GENWiki

Premier IT Outsourcing and Support Services within the UK

User Tools

Site Tools


archive:bbs:computer.cri
                                 Computer Crime:
                Current Practices, Problems and Proposed Solutions
        Second Draft
        Brian J. Peretti
             It would have been surprising if there had been satisfactory
        road traffic legislation before  the invention of the  wheel, but
        it would also have been surprising  if the law on the passage  of
        laden  donkeys  proved  entirely  satisfactory  when  applied  to
        vehicles.1
        I.  Introduction
             Within   recent   years,   computer  crime   has   become  a
        preoccupation with law  enforcement officials.  In  California, a
        group of  West German  hackers2 using  phone lines  and satellite
        hookups, gained  unauthorized access into  civilian and  military
        computers and  stole sensitive documents  that were  sold to  the
        Soviet  Union.3    A  young  New York  programmer  broke  into  a
        Washington computer to  run a program that he could  not run from
        his personal  computer.4  After  Southeastern Bell Stated  that a
        document  published in an  electronic publication5 was  valued at
        more than $75,000 the publisher was arrested and brought to trial
        before the discovery that  the document could be publicly  bought
        from the company  for $12.6  The Chaos Computer  Club, a Hamburg,
        Germany,  club,  went   into  government  computers   and  access
        information and gave it to reporters.7  In May,  1988, the United
        States government launched Operation Sun Devil, which lead to the
        seizure  of  23,000   computer  disks  and  40  computers.8    In
        addition,  poor police  performance9  has  also  been  blamed  on
        computers.
             Since  its  creation,  the computer  has  become  increasing
        important in society.10   The law, as  in the past, has  not been
        able   to  evolve   as   quickly   as   the   rapidly   expanding
        technology.11  This  lack of movement on the  part of governments
        shows a lack  of understanding with the area.  The need to create
        a  comprehensive  regulation   or  code  of  ethics   has  become
        increasing necessary.
             Due   to  the   nature  of   computer   systems  and   their
        transnational   connections   through   telephone   lines12,   an
        individual  state's action will only stop the problems associated
        with computer crime if many  states join together.  The patchwork
        of  legislation that  exists  covers  only a  small  part of  the
        problem.  To  adequately address computer crime,  greater efforts
        must   be  made  within  the  computer  community  to  discourage
        unauthorized computer access, countries must strengthen and
           co-ordinated  their computer related  laws, as well  as proper
        enforcement mechanism created, computer program copyright laws be
        enhanced  and computer systems  should be created  to allow those
        who wish to  explore computer systems which will  not disrupt the
        users of computer systems.
             This paper will first set out a definition of computer crime
        and  why laws  or regulation  by the  computer community  must be
        created.   Section  II will  then discuss  the United  States law
        concerning  computer crime and  why it needs  to be strengthened.
        Section  III will  discuss the  proposed  Israeli computer  crime
        bill, Britain's  Computer Misuse  Act and  Ghana's proposed  law.
        Section IV will  discuss what can be done by  both the government
        and  computer  owners  and  users  to  make  computer  crime less
        possible.
        II.  Computer crime
             The definition of what constitutes a computer crime has been
        the  subject of  much controversy.    A computer  crime has  been
        defined as  "any  illegal act  for  which knowledge  of  computer
        technology  is  used  to  commit  an  offense."13    The  typical
        computer criminal has  been described as between 15  and 45 years
        old, usually male, no previous contact with law enforcement, goes
        after both government and business, bright, motivated, fears loss
        of status  in computer community  and views his acts  as games.14
        For the  purposes of  this article, this  will be  the definition
        used because of its broad reach.
             Estimates regarding how much is lost to computer  crime very
        widely15.   In  the only  authoritative  study, the  loss due  to
        computer crime  was given  at $555,000,000,  930 personnel  years
        lost  and 153 computer  time years lost.16   The  amount of total
        incidents for  1988 was 485  resulting in 31 prosecutions17.   In
        1987,  there were 335  incidents with 8  prosecutions.18 Security
        spent   on  prevention  of   computer  crime  is   becoming  more
        commonplace19.
             The   most  publicized   danger  to  computer   systems  are
        viruses20  and worms.    A virus  is a  code segment  which, when
        executed,  replicates  itself   and  infects  another  program.21
        These  viruses may  be created  anywhere in  the world22  and may
        attack anything.23   A virus may be transmitted  through a trojan
        horse24  program.  A  worm exists as  a program in  its own right
        and  may spread over  a network via  electronic mail25.   A virus
        attacks a program while  a worm attacks the computer's  operating
        system.26      The  most  notorious  computer  worm  brought  the
        Internet computer network to a halt.27
             Computer  virus attacks  may  be overrated.28    It is  said
        that the  biggest threat  to computing includes  "not backing  up
        your  data, not  learning the  ins and  outs of  your application
        programs,  not  putting  enough  memory  in  your  computer,  not
        organizing your  hard  disk, [and]  not upgrading  to the  latest
        version of  your applications.29   These  computer programs  have
        been compared  to the AIDS virus.30   One author has  stated that
        the  viruses are used  to both increase the  amount of profits of
        computer program producers and anti-virus computer programs.31
             Computer  viruses may  also  be  used  to  benefit  computer
        systems,  by either  detecting  flaws  in  security  measures  or
        detecting other  viruses.32   Virus are  very dangerous,  though.
        The effects of a virus called Datacrime, activated on October 13,
        1989, brought  down 35,000  personal computers  within the  Swiss
        government and several companies in Holland.33
             With the opening up of  Eastern Europe, the virus problem is
        expected to  increase.34  In  Bulgaria, a country which  does not
        have any laws  against computer  viruses, one  new virus  appears
        week.35   Computer  viruses  are created  in  countries like  the
        Soviet Union  as a way to punish  computer pirates because of the
        lack of copyright laws.36
             Perhaps  the most dangerous  threat to information contained
        in a  computer is  the "leakage" of  radiation from  the computer
        monitors.37   With inexpensive  equipment38 a  person can  "read"
        the information  off the computer  screen and then  replicate the
        information  from the screen in a readable manner.39
             The threat of attack on a computer system can also come from
        a  hacker.   A  hacker  is  a  person  who breaks  into,  whether
        maliciously  or not, computers  or computer systems.40   A hacker
        can, if the system is not adequately secured, cause havoc  in the
        computer  by either  deleting  or altering  programs  or data  or
        planting  logic  bombs  or  viruses  in  the  computer  system.41
        Threats  from hackers  to plant  viruses  have been  made in  the
        past.42  The  threat from computer hackers, as  with viruses, has
        been said to be overrated.43
             The issues surrounding computers still have not been decided
        by those within  the computer community.  Whether  or not persons
        should  be   allowed   to   access   computer   systems   without
        authorization  is still a subject  of debate within the computing
        community.    A West  German  Computing  Club, called  The  Chaos
        Computing Club, holds the belief that it is not improper to enter
        any system  which they can  gain access to  and to "look"  around
        inside of  the  system as  much as  they wish.44    They do  not,
        however,  condone destroying or  altering any of  the information
        within  the  system.45      On the  other  side,  represented  by
        Clifford Stoll, when individuals break into computer systems they
        disrupt the trust  that the computer system is  based on.46  This
        breach of trust  not only makes operating the  system tougher for
        the manager in control  of the system, but also will decrease the
        amount  of  use  of  the  system  so  less  information  will  be
        transferred within the system.47
             There is also conflicting views as to whether the authors of
        computer  viruses should  be punished.    Marc Rotenberg48  holds
        the  belief  that  a  virus  should be  granted  first  amendment
        protection  in some  instances.49   In  response to  the Internet
        worm, there were 21 editorials that stated that the attack showed
        the  need for  more security  in  computers while  there were  10
        letters  to  editors  that  stated that  the  creator  should  be
        applauded rather  then punished.50   They argue  that this  was a
        good way to  raise consciousness concerning computer  security.51
        Alan Solomon, a consultant who specializes in virus detection and
        eradication,   believes   that   viruses   are,   at   most,   an
        inconvenience.52
        III.United States Computer Legislation
             The  United  States  government53  and  most  states54  have
        computer crime laws.   In 1979, only six states had  such laws.55
        Almost every  computer  crime will,  in addition  to violating  a
        state and/or  federal law,  can  also be  prosecuted under  other
        laws.56
             A.   Computer Fraud and Abuse Act.
             Congress originally  enacted the  Counterfeit Access  Device
        and  Computer Fraud and  Abuse Act57   to address  the problem of
        computer crime.  Understanding that the scope of the original law
        was  too narrow,58  in 1986  Congress enacted  amendments  to the
        Computer Fraud  and Misuse  Act of 1984.59   The  Act essentially
        lists  acts that if  done with a  computer are illegal.   The Act
        also  makes individuals  culpable  for  attempting  to  commit  a
        computer crime.60
             In order to commit any  of the crimes mentioned in  the act,
        the actor must  have acted either "intentionally"  or "knowingly"
        when committing  the act.   The law  addresses national  security
        issues  by making a  crime of anyone  using a  computer to obtain
        information and  giving the  information to  foreign countries.61
        The penalty  for this crime  or its attempt  is 10 years  for the
        first offense62  and 20  years for subsequent  offenses63.   If a
        person   intentionally   accesses  a   computer   either  without
        authorization or in excess  of his authorization and obtains  and
        acquires information in  a financial record of  an institution or
        information contained in  a financial record of  an individual64,
        the person  will  have  committed  a misdemeanor  for  the  first
        offense65 and  a  felony for  subsequent  offenses66.   A  person
        intentionally   accessing    a   government    computer   without
        authorization  which  affects  the   government's  use  of   that
        computer67  will have  committed  a  misdemeanor  for  the  first
        offense68 and  a felony  for the second  offense.69   Accessing a
        computer with  knowledge and  intent to  defraud  and without  or
        exceeding authority is a crime  if the person obtains anything of
        value  other  than  use  is  a felony70.    Accessing  a  federal
        interest computer  without  authorization  and  either  modifying
        medical records or causing $1,000  or more worth of damage within
        a one year  period71 is  punishable with  up to 5  years for  the
        first offense72 and 10 years for any subsequent offense.73
             The Act  also criminalizes  trafficking in  passwords.74   A
        person  who knowingly  and with intent  to defraud  traffics75 in
        passwords or similar  information may be sentenced for  up to one
        year  for the first offense76  and up to  10 years for subsequent
        offenses77 if the  computer is used by  or for the  Government of
        the   United   States78   or   affects   interstate  or   foreign
        commerce.79
             B.   Criticisms
             It is  important to note  that this statute only  applies to
        "Federal interest computers"  as defined by  this section.80   If
        a computer is  not this type of  computer, then any of  the above
        mentioned crimes  will not  be prosecutable  under this  section.
