174 lines
8.8 KiB
Plaintext
174 lines
8.8 KiB
Plaintext
March 15, 1993
|
|
|
|
United States Sentencing Commission
|
|
One Columbus Circle, NE
|
|
Suite 2-500, South Lobby
|
|
Washington, DC 20002-9002
|
|
Attention: Public Information
|
|
|
|
Re: Proposed Amendent #59 to the Sentencing Guidelines for
|
|
United States Courts, which creates a new guideline applicable
|
|
to violations of the Computer Fraud and Abuse Act of 1988 (18
|
|
U.S.C. 1030)
|
|
|
|
|
|
Dear Commissioners:
|
|
|
|
The Electronic Frontier Foundation (EFF) writes to state our opposition
|
|
to the new proposed sentencing guideline applicable to violations of the
|
|
Computer Fraud and Abuse Act of 1988, 18 U.S.C. 1030 (CFAA). We
|
|
believe that, while the proposed guideline promotes the Justice
|
|
Department's interest in punishing those who engage in computer fraud
|
|
and abuse, the guideline is much too harsh for first time offenders and
|
|
those who perpetrate offenses under the statute without malice
|
|
aforethought. In addition, promulgation of a sentencing guideline at
|
|
the present time is premature, as there have been very few published
|
|
opinions where judges have issued sentences for violations of the CFAA.
|
|
Finally, in this developing area of the law, judges should be permitted
|
|
to craft sentences that are just in relation to the facts of the
|
|
specific cases before them.
|
|
|
|
|
|
|
|
The Proposed Guideline Is Too Harsh.
|
|
|
|
The proposed CFAA sentencing guideline, with a base offense level of six
|
|
and innumerable enhancements, would impose strict felony liability for
|
|
harms that computer users cause through sheer inadvertence. This
|
|
guideline would require imprisonment for first time offenders who caused
|
|
no real harm and meant none. EFF is opposed to computer trespass and
|
|
theft, and we do not condone any unauthorized tampering with computers -
|
|
- indeed, EFF's unequivocal belief is that the security of private
|
|
computer systems and networks is both desirable and necessary to the
|
|
maintenance of a free society. However, it is entirely contrary to our
|
|
notions of justice to brand a computer user who did not intend to do
|
|
harm as a felon. Under the proposed guideline, even a user who
|
|
painstakingly attempts to avoid causing harm, but who causes harm
|
|
nonetheless, will almost assuredly be required to serve some time in
|
|
prison.
|
|
|
|
The proposed guideline, where the sentencing judge is given no
|
|
discretion for crafting a just sentence based on the facts of the case,
|
|
is too harsh on less culpable defendants, particularly first time
|
|
offenders. As the Supreme Court has stated, the notion that a culpable
|
|
mind is a necessary component of criminal guilt is "as universal and
|
|
persistent in mature systems of law as belief in freedom of the human
|
|
will and a consequent ability and duty of the normal individual to
|
|
choose between good and evil." Morissette v. United States, 342 U.S.
|
|
246, 250 (1952). In the words of another court, "[u]sually the stigma
|
|
of criminal conviction is not visited upon citizens who are not morally
|
|
to blame because they did not know they were doing wrong." United
|
|
States v. Marvin, 687 F.2d 1221, 1226 (8th Cir. 1982), cert. denied, 460
|
|
U.S. 1081 (1983).
|
|
|
|
|
|
There Is Not Yet Enough Caselaw to Warrant a Guideline.
|
|
|
|
The Sentencing Commission itself has recognized the importance of
|
|
drafting guidelines based on a large number of reported decisions. In
|
|
the introduction to the Sentencing Commission's Guidelines Manual, the
|
|
Commission states:
|
|
|
|
The Commission emphasizes that it drafted the initial guidelines with
|
|
considerable caution. It examined the many hundreds of criminal
|
|
statutes in the United States Code. It began with those that were the
|
|
basis for a significant number of prosecutions and sought to place them
|
|
in a rational order. It developed additional distinctions relevant to
|
|
the application of these provisions, and it applied sentencing ranges to
|
|
each resulting category. In doing so, it relied upon pre-guidelines
|
|
sentencing practice as revealed by its own statistical analyses based on
|
|
summary reports of some 40,000 convictions, a sample of 10,000 augmented
|
|
pre-sentence reports, the parole guidelines, and policy judgments.
|
|
|
|
United States Sentencing Commission, Guidelines Manual, Chap. 1, Part A
|
|
(1991).
|
|
|
|
At the present time, there are only five reported decisions that mention
|
|
the court's sentencing for violations of the Computer Fraud and Abuse
|
|
Act. See, United States v. Lewis, 872 F.2d 1030 (6th Cir. 1989); United
|
|
States v. Morris, 928 F.2d 504 (2d Cir. 1991), cert. denied, 112 S. Ct.
|
|
72 (1991); United States v. Carron, 1991 U.S. App. LEXIS 4838 (9th Cir.
|
|
1991); United States v. Rice, 1992 U.S. App. LEXIS 9562 (1992); and
|
|
United States v. DeMonte, 1992 U.S. App. LEXIS 11392 (6th Cir. 1992).
|
|
New communications technologies, in their earliest infancy, are becoming
|
|
the subject of precedent-setting litigation. Overly strict sentences
|
|
imposed for computer-related fraud and abuse may have the effect of
|
|
chilling these technologies even as they develop. Five decisions are
|
|
not enough on which to base a guideline to be used in such an important
|
|
and growing area of the law.
|
|
|
|
The Commission itself has recognized that certain areas of federal
|
|
criminal law and procedure are so new that policy statements, rather
|
|
than inflexible guidelines, are preferable. See, e.g., United States
|
|
Sentencing Commission, Guidelines Manual, