[an error occurred while processing this directive]

Crime on the Internet

Copyright 1997 / 1997 by David Yale

Feedback to dcyale@yahoo.com

This is a paper I did for a seminar on Computers and the Law. It was a pass/fail course, so this is not the empitomy of legal scholarship. It does gather alot of various law relating to crime on the internet and presents them in a compact introductory form.

The news has been happy to showcase various types of computer crime. From teen-age "hackers"(1) to Internet prowling pedophiles, it seems that every week a new story breaks. As our world becomes more computerized and ever more interconnected, different kinds of computer crimes will continue to grow. These include break ins of computers to get trade secrets or other information that can be turned into profit, illegal entry for the thrill and challenge, confidence schemes, and the use of computers to meet and select victims of old fashioned crimes. Additionally more and more information that law enforcement officials will consider evidence will be stored on computers, and could add a new wrinkle to criminal investigations and trials.

The United Nations Manual on the Prevention and Control of Computer-related Crime asserts that the first computer crime occurred in 1801 when french textile workers sabotaged mechanical devices intended to automate portions of the weaving trade.(2) This paper goes on to say there is no global definition of computer crime, but that it includes traditional criminal activities achieved through the use of a computer, as well as violations that could not exist without a computer, and stresses any definition must place function over form.(3) A non-exhaustive list of computer crimes includes traditional "hacking" or unauthorized remote access of a computer system, harassment through e-mail, setting "phone traps"(4) or soliciting for other frauds through e-mail, denial of service attacks where a someone intentionally overloads another persons system, as well as other acts which would still be a crime if they were accomplished without the computer.

There can be no doubt that computer crime is on the rise. In the November 27, 1995 Information Week there was a report on the results of an Ernest & Young security survey which found that 1 in 5 companies suffered a computer network break-in during 1994.(5) As long ago as 1984 the ABA estimated that business computer crime episodes were costing between $100,000 and $500,000 per incident.(6) Recent destruction of data from viruses include an Italian university's loss of a years worth of AIDS research and a U.S. hospital's loss of more than 40 percent of it's patient's records, and one blackmailer planted a virus in a hospital computer system then demanded payment to remove it.(7) There have been a variety of organizations that have come into existence because of the rise in computer crime,(8)

and existing law enforcement agencies are coordinating their activities to meet the rising problem.(9)

This paper will overview the federal laws, as well as the Connecticut laws, that deal with computer crimes. It will also look at some of the types of computer crime being perpetrated, and provide some direction towards answers to avoid becoming a victim of these crimes.

The Laws

Since there was only one prosecution under the Computer Fraud and Abuse Act (CFAA) prior to the 1986 amendment, it is readily apparent that the laws are basically new and remain untested to a large extent.(10) There are various federal laws dealing with computer crime. The first major legislation was the Counterfeit Access Device and Computer Fraud and Abuse Act of 1984.(11) Although a start, many felt the act was too narrow(12) and congress soon passed the Computer Fraud and Abuse Act of 1986 to address some of the problems with the original legislation.(13)

United States Code section 1030 is entitled "Fraud and related activity in connection with computers" and it contains some of the crimes typically thought of as computer crimes.(14) There are six types of illegal activity under the statute. Sections 1030(a)(1)-(3) prohibit unauthorized access of a computer to obtain information relating to national defense or foreign relations; to obtain information in a financial record of a financial institution or consumer reporting agency; or to manipulate information on a computer that would adversely affect the United States government's operation of the computer (although "access," "unauthorized," and "affects the use" are undefined). Section 1030(a)(4) of the statute prohibits accessing a "federal interest computer"(15)

without, or in excess of, authorization and with the intent to defraud or obtain anything of value.

Subsection 1030(a)(5) makes it a crime to intentionally access a "federal interest computer" without authorization, to alter, damage, or destroy information, or to prevent "authorized use" of the computer. The use of the word intentionally refers to the access of the system. The damage need not be done intentionally.(16)

Section 1030(a)(6)(17) criminalizes to knowingly, and with intent to defraud, deal in passwords which would allow someone to gain unauthorized access to a government computer, or to deal in these passwords when it would affect interstate or foreign commerce.

Finally, Section 1030(a)(7) sets forth penalties. Generally intentional harm makes the crime a felony and reckless acts are misdemeanors. There is some sentiment that the amount of the penalties is insufficient for the magnitude these crimes can take, with possibilities of multi-million dollar damages sustained by the victims.(18) The Secret Service is given explicit jurisdiction over these crimes, in addition to any other agencies having jurisdiction.(19)

Direct access to computer systems can obviously implicate these statutes. Many activities on the Internet can also fall under this legislation. Because some of the computers on the Internet are owned by the government, or carry data for the government, or belong to financial institutions, they are covered by the act when prohibited conduct occurs.(20)

In addition to laws aimed specifically at computer crimes, there are some others that relate so closely too the modus operandi of computer criminals that they deserve attention. Wire fraud is one of these. There are three elements the government must prove to convict a defendant of wire fraud: (1)false pretenses as a means to defraud someone; (2) a knowing and willful participation by the accused in a scheme with intent to defraud; and (3) use of interstate wire communications in perpetrating the act.(21) The statute does not require the use of the wires to be voice communications, using the wires for modem communications should also fall under the statute.

Mail fraud is also a pertinent statute. Since electronic money is still in it's infancy, confidence schemes may require the victims to mail funds to the criminal, subjecting the accused to additional liability under the federal mail fraud statute.(22)

Many companies have vital internal information regarding their products on their computer networks. An attack on these systems could either access, or destroy this information, which would involve laws dealing with trade secrets.(23) Some authors have theorized that information that information can be categorized as goods, implicating transportation of stolen goods across state lines in some instances.(24)

Another statute that may apply in some computer crime situations is criminal copyright.(25) To prove a criminal copyright violation the prosecution must prove that the accused made an unauthorized copy of a copyright item, that it was done willfully, and that it was done for commercial gain.(26) While normally this statute is associated with crimes like mass producing pirate copies of videotapes and music, there might be situations where it can be applied to illegal computer activities.

The most talked about case involving this issue is United States v. LaMacchia,(27) but in fact the charges against LaMacchia were wire fraud, not criminal copyright, because LaMacchia's actions were not for profit. In this case the defendant set up a "secret" place on a computer, accessible through the Internet, and placed copies of commercial software there. Then he let it be known in select circles where to find this software. Eventually he was discovered and arrested. The court held that the wire fraud act is intended to prosecute schemes to defraud(28) and that LaMacchia's actions were not a crime under the wire fraud act.(29) A proposed amendment to the criminal copyright act, which would have criminalized actions like LaMacchia's was never reported of out the judicial committee.(30)

Likewise the National Stolen Property Act has some limited use for combating computer crime.(31) While computer programs on disk might be a "good" under the statute, programs in an intangible form are not covered, only physical goods.(32) Using a computer to divert monetary funds however, does fall under this statute.(33) Unless there are changes in the way this legislation is interpreted, it will be of limited use.(34)

Search and Seizure Relating to Computers

The subject of search and seizure involving computers is complex enough for the Department of Justice to issue a 141 page set of guidelines.(35) There are some aspects of computer evidence that create new problems, and the technology itself presents abilities to search that did not exist before(36). Imagine an officer going into a room where he has a legal right to be, and on the screen of a computer is a letter that a suspect was typing that is very incriminating. The officer has no way of knowing whether that information is stored in permanent form, or if it will disappear forever if the suspect can reach the power switch (or the power coming into the building goes out for that matter). If the officer saves the document to a disk, is the file on the disk best evidence? How much action can the officer take to preserve that evidence under an exigent circumstances exception, or a plain view exception to the search warrant requirement? These are questions that have not been addressed at this point.

The DOJ Guidelines offer an interesting analysis regarding a system administrator's ability to give third person consent. It proposes that a prosecutor can argue that an employee on a computer system at his place of employment is aware that a system administrator has access to all segments of the computer system, and indeed most employees have to call upon the administrator for assistance at various times, which involves access to files that they might consider "theirs." As such the system administrator has equal authority over an employee's files and can grant third person consent for a search.(37) They do caution that company policies or other factors might reasonably lead an employee to believe that there is an expectation of privacy in their computers however, and that case by case examination is necessary.(38)

Another issue the DOJ Guidelines go into in some detail is the physical transportation and protection of the items seized.(39) Without going particulars, it does provide what might be labeled a "standard of care" for investigators, and defense attorneys should mine this area to see if the police used poor practices that might be used to attack the integrity of the evidence.

Of course no discussion of search and seizure of computers would be complete without some mention of the Privacy Protection Act (PPA).(40) In addition to the DOJ Guidelines, the Department of the Treasury Federal Law Enforcement Training Center (FLETC) also issued a training bulletin in April of 1995 regarding this act.(41) The PPA was not written with computers and online services in mind. It was originally a response to a situation that occurred in 1971 where authorities went into the offices of a student newspaper office with a search warrant for photographs of an incident that occurred at Stanford University Hospital, in which nine police officers were hurt, in hopes of identifying more of the perpetrators.(42) When the newspaper sued the authorities the court upheld the right of the police to go into newspaper offices with a search and seizure warrant to gather evidence even when the newspaper and it's employees were not suspected of any crime. Congress enacted the PPA to extend to "the press and certain other persons not suspected of committing a crime with protection not provided currently by the Fourth Amendment."(43)

The PPA protects "Work Product Materials" and "Documentary Materials" of persons who intend to publish them, or otherwise distribute them to the public from some search warrants as long as the owner is not himself suspected of the criminal activity for which the materials are sought.(44) These materials should normally be sought through subpoena.(45)

There are six situations allowing authorities to use a search warrant for protected materials without the restrictions of the PPA. These are 1) when the "work product"(46) consists of contraband, fruits of a crime, or instrumentalities of a crime;(47) 2) Where there exists a danger to life and limb;(48) 3) when the otherwise protected material is itself evidence of a crime and the person who posses the material is reasonably suspected of having committed the crime;(49) 4) when there is reason to believe that an attempt to obtain the materials through subpoena would result in the destruction, alteration, or concealment of the materials;(50) 5) when the possessor has not produced the materials through a subpoena and all appellate remedies have been exhausted;(51) and 6) the delay involved in obtaining the protected materials through a subpoena would "threaten the interests of justice."(52)

Authorities cannot evade the PPA by alleging the receipt, possession, communication, or withholding of the work material themselves are a crime unless "the offense consists of the receipt, possession, or communication of information relating to the national defense, classified information, or restricted data" or "the production, possession, receipt, mailing, sale, distribution, shipment, or transportation of child pornography, the sexual exploitation of children, or the sale or purchase of children"(53)

The PPA establishes a civil remedy only,(54) and evidence seized in violation of it is still admissible in court.(55) If a defendant is being sued as an individual in a state where the state has not waived sovereign immunity, or is a judicial officer, that person is entitled to a good faith defense.(56) Others are treated in a strict liability manner.(57)

From a practitioner's viewpoint, there is not a lot of case law dealing with the PPA to give guidance. The Steve Jackson Games case is an example for law enforcement of how not to do it.(58) In that case the investigators apparently did not know of the PPA, and damages were awarded against the Secret Service. Another example, which is also instructive, is Citicasters, Inc. v. McCaskill.(59) In that case a police department, assisted by a prosecuting attorney, requested a videotape from a TV station that showed a woman, who was later found murdered, being abducted. The station refused to turn over the tape without a subpoena, so a search and seizure warrant was obtained.(60) The trial court refused to credit the police's contention that there was an exception to the PPA because television stations routinely edit and otherwise modify tapes, and there was a danger of it being destroyed, pointing out that there was nothing in the search warrant application expressing such fears.(61)

The prosecution was no more successful in making an argument that they could only obtain a subpoena after a case was filed, or from a grand jury, and there would have been at least a one week delay in gathering the evidence.(62) The court pointed out that congress allowed a year from the time the PPA was passed before it went into effect, so any failure of a state to ensure that appropriate subpoena power was in place was to the state's detriment.(63)

On appeal, the Eighth Circuit Court overturned these rulings. The case was remanded to allow the prosecutor to make arguments that an exception to the PPA existed after the fact, reasoning that if Congress had wanted to enact a specific procedural process, it would have clearly done so.(64) Because there were no affirmative procedures requiring an authority to set out facts and circumstances allowing an exception to the PPA in the statute, none such were required, and any arguments would be sorted out when the search was done and over.(65)

The dissent argued however, that the legislative scheme that congress set up envisioned a magistrate examining wether an exception existed to the PPA before a search warrant issued.(66) It goes on to say "[b]y construing the Act so as not to require a prior judicial determination, the majority pulls the teeth out of the statute. The purpose of the Privacy Protection Act is to prevent the search and seizure of documentary materials from persons disseminating information. After-the-fact review can only punish violation, not prevent it. Furthermore, permitting an after-the-fact showing of what was 'known' to the affiant but not communicated to the magistrate judge contains too great a potential for abuse; there could often be no assurance that the critical facts and details were in fact known prior to the issuance of the warrant."(67)

Congress passed the PPA in the early 1980's before computers became the communication tools they are today. Today, almost everyone who has an Internet account, or an America Online account, can "publish" a web page.(68) If a computer to be searched has material used to produce a web page, it contains material intended to be disseminated to the public, and analysis must be made under the Privacy Protection Act. This issue is cantankerous enough that the Department of justice required, as of September of 1993, for Deputy Assistant Attorney Generals to review all search warrants that might touch on the Personal Privacy Act sought by agencies under their control.(69)

The problem with the PPA is that it has no teeth. Because the illegally seized evidence is still admissible at trial, and if, for instance, a news broadcast using the seized material has already been broadcast, the economic damages suffered are minimal. Cases like Steve Jackson, Inc, where the damages were fairly high, are rare. Baring the evidence at trial is problematic because under the PPA the person being investigated is not the one whose rights were violated. If Congress truly wants to prevent these types of actions, statutory damages have to be raised to amounts that will make law enforcement officials notice.