        Congress  intentionally  made the  scope  of the  law  narrow.81
        This  section  has  been criticized  as  not  inclusive enough.82
        Individual and  corporate computers  which do not  fall into  the
        restrictive  definition83 may not  receive the protection  of the
        statute.
             The  problem  of  computer  viruses  are  not  addressed  by
        Act.84  The act  does not punish  those who add information  into
        a computer, even though this may do more harm then just accessing
        information.   The Congress has  attempted to address  this issue
        under two bills85, but neither one has been enacted.
             Unauthorized access where there is no theft or damage to the
        system  is  not  covered.86    For example,  a  person  access  a
        computer  system and looks  at information contained  therein, he
        has not committed a punishable crime under the Act.87
             Questions have also been brought  up concerning many of  the
        undefined terms  within the Act.88  Terms  such as "intentionally
        access" and "affects interstate commerce" are among the terms not
        defined.89   The  need to  clarify  these terms  is important  so
        that an individual will know what action will constitute a crime.
        IV.  Legislation From Around The World
             A.   Israel Proposed Computer Law
             In March 1987, the Israeli Ministry of Justice distributed a
        draft of  a comprehensive  computer bill.90   This bill  covers a
        wide range of  areas concerning computers91.  The  Act first sets
        out  a  list  of  proposed  definitions  for  computer,  program,
        software,  information,  thing and  act.   Each  of  these, while
        short, are concise and attempt  to give a brief but comprehensive
        definition.92
             Chapter 2 sets  out a list of offenses  which, if committed,
        are punishable.93   A authorized  person commits an act  upon any
        computer and knows that the  act will prevent or cause disruption
        of   the   proper   operation   is   subject   to   seven   years
        imprisonment.94   A  person who,  without  authority, commits  an
        act  which precludes  a person  from using  a computer  system or
        deprives a person  of using that  system is  punishable by up  to
        seven years  imprisonment.95  If  a person  prepares or  delivers
        or  operates  software  knowing that  the  software  will produce
        faulty results  and "having  reasonable grounds  to assume",  the
        person  is punishable  for up  to seven  years.96   The  Act also
        addresses those who supply, deliver  or  operates a computer with
        faulty data.97
             Section 5 applies to those who use a computer to  attempt to
        obtain  some "thing"98  or  with  intent  prevents  another  from
        obtaining some "thing".99   A  person who  prevents another  from
        obtaining  a  "thing"  by  the   use  of  software  may  also  be
        punished.100  A  person who deprives a  person of an object  that
        contains  software, data or  information and obtaining  a benefit
        for himself.101   All of  these crimes contain a  prison sentence
        of five years.
             A professional who relies on computer outputs that they know
        which  are false  is also  subject to  punishment.102   The crime
        carries a sentence of five years.103
             This chapter does not apply to  all computers, software data
        or  information.104   It  only applies  to those  computers, data
        or information which  are used, designated to  be used by  or for
        (1) the state  or a corporation that is supplying  service to the
        public105  or   (2)  "business,  industry,   agriculture,  health
        services, or for scientific purposes."106
             Perhaps the most novel provision of this proposed law is the
        section governing the reporting of  the offenses.  Any person who
        is  in  charge  of another  and  has  reason to  believe  that an
        individual has committed an offense under the Act, he must report
        this to police  as soon as possible.107   If the person  does not
        do so, he may be imprisoned for up to one year.
             B.   Analysis
             The Israeli computer  crime bill is more  comprehensive then
        the America bill.  By creating a law which will apply not only to
        government computers, but  also to those of  "business, industry,
        agriculture, health  services  or  for  scientific  purposes,"108
        the  law  essentially  covers all  computers  in  the country.109
        By creating such broad coverage, the law will be able to make the
        users of computers in Israel  more secure in their knowledge that
        their systems are safe.                 B.   Analysis
             The Israeli computer  crime bill is more  comprehensive then
        the America bill.  By creating a law which will apply not only to
        government computers, but  also to those of  "business, industry,
        agriculture,  health  services  or  for scientific  purposes,"110
        the  law  essentially  covers all  computers  in  the country.111
        By creating such broad coverage, the law will be able to make the
        users of computers in Israel  more secure in their knowledge that
        their systems are safe.
             The  most controversial provision in the act is the proposal
        requiring  that individuals that may  know of computer crime must
        report the  crime or  face fines themself.   As  Levenfeld points
        out112,  this  will  mean  that  employers  will have  to  impose
        internal  spy rings  to be  able  to tract  down the  "reasonable
        suspicions" that  individuals have  concerning illegal  activity.
        Shalgi, however, believes  that this is a good  provision in that
        it will allow  computer crime to  come more  to the forefront  so
        that the crime can be more easily combatted.113
             This provision is necessary for the government to understand
        exactly how  large of a problem  computer crime is.   At present,
        statistics on computer  crime are difficult to  determine because
        of the  lack of reporting.114   By  making all persons  who would
        be responsible for  computer security, i.e.  all persons who  use
        computer systems, the  problem will be brought into  the open and
        can be addressed.
             The  proposed law  also sets  out  a defense  for those  who
        violate the  law.  Under   11, if a  person who violates  the law
        makes another know that he did disrupt or alter the data, he will
        not be convicted of the crime. This will allow  those who perform
        such acts to avoid  the punishment of  the law.  Individuals  who
        wish to destroy or alter  such information will have an incentive
        to bring forth their mischievous acts so that when brought before
        the  court they  could say  that  they took  precautions so  that
        individuals would  not rely on  the information.   This provision
        will encourage those who do  such activity to come  forth without
        fear of conviction.
             The ability  of a  court to  not impose  a  punishment on  a
        person  is contained  in section  12.115   This allows  the court
        to abstain from  punishment if the offense  is not grave and  was
        not committed with  malice.  This section, in  effect, will allow
        those who commit computer crime to be able to forgo punishment if
        their acts  were not serious.   This will be  beneficial to those
        who  are  hackers in  the  original  sense  of the  word,116  yet
        still allow for punishment of those individuals who enter systems
        to do harm to it.
             The law  also creates  standards for how  a computer  may be
        seized.  Neither  a computer, nor any  part of it, may  be seized
        without a  court order.117   Although  this seems  to  be a  good
        provision in  its effects  on individual  rights118, the  section
        is not focused  enough.  The  law does not  address the issue  of
        whether  a floppy,  as  opposed to  a  hard disk,  is  part of  a
        computer.  The hard disk  is located inside of a  computer, while
        floppy  disks may be removed from the  computer.  This law should
        address this issue by stating that the floppy disk is also a part
        of a computer in its definitions.119
             This section also does not address what standard may be used
        for the  court order.   Must the officer  only have a  reasonable
        suspicion or  probable cause to  seize the computer?   By stating
        explicitly  in the  statute that the  officer must  have probable
        cause to seize the  computer, an overzealous police officer  will
        not be able to as easily seize the computer.
             C.   The Great Britain Computer Misuse Act
             In response  to computer  program concerning  AIDS that  was
        distributed to doctors in Great Britain and Europe that contained
        a  virus,120  Michael   Colvin,  a  British  MP   introduced  the
        Computer  Misuse  Bill.121   On  August  29, 1990,  the  Computer
        Misuse  Act122  came  into  effect.123    It was  estimated  that
        the losses to  British industry and  government were one  billion
        pounds.124     This  Act   is  designed  to   not  to   create  a
        confidential information  right, but  to rather  protect computer
        system integrity125.
             Prior to enactment,  the English Law Commission  studied the
        problem and laws  regarding computer crime. It stated  that there
        should be three new offenses  to deal with computer misuse:   (1)
        Unauthorized access  to a  computer, (2)  Hacking with  intent to
        commit  a serious crime,  and (3)  Intentional destruction  of or
        alteration  to  computer  programs  or  data.126    The  Computer
        Misuse Act states that  unauthorized access occurs if the  person
        is unauthorized to access the computer, he causes the computer to
        perform any function with intent to  gain access to a program  or
        data  in the  computer and  he knows  that this  is the  case.127
        He does not have to be directed to any particular program or data
        in the computer  he attempted to get on or the data or program he
        wishes to  access.128   If a  person commits  unauthorized access
        with   the  intent  to  commit129  or  help  another  offense,130
        the  person can  be sentenced  on summary  conviction, up  to six
        months  in  prison  and  a   fine,131    or  if  convicted  after
        indictment,  to imprisonment  of  up  to five  years,  a fine  or
        both.132
             If a  person modifies  computer material,133  the person  is
        subject  to  a  fine of  up  to  5 years,  an  unlimited  fine or
        both.134   The  person must  knowingly modify  a  program without
        authorization and must have done so with the intent to impair the
        operation of the computer, to prevent or hinder access, or impair
        the  operation  of  the  program  or  resulting  data.135     The
        modification does  not have to  be permanent.136   A modification
        may be done by  either altering, erasing or adding onto a program
        or data.   By stating  modification broadly, the act  attempts to
        combat  the  placing  of  viruses,   worms  and  logic  bombs  on
        computers.137
             The Act  also  extends  the scope  of  jurisdiction.138    A
        person does  not have  to actually  be in  Great  Britain at  the
        commission  of  the crime.    The  crime  itself must  have  some
        relation   to   Great    Britain.139      The   link    must   be
        "significant".140
             D.   Analysis
             As opposed to  the other statutes,  the Computer Misuse  Act
        does not  attempt to define computer.   This was done  because of
        the fear that any definition given for a  computer may become out
        of date  in a  short period  of time.141   Program  and data  are
        also not defined within the Act.
