[Congressional Record Volume 142, Number 128 (Tuesday, September 17, 1996)]
[Extensions of Remarks]
[Page E1621]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




THE INTRODUCTION OF THE NATIONAL INFORMATION INFRASTRUCTURE PROTECTION 
                                  ACT

                                 ______
                                 

                           HON. BOB GOODLATTE

                              of virginia

                    in the house of representatives

                      Tuesday, September 17, 1996

  Mr. GOODLATTE. Mr. Speaker, today I am introducing crime legislation 
which will bring out criminal code into the computer age. The NII 
Protection Act, would strengthen the Computer Fraud and Abuse Act, 18 
U.S.C. 1030, by closing gaps in the law to better safeguard the 
confidentiality, integrity and security of computer data and networks. 
The Senate companion to this legislation, S. 982, has already cleared 
the Senate and now the House must act to send this legislation to the 
President's desk.
  With all the benefits created by the explosion of computer networks 
comes a very serious concern--networked computers also provide new 
opportunities for criminal activity. The Computer Emergency Response 
Team, known as CERT, based at the Carnegie Mellon University, in 
Pittsburgh reports that the number of reported intrusions into U.S. 
based computer systems rose from 773 in 1992 to more than 2,300 by 
1994--a 197-percent increase in 2 years. Additionally, CERT reported 
the number of sites attacked rose more than 89 percent during the same 
period.
  Once into a computer system, hackers have the ability to steal, 
modify, or destroy sensitive data--thus the potential costs to users, 
including businesses, are staggering.
  That is why the Justice Department and the FBI support this important 
legislation. It will help stem the on-line crime epidemic and increase 
protection for both Government and private computers.
  The NII Protection Act improves the current Computer Fraud and Abuse 
Act by providing additional protection for computerized information and 
systems, by designating new computer crimes, and by extending 
protection to computer systems used in foreign or interstate commerce 
or communications.
  Current law falls short of protecting our Nation's infrastructure 
which increasingly relies on computer systems. Although financial 
institutions and consumer reporting agencies are currently protected 
under the Computer Fraud and Abuse Act, this bill closes a number of 
loopholes in the criminal code which allow other industries to fall 
victims to computer crimes.
  Since hacker activities generally do not cross State lines they are 
not Federal offenses. The NII Protection Act would extend coverage 
under the Computer Fraud and Abuse Act to any computer used in 
interstate or foreign commerce or communications and thus, would 
strengthen Federal law enforcement's ability to fight this type of 
criminal activity.
  The bill would allow Federal prosecution of all those who misuse 
computers to obtain Government information and, where appropriate, 
information held by the private sector. The harshest penalties would be 
reserved for those who obtain classified information that could be used 
to injure the United States or assist a foreign state. Those who break 
into a computer system, or insiders who intentionally abuse their 
computer access privileges, to steal information from a computer system 
for commercial advantage, private financial gain or to commit any 
criminal or tortious act would also be subject to felony prosecution. 
Individuals who intentionally break into, or abuse their authority to 
use, a computer and thereby obtain information of minimal value, would 
be subject to a misdemeanor penalty.
  The bill would also penalize any person who uses a computer to cause 
the transmission of a computer virus or other harmful computer program 
to Government and financial institution computers not used in 
interstate communications, such as intrastate local area networks used 
by Government agencies that contain sensitive and confidential 
information. Computers used in foreign communications or commerce would 
also be covered.
  Outside hackers who break into a computer could be punished for any 
intentional, reckless, or negligent damages they cause. The bill also 
punishes modern-day extortionists who threaten to harm or shut down 
computer networks unless their demands are satisfied.
  The NII Protection Act would provide much needed protection for our 
Nation's important information infrastructure and help maintain the 
privacy of electronic information. I urge quick action on this 
important legislation.

                          ____________________