The last federal law to be discussed here is the Electronic Communications Privacy Act of 1986.(70) In addition to adding to law enforcement's tool bag by increasing the number of crimes that can be investigated through electronic surveillance methods,(71) the act made it illegal on a federal level to intercept computer communications.(72) However. In Steve Jackson Games the court ruled that seizing a computer with hard copies of undelivered computer communications was not "interception" under the statute.(73) Apparently it only applies to communications as they are flowing. Notice that under this rational, using a sniffer program to look at programs as they wait in memory might also not be interception.

As the technology evolves and expands there is certain to be more and more case law and commentary written as enforcement activities become more common.(74) Recently Janet Reno announced that the first ever computer network wire tap was issued in an investigation of Julio Cesar Ardeidae, an Argentine who had been breaking into government computers.(75) There are certainly a number of other search and seizure issues related to computers and computer crimes. These are offered only as a barest illustration and certainly not as an exhaustive discussion of them.

Venue

Computer crimes can also have other special problems when it comes to enforcement. One of these is venue.(76) Normally venue in a federal criminal prosecution relies on where the crime took place, but this is not always easy to determine in a computer crime case. Constitutionally an accused party is tried in the location where the crime took place.(77) This is further reinforced by the Federal Rules of Criminal Procedure rule 18.(78)

Normally, unless provided for in statute, the location of a criminal trial would be where the defendant physically was when the crime took place, but some crimes are felt in more than one physical location and other factors that may be applied include "the site of the defendant's acts, the elements and nature of *44 the crime, the locus of the effect of the criminal conduct, and the suitability of each district for accurate fact finding."(79)

Kevin Mitnick was on the east coast dialing through an illegal cellular link, calling into a local Internet service provider, then going through the Internet to an system in California, where he was reading other people's mail and accessing the system without authority.(80) Discounting that in this scenario the first crime occurred in North Carolina, with the illegal cellular hook up, which makes an argument for a North Carolina venue, and assuming that he committed a provable crime in accessing other people's mail, where did it take place? Was it in North Carolina where he was sitting at a keyboard or in California where his criminal intention came to fruit? Since the proofs of the crime are in California, and Mitnick was a fugitive from California with no permanent ties in North Carolina, balancing the enumerated factors suggest trying him in California.

What if instead however, it was a permanent North Carolina resident that committed the same crime? Assume he dialed in legally to a local Internet service provider, then used the Internet to connect to a west coast computer where he committed a crime. It would be much less fair to subject that defendant to being transported across the country for trial. He might have a lawyer he wishes to use in North Carolina, his family might be there. He might be out on bond, and a trial in California would cost him in transportation and housing costs. If he was working he would have to take a leave of absence and loss of income.

The government would want the trial in California if possible. There costs to try the case in California are much less. The witnesses and evidence they need to prove the crime are in California. Many witnesses might refuse to go to North Carolina, and transportation costs and accommodations could be prohibitive. If it was a crime that had relatively low or no economic consequences, the government could very well decide they would not prosecute it in North Carolina because of the costs, and a criminal receives no punishment.

Every state has now enacted some type of criminal laws dealing with computer crime, but to date prosecutions have been few and sentences have been light.(81) Connecticut has enacted several laws dealing with computer crime that are fairly comprehensive.(82) Intentional access or use of a computer system without authorization, and intentional or reckless denial of service of a computer system to the owner of the computer system are defined as computer crimes, as well as altering, deleting, tampering with, damaging, destroying, taking, intercepting, or adding data, as well as receiving, retaining, using or disclosing data that was obtained illegally.(83)

The crime is classified according to the amount of damage, or the value of the material taken, with a value of more than $10,000 being a class B felony,(84) and $500 or less being a class B misdemeanor, and various other gradients between these.(85) If the criminal has derived profit from his computer crime, then an alternative fine not to exceed double that gain derived maybe imposed.(86) Computer crimes can also be combined as in a larcenous spree, where if an offender commits a continuing series of computer crimes, the aggregate value of all the crimes may be added to determine the value, and if committed by more than one person, each is responsible for the total.(87)

The legislature also addressed the problem of determining the physical location where the offense occurred, allowing alternate jurisdictions of where the actor was when the offense occurred, or where the effected computer resided.(88) If there was more than one location involved, it can be any of them.(89) The statutes also claim Connecticut jurisdiction if any of the acts committed, or computers effected, are geographically within this state.(90)

Methods of Attack

Knowing what constitutes a computer crime helps no one unless there is an understanding of how some of these type of Crimes are committed. It is not my intention to write a "how to" manual on computer "cracking," nor do I posses the technical expertise to explain the inherent limitation in the Internet protocol computers use to exchange information which make some types of attacks possible. I will provide some general information on some types of computer crime however.

Some of the most common means of attacking a computer include:

1> Stealing Passwords- This is as simple as physically seeing them posted on a wall near a computer, or as technical as installing a program to record keystrokes on a system and gather the passwords.(91)

2> Social Engineering- This involves exploiting human weaknesses, a hacker passing himself off as someone else and gaining privileged information, or getting someone to do something for him that they shouldn't be doing for an unauthorized person.(92)

Kevin Mitnick posed as a new employee for an apartment building, an employee of the Social Security Administration, and a Pacific Bell employee to gather information on the individuals running an FBI investigation of him, including getting legitimate Pacific Bell employees to tell him what the last number dialed from certain phones lines.(93)

This could also include activities like "dumpster diving" into the trash of a target, and often finding computer printouts and other information that assists a perpetrator in invading a company's computers.(94)

3> Bugs and Backdoors- Some commercial programs have defects in them that are exploitable by persons wishing to invade a machine. Other programs are written in a way that a knowledgeable person can invade a system using them.

Authentication Failures- Basically technologies that are not really suited for the modern, increasing interconnected world they function in leave gaps that can be exploited, even though they are functioning as originally intended.(95)

5> Protocol failures-This occurs when one computer believes it is communicating with one computer, but in fact it is communicating with a hostile machine and being intentionally spoofed. This is the type of attack that succeeded on Tsutomu Shimomura's computer system in a widely publicized intrusion usually attributed to Kevin Mitnick.(96)

6> Information Leakage- An attacker uses information that is returned from a computer, in it's normal functioning, to ascertain other information useful to break in.(97)

7> Denial of Service- Occurs when an attacker is not necessarily trying to gain access to the system, but ties it up with unnecessary work, like sending it 100,000 mail messages, depriving the owner of the use of the system.(98)

8> Password Sniffers- Programs that look at packets of information as it flows over the Internet and extracts passwords and other information to allow an attacker to log onto a system as you.(99)

9> Password Cracking- if a hacker can get a hold of your encrypted password file, there are programs that will use an encrypted dictionary to crack your password file.(100) Using passwords that are a random combination of letters and numbers can minimize this danger.