             Great  Britain's courts are granted large jurisdiction.  The
        act allows for anyone who attempt to commit a crime under the act
        to be punished in  Great Britain.  The act, although  setting out
        that  the  link  must  be significant,142  does  not  attempt  to
        define this word.   By this omission, the  Great Britain's courts
        can expand this  to any act that occurs in a foreign country that
        uses  a British computer  for even a  short period of  time.  The
        defining of the word would  clear up some misconceptions that may
        result from the act.
             Of interest  to note, the Act would  not punish a person who
        distributes disks  tat contain  viruses  on them.   Although  the
        drafter of the  bill said that this was his goal, the law ignores
        this possibility.  An amendment should  be added to the law which
        will punish those who damage data even  if they do not access the
        system.
             E.   Ghana
             In response to the belief  that their existing laws were not
        adequate,  a draft  law  was  proposed by  the  Ghana Law  Reform
        Commission.143   The  bill is  rather  simple as  opposed to  the
        other laws.   It has definitions  for access, computer,  computer
        network,  computer program  and  data.144    To  commit  computer
        related  fraud, the  person must  have an  intent to  defraud and
        either alters, damages destroys data or program stored in or used
        by the computer or obtains information to his own advantage or to
        the  disadvantage  of another  or  uses  a  computer commits  and
        offense.145    The  Act  Also  sets  out  alternatives  for  some
        sections that  may be adopted.   The alternative states  that any
        person  who obtains  access to  a  computer program  or data  and
        attempts to erase  or alter  the program or  data with intent  to
        help his  own interests or damage other person's interest commits
        a crime.146
             Damaging computer data occurs  if any person, by  any means,
        without  authority, willfully  does  damage  to  data  commits  a
        crime.147    The crime  of  unauthorized  use  of a  computer  is
        simply  defined as anyone who knowingly without authority commits
        an  offence.148   Similarly, unauthorized  access  is anyone  who
        knowingly gains access  to a computer, network or  any part there
        of, without authority to  do so.149   The Ghana law also  creates
        a crime for the  knowingly and dishonestly introduction of  false
        data  and the  omission to  introduce, record  or store  data.150
        An  authorized  person  who  willfully  or  intentionally  allows
        information to get  into the hands of an  unauthorized person and
        that person uses the information  to his advantage also commits a
        crime.151
             The penalties  for the  crimes are similar  to those  of the
        Great Britain  law.152  On  summary convictions, a jail  term may
        be given of  up to  two years  or the statutory  maximum fine  or
        both.153   On  conviction  on  indictment, a  prison  term of  no
        more  then  ten  years  or an  unlimited  fine,  or  both may  be
        given.154
             The  jurisdiction that the Ghana courts  have in accord with
        this  jurisdiction is as  large as their  British counterpart.155
        The courts can hear  any case if the accused person  was in Ghana
        at the time  of the act.156   Also,  if the program  or data  was
        stored in or  used with a computer  or computer network  in Ghana
        the person may be tried under the law.157
             F.   Analysis
             The Ghana proposed Computer Crime  Law is in accord with the
        United States, Great  Britain and the proposed Israeli  laws.  By
        setting  out  definitions  for  the  various  terms  used in  the
        law158,  the law  clearly defines  which acts  may be  subject to
        prosecution  under the  law.   Although  simple, the  definitions
        attempt to capture  within the law's grasp  the various different
        acts which could be done with a computer that should be outlawed.
             The most  original section  of  the act  concerns the  newly
        created  crime  of   omission  to  introduce,  record   or  store
        data.159   This  section, however,  will end  up punishing  those
        who work in corporations that are at the lowest level skill-wise.
        The government should, if the  law is enacted, force companies to
        give each employee a sufficient  amount of training on a computer
        so that the  person will be  able to act  in accordance with  the
        law.   The act does provide a safeguard by making the mens rea of
        the crime "negligently or dishonestly"160
             The act also sets out  a crime for an individual who  allows
        information  to get  into the  hands of  another.161   As opposed
        to the other laws, this  section specifically address the problem
        of  where  an  authorized  individual  gives  information  to  an
        outsider.  By  specifically regulating this behavior,  anyone who
        wishes to act according will know that the act is illegal.
             The   crime   of    computer-related   fraud   is    defined
        broadly.162    This  law  effectively makes  any  type  of  fraud
        committed either with a computer or information within a computer
        a crime.   The law  adequately addresses the problems  that might
        occur with a computer in fraud.  A broad definition, however, may
        still let some act seem as though they are not covered  since the
        act is not specific in the area of what constitutes a crime.
             Most significantly,  the act does  not state which  types of
        computers are covered  by the act.163   By not giving a  limit on
        which computers are  covered, the act extends its jurisdiction to
        all  "computer"164  and  "computer  network"165 in  the  country.
        If the  definition of  computer changes, due  in part  to advance
        technology, the law may have to change this section.
        V.   Proposed Solutions
             Computer Crime laws  have come a long way  in addressing the
        problem  of  computer  crime.166   The  ability  to regulate  the
        activity will  decrease the amount  of crime  that is  committed.
        Those who use the computers of the world, however, must  not rely
        totally   on  there   respective  governments   to   combat  this
        problem.167
             The best way to combat computer crime is to not let it occur
        at  all.   Many  computer  systems  have  not been  given  enough
        security by  their system  managers.168  It  is possible  to have
        a totally  secure computer system169,  but it is  impractical and
        slows the  free flow  of information.170   By creating  laws that
        will  protect  the  integrity  of  computer  systems  while  also
        allowing for the ability of our best and brightest to develop and
        learn about computer systems will the nation be able to  keep our
        technological lead in the world.
             In order to combat the problem of unauthorized access, users
        of computer systems must be taught to respect each others privacy
        within the various  systems.  Creating an standard  of ethics for
        those who are  users of computers will  be the best way  since it
        will hold the users to standards that must be met.  Although some
        organizations have attempted to promogate standards regarding the
        ethical   use  of  computer   systems171  no  one   standard  has
        emerged.   Proposed rules  of ethics should  balance the  need of
        individuals to  be able to  learn and discover about  the various
        types of  computer systems, while  at the same time  allowing for
        those  who use those systems  to be secure  in the knowledge that
        the information stored  on the computer will not be read by those
        other then person who should have access to it.
             If  computer crime  laws are  enacted,  industries that  use
        computers should not use the new laws as a  replacement for using
        adequate  security  measures.172    Individuals  or  corporations
        that use computer  have several ways  to protect themselves  from
        unauthorized access.  If the computer can be accessed by a modem,
        the computer  can have a  dial back  feature placed on  the phone
        line so that one a  computer is accessed, the computer will  then
        call back to make sure that the call  is coming from a line which
        is  supposed  to access  the  computer.173    The proper  use  of
        passwords174 are also  an effective  way to  address the  problem
        of unauthorized access. A recent study  has shown that out of 100
        passwords  files, approximately 30 percent were guessed by either
        using the  account name  or a  variation of  it.175    A  program
        has recently been developed that will not allow a user to  select
        an  obvious password.176   Encryption  programs,  similar to  the
        program used on Unix operating system, can scramble a password in
        a non reversible  manner so that if the  encrypted password falls
        into the hands of an individual who is not supposed to access the
        system, the  person will  not  be able  to get  into the  system.
        These systems can also be used so that if a hacker does  get into
        a   computer  system  and   attempts  to  get   information,  the
        information will not be readable.177
             A    problem  that must  be  address  is  the  lack of  laws
        concerning copyright protection of  computer programs in  foreign
        countries.    The  Pakistan Brain178  was  written  to discourage
        copying of a program without authorization.  By creating pirating
        penalties a reason  for the creation of computer  viruses will be
        removed and less viruses will be created.179
             Many in the field argue that computer programs should not be
        copyrighted.180    Copyright protection  should  not  be afforded
        to   computer   programs   since  they   are   only  mathematical
        equations.181   Copyright  protection  should  be  given  to  the
        maker  of  a computer  programmer  only  for  a short  period  of
        time.182
             A novel concept which will both satisfy the computer hackers
        quest  for  knowledge  through  examining  computer  systems  and
        protect the integrity of computer systems is to create a computer
        systems for  the use  of hackers alone.183   This  computer would
        not be connected  to other computer systems, but  can be accessed
        through  a modem.184   If  created,  accounts would  be given  to
        all  interested computer  enthusiasts.  Those  participating will
        not  be  prosecuted  for  exploring  unauthorized  areas  of  the
        system.185     Since   other  computer   systems   will  not   be
        accessible through  this system, any activity on this system will
        not endanger  the information on  other systems.186   By allowing
        this to be done, a major problem will be solved, the inability to
        afford to  buy a mainframe system,  while a person  will still be
        able to learn about different types of systems.
             If any  laws are to  be made, they should  make "knowing"187
        or  "intentionally"188   unauthorized access  into  a computer  a
        crime.   By making  the intent of  the crime be  knowing, it will
        allow those who accidently connect to a computer system that they
        think is theirs but is not to be excused from punishment.
