Computer Fraud and Abuse Act (CFAA) Preventing the Destruction of eDocuments Team 8 – Jason Conrad, Ben Sweeney, Jeff Woodward.

Slides:

Advertisements

Similar presentations

Amateur Radio Technician Class Element 2 Course Presentation

Advertisements

Indian Institute of Technology Hyderabad Presented By : Harish Kumar, Tulasi Ram. Bluetooth.

How does a network identify computers and transmissions?

Technology: Unethical Behavior and Its Consequences Prepared by Tami Genry March 2004.

 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”

The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Cyber Crimes: Online Ticketing Fraud By: Erin Dobbs, Blaine Skrainka, Nick Worth, Kyle Stamper, Suzy Kiska.

United States v. Nosal. The Nosal Fact Pattern Korn/Ferry computer Confidential information and trade secrets Authorized access by users logging in with.

Actg 6100 Legal Issues Chapter 3 Courts and Alternative Dispute Resolution.

Cyber and Internet Safety El Rodeo School September 11, 2013.

1 ENFORCING SOCIAL MEDIA AND COMPUTER USAGE POLICIES Haley R. Van Loon BrownWinick 666 Grand Avenue, Suite 2000 Des Moines, IA Telephone:

EXAMINING CYBER/COMPUTER LAW BUSINESS LAW. EXPLAIN CYBER LAW AND THE VARIOUS TYPES OF CYBER CRIMES.

The Islamic University of Gaza

2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)

Chapter 10 White-Collar and Organized Crime. Introduction ► White-collar crimes – criminal offenses committed by people in upper socioeconomic strata.

Evidence Computer Forensics. Law Enforcement vs. Citizens  Search must have probable cause –4 th amendment search warrant  Private citizen not subject.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Safe Information By Eli Salazar. The Government The Internet A strategic way to communicate top secret plans. The government used Internet for its safety.

Copyright Myths. "If it doesn't have a copyright notice, it's not copyrighted." This was true in the past, but today almost all major nations follow the.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Chapter 9 Communications and Network Tyler Clutts.

Cyber-bullying & Cyber Security UNM Anderson School of Management For Jefferson Middle School’s 8 th Grade InfoTech Class.

INTERNET and CODE OF CONDUCT

 What is electronic data?  Information stored electronically, e.g. pictures, music, documents, etc.  Where can you store your data?  Cell phones 

Remote Access. What is the Remote Access Domain? remote access: the ability for an organization’s users to access its non-public computing resources from.

ByBrendanMalindaRachael. Electronic Monitoring Electronic monitoring can take many forms, this happens because technology is becoming cheaper and very.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

Spam and The Computer Fraud and Abuse Act Richard Warner.

Nine Elements of Digital Citizenship BH. Nine elements is identified to create a digital citizenship. Digital Access: full electronic participation in.

 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.

Trade Secrets Cases IM 350: Intellectual Property Law and New Media Spring, 2015.

 Computer Networking Computer Networking  Networking terminology Networking terminology  Client Server Model Client Server Model  Types of Networks.

A Question of Freedom Adapted from.

A cceptable U se P olicy A student’s guide to using technological tools safely and responsibly. Please see BOE Policy #7314 and Regulation #7314R * This.

20.4 Electronic Devices

Risk Assessment. InfoSec and Legal Aspects Risk assessment Laws governing InfoSec Privacy.

First Look at Security and Privacy Jeremiah Burleson.

1 3 Computing System Fundamentals 3.4 Networked Computer Systems.

HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.

1 Activity 5.3 – Statement 2, page 135 Lise Auffray Ray Reid and Lee Purves.

Computer Fraud and Abuse Act Richard Warner. Liability under the CFAA  1030(a)(2)(C) imposes liability on whoever “intentionally accesses a computer.

3.2 Software Fundamentals. A protocol is a formal description of digital message formats and the rules for exchanging those messages in or between computing.

1 The Broader Picture Chapter 12 Copyright 2003 Prentice-Hall.

Unit 7 Seminar.  According to Sanderson (2009), the problems with the current paper-based health record system have been well documented. The author.

1 ENFORCING SOCIAL MEDIA AND COMPUTER USAGE POLICIES Haley R. Van Loon BrownWinick 666 Grand Avenue, Suite 2000 Des Moines, IA Telephone:

Yes. You’re in the right room.. Hi! I’m David (Hi David!)

ISO/IEC 27001:2013 Annex A.8 Asset management

Workshop 4 Tutor: William Yeoh School of Computer and Information Science Secure and High Integrity System (INFT 3002)

Network Topologies.

National INFOSEC Organisations and INFOSEC Management in Hungary.

Security Debate Why cracking should be criminalized.

Dr. Roger Ward.  It is a source of Congressional power to regulate interstate commerce is the Commerce Clause in Article I, Section 8.  According to.

ICT and the Law Mr Conti. Did you see anything wrong with that? Most people wouldn’t want that sort of information posted in a public place. Why? Because.

CHAPTER - 4 COMPUTER NETWORK Dr. BALAMURUGAN MUTHURAMAN

Privacy.  Fact: One of the least secure methods of communication you can use.  s are stored at multiple locations such as sender’s computer,

Johnathan Stewart Computer Information. -a system for sending messages from one individual to another via telecommunications links between computers.