One of the most visible agencies that has come into existence is The Computer Emergency Response Team (CERT). CERT was originally established as an informal organization, and in 1988 the Defense Advanced Research Projects Agency formed the CERT command center as part of the Software Engineering Institute,(101) and it is physically located in Pittsburgh, Pennsylvania at Carnegie Mellon University. Rather than enforcement, or technical innovation, CERT handles communication, providing organization to distribute news of intrusion attacks, the software weaknesses that allow them, and fixes to combat them.(102) People who want a more technical description of some of the more publicized Internet attacks can find it in CERT advisories.(103)

Online Harassment

Not every crime is perpetrated by a computer mastermind stealing across the Internet to break into a computer he has no right to. A growing problem is online harassment. Someone with a grudge, or simply a desire to cause trouble for someone, can send e-mail that is virtually untraceable. An anonymous remailer, like penet in Finland, allows a person to send a message where all traces of the sending party are removed.(104) These services are not known for cooperating with authorities, either.(105) A person can browse a web site using a service like anonymizer,(106) which allows a caller to browse the web anonymously, and leave messages or otherwise use the web site in a way that harms the owner.

E-Mail harassment is a problem that has grown in recent years, yet in many places laws have not kept pace, and in some jurisdictions sending harassing E-Mail is not a crime.(107) Other jurisdictions, Connecticut included, have addressed the problem.(108) Other states have laws that specifically refer to "telephone calls" or "repeated ringing" of a telephone,(109) which obviously will not stretch to cover E-Mail harassment.

Connecticut Statutes dealing with harassment specifically include communication by "computer network."(110) As such any behavior which would be harassment under the statute should be covered by the statute when done electronically through a computer.

Colin Hatcher, of CyberAngels, includes e-mail harassment as a subgroup of related phenomenons, which he labels "cyberstalking."(111) He includes live chat and IRC as areas where victims are most likely to be initially targeted, followed by message boards and Usenet news groups, frequently followed up by messages sent to your e-mail account which can include hate mail, mail bombs, and viruses in file attachments.(112) In addition he points out that a "cyberstalker" can post hostile information about you in news groups, send mail or Usenet postings that appear to come from you, or impersonate you in chat areas, all readily doable under the present technology.(113)

The federal government has not been silent on this issue, either. Part of the Telecommunications Act of 1996 contained language aimed at online harassment.(114) The sections of that act which deal with indecent materials has been the topic of debate and litigation, but there is no indication that the laws against harassment by computer communications are in any way impaired.(115)

Conclusions

Despite action by the legislature, the legal system does not seem to be addressing much computer crime. Despite a few high profile cases, law enforcement either doesn't understand the nature of the crime,(116) or possibly, in a case of online harassment do not have the recourse and training to effectively investigate. Private organizations like CERT and CyberAngels have filled some of the gap to an extent, but as our society moves farther and farther into an interconnected world, the Criminal Justice System, the courts and the legislatures will have to evolve to function in a changing world.

CONNECTICUT GENERAL STATUTES

TITLE 53A. PENAL CODE

CHAPTER 952. PENAL CODE: OFFENSES

PART XXII. COMPUTER--RELATED OFFENSES


53a-250. Definitions

For the purposes of this part and section 52-570b:

(1) "Access" means to instruct, communicate with, store data in or retrieve data from a computer, computer system or computer network.

(2) "Computer" means a programmable, electronic device capable of accepting and processing data.

(3) "Computer network" means (A) a set of related devices connected to a computer by communications facilities, or (B) a complex of two or more computers, including related devices, connected by communications facilities.

(4) "Computer program" means a set of instructions, statements or related data that, in actual or modified form, is capable of causing a computer or computer system to perform specified functions.

(5) "Computer services" includes, but is not limited to, computer access, data processing and data storage.

(6) "Computer software" means one or more computer programs, existing in any form, or any associated operational procedures, manuals or other documentation.

(7) "Computer system" means a computer, its software, related equipment, communications facilities, if any, and includes computer networks.

(8) "Data" means information of any kind in any form, including computer software.

(9) "Person" means a natural person, corporation, limited liability company, trust, partnership, incorporated or unincorporated association and any other legal or governmental entity, including any state or municipal entity or public official.

(10) "Private personal data" means data concerning a natural person which a reasonable person would want to keep private and which is protectable under law.

(11) "Property" means anything of value, including data.



53a-251. Computer crime

(a) Defined. A person commits computer crime when he violates any of the provisions of this section.

(b) Unauthorized access to a computer system. (1) A person is guilty of the computer crime of unauthorized access to a computer system when, knowing that he is not authorized to do so, he accesses or causes to be accessed any computer system without authorization.

(2) It shall be an affirmative defense to a prosecution for unauthorized access to a computer system that: (A) The person reasonably believed that the owner of the computer system, or a person empowered to license access thereto, had authorized him to access; (B) the person reasonably believed that the owner of the computer system, or a person empowered to license access thereto, would have authorized him to access without payment of any consideration; or (C) the person reasonably could not have known that his access was unauthorized.

(c) Theft of computer services. A person is guilty of the computer crime of theft of computer services when he accesses or causes to be accessed or otherwise uses or causes to be used a computer system with the intent to obtain unauthorized computer services.

(d) Interruption of computer services. A person is guilty of the computer crime of interruption of computer services when he, without authorization, intentionally or recklessly disrupts or degrades or causes the disruption or degradation of computer services or denies or causes the denial of computer services to an authorized user of a computer system.

(e) Misuse of computer system information. A person is guilty of the computer crime of misuse of computer system information when: (1) As a result of his accessing or causing to be accessed a computer system, he intentionally makes or causes to be made an unauthorized display, use, disclosure or copy, in any form, of data residing in, communicated by or produced by a computer system; or (2) he intentionally or recklessly and without authorization (A) alters, deletes, tampers with, damages, destroys or takes data intended for use by a computer system, whether residing within or external to a computer system, or (B) intercepts or adds data to data residing within a computer system; or (3) he knowingly receives or retains data obtained in violation of subdivision (1) or (2) of this subsection; or (4) he uses or discloses any data he knows or believes was obtained in violation of subdivision (1) or (2) of this subsection.

(f) Destruction of computer equipment. A person is guilty of the computer crime of destruction of computer equipment when he, without authorization, intentionally or recklessly tampers with, takes, transfers, conceals, alters, damages or destroys any equipment used in a computer system or intentionally or recklessly causes any of the foregoing to occur.



53a-252. Computer crime in the first degree: Class B felony

(a) A person is guilty of computer crime in the first degree when he commits computer crime as defined in section 53a-251 and the damage to or the value of the property or computer services exceeds ten thousand dollars.

(b) Computer crime in the first degree is a class B felony.

53a-253. Computer crime in the second degree: Class C felony

(a) A person is guilty of computer crime in the second degree when he commits computer crime as defined in section 53a-251 and the damage to or the value of the property or computer services exceeds five thousand dollars.

(b) Computer crime in the second degree is a class C felony.

53a-254. Computer crime in the third degree: Class D felony

(a) A person is guilty of computer crime in the third degree when he commits computer crime as defined in section 53a-251 and (1) the damage to or the value of the property or computer services exceeds one thousand dollars or (2) he recklessly engages in conduct which creates a risk of serious physical injury to another person.

(b) Computer crime in the third degree is a class D felony.

53a-255. Computer crime in the fourth degree: Class A misdemeanor

(a) A person is guilty of computer crime in the fourth degree when he commits computer crime as defined in section 53a-251 and the damage to or the value of the property or computer services exceeds five hundred dollars.

(b) Computer crime in the fourth degree is a class A misdemeanor.