             The law must also be done in a way that will allow it to  be
        enforced  across  national  boundaries.   A  computer  hacker can
        access  computers from across the world  without ever leaving his
        home  country.189   If these  laws  can only  be enforced  within
        the home country, then a person can, in theory, go into a country
        of whose computers that  he would never want to access and access
        into other computers without fear of punishment.190
             An international  convention should  be convened  to address
        this problem.  Since the  problem is of international concern and
        the crimes do occur across  the boarders of countries, by setting
        standards by the international  community concerning the  conduct
        of computer users, the hodgepodge  of computer crime laws will be
        eradicated in favor  of a common international standard.   As the
        boundaries in Western  Europe disappear in anticipation  of 1992,
        international access is sure to accelerate.
             Colleges,  Universities  and  high  schools  must  institute
        programs  designed to address  proper computer use.191   Although
        not all  computer users are  not trained in school,  teaching the
        ethical use of computers will  allow users to understand the need
        for security  on systems.   These programs  will also  show users
        that  computer  crime  is  dangerous  to  society.192    Problems
        concerning computer  crime  should be  publicized  so as  not  to
        mystify the crime.193
             The  United  States  and other  countries  must  create more
        Computer  Emergency Response Teams  (CERT).   These teams  are to
        coordinate   community   responses   to   emergency   situations,
        coordinate responsibility for fixing hole in computer systems and
        serve  as a  focal  point  for  discussions  concerning  computer
        systems.194    These  groups regularly  post  notices  concerning
        computer  viruses or  other  dangers  in  the  Internet  computer
        system.  The scope of these groups should be expanded so they may
        be  a  focal point  of the  needs  and desires  of those  who use
        computers.  If  they are used to gather information as a clearing
        house  type  operation,  the  spread  of  information  concerning
        computer  systems  and problems  with  the systems  will  be more
        adequately addressed.
        IV.  Conclusion
             Computer crime is a growing problem.  With the advent of the
        computer and a more computer literate public, crimes committed by
        computers will  increase.   To effectively  address the  problem,
        laws  must be  created to  outlaw activity  which is  designed to
        further illegitimate  ends.  These  laws have moved in  the right
        direction concerning what should be  outlaws so as to balance the
        needs of computer users against those of the computer owners.  To
        enforce these  laws, governments must realize that the problem of
        computer crime is not only of local concern.
             Educational programs and standards of ethics must be created
        from within the computer users community.  Corporations which use
        computers  must educate their  employees to reduce  the fear that
        one  might  have  when  addressing  a  computer  security  issue.
        Copyright laws must  be strengthened in countries  that either do
        not have  or have weak copyright laws so  that the need to create
        viruses to protect an individual's or corporation's work will  no
        longer be necessary.
             To  satisfy users  curiosity  with  computers, a  non-secure
        computer system should be created.   This system will allow those
        who wish  to explore a  system in order to  understand the system
        may.    Those   individuals  can  do  so  without   the  fear  of
        prosecution.
             Only by directly addressing the causes of computer crime and
        drafting standards and  laws to address the unique  area will the
        problem of computer crime be adequately addressed.  Light must be
        shined on  the area so individuals will  realize that fear of the
        machines  is not justified.   Only by  doing so may  we enter the
        21st century realizing the full potential of computers.
                                    Appendix A
        Ghana Computer Crime Law (Proposed)
        Computer Crime Law
        Computer Crime Law
        In  pursuance   of  the  Provisional   National  Defense  Council
        (Establishment) Proclamation 1981, this Law is hereby made:
        1.   Any person who, with intent to defraud,
             (a)  alters, damages, destroys or otherwise manipulates data
        or program stored in or used in connection with a computer, or
             (b)  obtains  by any means, information stored in a computer
        and uses it to his advantage or to another  person's advantage to
        the disadvantage of any other person, or
             (c)  uses a computer
        commits an offense.
        Charge:   Computer-related fraud.
        ALTERNATIVE:
             (1)  A  person commits  an offense  if  that person  obtains
                  access to a computer program or data, whether stored in
                  or used in connection with a  computer or to a part  of
                  such program  or data to  erase or otherwise  alter the
                  program or data with the intention-
                  1.   (a)  of procuring  an  advantage  for  himself  or
                       another person: or
                       (b)  of damaging another person's interests.
        2.   Any  person who, by  any means, without  authority, wilfully
             destroys, damages,  injures, alters  or renders  ineffective
             data stored in or used in connection with a computer commits
             an offense.
        Charge:   Damaging Computer data.
        3.   Any person who, without authority, knowingly uses a computer
             commits and offense.
        Charge:   Unauthorized use of a computer.
        4.   Any person who, without authority, knowingly gains access to
             a computer, computer network, or any part thereof commits an
             offense.
        Charge:   Unauthorized access to a computer.
        5.   Any  person  who,   knowingly  and  dishonestly  introduces,
             records  or  stores, or  causes  to be  recorded,  stored or
             introduced into a computer or computer network by any means,
             false or misleading information as data commits an offense.
        Charge:   Insertion of false information as data.
        ALTERNATIVE:
             (5)  A person commits an offense if, not having authority to
                  obtain  access to a  computer program or  data, whether
                  stored in or used in  connection with a computer, or to
                  a  part  of such  program  or  data,  he  obtains  such
                  unauthorized  access   and  damages   another  person's
                  interests by recklessly adding to, erasing or otherwise
                  altering the program or the data.
        6.   Any person under  a contractual or other  duty to introduce,
             record or store authorised data into a computer network, who
             negligently  or dishonestly  fails to  introduce, record  or
             store, commits an offense.
        Charge:   Omission to introduce, record or store data.
        ALTERNATIVE
             (6)  Any  person  under  a  contractual  or  other  duty  to
                  introduce,  record or  store data  into  a computer  or
                  computer network  who negligently or  dishonestly fails
                  to introduce, record or store, commits an offense.
        7.   Any  authorised person who willfully or intentionally allows
             information  from a  computer to  get into  the hands  of an
             unauthorised  person   who  uses  such  information  to  his
             advantage commits an offense.
        Charge:   Allowing unauthorised person to use computer data.
        8.   A  person guilty  of  an  offense under  this  Law shall  be
             liable:-
             (a)  on summary conviction,  to imprisonment for a  term not
                  exceeding  two years  or to  a  fine not  exceeding the
                  statutory maximum or both; or
             (b)  on conviction on indictment, to imprisonment for a term
                  not  exceeding ten years  or to  an unlimited  fine, or
                  both.
        9.   A  court in  Ghana  shall  have  jurisdiction  to  entertain
             proceedings for  an offense under  this Law, if at  the time
             the offense was committed:-
             (a)  the accused was in Ghana; or
             (b)  the program  or  the  data in  relation  to  which  the
                  offence  was committed  was stored  in or  used with  a
                                                         or  used with
                  computer or computer network in Ghana.
                              computer network in Ghana.
        10.  In this Law, unless the context otherwise requires:-
             "access"  includes  to  log unto,  instruct,  store  data or
             programs  in, retrieve data  or programs from,  or otherwise
             communicate  with a  computer, or  gain  access to  (whether
             directly or with the aid of any device) any data or program.
             "computer"   includes  any   device  which  is   capable  of
             performing logical,  arithmetical, classifactory,  mnemonic,
             storage  or  other  like  functions  by  means  of  optical,
             electronic or magnetic signals.
             "Computer network"  includes the  interconnection of  two or
             more computers, whether geographically separated or in close
             proximity or  the interconnection  of communication  systems
             with a computer through terminals, whether remote or local.
             "Computer program" includes  an instruction or statement  or
             series  of instructions or  statements capable of  causing a
             computer to indicate, perform, or achieve any function.
             "data"  includes  a  representation   in  any  form  whether
             tangible or intangible that is capable of being stored in or
             retrieved by a computer.
                                     ENDNOTES
                                     ENDNOTES
        1.   Financial Times Limited (London) April, 1990.
        2.   See, infra, endnote 36 and accompanying text.
                  infra
        3.   Stoll, The Cuckoo's Egg (1990).  [hereinafter Stoll].
                    The Cuckoo's Egg
        4.   Lyons, 13 Are  Charged in Theft of Data  from Computers, New
        York Times, August 17, 1990, B2, col. 3.
        5.   Although   there  is  no   set  definition  of   a  computer
        publication,  it is created  and published solely  on a computer.
        Peretti,  Computer Publications  and the  First Amendment  (1990)
        (available  at Princeton  University FTP  site  and The  American
        University Journal of International Law and Policy Office).
        6.   Dorothy  Denning,  The   United  States  v.   Craig  Neidorf
        (available  at The American  University Journal  of International
        Law and Policy office).
        7.   Schares,  A  German  Hackers'  Club that  Promotes  Creative
        Chaos, Business Week, Aug. 1, 1988, 71.
        8.   Barlow, Crime and  Puzzlement: In advance of the  Law on the
        Electronic Frontier, Whole Earth Review, Sept. 22, 1990, 44.
        9.   Kopetman, Computer  Gave Them  Bum Rap,  Los Angeles  Times,
                                                      Los Angeles  Times
        Jan. 10, 1991, at B1, col. 2.
        10.  See, J. Thomas McEwen, Dedicated Computer Crime Units (19--)
             See,
        (stating how  important computers  have become  to society).   In
        1978 there were 5,000 desktop computers in the United States.  S.
        Rep. No.  432, 99th  Cong., 2d Sess.  2, reprinted in,  1986 U.S.
                                                 reprinted in
        Code Cong. &  Admin. News 2479, 2479.   By 1986, this  number had
        increased to about 5 million.  Id.
                                       Id.
        11.  See, S. 2476, Floor Statement by Senator Patrick Leahy.
        12.   See,  Stoll  at  ___ (stating  that  all countries,  except
        Albania, are connected via computer systems).
