Scott Garland

Outline

Computer and Intellectual Property Crimes

 

1)   Computer Fraud and Abuse Act, 18 U.S.C.§ 1030

a)    § 1030(a)(1) – National security systems and information

b)   § 1030(a)(2) – Accessing information on a protected computer

i)     Elements

(1) Intentionally access computer w/o authorization, or exceed authorized access

(2) Obtain information, and

(a) Obtaining = viewing

(b) Information need not have been copied, removed, or destroyed

(3) Target is government, financial institution or protected computer

ii)   Penalties

(1) 1st offense = misdemeanor

(2) 1st offense = felony

(a) Access is for commercial advantage/gain, or

(b) Furtherance of some other crime or tort, or

(c) Value of information >$5000

(3) 2nd offense = 10 year max.

iii) Example

(1) U.S. v. You Li, http://www.usdoj.gov/criminal/cybercrime/liIndict.htm (D. Utah) (press release re indictment)

c)    § 1030(a)(3) – Trespass on government computer

i)     Elements

(1) Intentional access w/o authorization, or exceed authorized access, on non-public federal government computer

(a) Can be shared use computer (e.g., government contractor) if conduct affects US use

ii)   Penalties

(1) 1st offense = misdemeanor

(2) 2nd offense = 10 year max.

d)   § 1030(a)(4) – Intrusion to further a fraud

i)     Elements

(1) Knowing, and with intent to defraud,

(2) Access a protected computer w/o authorization, or exceeds authorized access, and

(3) Furthers the fraud and obtains something of value >$5000/year

ii)   Penalties

(1) 1st offense = 5 yr max

(2) 2nd offense= 10 yr max

iii) Examples

(1) U.S. v. You Li (D. Utah) (press release re indictment), available at http://www.usdoj.gov/criminal/cybercrime/liIndict.htm

(2) Shurgard Storage Centers, Inc. v. Safeguard Self Storage, Inc., 119 F. Supp. 2d 1121 (W.D. Wash. 2000)

(a) Compare with mail and wire fraud

(i)  18 U.S.C.§§ 1341, 1343, 1346

(ii)U.S. v. Carpenter (S. Ct.)

e)    1030(a)(5) – Damage to Systems/Data

i)     Conduct

(1) Transmit program, information, code, or command and, w/o authorization, cause damage to a protected computer, or

(2) Intentionally access protected computer w/o authorization and recklessly cause damage, or

(3) Intentionally access protected computer w/o authorization and cause damage

ii)   Damage

(1) Cause (or if attempt, would have caused) damage

(2) Damage

(a) Loss in aggregate of $5000

(b) Modification or impairment of medical treatment

(c) Physical injury

(d) Any damage, in any amount if computer system is used by government for administration of justice, national defense or national security

iii) Loss –§ 1030(e)(11)

(1) Any reasonable cost to any victim

(2) Cost of response

(3) Damage assessment

(4) Restore data/program/system to previous configuration

(5) Lost revenue

(6) Consequential damage due to loss of service

(7) Damage to Systems/Data

iv) Penalties

(1) § 1030(a)(5)(i)

(a) 1st offense – 10 yr max.

(b) 2nd offense – 20 yr max.

(c) Any offense knowing/recklessly causing serious bodily harm – 20 yr max.

(d) Any offense knowingly/recklessly causing death – life max

(2) § 1030(a)(5)(ii)

(a) 1st offense – 5 yr max.

(b) 2nd offense – 20 yr max.

(3) § 1030(a)(5)(iii)

(a) 1st offense – misdemeanor

(b) 2nd offense – 10 yr max.

v)   Examples

(1) U.S. v. Angle (D. Mass.) (press release re indictment), available at http://www.usdoj.gov/criminal/cybercrime/angleCharged.htm

(2) U.S. v. Fisher (D. Utah) (press release re indictment), available at  http://www.usdoj.gov/criminal/cybercrime/fisherIndict.htm

f)    § 1030(a)(6) – Trafficking in computer passwords

i)     Elements

(1) Knowingly

(2) With intent to defraud

(3) Traffic in password or similar info

(a) Transfer/dispose to another, or obtain control of with intent to transfer/dispose

(4) Regarding government computer or protected computer

ii)   Penalties

(1) 1st offense - Misdemeanor

(2) 2nd offense – 10 yr max.

g)   § 1030(a)(7) – Threats to computers

i)     Elements

(1) For purposes of extortion

(2) Transmit in interstate/foreign commerce

(3) Any threat to cause damage to a protected computer

ii)   Penalties

(1) 1st offense – 5 yr max

(2) 2nd offense – 10 yr max

iii) Compare with 18 U.S.C.§ 875

h)   Sentencing Guidelines

i)     Review Sentencing Table

ii)   § 1030(a)(1) – U.S.S.G.§ 2M3.2

iii) § 1030(a)(2) – U.S.S.G.§ 2B1.1

iv) § 1030(a)(3) – U.S.S.G.§ 2B2.3

v)   § 1030(a)(4) – U.S.S.G.§ 2B1.1

vi) § 1030(a)(5) – U.S.S.G.§ 2B1.1

vii)        § 1030(a)(6) – U.S.S.G.§ 2B1.1

viii)      § 1030(a)(7) – U.S.S.G.§ 2B3.2

ix) Focus on

(1) U.S.S.G.§ 2B1.1’s discussion of actual vs. intended loss

(a) Consider application when the defendant obtained information, but the government cannot prove that he used it