53a-256. Computer crime in the fifth degree: Class B misdemeanor

(a) A person is guilty of computer crime in the fifth degree when he commits computer crime as defined in section 53a-251 and the damage to or the value of the property or computer services, if any, is five hundred dollars or less.

(b) Computer crime in the fifth degree is a class B misdemeanor.



53a-257. Alternative fine based on defendant's gain

If a person has gained money, property or services or other consideration through the commission of any offense under section 53a-251, upon conviction thereof the court, in lieu of imposing a fine, may sentence the defendant to pay an amount, fixed by the court, not to exceed double the amount of the defendant's gain from the commission of such offense. In such case the court shall make a finding as to the amount of the defendant's gain from the offense and, if the record does not contain sufficient evidence to support such a finding, the court may conduct a hearing upon the issue. For the purpose of this section, "gain" means the amount of money or the value of property or computer services or other consideration derived.



53a-258. Determination of degree of crime

Amounts included in violations of section 53a-251 committed pursuant to one scheme or course of conduct, whether from the same person or several persons, may be aggregated in determining the degree of the crime.



53a-259. Value of property or computer services

(a) For the purposes of this part and section 52-570b, the value of property or computer services shall be: (1) The market value of the property or computer services at the time of the violation; or (2) if the property or computer services are unrecoverable, damaged or destroyed as a result of a violation of section 53a-251, the cost of reproducing or replacing the property or computer services at the time of the violation.

(b) When the value of the property or computer services or damage thereto cannot be satisfactorily ascertained, the value shall be deemed to be two hundred fifty dollars.

(c) Notwithstanding the provisions of this section, the value of private personal data shall be deemed to be one thousand five hundred dollars.



53a-260. Location of offense

(a) In any prosecution for a violation of section 53a-251 the offense shall be deemed to have been committed in the town in which the act occurred or in which the computer system or part thereof involved in the violation was located.

(b) In any prosecution for a violation of section 53a-251 based upon more than one act in violation thereof, the offense shall be deemed to have been committed in any of the towns in which any of the acts occurred or in which a computer system or part thereof involved in a violation was located.

53a-261. Jurisdiction

If any act performed in furtherance of the offenses set out in section 53a-251 occurs in this state or if any computer system or part thereof accessed in violation of section 53a-251 is located in this state, the offense shall be deemed to have occurred in this state.



53a-262 to 53a-274. Reserved for future use



TITLE 53A. PENAL CODE

CHAPTER 952. PENAL CODE: OFFENSES

PART XIV. BREACH OF THE PEACE, CREATING A PUBLIC DISTURBANCE,
INTIMIDATION

BASED ON BIGOTRY OR BIAS, STALKING, DISORDERLY CONDUCT, OBSTRUCTING FREE

PASSAGE AND HARASSMENT

53a-182b. Harassment in the first degree: Class D felony

(a) A person is guilty of harassment in the first degree when, with the intent to harass, annoy, alarm or terrorize another person, he threatens to kill or physically injure that person or any other person, and communicates such threat by telephone, or by telegraph, mail, computer network, as defined in section 53a-250, or any other form of written communication, in a manner likely to cause annoyance or alarm and has been convicted of a capital felony, a class A felony, a class B felony, except a conviction under section 53a-86 or 53a-122, a class C felony, except a conviction under section 53a-87, 53a-152 or 53a-153, or a class D felony under sections 53a-60 to 53a-60c, inclusive, 53a-72a, 53a- 72b, 53a-95, 53a-103, 53a-103a, 53a-114, 53a-136 or 53a-216. For the purposes of this section, "convicted" means having a judgment of conviction entered by a court of competent jurisdiction.

(b) For purposes of this section, such offense may be deemed to have been committed either at the place where the telephone call was made or where it was received.

(c) The court may order any person convicted under this section to be examined by one or more psychiatrists.

(d) Harassment in the first degree is a class D felony.

53a-183. Harassment in the second degree: Class C misdemeanor

(a) A person is guilty of harassment in the second degree when: (1) By telephone, he addresses another in or uses indecent or obscene language; or (2) with intent to harass, annoy or alarm another person, he communicates with a person by telegraph or mail, by electronically transmitting a facsimile through connection with a telephone network, by computer network, as defined in section 53a-250, or by any other form of written communication, in a manner likely to cause annoyance or alarm; or (3) with intent to harass, annoy or alarm another person, he makes a telephone call, whether or not a conversation ensues, in a manner likely to cause annoyance or alarm.

(b) For purposes of this section such offense may be deemed to have been committed either at the place where the telephone call was made, or at the place where it was received.

(c) The court may order any person convicted under this section to be examined by one or more psychiatrists.

(d) Harassment in the second degree is a class C misdemeanor.

Appendix B- Selected Course Descriptions for Federal Investigators at FLETC

Program Title:COMPUTER CRIME PROSECUTION TRAINING PROGRAM* (CCPTP)

Program Description: This program was specifically designed for prosecutors by the FLETC Financial Fraud Institute working with representatives from the Department of Justice, Attorney General's Advocacy Institute. It has been tailored to address the specific prosecutorial needs of States and district attorneys. Individual Programs explore the types of computer related evidence which will be encountered, and several legal Programs address specific issues such as Relevant State Statutes, Computer Related Evidence, Prosecution Strategies, Privacy Issues, Working with Juveniles, and Defense Strategies. At the conclusion of the program, the prosecutor will have developed the fundamental strategies for preparing and presenting a high tech crime prosecution. This is an export program, presented in cooperation with a particular State prosecution agency. It is not intended for Federal officers or prosecutors.

Programs include

# Computer Crime for Prosecutors # Telecommunications Crime # Computer Evidence

# Technical Crime Case Study # Privacy Issues # Computer Crime Statutes

# Prosecution Strategies # Dealing with Juveniles # Defense Strategies

Length of Training: 3 class days

Prerequisites for Attendance: Registrants should be prosecutors or law enforcement officers who routinely work as part of technical crimes prosecution teams.



Program Title:COMPUTER EVIDENCE ANALYSIS TRAINING PROGRAM (CEATP)*

Program Description: The CEATP deals with computer search and seizure and forensic analysis of computer systems that are not IBM compatible.

Instruction is provided in the following areas

# Local Area Network configurations and topographies as well as seizure techniques and standards

# Novell NetWare Network Operating System menus and commands to assist with preserving and accessing data on the network server

# Apple Macintosh file structure, boot processes and suggested seizure/analysis techniques

# Unix file structure and typical commands to be used to access data on a computer system running the Unix operating system

# Various utilities that can be used for downloading data from minicomputers or mainframes, and for converting the data into a format for analysis

# Encryption/Decryption concepts and programs

# Windows NT file structure and typical configurations

# Windows 95 file structure and comparison to IBM compatible/DOS based systems

Length of Training: 5 class days

Prerequisites for Attendance: The applicant must be a full-time journey-level criminal investigator who has completed the CIAETP (Criminal Investigations in an Automated Environment Training Program), or who is fully knowledgeable about the file structure of the DOS operating system, and who is familiar with recovery of computer generated evidence. Applicants who have not graduated from the CIAETP must qualify credentials directly with the program coordinator in order to demonstrate his/her knowledge of the information taught during the CIAETP, and acquire a waiver of the CIAETP prerequisite. Non-investigators are authorized to attend the program if they routinely work as a part of a technical investigative team. Qualified personnel from nonparticipating Federal agencies and State or local law enforcement organizations are admitted on a space-available basis.