        13.   McEwen, Dedicated Computer  Crime Units 1 (19--).   Another
                      _______________________________
        definition used  is  the definition  of computer  crime was  "any
        illegal  act  for  which  knowledge  of  computer  technology  is
        essential for successful investigation and prosecution".  Parker,
        Computer Crime:  Criminal Justice Resource Manual, (1989).
        _________________________________________________
        14.  Conly,  Organizing  for  Computer  Crime  Investigation  and
        Prosecution, 6-7 (19--).
        15.  For instance,  the estimated  cost of  the Internet Worm,  a
        computer program created  by Robert Morris,  Jr. which shut  down
        the  Internet  computer  system, varies  from  $97,000,000  (John
        McAfee,  Chairman,  Computer   Virus  Industry  Association)   to
        $100,000  (Clifford Stoll's low  bound estimate).   Commitment to
        Security, 34  (1989).  It  is difficult to determine  exactly the
        cost  of such  crime because  it is  difficult to  determine what
        should be included.  The estimated downtime of a  computer due to
        such activity  could be used to determine the  cost.  This may be
        flawed, however, since it will not take into account how  much of
        the down  time actually  would have been  used.   Electronic Mail
        Letter from Richard  Stallman to Brian J. Peretti  (Dec. 3, 1990)
        (concerning computer crime).
        16.  Commitment   to  Security,   34.    The   average  facility,
        consisting  of  1,224  microcomputers,  96  minicomputers and  10
        mainframe  computers, lost $109,000,  365 personnel hours  and 26
        hours computer time loss per year. Id.
                                           Id.
        17.  Id. at 23. 6 percent of  incidents resulted in prosecutions.
             Id.
        Id.
        Id.
        18.  Id.
             Id.
        19.    Only 1.5 percent of  respondents to a National  Center for
        Computer Crime Data used Anti-virus  products in 1985.   By  1988
        this figure  rose to  22 percent.   By  1991, 53  percent of  the
        respondents stated that  they would be using  anti-virus software
        by  1991.   According  to  a  Price  Waterhouse survey  in  Great
        Britain,  in 1985  26  percent  installations  spent  nothing  on
        security.   Authers,  Crime  as  a  Business  Risk-  Security/  A
                              Crime  as  a  Business  Risk-  Security/  A
        Management  as Well  as  a  Technical  Problem,  Financial  Times
        Management  as Well  as  a  Technical  Problem
        (London), November 7, 1990.  By 1990 this figure had shrunk  to 4
        percent and is  expected to decline to 0 by 1995. Id.  The amount
                                                          Id.
        spent on security for new systems has increased from 5 percent in
        1985 to 9 percent by 1990. Id.
                                   Id.
             In Japan, less  than 10 percent of groups  that rely heavily
        on  computers have  taken  measures  to  prevent  virus  attacks.
        Computer  Users Fail to Protected Against Viruses. Although Japan
        Computer  Users Fail to Protected Against Viruses.
        does not  have a computer crime law, there  is a movement to make
        such a law.   Computer Body Calls for Jail Sentences for Hackers,
                      Computer Body Calls for Jail Sentences for Hackers
        Kyodo News  Service,  Nov. 15,  1990  (available from  the  Nexis
        library).     The   Japan   Information  Processing   Development
        Association has  stated that  the new law  should make  the crime
        punishable of either one year of hard labor or a fine. Id.
                                                               Id.
        20.  The terms was first applied in 1984. Commitment to Security,
        34 (1989).
        21.  Ring, Computer Viruses; Once Revered as Hackers, Technopaths
        Threaten  Security of  Computer-Dependant Society,  Computergram,
        July 7,  1989.  Some of  these viruses are  extremely small, e.g.
        Tiny, which is 163 bytes, may be the smallest.  Friday 13th Virus
        Alert, The Times (London), July 12, 1990.
        22.  Graggs, Foreign  Virus Strains  Emerge as  Latest Threat  to
                     Foreign  Virus Strains  Emerge as  Latest Threat  to
        U.S. PCs,  Infoworld, Feb.  4, 1991, 18.   Viruses  have appeared
        U.S. PCs
        from Bulgaria, Germany, Australia, China and Taiwan. Id. Some new
                                                             Id.
        viruses  include Armageddon,  from Greece  which  attacks through
        modems and then dials to a talking clock in  Crete, Liberty, from
        Indonesia,  Bulgaria 50,  which is  thought to  have come  from a
        "laboratory"  in Sofia,  Victor,  thought  to  originate  in  the
        U.S.S.R., the Joker,  from Poland, which tells the  user that the
        computer needs a  hamburger, and Saturday  the 14th, presumed  to
        have been developed in South Africa,  which destroys a computer's
        file allocation table. Id.
                               Id.
             Some viruses also  carry a message when  they are activated.
        A  virus that is  though to  have been  developed by  students at
        Wellington, New  Zealand,  tells the  user  that they  have  been
        "stoned" and requests that marijuana should be legalized.  Id.
                                                                   Id.
             Approximately 80  or 90 of  the 300 viruses counted  for the
        IBM  personal computer originated in Bulgaria according to Morton
        Swimmer of Germany's Hamburg University Virus Test Center.
        23.  A report in  La Liberation, a French  newspaper, stated that
                          La Liberation
        computer viruses  could be planted  in French EXOCET  missiles to
        misguide  them  when  fired.    La  Liberation,  Jan.  10,  1991,
        reprinted in  Klaus Brunnstein,  Risks-Forum, vol.  10, iss.  78,
        reprinted in
        Jan. 22  1991 (available at American Journal of International Law
        and Policy Office).
        24.  A  "trojan horse"  is a  program that  does not  seem to  be
        infected, however,  when used  in a computer,  the virus  is then
        transferred  the uninfected machine.   On trojan  horse destroyed
        168,000 files in Texas.  Commitment to Security, 34 (1989).
        25.  Ring, Computer Viruses; Once Revered as Hackers, Technopaths
                   Computer Viruses; Once Revered as Hackers, Technopaths
        Threaten  Security of  Computer-Dependent Society,  ComputerGram,
        Threaten  Security of  Computer-Dependent Society
        July 7, 1989.
        26.  Highland, One Wild  Computer "Worm" Really Isn't  a  Federal
                       One Wild  Computer "Worm" Really Isn't  a  Federal
        Case, Newsday, Jan. 23, 1990, 51.
        Case
        27.  Stoll, at 346.   The amount of computers  that were actually
        infected by the worm  is still the subject of debate.   Mr. Stoll
        estimates that  2,000 computers  where infected,  while the  most
        commonly  cited  number is  6,000.   Commitment  to  Security, 34
        (1989).    The 6,000  estimate  was  based  on  an  Massachusetts
        Institute of Technology estimate that 10 percent of the  machines
        at the school  were infected and was  then inferred to  the total
        number  of  machines  across  the  country  that  were  affected.
        General Accounting  Office, Computer  Security: Virus  Highlights
        Need for Improved  Internet Management, 17  (1989).  This  number
        may be inaccurate  because not all locations had  the same amount
        of vulnerable machines. Id.
                                Id.
        28.       For the  first  eight months  of  1988, there  were 800
        incidents  concerning computer  viruses. Commitment  to Security,
        34.  The Computer  Virus Industry  Association  reported that  96
        percent of  these reported infections were incorrectly identified
        as viruses. Id.
                    Id.
        29.   Robinson, Virus Protection  for Network Users,   Washington
        Post, Washington Business, p.44, Feb. 11, 1991.
        30.  Ross,  Hacking   Away  at  the   Counterculture,  3   (1990)
        (available at the  American University  Journal of  International
        Law  and Policy).  On Saturday Night Live, during the news update
        segment, Dennis Miller stated, in comparing a computer viruses to
        the   AIDS  virus,  "Remember,  when  you  connect  with  another
        computer, you're connecting  to every computer that  computer has
        ever been connected to."  Id.
                                  Id.
        31.  Id. at 8-9.
             Id.
        32.  Computer Virus Legislation, Hearing on  H.R. 55 and H.R. 287
        before the Subcomm. on Criminal Justice of the House Comm. on the
        Judiciary, 100th  Cong., 1st Sess.  49 (1989) (statement  of Marc
        Rotenberg,   Director,   Computer    Professionals   for   Social
        Responsibility).   In Israel,  Hebrew University used  a computer
        virus to  detect and  destroy a virus  that would  have destroyed
        data files. Id.
                    Id.
        33.  Computergram International, October 14, 1990.
        34.
        35.  Watts, Fears of Computer Virus Attack from East Europe grow,
                    Fears of Computer Virus Attack from East Europe grow
        The Independent, November 24, 1990, p.6.   On a trip to Bulgaria,
        a British computer consultant  returned with 100 viruses  that do
        not exist in the West. Id.
                               Id.
        36.  Id.
        37.  McGourty, When a Hacker Cracks the Code, The Daily Telegraph
                       When a Hacker Cracks the Code
        (London), October 22, 1990, p. 31.
        38.  The equipment would cost about 50 (British) pounds. Id.
                                                                 Id.
        39.  Id.   A British company, has stated that they have developed
             Id.
        a glass that  will reduce this problem.   Tieman, Spy-Proof Glass
        to Beat the Hackers, The (London) Times, Jan 17, 1991.
             A  more  recent  problem concerns  the  ability  of computer
        hackers to access into fax  machines and either change or reroute
        information from the machine. Becket, Espionage fears mounting as
                                              Espionage fears mounting as
        hackers tap into faxes, The Daily Telegraph (London), December 1,
        hackers tap into faxes
        1990,  p. 23.  This problem  can be  circumvented by  the  use of
        encryption devices or passwords on the machine.  Id.
                                                         Id.
