005

  Received; read twice and referred to the Committee on the Judiciary

_______________________________________________________________________

                                 AN ACT


 
 To amend title 18, United States Code, to discourage spyware, and for 
                            other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled, 


SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Internet Spyware (I-SPY) Prevention 
Act of 2005''.

SEC. 2. PENALTIES FOR CERTAIN UNAUTHORIZED ACTIVITIES RELATING TO 
              COMPUTERS.

    (a) In General.--Chapter 47 of title 18, is amended by inserting 
after section 1030 the following:
``Sec. 1030A. Illicit indirect use of protected computers
    ``(a) Whoever intentionally accesses a protected computer without 
authorization, or exceeds authorized access to a protected computer, by 
causing a computer program or code to be copied onto the protected 
computer, and intentionally uses that program or code in furtherance of 
another Federal criminal offense shall be fined under this title or 
imprisoned not more than 5 years, or both.
    ``(b) Whoever intentionally accesses a protected computer without 
authorization, or exceeds authorized access to a protected computer, by 
causing a computer program or code to be copied onto the protected 
computer, and by means of that program or code--
            ``(1) intentionally obtains, or transmits to another, 
        personal information with the intent to defraud or injure a 
        person or cause damage to a protected computer; or
            ``(2) intentionally impairs the security protection of the 
        protected computer with the intent to defraud or injure a 
        person or damage a protected computer;
shall be fined under this title or imprisoned not more than 2 years, or 
both.
    ``(c) No person may bring a civil action under the law of any State 
if such action is premised in whole or in part upon the defendant's 
violating this section. For the purposes of this subsection, the term 
`State' includes the District of Columbia, Puerto Rico, and any other 
territory or possession of the United States.
    ``(d) As used in this section--
            ``(1) the terms `protected computer' and `exceeds 
        authorized access' have, respectively, the meanings given those 
        terms in section 1030; and
            ``(2) the term `personal information' means--
                    ``(A) a first and last name;
                    ``(B) a home or other physical address, including 
                street name;
                    ``(C) an electronic mail address;
                    ``(D) a telephone number;
                    ``(E) a Social Security number, tax identification 
                number, drivers license number, passport number, or any 
                other government-issued identification number; or
                    ``(F) a credit card or bank account number or any 
                password or access code associated with a credit card 
                or bank account.
    ``(e) This section does not prohibit any lawfully authorized 
investigative, protective, or intelligence activity of a law 
enforcement agency of the United States, a State, or a political 
subdivision of a State, or of an intelligence agency of the United 
States.''.
    (b) Conforming Amendment.--The table of sections at the beginning 
of chapter 47 of title 18, is amended by inserting after the item 
relating to section 1030 the following new item:

``1030A. Illicit indirect use of protected computers.''.

SEC. 3. AUTHORIZATION OF APPROPRIATIONS.

    In addition to any other sums otherwise authorized to be 
appropriated for this purpose, there are authorized to be appropriated 
for each of fiscal years 2006 through 2009, the sum of $10,000,000 to 
the Attorney General for prosecutions needed to discourage the use of 
spyware and the practices commonly called phishing and pharming.

SEC. 4. FINDINGS AND SENSE OF CONGRESS CONCERNING THE ENFORCEMENT OF 
              CERTAIN CYBERCRIMES.

    (a) Findings.--Congress makes the following findings:
            (1) Software and electronic communications are increasingly 
        being used by criminals to invade individuals' and businesses' 
        computers without authorization.
            (2) Two particularly egregious types of such schemes are 
        the use of spyware and phishing scams.
            (3) These schemes are often used to obtain personal 
        information, such as bank account and credit card numbers, 
        which can then be used as a means to commit other types of 
        theft.
            (4) In addition to the devastating damage that these 
        heinous activities can inflict on individuals and businesses, 
        they also undermine the confidence that citizens have in using 
        the Internet.
            (5) The continued development of innovative technologies in 
        response to consumer demand is crucial in the fight against 
        spyware.
    (b) Sense of Congress.--Because of the serious nature of these 
offenses, and the Internet's unique importance in the daily lives of 
citizens and in interstate commerce, it is the sense of Congress that 
the Department of Justice should use the amendments made by this Act, 
and all other available tools, vigorously to prosecute those who use 
spyware to commit crimes and those that conduct phishing and pharming 
scams.

            Passed the House of Representatives May 23, 2005.

            Attest:

                                                 JEFF TRANDAHL,

                                                                 Clerk.