Program Title:CRIMINAL INVESTIGATIONS IN AN AUTOMATED ENVIRONMENT TRAINING PROGRAM (CIAETP)

Program Description: The CIAETP is an intensive training program that introduces participants to the principles and techniques governing the acquisition of computer data files during the Program of an investigation, and the subsequent search and seizure of computer related equipment/media, and its analysis for investigative leads. The training program begins with the presentation of 1 week of intensive disk analysis techniques used on IBM compatible computer systems. Participants use state-of-the-art IBM-compatible computer systems running MS-DOS (Microsoft Disk Operating System), and application programs such as Windows, File Viewers, Norton Utilities, and various other utilities to locate data relevant to an investigative scenario. Students learn techniques to recover erased data which has not been overwritten, partially overwritten and fragmented data using various utility programs. Participants are presented with two software programs used during the first week of this training program: QuickView Plus and Norton Utilities (version 8).

During week 2 of the training program, students are presented with a continuing case investigation with the predication that sensitive and classified government data has been compromised. Within the investigative scenario, students are exposed to legal issues, investigative techniques in requesting computer files through subpoenas, and composition of an affidavit for a search warrant using appropriate wording, directed toward computer equipment. As a series of final practical exercises, students execute a search warrant in an automated environment, seize computer data and magnetic media, perform an analysis of the computer media, and prepare for direct/cross examination in court regarding the techniques used during the search/seizure and analysis and the actual information found that contributed to the arrest of the defendant.

Programs in the CIAETP include the following

# Disk Analysis: DOS/Batch Files

# Disk Analysis: Windows/File Viewers

# Disk Analysis: DOS/Batch Files, Windows/File Viewers Practical Exercise

# Disk Analysis: Boot Process and Configuring a Boot Disk for use at the Search Site

# Disk Analysis: Recovering Erased Data from Disks

# Disk Analysis: Miscellaneous Investigative Utilities

# Continuing Case Investigation Practical Exercise

# Disk Analysis: Final Practical Exercise

# Computer Related Statutes

# Computer Evidence

# Computer Search and Seizure

# Electronic Communications Privacy Act/Personal Privacy Act

# Duplicating/Converting data files from multi-user systems

# Backing up data from computer systems at the search site

# Computer Investigative Techniques/Evidence Preservation

# Execution of a Search Warrant Practical Exercise

# Prosecution Considerations/Expert Witness Testimony

Length of Training: 10 class days

Prerequisite for Attendance: Applicants must be experienced law enforcement investigators with practical experience in criminal law, court procedures, and other related areas of investigation. The program is geared primarily to economic crime investigators who understand the fundamentals of database management (sorts, queries, report generation) and can use microcomputers as an investigative tool. Completion of a basic microcomputer training program is considered to be an adequate background for this program. No basic data processing or basic legal material is offered in the program.

Program Title:SEIZED COMPUTER AND EVIDENCE RECOVERY SPECIALIST TRAINING PROGRAM (SCERS)

Program Description: Businesses and individuals are increasingly relying on computers for a variety of uses, such as word processors to produce texts, databases to manage records, and spreadsheets to manage financial functions. Criminals with access to computers will likely use them in virtually every type of criminal activity, including narcotics trafficking, money laundering, and memorialization by serial rapists and murderers. As a result, computers are being encountered today during the execution of most search warrants. Therefore, there is a critical need for law enforcement officers to be able to successfully seize, process, and recover computer evidence without compromising the integrity of the computerized evidence.

Responding to increasing demands from many law enforcement agencies, the Financial Fraud Institute has assembled a comprehensive curriculum for the Seized Computer and Evidence Recovery Specialist Training Program. As they develop an in-depth knowledge of how computer data is created, stored, modified, and manipulated, during training students will access and extract evidence from microcomputers. This computer evidence will be protected from destruction by viruses, planned malicious devices, and careless manipulation.

During practical exercises, these necessary skills will be used to successfully process computer evidence. Computer processing will be from DOS-based microcomputers, using floppy and hard disks.

Students will work extensively with the following forms

# Named Files (at the DOS Level)

# Erased Files (Unfragmented)

# Erased Files (Fragmented)

# Locating Data in Unallocated Space

# Hidden Files and Sub-Directories using Camouflage Methods

# Locating Data Unreadable by Standard DOS Commands and Procedures

# Data Unknowingly Written to Disk from the Computer's Memory

# Data Hidden by Special Programming Techniques

# Disguised Data

Participants will make exact copies of the original evidence found on computer disks, document computer evidence and recovery procedures for credible testimony at trial. Completion of the program is intended to assist in qualifying students as expert witnesses in the processing of seized computer evidence and data recovery.

Length of Training: 15 class days

Prerequisites for Attendance: Trained law enforcement officers experienced in the rules of evidence and the interpretation of investigative leads who, with an in-depth knowledge in DOS, are required to seize and process computer evidence and maintain the evidentiary integrity of recovered data.

Program Title:TELECOMMUNICATIONS FRAUD TRAINING PROGRAM (TCFTP)

Program Description: The TCFTP introduces the student to the investigative opportunities and complexities of today's flourishing telecommunications systems and the "Information Superhighway."

Anonymous, instantaneous, worldwide communications are immediately available to both the investigator and to the criminal. This program describes the difficult and intimidating relationships of local and long distance carriers, resellers, providers, and end users and demonstrates their affiliations. Students will be introduced to emerging technologies and discuss their applications to crimes of today and criminal trends of the future.

Students will investigate and discuss complex case material in a practical exercise, presented as a continuous thread scenario throughout the program. This realistic application of skills introduces the student to many facets of highly technical investigations in the computer and information age. Additionally, the training is augmented by classroom presentations from subject matter experts in law enforcement and the communications industry.

The world is moving onto the Internet. Students are introduced to some of the capabilities of this "network of networks" where information is a commodity. Crimes can be committed from another country, and the victim may never know that a crime has been committed against them.

Most important, agents will receive up-to-date information on the emerging mysteries of telecommunications law. They will learn the requirements for liaisons with their counterparts

from the telecommunications industry within these new laws. Also, agents will have the opportunity to begin their own network of sources of telecommunications information.

Programs in the TCFTP include the following

# Techniques of Telecommunications Crimes

# Hackers & Phreakers - Who are the Cyberspace Criminals

# Basic Telephony - Terminology and History

# Electronic Fraud Devices - Boxes Customer Premises Equipment - Fraud at Home

# Obtaining Carrier Records - Subpoena Management Centers

# Cellular Communications Fraud - Capturing ESNIMIN information

# Dealing with Hackers - Social Engineering

# Future Trends in Telecommunications Technology

# Dialed Number Recorders - Practical Applications

# Voice Mail - Fraud and Abuse

# Electronic Communications Privacy Act - Updates and Problems

# FISA/PPA/18 USC 1029 & 1030 and other applicable laws

# Digital Telephony - Law Enforcement Assistance Act

# Preparing Telecommunications Search Warrants - Federal and State Applications

# Current Topics (as trends develop)

Length of Training: 10 class days

Prerequisites for Attendance: Applicants are experienced investigators, analysts, prosecutors, judicial officers, and their non-Federal counterparts. They should have a basic understanding of and a need to participate in computer and telecommunications crime investigations and prosecutions.

