Cyberwarfare and the Computer Fraud and Abuse Act
John Thurston As technology proliferates, cyberspace is becoming increasingly polluted with crime targeted at private enterprises. The escalation is the result of ineffective cybercrime laws. Although an international solution may be ideal, no treaty seems imminent. The U.S. government should focus on a more attainable solution in the short-term: amending the Computer Fraud and Abuse Act (CFAA). This Essay considers how revising the CFAA to allow qualified private companies to engage in offensive tactics would alter incentive structures. It concludes that such a revision would be an efficient solution to increase deterrence and reduce cybercrime. Read Full Text Here
Computer Fraud: Private Parties Dictating Criminal Behavior
Zachary Schapiro Computers have become a ubiquitous part of everyday life—used in the office and the home for a wide array of features. Prior to using a computer, people must agree to various software and website terms of use. Additionally, employers typically adopt computer use policies which prohibit use of a company computer for personal matters. Many people, either knowingly or unknowingly, violate these terms and policies. Is violating these policies and agreements criminal? Circuit courts disagree on the answer. In some jurisdictions, simple violations of a website’s terms of use or a company’s computer policies could result in criminal...
Hackback to the Drawing Board: Ambiguity and Risk in the Active Cyber Defense Certainty Act
Robert Andrea Cyber criminals, both state-sponsored and unaffiliated, are targeting private corporations and individuals more frequently. For several years, there have been calls for legislation that would allow private entities to defend themselves in cyberspace by “hacking back” against their attackers. The Active Cyber Defense Certainty Act is a recent proposal to amend the Computer Fraud and Abuse Act to permit private entities to take active defensive measures without exposing themselves to criminal liability. Although a well-intentioned proposal, the bill uses vague language to identify when, and against whom, private entities can take defensive measures. Enabling private entities to begin...