Lecture 12 Notes Flashcards
Three main categories of laws play a role in our legal system
Criminal Law
Civil Law
Administrative Law
Criminal Law
Criminal law forms the bedrock of a body of laws that keep our society safe
These are the laws that the police and other law enforcement agencies are concerned with
Computer Fraud and Abuse Act
Electronic Communications Privacy Act
Identity Theft and Assumption Deterrence Act
Civil Law
designed to provide for an orderly society
Law enforcement authorities do not become involved in matters of civil law beyond taking action necessary to restore order
No action is taken until the person who thinks they have been wronged files a civil lawsuit
Civil laws do not use imprisonment as a punishment
Administrative Law
Therefore, executive branch agencies have some leeway to enact administrative law, in the form of policies, procedures, and regulations that govern the daily operations of the agency
Administrative law is published in the Code of Federal Regulations (CFR)
Computer Crime Federal vs State
Many computer crime laws are defined at the federal level
Computer Fraud and Abuse Act of 1984 (CFAA)
Some of the major provisions of the act are that it is a crime to …
Access classified or financial information in a federal system without authorization or in excess of authorized privileges
Access a computer used exclusively by the federal government without authorization
Use a federal computer to perpetrate a fraud
1994 CFAA amendments
Outlawed the creation of any type of malicious code that might cause damage to a computer system
Modified the CFAA to cover any computer used in interstate transactions rather than just “federal interest” computer systems
Allowed for the imprisonment of offenders, regardless of whether they actually intended to cause damage
Provided legal authority for the victims of computer crime to pursue civil action to gain compensation for damages
Computer Security Act of 1987 (CSA)
Mandates baseline security requirements for all federal agencies
NIST Responsible
Federal Sentencing Guidelines of 1991
Punishment guidelines to help federal judges interpret computer crime laws
The guidelines formalized the prudent man rule, which requires senior executives to take responsibility for ensuring due care
Paperwork Reduction Act of 1995
Requires that agencies obtain Office of Management and Budget (OMB) approval before requesting information from the public
National Information Infrastructure Protection Act of 1996
Broadens CFAA to cover computer systems used in international transactions, and parts of the national infrastructure (railroads, etc.)
Treats any intentional or reckless act as a felony
Government Information Security Reform Act of 2000
To provide a comprehensive framework for establishing effective controls over information resources that support federal operations and assets
To define security management measures that safeguard the highly networked nature of the federal computing environment, including the need for federal government interoperability
To provide government-wide management and oversight of information security risks, including coordination of information security efforts
The act also introduces the notion of mission-critical systems
- A national security system handling classified information
Intellectual Property Four Types
Copyrights
Trademarks
Patents
Trade Secrets
Copyrights and the DMCA
Copyright law guarantees the creators of original works of authorship protection against unauthorized duplication of their work
-The creator of a work has an automatic copyright from the instant the work is created, even without an official registration
-Computer programs are considered literary works
Copyright law protects only the actual source code, but does not protect the ideas or process behind the software
Digital Millennium Copyright Act (DMCA)
- Prohibits attempts to circumvent copyright protection mechanisms
- Limits the liability of Internet service providers (ISPs) when their facilities are used by criminals violating copyright laws
Trademarks
Slogans, and logos used to identify a company and its products/services
do not need to be officially registered to gain protection
Patents
Patents protect the intellectual property rights of inventors
They provide a period of 20 years during which the inventor is granted exclusive rights to use the invention (directly or via licensing agreements)