1. 1 I am aware that the original hackers were not criminals, and it was a term of respect for people with unusually high knowledge of computer systems, but popular usage of the word has evolved into a usage that implies illegal entry into a computer system, and that is the sense I will use it for.

2. 2 United Nations Manual on the Prevention and Control of Computer-related Crime, paragraph 20, available via <http://www.ifs.univie.ac.at/~pr2gql/rev4344.html>. Hereinafter UN Manual.

3. 3 UN Manual, paragraphs 21-26.

4. 4 "Phone traps" are messages requesting someone to call what looks like a US number, but in fact it's an international call, and the schemers get a rebate from the foreign phone company which charges extremely high rates. The Federal Trade Commission Bureau of Consumer Protection provides information at http://www.ftc.gov/bcp/conline/pubs/

alerts/phonscam.htm>.

5. 5 Melvin F. Jager & William J. Cook, Trade Secrets & Industrial Espionage - Online Piracy, 454 PLI/Pat 91, 95 (1996).

6. 6 Dodd S. Griffith, The Computer Fraud And Abuse Act of 1986: A Measured Response to a Growing Problem, 43 Vand. L. Rev. 453 (1990) quoting A.B.A., Criminal Justice Section, Task Force on Computer Crime, Report on Computer Crime (1984).

7. 7 Scott Charney, Law Enforcement's Shift From a Corporeal Environment To the Intangible, Electronic World of Cyberspace , 41 Fed. B. News & J. 489, 490 (1994).

8. 8 For instance: CyberAngels, an off shoot of the Guardian Angels dealing with safety on the Internet, <http://www.cyberangels.org>; The International Association of Computer Investigation Specialists who offer search and seizure, forensics, encryption and other law enforcement issues involved in investigation computer crime, <http://www.cops.org>; and The National Computer Crime Squad of the Federal Bureau of Investigation, <http://www.fbi.gov/programs/nccs>.

9. 9 Charney, Supra note 3 at 491-492.

10. 10 Marc S. Friedman & Kenneth R. Buys, "Infojacking": Crimes On The Information Superhighway, 13 NO. 10 Computer Law. 1, 2 (1996)

11. Counterfeit Access Device and Computer Fraud and Abuse Act of 1984, Pub. L. No. 98-473, ch. 21, 98 Stat. 2190 (1984) (codified as amended at 18 U.S.C. s 1030 (1988)).

12. Dodd S. Griffith, The Computer Fraud and Abuse Act of 1986: A Measured Response to a Growing Problem, 43 Vand. L. Rev. 453, 466 (1990).

13. Pub. L. No. 99-474, 100 Stat. 1213 (codified as amended at 18 U.S.C. 1030 (1988)).

14. 14 18 U.S.C. 1030(a)(1)-(6)(West 1997).

15. 18 U.S.C. 1030(e)(2) provides" the term 'protected computer' means a computer--

(A) exclusively for the use of a financial institution or the United States Government, or, in the case of a computer not exclusively for such use, used by or for a financial institution or the United States Government and the conduct constituting the offense affects that use by or for the financial institution or the Government; or

(B) which is used in interstate or foreign commerce or communication;"

16. 16 United States v. Morris, 928 F. 2d 504 (2nd Cir.), cert. denied, 112 S. Ct. 72 (1991) and U.S. v. Sablan, C.A.9 (Guam)92 F.3d 865 (1996).

17. 17 18 U.S.C. 1030(e)(6)(West 1997).

18. Joseph P. Daly, The Computer Fraud and Abuse Act--A New Perspective: Let the Punishment Fit the Damage, 12 J. Marshall J. Computer & Info. L. 445,455 (1993).

19. 19 18 U.S.C. 1030(e)(6)(d)(West 1997).

20. Jo-Ann M. Adams, Controlling Cyberspace: Applying the Computer Fraud and Abuse Act to The Internet, 12 Santa Clara Computer & High Tech. L. J. 403 (1996).

21. 21 Friedman & Buys, Supra note 3 at 5.

22. 22Id. At 5.

23. 23 Melvin F. Jager & William J. Cook, Trade Secrets & Industrial Espionage-Online Piracy, 454 PLI/Pat 91, 101 (1996).

24. 24 Friedman & Buys, Supra 3 note at 8.

25. 17 U.S.C. 506(a)(West 1997).

26. Id.

27. 871 F. Supp. 535 (1994).

28. Id. At 541.

29. Id. At 544.

30. For a description of this bill see The Criminal Copyright Improvement Act of 1995 discussed in 141 Cong. Rec. 11451-05, 11452 (Aug. 4, 1995) (statement of Sen. Leahy).

31. 18 U.S.C. 2314.

32. United States v. Wang, 898 F. supp. 758, 760 (D. Colo. 1995); United States v. Brown, 925 F.2d 1301, 1308 (10th Cir. 1991); United States v. LaMacchia, 871 F. Supp. 535, 536-538 (D. Mass. 1994).

33. United States v. Jones, 553 F.2d 351, 356 (4th Cir.), cert. denied, 431 U.S. 968 (1977).

34. For a discussion of the value in including trade secrets and other information as property see Todd H. Flaming, The National Stolen Property Act and Computer Files: A New Form of Property, A New Form of Theft, 1993 U. Chi. L. Sch. Roundtable 255(1993).

35. 35 United States Department of Justice Guidelines for Searching Computers available from the Computer Crime Unit, General Litigation Unit, Department of Justice or via <http://www.access.digex.net/~almonrb/dojcsm.html>. Hereinafter "DOJ Guidelines."

36. For a discussion of the legalities and moralities of a hypothetical net wide search, using some type of worm program see Michael Adler, Cyberspace, General Searches, and Digital Contraband: The Fourth Amendment and the Net-Wide Search, 105 Yale L. J. 1093 (1996).

37. 37 DOJ Guidelines at 21.

38. 38 Id.

39. 39 DOJ Guidelines at 30-33.

40. 40 42 U.S.C. 2000aa et. seq.

41. 41Legal update 95-02, Department of the Treasury Federal Law Enforcement Training Center, Glynco, Georgia, or available through <http://www.well.com/user/kfarrand/lud.htm>. Hereinafter "FLETC Guidelines." I have also included in appendix B a listing of courses offered at the FLETC involving computer crime to give a feel of where law enforcement agencies are headed.

42. 42 Zurcher v. Stanford Daily, 436 U.S. 547 (1978).

43. 43 S. Rep. No. 874, 96th Cong., 2nd Sess. 4 (1980).

44. 44 42 U.S.C. 2000aa(a)(West 1997).

45. 45 FLETC Guidelines.