ICT Legislation  Copyright, Designs and Patents Act (1988);  Computer Misuse Act (1990);  Health and Safety at Work Act (1974);  EU Health and Safety.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

A Gift of Fire, 2edChapter 7: Computer Crime1 PowerPoint ® Slides to Accompany A Gift of Fire : Social, Legal, and Ethical Issues for Computers and the.

Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.

UNIT V Security Management of Information Technology.

18 USC § 1030 Computer Fraud and Abuse Act

Hacking: public policy

Rights and Responsibilities

KEEP YOUR CAR SAFE THROUGH ANTI-THEFT SYSTEM.

Update on the Computer Fraud and Abuse Act

Red Flags Rule An Introduction County College of Morris

Government Data Practices & Open Meeting Law Overview

Presentation transcript:

Computer Fraud and Abuse Act (CFAA) Preventing the Destruction of eDocuments Team 8 – Jason Conrad, Ben Sweeney, Jeff Woodward

Background on CFAA Originally passed in 1984 as a way to protect classified information on government systems Originally passed in 1984 as a way to protect classified information on government systems In 1996 – the act was expanded from “government” computers to “protected” computers In 1996 – the act was expanded from “government” computers to “protected” computers Protected means any machine that engages in interstate commerce Protected means any machine that engages in interstate commerce In 2000 – through Shurgard Storage Centers v. Safeguard Self Storage – demonstrated the meaning of “protected” computer and “authorization” In 2000 – through Shurgard Storage Centers v. Safeguard Self Storage – demonstrated the meaning of “protected” computer and “authorization”

The Shurgard Case – Defining a “Protected Computer” Mr. T, an employee of Safeguard, came to the company after leaving his previous employer, Shurgard Mr. T, an employee of Safeguard, came to the company after leaving his previous employer, Shurgard Sent messages containing trade secret information while still employed by Shurgard Sent messages containing trade secret information while still employed by Shurgard Relevance of this case: the judge essentially said that “almost all computer use has become interstate in nature” and that “Shurgard’s computers were indeed protected computers” within the scope of the CFAA Relevance of this case: the judge essentially said that “almost all computer use has become interstate in nature” and that “Shurgard’s computers were indeed protected computers” within the scope of the CFAA Summary: all computers connected to the Internet are within the scope of the CFAA Summary: all computers connected to the Internet are within the scope of the CFAA

International Airports v. Citrin The case: Citrin, a managing director at International Airports removed company files from a computer upon leaving the company The case: Citrin, a managing director at International Airports removed company files from a computer upon leaving the company Company sued for violation of anti-hacking (CFAA) Company sued for violation of anti-hacking (CFAA) Judge threw out case and said that removing files does not violate CFAA since he was an employee of the company and “was authorized” Judge threw out case and said that removing files does not violate CFAA since he was an employee of the company and “was authorized” When appealed, Judge Posner said that Citrin’s termination of employment meant that his authorization ended – he deleted files without authorization as an internal entity When appealed, Judge Posner said that Citrin’s termination of employment meant that his authorization ended – he deleted files without authorization as an internal entity In this case, appellate interpretations of the CFAA hold that permanently erasing files from an employer’s computer could trigger federal liability In this case, appellate interpretations of the CFAA hold that permanently erasing files from an employer’s computer could trigger federal liability Federal liability = you’re in trouble Federal liability = you’re in trouble CFAA requires that the “knowing transmission of a program, code or command intentionally damages, without authorization, a protected computer” in order to be enforced CFAA requires that the “knowing transmission of a program, code or command intentionally damages, without authorization, a protected computer” in order to be enforced Now, according to this case, this violation can occur externally as well as internally Now, according to this case, this violation can occur externally as well as internally

United States v. Mitra Mitra, student at University of Wisconsin, transmitted radio signal that disabled communications for police, fire, ambulance, etc. Mitra, student at University of Wisconsin, transmitted radio signal that disabled communications for police, fire, ambulance, etc. Argued that he never hacked into any computers because he used a radio frequency – not a computer Argued that he never hacked into any computers because he used a radio frequency – not a computer 7 th Circuit opinion – a “computer” is an electronic device, which includes radios that contain chips for high speed data processing 7 th Circuit opinion – a “computer” is an electronic device, which includes radios that contain chips for high speed data processing Ruled that his disabling of the communications was actually “hacking” because it was hampering a “protected” interstate communication Ruled that his disabling of the communications was actually “hacking” because it was hampering a “protected” interstate communication Mitra argued that if his radio is a computer, then isn’t everything a computer? iPods, cell phone, cell tower, etc. – so doesn’t this give the government too much control according to CFAA? Mitra argued that if his radio is a computer, then isn’t everything a computer? iPods, cell phone, cell tower, etc. – so doesn’t this give the government too much control according to CFAA? Any use of radio frequency is considered interstate commerce because it is governed by the FCC Any use of radio frequency is considered interstate commerce because it is governed by the FCC CFAA does not give government too much power – there are limitations, damage must be intentional, at least $5,000, or a threat to public safety CFAA does not give government too much power – there are limitations, damage must be intentional, at least $5,000, or a threat to public safety In summary: a “protected computer” could be anything but is necessary in order to protect vital communication and business systems In summary: a “protected computer” could be anything but is necessary in order to protect vital communication and business systems

Thank You Questions? Questions? Do you think the scope of the CFAA and the definition of protected computers is too wide, even though it protects interstate commerce and security? …team 7 does… Do you think the scope of the CFAA and the definition of protected computers is too wide, even though it protects interstate commerce and security? …team 7 does…