E-mail:
Jack Balkin: jackbalkin at yahoo.com
Bruce Ackerman bruce.ackerman at yale.edu
Ian Ayres ian.ayres at yale.edu
Corey Brettschneider corey_brettschneider at brown.edu
Mary Dudziak mary.l.dudziak at emory.edu
Joey Fishkin joey.fishkin at gmail.com
Heather Gerken heather.gerken at yale.edu
Abbe Gluck abbe.gluck at yale.edu
Mark Graber mgraber at law.umaryland.edu
Stephen Griffin sgriffin at tulane.edu
Jonathan Hafetz jonathan.hafetz at shu.edu
Jeremy Kessler jkessler at law.columbia.edu
Andrew Koppelman akoppelman at law.northwestern.edu
Marty Lederman msl46 at law.georgetown.edu
Sanford Levinson slevinson at law.utexas.edu
David Luban david.luban at gmail.com
Gerard Magliocca gmaglioc at iupui.edu
Jason Mazzone mazzonej at illinois.edu
Linda McClain lmcclain at bu.edu
John Mikhail mikhail at law.georgetown.edu
Frank Pasquale pasquale.frank at gmail.com
Nate Persily npersily at gmail.com
Michael Stokes Paulsen michaelstokespaulsen at gmail.com
Deborah Pearlstein dpearlst at yu.edu
Rick Pildes rick.pildes at nyu.edu
David Pozen dpozen at law.columbia.edu
Richard Primus raprimus at umich.edu
K. Sabeel Rahmansabeel.rahman at brooklaw.edu
Alice Ristroph alice.ristroph at shu.edu
Neil Siegel siegel at law.duke.edu
David Super david.super at law.georgetown.edu
Brian Tamanaha btamanaha at wulaw.wustl.edu
Nelson Tebbe nelson.tebbe at brooklaw.edu
Mark Tushnet mtushnet at law.harvard.edu
Adam Winkler winkler at ucla.edu
In my last post, I made the conceptual case for a new field of computer crime law.Such abstract arguments aren't enough to create a new field of law, however.Most law school courses cover specific areas of legal doctrine.To establish a new course, it helps to have new statutes, new constitutional questions, and lots of cases interpreting them.You need new issues not covered elsewhere in the law school curriculum.So the question is, what are the areas of doctrinal law taught in a computer crime course?
There are three basic areas, all of which fit together into a coherent whole.
The first area is substantive criminal law, which generally divides into two topics: computer misuse crimes, such as computer hacking and viruses, and traditional crimes committed using computers.Every state and the federal government have enacted computer misuse crimes, new crimes specifically attuned to new types of computer crimes. Most of the statutes prohibit "unauthorized access" to computers, plus a range of other elements.But what does it mean to "access" a computer?And when is access "unauthorized"?Beyond computer misuse crimes, there are also a range of criminal offenses that involve traditional crimes committed in new ways.In some cases, old crimes have largely migrated to the world of computers. For example, there are hundreds of federal cases prosecuted every year involving the possession, receipt, and distribution of child pornography. Almost all of the cases involve computers and digital images.Computerized child pornography raises a number of interesting legal questions, ranging from the meaning of "possession" in the context of a digital file to how the government can prove a defendant's knowledge that an image depicts a real person.
The second major area is criminal procedure, which considers the legal rules that govern the collection of digital evidence.For example, how does the Fourth Amendment apply to retrieving evidence from computers?What does it mean to "search" or "seize" computer data?How does the Fourth Amendment apply to computer networks?In the network context, much of the law is statutory, not constitutional.Students need to master a complex web of Internet surveillance statutes: the Wiretap Act, the Stored Communications Act, and the Pen Register statute. These statutes define the rules that the government must follow when collecting digital evidence in a computer network context, and learning the complex maze of statutes is a major part of understanding the field of computer crime law.
The third area relates to jurisdiction, both in terms of substantive and procedural powers.As a matter of substantive law, are all Internet crimes federal crimes?What powers does the federal government have to regulate local computer crimes, and what powers do state governments have to regulate computer crimes that cross state borders under the dormant Commerce Clause?As a matter of criminal procedure, what powers do state governments have to compel digital evidence from other states, such as from an out of state ISP? What about international computer crimes?When crimes cross international borders, are they substantive crimes in the U.S.?What powers does the federal government have to collect evidence abroad?When must the U.S. cooperate with other governments outside the U.S. in the collection of digital evidence?Looking beyond criminal law, what is the intersection of the regime of criminal law and procedure and foreign intelligence collection, both in terms of the traditional Fourth Amendment rules and FISA's analogs to the trio of criminal Internet surveillance law statutes?
All of these questions work together.The jurisdictional issues are pervasive, and end up pushing different levels of government to perform different tasks.The connection between substantive and procedural computer crime law is intimate; they are often keyed to similar statutory and constitutional principles. Taken together, an understanding of all three areas creates a very powerful base of doctrinal knowledge of the complex set of rules that various governments must follow when investigating and prosecuting illegal conductinvolving computers and the Internet.
Finally, my sense is that none of these issues are covered directly in the existing law school curriculum.Criminal law courses are packed with the basic concepts of criminal law, and generally don't touch on computer crimes in any useful way. Criminal procedure courses are focused on Supreme Court cases and constitutional doctrines, rather than complex statutes like the Wiretap Act.And as I understand it, the jurisdictional questions implicated in computer crime cases, including the federal/state line, international law, and the criminal/intelligence line, are generally not considered together elsewhere and in a way focused on criminal law.The net result is a significant opening for a new course in computer crime law.
Although the term cybercrime is usually restricted to describing criminal activity in which the computer or network is an essential part of the crime, this term is also used to include traditional crimes in which computers or networks are used to enable the illicit activity. Examples of cybercrime which the computer or network is a tool of the criminal activity include spamming and criminal copyright crimes, particularly those facilitated through peer-to-peer networks. Examples of cybercrime in which the computer or network is a target of criminal activity include unauthorized access (i.e, defeating access controls), sportsbook, malicious code, and denial-of-service attacks. Examples of cybercrime in which the computer or network is a place of criminal activity include theft of service (in particular, telecom fraud) and certain financial frauds. Finally, examples of traditional crimes facilitated through the use of computers or networks include Nigerian 419 or other gullibility or social engineering frauds (e.g., hacking "phishing", identity theft, child pornography, online gambling, securities fraud, etc. Cyberstalking is an example of a traditional crime -- harassment -- that has taken a new form when facilitated through computer networks. http://www.enterbet.com
Although the term cybercrime is usually restricted to describing criminal activity in which the computer or network is an essential part of the crime, this term is also used to include traditional crimes in which computers or networks are used to enable the illicit activity. Examples of cybercrime which the computer or network is a tool of the criminal activity include spamming and criminal copyright crimes, particularly those facilitated through peer-to-peer networks. Examples of cybercrime in which the computer or network is a target of criminal activity include unauthorized access (i.e, defeating access controls), sportsbook, malicious code, and denial-of-service attacks. Examples of cybercrime in which the computer or network is a place of criminal activity include theft of service (in particular, telecom fraud) and certain financial frauds. Finally, examples of traditional crimes facilitated through the use of computers or networks include Nigerian 419 or other gullibility or social engineering frauds (e.g., hacking "phishing", identity theft, child pornography, online gambling, securities fraud, etc. Cyberstalking is an example of a traditional crime -- harassment -- that has taken a new form when facilitated through computer networks. http://www.enterbet.com
Thanks for the information about the computer crime law and create some new side of law in the computer side. Thanks for the stunning post. Keep up the good work. Anwalt