        40.  Stoll  at 9.  The  word itself originally had  two meanings.
        People originally called themselves hackers were software wizards
        who thoroughly knew computer systems.  Id.  In U.S. v. Riggs, 739
                                                       U.S. v. Riggs
        F. Supp. 414, 423 (N.D. Ill.  1990) the court defined hackers  as
        "individuals involved  with the  unauthorized access  of computer
        systems by various  means."  The New Hacker's  Dictionary defines
        hackers  as  "A  person  who  enjoys  learning   the  details  of
        programming systems  and how  to stretch  their capabilities,  as
        opposed  to most  users  who  prefer to  learn  only the  minimum
        necessary."    New  Hacker's Dictionary, to  be published Spring,
        1991.
             Hacker has also been used in a  non-evil sense with the word
        "cracker"  taking the  disreputable part  of the  word.   In this
        light,  hacker means "computer  enthusiasts who `take  delight in
        experimenting  with system  hardware, software  and communication
        systems."  and cracker  meaning  "a  hacker  who  specializes  in
        gaining illegal  access to a  system."  One Wild  Computer `Worm'
                                                One Wild  Computer `Worm'
        Really Isn't  a Federal  Case, Newsday, January  23, 1990,  p.51.
        Really Isn't  a Federal  Case
        The typical hacker has been described  as "a juvenile with a home
        computer  who  uses  computerized bulletin  board  systems  for a
        variety  of illegal  purposes.   Conly,  Organizing for  Computer
        Crime Investigation and Prosecution, 8 (19--).
        41.   Sulski, How to Thwart  Potential Saboteur, Chicago Tribune,
                      How to Thwart  Potential Saboteur
        November 18, 1990, p.18.
        42.  Computerworld, December 3,  1990, p. 122. Kryptik,  a hacker
        group,  was  stated as  having  planned  to plant  a  virus  in a
        telephone  network on  December  5,  1990. Id.    It is  unclear,
                                                   Id.
        however, if the virus actually was planted. Id.
                                                    Id.
        43.  Sulski, How to  Thwart Potential Saboteur, Chicago  Tribune,
                     How to  Thwart Potential Saboteur
        November  18, 1990, p.18.   Computer security  experts state that
        the  risk of  having hacker break  into your system  is less than
        being burglarized or having a power outage due to lightning.  Id.
                                                                      Id.
        Errant opinion poll  results have also been blamed on the work of
        hackers.    Holdsworth,   Hackers  May  Have  Attacked   TV  Poll
                                  Hackers  May  Have  Attacked   TV  Poll
        Computers-MP,  Press Association Newsfile, May 4, 1990.
        Computers-MP
        44.  Stoll, 312.
        45.  Id.  This  view is also shared  by the editors of  2600, The
             Id.
        Hackers  Quarterly.   It is  also held  by  these persons  that a
        service  is done  to the  computing  community because  those who
        break in to computer systems show the operators that their system
        is not strong enough and that it should be made stronger.
        46.  Stoll, at 354.
        47.   Mr.  Stoll's computer  was broken  into by   an  Australian
        hacker who said he  did so to show that Mr.  Stoll's security was
        not  good and  that  hackers  are good  because  they show  where
        security problems are in computer  networks.  Id. at 353-54.   He
                                                      Id.
        rejected such arguments. Id.
                                 Id.
        48.  Director, Computer Professionals for Social Responsibility
        49.  Computer Virus Legislation, Hearing  on H.R. 55 and H.R. 287
        before the Subcomm. on Criminal Justice of the House Comm. on the
        Judiciary, 100th Cong., 1st Sess. 26-27 (1989) (statement of Marc
        Rotenberg,   Director,   Computer    Professionals   for   Social
        Responsibility). The Aldus peace virus, which displayed a message
        calling  for  peace  and then  disappeared  without  damaging the
        system itself, is an example of a virus  which he believes should
        be protected.  Id.
                       Id.
        50.  Commitment to Security, 34.
        51.  Stoll, 349.
        52.  "I can never understand why people think it is  all right to
        run out of computer paper but not all right to be infected with a
        virus.  The  disruption is the same  and it takes about  the same
        amount of  time to  put matters  right."   Cane, Hygiene  See Off
                                                         Hygiene  See Off
        Computer  Viruses, Financial  Times  (London)  October 14,  1989,
        Computer  Viruses
        Section I, p. 24.
        53.  18 U.S.C. 1030 (1988).
        54.      Ala. Code    13A-8-100  et.seq. (1990); Alaska  Stat.
                 Ala. Code                               Alaska  Stat.
        11.46.200(a)(3), 11.46.484(a)(5), 11.46.740, 11.46.985, 11.46.990
        (1990);  Ariz. Rev. Stat. Ann.   13-2301(E), 13-2316 (1990); Cal.
                 Ariz. Rev. Stat. Ann.                               Cal.
        Penal Code    502 (West 1990); Colo. Rev.  Stat.   18-5.5-101 et.
        Penal Code                     Colo. Rev.  Stat.
        seq. (1990); Conn. Gen. Stat    53a-250 et. seq., 52-570b (1990);
                     Conn. Gen. Stat
        Del. Code  Ann. tit.  11,     931 et  seq. (1990);  Fla. Stat.
        Del. Code  Ann.                                     Fla. Stat.
        815.01 et seq.  (1990); Ga. Code  Ann.    16-9-90 et seq  (1990);
                                Ga. Code  Ann.
        Haw. Rev. Stat.    708-890 et seq. (1990); Idaho Code    18-2201,
        Haw. Rev. Stat.                            Idaho Code
        2202  (1990); Ill.  Ann. Stat.     15-1,  16-9 (1990);  Ind. Code
                      Ill.  Ann. Stat                           Ind. Code
          35-43-1-4,  35-43-2-3  (1990);  Iowa Code      716A.1  et. seq.
                                          Iowa Code
        (1990); Kan.  Stat. Ann.   21-3755 (1990); Ky. Rev. Stat. Ann.
                Kan.  Stat. Ann.                   Ky. Rev. Stat. Ann.
        434.840  et. seq. (1990);  La. Rev. Stat.  Ann. 14(D)     71.1 et
                                   La. Rev. Stat.  Ann
        seq.  (1990); Me.  Rev.  Stat.  Ann. chap.  15,  tit. 17-A,   357
                      Me.  Rev.  Stat.  Ann.
        (1990); Md.  Crim. Law  Code Ann. Article  27   45A,  146 (1990);
                Md.  Crim. Law  Code Ann.
        Mass. Gen. L. ch 266,   30 (1990) see infra; Mich. Comp.  Laws
        Mass. Gen. L.                                Mich. Comp.  Laws
        28.529(1)  et seq. (1990);  Minn. Stat.   609.87  et seq. (1990);
                                    Minn. Stat.
        Miss. Code Ann.   97-45-1 et seq (1990); Mo. Rev. Stat.   569.093
        Miss. Code Ann.                          Mo. Rev. Stat.
        et  seq. (1990);  Mont. Code  Ann.    45-2-101, 45-6-310,45-6-311
                          Mont. Code  Ann.
        (1990); Neb. Rev. Stat. art. 13(p),   28-1343 et seq (1990); Nev.
                Neb. Rev. Stat.                                      Nev.
        Rev.  Stat.    205.473  et  seq. (1990);  N.H.  Rev.  Stat.  Ann.
        Rev.  Stat.                               N.H.  Rev.  Stat.  Ann.
          638.16  et seq. (1990); N.J. Rev. Stat.   2C:20-1, 2C:20-23 et.
                                  N.J. Rev. Stat.
        seq., 2A:38A-1  et seq.  (1990); N.M. Stat.  Ann.     30-16A-1 et
                                         N.M. Stat.  Ann.
        seq. (1990); N.Y. Penal Law    155.00, 156.00 et seq, 165.15(10),
                     N.Y. Penal Law
        170.00,  175.00 (1990); N.C.  Gen. Stat.   14-453  et seq (1990);
                                N.C.  Gen. Stat.
        N.D. Cent. Code 12.1-06.1.01(3),  12.1-06.1-08 (1990); Ohio  Rev.
        N.D. Cent. Code                                        Ohio  Rev.
        Code  Ann.    2901.01, 2913.01, 1913.04, 1913.81 (Anderson 1990);
        Code  Ann.
        Okla. Stat. tit.  21,    1951 et  seq. (1990); Or. Rev.  Stat.
        Okla. Stat                                     Or. Rev.  Stat.
        164.125, 164.377  (1990);   Pa.  Cons. Stat.   1933  (1990); R.I.
                                    Pa.  Cons. Stat.                 R.I.
        Gen. Laws    11-52-1 et seq (1990); S.C. Code Ann.    16-16-10 et
        Gen. Laws                           S.C. Code Ann.
        seq (Law. Co-op 1990); S.D. Codified Laws Ann.   43-43B-1 et seq.
                               S.D. Codified Laws Ann.
        (1990);  Tenn. Code Ann.    39-3-1401 et  seq (1990);  Texas Code
                 Tenn. Code Ann.                               Texas Code
        Ann. tit 7   33.01 et seq. (Vernon 1990); 19   Utah Laws    76-6-
        Ann.                                           Utah Laws
        701 et  seq.; Va.  Code Ann.   18.2-152.1  et seq.  (1990); Wash.
                      Va.  Code Ann.                                Wash.
        Rev.  Code Ann.   9A.48.100, 9A.52.010, 9A.52.110 et seq. (1990);
        Rev.  Code Ann.
        Wis. Stat.   943.70 (1990); Wyo. Stat.   6-3-501 et seq. (1990).
        Wis. Stat.                  Wyo. Stat.
        55.   Parker, Computer Crime:   Criminal Justice Resource Manual,
        129 (1979).
        56.   McEwen, Dedicated Computer  Crime Units, 60 (1989).   These
        other laws include  embezzlement, larceny, fraud, wire  fraud and
        mail fraud.  Id. at 60.
                     ___
        57.  Pub. L. No. 98-473,   2102(a), 98 Stat. 1837, 2190 (codified
        at 18 U.S.C.   1030).
