As the U.S. Senate prepares to take action on the proposed Homeland Security bill later today or tomorrow, potential computer terrorists might want to pay close attention. Inside House Bill 5710, known as the Homeland Security Act of 2002, is a provision that calls for punishment of up to life in prison for electronic hackers. . .
As the U.S. Senate prepares to take action on the proposed Homeland Security bill later today or tomorrow, potential computer terrorists might want to pay close attention. Inside House Bill 5710, known as the Homeland Security Act of 2002, is a provision that calls for punishment of up to life in prison for electronic hackers who are found guilty of causing death to others through their actions.

And hackers convicted of causing injuries to others could face prison terms up to 20 years under cybercrime provisions, which are in Section 225 of a bill known as the Cyber Security Enhancement Act of 2002.

The Enhancement Act was added to the homeland security bill on Sept. 19 as an amendment after being passed by the House in July, said Brad Bennett, communications director for Rep. Lamar Smith, (R-Texas), who introduced the act. The bills were combined because they have similar goals for homeland security, he said.

"This is important because this bill promotes cooperation between law enforcement and the private sector" in fighting cyberterrorism, Bennett said. "It will send a clear signal that those who engage in cybercrime activities will be punished.

"Crime is still crime, whether it occurs on the street or on the Internet," he said.

Critics, though, wonder why the punishments outlined in the act are tougher for hackers than for street criminals who commit assault or murder.

"It's more severe than [punishments for] crimes committed with a knife or gun," said Chris Hoofnagle, legislative counsel for the Electronic Privacy Information Center, a nonprofit public interest research center in Washington. Hoofnagle said he's not sure why a crime committed with a computer should require a more severe sentence.

That's not the only problem with the enhancement act's language from a civil liberties point of view, he said.

The measure would also allow Internet service providers to "hand over content of their customers' communications without consent based on a good-faith belief that there is an emergency," Hoofnagle said. And it allows the emergency installation of Internet traffic analysis wiretaps when there's an attack on a protected computer system, he said.

"There are other sections of the bill that are heavily weighted in favor of law enforcement and against accountability," Hoofnagle said.

Despite those issues, momentum is building for passage of HB 5710 by tomorrow, he said.

"At this point, this is not likely to be a sticking point," Hoofnagle said.

Joe Tasker, general counsel and vice president for governmental affairs at the Information Technology Association of America, a trade group in Arlington, Va., disagrees with such criticism, arguing that the enhancement act is reasonable.

"If you use a computer to kill people, it's just as serious as if you use a gun," Tasker said. "I don't see anything here that's out of line with any other federal law."

The link for this article located at ComputerWorld is no longer available.