46. 46 42 U.S.C. 2000aa-7 defines as follows:

(b) "Work product materials", as used in this chapter, means materials, other than contraband or the fruits of a crime or things otherwise criminally possessed, or property designed or intended for use, or which is or has been used, as the means of committing a criminal offense, and--

(1) in anticipation of communicating such materials to the public, are prepared, produced, authored, or created, whether by the person in possession of the materials or by any other person;

(2) are possessed for the purposes of communicating such materials to the public; and

(3) include mental impressions, conclusions, opinions, or theories of the person who prepared, produced, authored, or created such material.

47. 47 42 U.S.C. $$ 2000aa-7(b).

48. 48 42 U.S.C. 2000aa (b)(2).

49. 49 42 U.S.C. 2000aa (b)(1).

50. 50 42 U.S.C. 2000aa (b)(3).

51. 51 42 U.S.C. 2000aa (b)(4)(A).

52. 52 42 U.S.C. 2000aa (b)(4)(B).

53. 53 47 U.S.C. 2000aa (b)(1).

54. 54 42 U.S.C. 2000aa-6 (e).

55. 55 42 U.S.C. 2000aa-6 (e) and 2000aa-12.

56. 56 42 U.S.C. 2000aa-6 (b).

57. 57 42 U.S.C. 2000aa-6 (c).

58. Steve Jackson Games, Inc. v. United States Secret Service, 36 F.3d 457 (1994).

59. 883 F. Supp. 1282 (W.D. Missouri 1995), reversed and remanded 89 F.3d 1350 (1996).

60. Id. at 1285.

61. Id. at 1288.

62. Id. at 1287.

63. Id. at 1288.

64. Id. at 1356.

65. Id.

66. Id. (Bright, ,J dissenting in part) at 1358.

67. Id. at 1360.

68. I plan on attaching this paper to my web page. Since I have data relating to this paper on both my computers, they should booth fall under the protections of the PPA.

69. 69 DOJ Guidelines at 80.

70. 18 U.S.C. 2510-2521, 2701-2710 (West 1997).

71. 18 U.S.C. 2516 (West 1997).

72. 18 U.S.C. 2511(1)(e)(West 1997).

73. 36 F. 3d at 458.

74. Kent Walker, Federal Criminal Remedies for the Theft of Intellectual Property, 16 Hastings Comm/Ent L. J. 681, 684-685 (1994).

75. First Internet Wiretap Leads to a Suspect, N. Y. Times, March 31, 1996 , at 1, p4. For a discussion of the problems of law enforcement monitoring of e-mail see Chris J. Katopis, "Searching" Cyberspace: The Fourth Amendment and Electronic Mail, 14 Temp. Envtl. L. & Tech. J. 175(1995).

76. 76 See generally Henry H. Perritt, Jr., Jurisdiction In Cyberspace, 41 Vill. L. Rev. 1 (1996).

77. 77U.S. Const. art. III, s 2, cl. 3.

78. 78 Fed. R. Crim. P. 18.

79. 79 United States v. Reed, 773 F.2d 477, 481 (2d Cir. 1985).

80. 80 Jonathan Littman, The Fugitive Game 350-356, (Little, Brown and Co., Boston), (1997).

81. Adam G. Ciongoli, Jennifer A. DeMarrais and James Wehner, Computer-Related Crimes, 31 Am. Crim. L. Rev. 425, 444-445(1994).

82. C.G.S. 53a-182b, 53a-183 and 53a-250 through 53a-261 all deal specifically with computer crimes. Exercising forward thought, 53a-262 through 53a-274 are reserved for future statutes involving computer crime. The complete text of these statutes is contained in Appendix A.

83. C.G.S. 53a-251.

84. C.G.S. 53a-252.

85. C.G.S. 53a-256.

86. C.G.S. 53a-257.

87. C.G.S. 53a-258.

88. C.G.S. 53a-260.

89. Id.

90. C.G.S. 53a-261.

91. 91 William R. Cheswick and Steven M. Bellovin, Firewalls and Internet Security 159, (1994).

92. For accounts of how teenage hackers obtained passwords and other supposedly confidential information from New York Telephone employees see Michelle Slatalla and Joshua Quittner, Masters of Deception: The Gang That Ruled Cyberspace, 33,49, (Harper Perennial, New York)(1995).

93. 93 Littman Supra note 80 at 37-40.

94. 94 Bruce Sterling, The Hacker Crackdown 94, (Bantam Books, New York)(1992).

95. 95 Id. at 161.

96. 96 Tsutomu Shimomura, Take-down 132-136, (Hyperion, New York)(1996).

97. 97 Cheswick and Bellovin, Supra note 91 at 163.

98. 98 Id. at 165

99. 99 Gail Thackeray, Managing Your Risks On The Internet, 32-May Ariz. Att'y 13, 15 (May, 1996).

100. 100 Id.

101. 101 This information was originally published in the March 1990 edition of Bridge Magazine by the SEI. It is available at <ftp://info.cert.org/pub/cert_advisories/cert-article.7EP>.

102. 102 Id.

103. 103 <ftp://info.cert.org/pub/cert_advisories/>.

104. 104 Thackeray, Supra note 99.

105. 105 Id.

106. 106 <http://www.anonymizer.com>.

107. 107Gene Barton, Taking a Byte Out of Crime: E-Mail Harassment and the Inefficacy Of Existing Law, 70 Wash. L. Rev. 465, 466 (1995).

108. 108 See C.G.S. 53a-182b and 183 in Appendix A.

109. 109 Barton supra note 107 at 470.

110. C.G.S. 53a-182b and C.G.S. 53a-183. "Computer Network" is specifically defined as "(A) a set of related devices connected to a computer by communications facilities, or (B) a complex of two or more computers, including related devices, connected by communications facilities." C.G.S. 53a-250(3).

111. 111Colin Gabriel Hatcher, Internet Cyberstalking and Online Harassment, <http://www.cyberangels.org/download/

netstalk.txt>. This file has a wealth of information for victims of online stalking, including an excellent review of how to protect yourself in chat areas, including a run down of various chat commands, and precautions to take before you become a victim.

112. 112 Id.

113. 113 Id. For instances on online harassment that have made it into the federal court system see Zeran v. American Online, Inc., No. CIV.A. 96-952-A, 1997 WL 135703 (E. D. Va. 1997); Cyber Promotions, Inc. v. American Online, Inc., 948 F. Supp. 436 (E. D. Penn. 1996).

114. 47 U.S.C. 223(a)(1) provides the following are crimes:

(C) makes a telephone call or utilizes a telecommunications device, whether or not conversation or communication ensues, without disclosing his identity and with intent to annoy, abuse, threaten, or harass any person at the called number or who receives the communications;

(E) makes repeated telephone calls or repeatedly initiates communication with a telecommunications device, during which conversation or communication ensues, solely to harass any person at the called number or who receives the communication;

115. For further information dealing with the portions of the act dealing with indecency, which plaintiffs have successfully blocked through injunction, see Shea v. Reno, 930 F. Supp. 916 (S.D. NY 1996); ACLU v. Reno, 929 F. Supp. 824 (E.D. Penn 1996).

116. In one case a private citizen tracked an espionage agent attacking sensitive computers after official agencies were ineffective. See Cliff Stoll, The Cuckoo's Egg, (Pocket Books, New York)(1989).