        58.  S.  Rep.  No.  432,  99th  Cong., 2d  Sess.,  1986  U.S.  2,
        reprinted in, 1986 Cong. & Admin. News 2479, 2479.
        reprinted in
        59.  Pub. L. No. 99-474,   2, 100 Stat. 1213 (amending 18  U.S.C.
          1030).
        60.  18 U.S.C.   1030(b).
        61.  18 U.S.C.   1030(a)(1).   The person  must act  knowingly to
        access a computer  either without authorization or  exceeding the
        authorization given  and obtain  information with  the intent  or
        reason  to believe that  the information  will either  injure the
        United  States of  American or  give  an advantage  to a  foreign
        nation.  As  seen by the placement  of this section, it  is clear
        that  the Congress was  particularity aware  of the  dangers that
        computer  might  have to  the  national  security of  the  United
        States.   This  section parallels  18  U.S.C.  793,  the  federal
        espionage statute.
        62.  1030(c)(1)(A).
        63.  1030(c)(1)(B).
        64.  As defined by the Fair  Credit Reporting Act, 15 U.S.C. 1681
        et seq.
        65.  1030(c)(2)(A).
        66.  1030(c)(2)(B).  The penalty is up to 10 years in prison.
        67.  18 U.S.C.   1030(a)(2).
        68.  18 U.S.C.   1030(c)(2)(B).
        69.  18 U.S.C.   1030(c)(2)(B).
        70.  The punishments that may be handed out are up to 5 years for
        the first offense and 10 years for any subsequent offense.
        71.  18 U.S.C.  1030(a)(5).
        72.  18 U.S.C.   1030(c)(3)(A).
        73.  18 U.S.C.   1030(c)(3)(B).
        74.  18 U.S.C.   1030(a)(6).
        75.  As defined by 18 U.S.C.   1029.
        76.  18 U.S.C.  1030(c)(2)(A).
        77.  18 U.S.C.   1030(c)(2)(B).
        78.  18 U.S.C.   1030(a)(6)(B).
        79.  18 U.S.C.   1030(a)(6)(B).
        80.  These computers  include computers used exclusively  for the
        United States government  or a  financial institution  or if  not
        exclusively by  the  government  one which  the  conduct  of  the
        computer affects the government's or the institution's operation,
        18  U.S.C. 1030(e)(2)(A),  the computer  is  one of  two or  more
        computers  that  commit  the  offense,  18  U.S.C. 1030(e)(2)(A).
        Financial  institution is  defined in  18  U.S.C. 1030(e)(4)  and
        includes  and institution  whose  deposits  are  insured  by  the
        Federal Deposit Insurance Corporation, 1030(e)(4)(A), the Federal
        Reserve or  one of  its  members, 1030(e)(4)(B),  a credit  union
        insured   by   the   National    Credit   Union   Administration,
        1030(e)(4)(C),   a  Federal   home  loan   bank   system  member,
        1030(e)(4)(D),  institutions under the  Farm Credit Act  of 1971,
        1030(e)(4)(F), a broker-dealer registered pursuant to   15 of the
        Securities Exchange Act  of 1934, 1030(e)(4)(F), or  a Securities
        Investor Protection Corporation, 1030(e)(4)(G).
        81.  S. Rep.  No. 432, 99th Cong., 2d Sess. 4, reprinted in, 1986
                                                       reprinted in
        U.S. Code Cong. & Admin. News 2479, 2481.
        82.  Note, Computer Crime and The Computer Fraud and Abuse Act of
        1986, X Computer/Law Journal 71, 79, (1990).
        83.  18 U.S.C.   1030 (e)(2) states:
             As used in this section-
             (2)  The term "Federal interest computer" means a computer-
                  (A)  exclusively for the use of a financial institution
        or the  United States Government, or,  in the case  of a computer
        not  exclusively  for  such  use,  used by  or  for  a  financial
        institution  or  the  United States  Government  and  the conduct
        constituting  the  offense  affects  the  use  of  the  financial
        institution's  operation or  the  Government's operation  of such
        computer; or
                  (B)  which is one  of two or more computer  used in the
        committing the  offense, not all of which are located in the same
        state.
        84.  "[T]here is  not statute  specifically addressing  viruses."
        135 Cong. Rec.  E2124 (daily ed. June  14, 1989) (letter of  Rep.
            Cong. Rec.  E2124
        Herger (quoting FBI Director William Sessions)).
        85.  H.R. 287 and H.R. 55.
        86.  "Existing  criminal statues are not specific on the question
        of  whether unauthorized  access is  a  crime where  no theft  or
        damage  occurs . .  ." 135 Cong.  Rec. E2124 (daily  ed. June 14,
                                   Cong.  Rec.
        1989)  (letter of  Rep.  Herger  (quoting  FBI  Director  William
        Sessions)).
        87.  Prosecution could occur under a trespass law.  It may not be
        applicable, however, since trespass is a property based crime and
        courts have not recognized information in the same manner as real
        property.
        88.  Note, Computer Crime and The Computer Fraud and Abuse Act of
        1986, X Computer/Law Journal 71, 80 (1990).
        89.  Id.
             Id.
        90.  Shalgi,  Computer-ware: Protection and Evidence,  An Israeli
                      Computer-ware: Protection and Evidence,  An Israeli
        Draft  Bill,  IX  Computer/Law J.  299,  299  (1989) [hereinafter
        Draft  Bill       Computer/Law J.
        Shalgi].  This proposed bill has not progressed much since it was
        proposed and is at the stage prior to an official "bill".  Letter
        from Barry  Levenfeld  to Brian  J. Peretti  (December 13,  1990)
        (concerning  Israel's legislature  progress on  the comprehensive
        computer  law).     This  paper  will  use  the   Shalgi  English
        translation of the law.
        91.  Chapter 2 concerns Offenses and Accessing Computers, Chapter
        3, Damages, Chapter 4, Rights of Software Creators and Chapter 5,
        Evidence. Levenfeld, Israel Considers Comprehensive Computer Law,
                             Israel Considers Comprehensive Computer Law,
         Int'l Computer L Advisor 4 (March 1988).  The topics  covered in
         Int'l Computer L Advisor
        Chapters 2 through 5 are beyond the scope of this paper.
        92.
        93.  Shagli, at 311.
        94.  Chapter 2,   2, Shagli at 311.
        95.  Chapter 2,   3(a), Shagli at 311.   An employee is exempt if
        he commits this  act when  it was  due to a  strike concerning  a
        labor dispute. Chapter 2,  3(b), Shagli at 311.
        96.  Chapter 2,   4(a).
        97.  Chapter 2,   4(b), Shagli at 311.
        98.  As defined by Chapter 1,   1.
        99.  Chapter 2,   5, Shagli at 311.
        100. Chapter 2,   6, Shagli at 312.
        101. Chapter 2,   7, Shagli at 312.
        102. Chapter 2,   9, Shagli at 312.
        103. Id.
             Id.
        104. Chapter 2,   10, Shagli at 312.
        105. By  not  stating that  this also  applies to  individuals or
        others (non-corporations) who  are attempting to supply  services
        to the public, some important services that may be offered to the
        public  may not  be  done.   Levenfeld,  8,  translates the  word
        corporation as entities which may solve the problem.
        106. Shalgi, 312.  Levenfeld, 5,  states that since this  section
        is  so broad  the only  possible areas that  are not  covered are
        personal and academic uses.
        107. Chapter 2,   14, Shagli at 313.
        108.  Section 5.
        109. Levenfeld,  4-5.   Perhaps the  only  computers not  covered
        would  be those used  for personal or  academic uses exclusively.
        Id. at 5.
        Id.
        110.  Section 5.
        111. Levenfeld,  4-5.   Perhaps the  only  computers not  covered
        would be those  used for personal  or academic uses  exclusively.
        Id. at 5.
        Id.
        112. Levenfeld at 4.
        113. Shalgi, 305.
        114. See,  Computers at Risk,  Safe Computing in  the Information
        Age, 36  (1991) (discussing the  need for a repository  to gather
        computer crime information).
        115. Chapter 2,   12, Shagli at 313.
        116. New Hacker's Dictionary.
        117. Chapter 2,    13, Shagli at 313.  The law states that if the
        owner of the computer is not given in his presence, the  order is
        only good for twenty-four hours.  Id.
                                          Id.
        118. Shagli, at 304.   Under Israeli  law, an object that  may be
        proof of an  offense may be seized without a court order. Id. The
                                                                  Id.
        law will bring the seizure of computers in accord with the United
        States Constitution's sixth Amendment.
        119. Chapter 1,   1, Shagli at 310.
        120. Alexander,  Suspect  Arrested  in   AIDS  Disk  Fraud  Case,
                         Suspect  Arrested  in   AIDS  Disk  Fraud  Case
        Computerworld, Feb. 5, 1990, 8.
        121.  Colvin,  Lock up the Keyboard  Criminal, Telecommunications
        PLC (England), June 1990.
        122. Computer Misuse Act, 1990, ch. 18.
        123.   In the five years prior to the  adoption of the Act, there
        were 270  cases of computer misuse  in Britain of  which only six
        were brought to court and only 3 resulting   convictions.  Fagan,
        Technology:  EC urged to  strengthen laws on  computer crime, The
        Technology:  EC urged to  strengthen laws on  computer crime
        Independent (London), February 13, 1990, p. 19.
        124. Id.
             Id.
        125. Davies,  Cracking down on  the computer hackers,  Fin. Times
                      Cracking down on  the computer hackers
        (London), October 4, 1990.
        126. Law Commission No. 186, Cm 819.
        127. Computer Misuse Act, 1990, ch. 18,   1.
        128. The penalty for this type of behavior is up to six months in
        prison, 2000 pounds or both.