(2) Which sentencing guideline provisions are geared specifically to computer crimes?

i)     Civil Liability –§ 1030(g)

i)     Anyone suffering damage/loss can bring civil action for damages/injunctive relief

(1) Damage/loss =

(a) Aggregate loss $5000/yr

(b) Modification/impairment of medical treatment

(c) Physical injury

(d) Threat to public health/safety

ii)   Recovery limited to economic loss

iii) Consider whether prosecutors can prosecute a wider or narrower swath of cases than can civil litigants

 

2)   Criminal Intellectual Property Law

a)    Copyright

i)     Compare 17 U.S.C.§§ 106, 107 with 17 U.S.C.§ 506 and 18 USC§§  2319, 2319B

ii)   Which rights are criminally enforceable?

iii) How are they broader or narrower than the rights that are civilly enforceable?

(1) # of rights

(2) Mens rea

(3) Scope/magnitude of conduct

(4) Consult CCIPS’s manual, Prosecuting Intellectual Property Crimes ch.3 (2001), available at http://www.cybercrime.gov/ipmanual/03ipma.htm

iv) Why did Congress enact 17 U.S.C.§ 506(a)(1)(C) and 18 U.S.C.§ 2319B?

b)   Trademark

i)     Compare 15 U.S.C.§ 1114(1) with 18 U.S.C.§ 2320

ii)   Which rights are criminally enforceable?

iii) How are they broader or narrower than the rights that are civilly enforceable?

(1) Compare U.S. v. Hanafy with U.S. v. Milstein

(2) Review United States v. Bohai Trading Co., 45 F.3d 577, 580 (1st Cir. 1995)

(3) Review CCIPS’s manual, Prosecuting Intellectual Property Crims ch. 2 (2001), available at http://www.cybercrime.gov/ipmanual/02ipma.htm

iv) Why?

c)    Trade secrets

i)     Compare of 18 U.S.C.§§ 1831, 1832, 1838, 1839 with Uniform Trade Secrets ActÕs definitions of “misappropriation”, “improper means”, and “trade secret”

ii)   Which rights are criminally enforceable?

(1) Review Prosecuting Intellectual Property Crimes§ VIII.B.11 (2001), available at http://www.cybercrime.gov/ipmanual/08ipma.htm#VIII.B.11. [NB: The period following VIII.B.11 should be part of the hyperlink.]

iii) How are they broader or narrower than the rights that are civilly enforceable?

(1) Why?

iv) How else can theft of trade secrets be charged?

(1) 18 U.S.C.§ 1030(a)(2)

(2) 18 U.S.C.§ 1030(a)(4)

(3) 18 U.S.C.§§ 1341, 1343, 1346

(4) 18 U.S.C.§§ 2314-2315

v)   Example

(1) U.S. v. Lockwood (E.D. Mich.), available at http://www.usdoj.gov/criminal/cybercrime/lockwoodind.pdf

d)   Sentencing Guidelines

i)     Copyright and trademark – U.S.S.G.§ 2B5.3

(1) See U.S. Sentencing Commission, Intellectual Property Amendments: 2006, Policy Development Team Report, at 13-15 (May 2006) (discussion of uploading amendment), available at http://www.ussc.gov/publicat/IntelProp-report.pdf

(a) Why didn’t anybody understand why Congress was concerned with the uploading definition?

ii)   Trade secrets – U.S.S.G.§ 2B1.1

iii) What does the difference in guidelines tell us about copyright and trademark crimes vs. trade secret crimes?

iv) What does the difference in guidelines tell us about copyright and trademark crimes vs. computer crimes?

 

3)   Prosecutorial Discretion

a)    Strength of the Case

b)   Principles of Federal Prosecution§§ 9-27.001 – 9-27.250, U.S. Attorneys’ Manual, available at http://www.usdoj.gov/usao/eousa/foia_reading_room/usam/title9/27mcrm.htm

i)     Consider non-criminal enforcement alternatives in IP crimes

c)    DOJ Priorities

d)   Investigative Agencies’ Priorities

e)    Sentencing Guidelines

f)    Congressional Priorities

i)     Consider 17 U.S.C.§ 506(a)(1)(C) and 18 U.S.C.§ 2319B

g)   DOJ and U.S. Attorneys’ Differing Perspectives

h)   Office Guidelines

i)     Loss thresholds

i)     Rules of Thumb

i)     Can I prove the crime?

ii)   Does it feel like a crime?

iii) Why commit federal resources?

j)     IP Crimes

i)     Large-scale and organized violations

ii)   Health and safety risks

iii) Persistent violators

iv) Mean-spirited, vindictive, underhanded conduct

 

 

 

Return to the Syllabus