Today, the Senate Judiciary Committee met to start marking up proposed additions to the Computer Fraud and Abuse Act. Using computers to commit fraud is bad, right? But are all varieties of "fraud" bad enough to be federal felonies, zapping people of civil rights for the rest of their lives unless they receive one of the measly number of pardons presidents seem to be grudgingly handing out only every 8 years? And how should these new federal crimes be punished?
These questions aren't just hypothetical -- they are what Congress should be asking every time it decides to add a new offense to our already gigantic set of criminal laws:
1. Should it be a crime?
Are we criminalizing something that is actually, really, truly bad and immoral conduct?
2. Is a new federal criminal law needed?
Do we already have a law that covers this? Is this something the states can handle on their own?
3. If it should be a federal crime, what should the criminal-intent requirement be?
Does a person have to break this new law willingly or knowingly, knowing that they're committing a crime?
4. If it should be a federal crime, what is the appropriate punishment?Law professor Orin Kerr hilariously shows over at the Wall Street Journal that these new federal cyber-fraud felonies Congress is considering have ridiculous implications. See if you've committed any of these computer fraud "crimes":
Should it be a felony or a misdemeanor? Is prison really necessary?
- Checking your email account at work
- Updating your Facebook status at work
- Using your roommate's coffeemaker without his permission
- Lying about your age or weight on a dating website
Look out! According to Kerr, the proposed "computer fraud and abuse" felonies Congress is toying with creating are poorly worded, vague, prosecutorial abuse stories waiting to happen.
Congress is also considering creating a new three-year mandatory minimum for hacking into a "critical infrastructure computer." Sounds like cyber-terrorism, yes? But could it also be applied to a wayward collegiate hacker-wanna-be who didn't know what the heck he was doing and ended up in the cyber mainframe of the local power plant? Sure.
That's the thing about mandatory minimums: they don't give a damn if the hacker is a terrorist or the underachieving son who's still living in your basement.
Congress has gotten infamous -- and rightly so -- for spending us into a black hole of debt. It seems Congress also can't control itself when it comes to creating, expanding, and punishing crimes. It's about time for Congress to stop and think before it pulls out its red pens and dives into our criminal code.
Real lives and billions of taxpayer dollars are depending on it.