        129. Computer Misuse Act, 1990, ch. 18,   2(1)(a).
        130. Computer Misuse Act, 1990, ch. 18,   2(1)(b).
        131. Computer Misuse Act, 1990, ch. 18,   2(5)(a).
        132. Computer Misuse Act, 1990, ch. 18,   2(5)(b).
        133. Computer Misuse Act, 1990, ch. 18,   3(1).
        134. Computer Misuse Act, 1990, ch. 18,   3(7).
        135. Computer Misuse Act, 1990, ch. 18,   3(2).
        136. Computer Misuse Act, 1990, ch. 18,   3(5).
        137. Id.      Colvin,   Lock   up   the   Keyboard   Criminal   ,
             Id.
        Telecommunications PLC (England), June 1990.
        138. Computer Misuse Act, 1990, ch. 18,   4.
        139. Computer Misuse Act, 1990, ch. 18,   4(1).
        140.  5(2) states that a significant link under  1 can be (a) the
        person was in  Great Britain at the  time in which he  caused the
        computer to act in a certain way or (b) the computer he attempted
        to  get access  to  was in  Great  Britain.  5(3)  states that  a
        significant link under  3  can be (a) that  the person was  Great
        Britain at  the time when he did the  act or (b) the modification
        took place in Great Britain.  However, this may not an exhaustive
        list.
        141. Davies,  Cracking down on  the computer hackers,  Fin. Times
                      Cracking down on  the computer hackers
        (London), October 4, 1990.
        142. Computer Misuse Act, 1990, ch. 18,   5.
        143. Although  proposed on February  14, 1989, the  proposed bill
        has not yet become law.
        144. Appendix A,   10.
        145. Appendix A,   1.
        146. Appendix A,   1, alternative.
        147. Appendix A,   2.
        148. Appendix A,   3.
        149. Appendix A,   4.
        150. Appendix A,   5.
        151. Appendix A,   7.
        152. The Ghana  Law Reform  Commission states  that they  created
        their proposed law  from the Scottish Law Commission  and the Law
        Reform  Commission of  Tasmania,  Australia reports  on  computer
        crime.
        153. Appendix A,   9(a).
        154. Appendix A,   8(b).
        155. See, infra, endnote __ and accompanying text.
                  infra
        156. Appendix A,   9(a).
        157. Appendix A,   9(b).
        158. Appendix A,   10.
        159. Appendix A,   6.
        160. Id.
             Id.
        161. Appendix A,   7.
        162. Appendix A,   1.
        163. Appendix A,   10.
        164. Id.
             Id.
        165. Id.
             Id.
        166. The  first computer  crime  law  in  the United  States  was
        enacted in 1979.
        167. S. Rep. No. 432, 99th Cong.,  2d Sess. 3, reprinted in  1986
                                                       reprinted in
        U.S. Code Cong. & Admin. News 2479, 2481.
        168. By increasing  security, the ease  with which one  can enter
        the  system will become more difficult.   Some systems, believing
        that if  such unauthorized  access does  occur that  no sensitive
        information will be stolen, opt  to have less security then other
        systems.  In actuality, by one system not having enough security,
        the entire network can be put  at danger when a mischievous  user
        wishes to  break into a  users account which  may be  accessed by
        that system.    See  Stoll, 353-54 (stating an  Australian hacker
        broke  into  Mr.  Stoll's computer  account  because  a connected
        computer's system  manager did not wish  to have a high  level of
        security.
        169.    Stoll,  32.     Many  military  computers  and  sensitive
        scientific computers  operate in a  secure environment.   This is
        created by not allowing the computer system to have any telephone
        links to the outside world (i.e. outside of the building.
        170.  By having a secure system, information at the computer site
        can only be removed by a person walking into the computer center,
        copying the  information and then walking  out with it.   This is
        both burdensome  (it is much  easier to access the  computer from
        one's home or office) and cumbersome (since a person will have to
        walk around with reels  of data that will later be  put back into
        the system.
        171. Computer Virus Legislation, Hearing on H.R. 55 and  H.R. 287
        before the Subcomm. on Criminal Justice of the House Comm. on the
        Judiciary, 100th Cong., 1st Sess.  44, n. 27 (1989) (statement of
        Marc  Rotenberg,  Director,  Computer  Professionals  for  Social
        Responsibility).
        172.  Colvin,  Lock up the Keyboard  Criminal, Telecommunications
                       Lock up the Keyboard  Criminal
        PLC (England), June 1990, p.  38.  Michael Colvin, the  author of
        Great Britain's Computer  Misuse Act stated  that the passage  of
        the bill should not be looked  at that the computer owner  should
        not have security  measures on their computers. Id.  The bill, he
                                                        Id.
        states, was made  only to compliment,  not substitute, the  users
        security  measures.  Id. In  West  Germany, the  severity  of the
                             Id.
        punishment for hacking depends on the effort that was required to
        commit the offense.   Fagan, Technology:  EC urged to  Strengthen
                                     Technology:  EC urged to  Strengthen
        Laws on Computer Crime, The Independent, Feb. 13, 1990, 19.
        Laws on Computer Crime
        173.    McGourty,  When  a  hacker cracks  the  code,  The  Daily
                           When  a  hacker cracks  the  code
        Telegraph, October 22, 1990, p. 31.
        174.  A  Password is a word that  is either given to  the user by
        the  system  or selected  by  the  user  to prevent  others  from
        accessing his  computer  or account  within the  computer.   This
        words,  groups of  letters or  symbols  are supposed  to be  kept
        secret so as  to not let other  who are not authorized  to access
        the system have access to it.
        175. Donn  Seeley, A  Tour  of the  Worm, Department  of Computer
                           _____________________
        Science,  University of  Utah, Nov.  1988,  reprinted in  General
                                                    reprinted in
        Accounting Office, Computer  Security: Virus Highlights  Need for
        Improved Internet Management, 20 (1989).
        176. Authers,  Armed with  a  secret weapon,  Financial  (London)
        Times, Feb. 5, 1991, Section I, 16.
        177.  Id.
        178. For  a discussion  of  this  virus,  see,  Branscomb,  Rogue
                                                  see               Rogue
        Computer  Programs and Computer Rogues:  Tailoring the Punishment
        Computer  Programs and Computer Rogues:  Tailoring the Punishment
        to  Fit the  Crime, 16  Rutgers Computer  &  Tech. L.J.  1, 14-16
        to  Fit the  Crime      _______________________________
        (1990) (discussing the applicability of state and federal  law to
        computer viruses).
        179.   Jim Thomas, publisher  of the Computer  Underground digest
        argues  that computer pirates actually buy more programs then the
        average computer program buyer.   Letter from Jim Thomas to Brian
        J. Peretti (  (discussing computer pirating of software)
        180. See, GNU Manifesto (available at American University Journal
        of International Law and Policy).   See also, Stallman, GNU EMACS
                                            See also,
        General  Public License, (Feb.  11, 1988) (available  at American
        University Journal of International Law and Policy).
        181. The GNU  Manifesto  (available at  the  American  University
        Journal of International Law and Policy).
        182. The  author proposes that such copyright protection last for
        only two years.   By granting the  creator such protection for  a
        short period of  time, he will be  able to  recover  the expenses
        that he put into the writing of the program.
             If   this  type of  protection   is  granted,  it should  be
        understood that the creator of the program has a copyright to the
        sourcecode of the  program for  that period.   If he updates  the
        program  after the  two year  period,  the updated  code will  be
        protected,  but  the  original  code  will  not  be  granted  the
        protection.   In this  manner, an author  cannot attempt  to give
        copyright  protection  to  a  program  after  the  copyright  has
        expired.
        183. Electronic letter from  Brian J. Peretti to  Dorothy Denning
        (Nov. 13, 1990) (concerning computer crime).
        184. This will be a semi-secure system.
        185. The system, of  course, will have a system  manager who will
        create  the accounts  for the  users.   His account  will be  off
        limits  to those who wish  to use the system.   At the same time,
        individuals will  be  encouraged to  attempt  to break  into  the
        manager's  account and  tell  him how  it  was done  in  order to
        improve security for this and other systems.
        186. The problem  still exists  that information  learned through
        the  use of  this system may  allow those  who use the  system to
        break into other computer systems.  This problem can be corrected
        by having the  system manager and the  users communicate problems
        with the system so that they may be corrected on other systems.
        187. United States v. United States Gypsum Co., 438 U.S. 422, 425
        (1978).
        188. S. Rep. No.  432, 99th Cong., 2d Sess. 6,  reprinted in 1986
                                                        reprinted in
        U.S. Code Cong. & Admin. News 2479, 2484.
        189.  Stoll, The Cuckoo's Egg.
        190.  The countries which a person can go to could be any country
        in the  world, except  Albania, since they  are the  only country
        whose computers are not connected to outside computers.  Stoll.
        191. A school in Red Bank, New Jersey, has instituted a "computer
        responsibility training".  Weintraub, Teaching Computer Ethics in
                                              Teaching Computer Ethics in
        the Schools, The School Administrator 8, 9 (apr. 1986).
        the Schools, ________________________
        192. S.  Rep. No. 432, 99th Cong.,  2d Sess. 3, reprinted in 1986
                                                        reprinted in
        U.S. Code Cong. & Admin. News 2479, 2481.
        193. Electronic  Mail Letter  from  Rop  Gonggrijp  to  Brian  J.
        Peretti (Jan. 25, 1991) (concerning computer  viruses).  "We have
        to watch that  we keep telling people how  virusses work, because
        that  is the only solution to the  problem:  mystifying the whole
        thing ans just hunting down "computer  terrorists" is useless and
        (as proven in  the US and Germany) leads to  a questionable style
        of government in the field of information technology..." Id.
                                                                 Id.
        194. General  Accounting   Office,  Computer  Security:     Virus
        Highlights Need for Improved Internet Management, 25 (1989).
/data/webs/external/dokuwiki/data/pages/archive/bbs/computer.cri.txt · Last modified: 2001/01/13 03:09 (external edit)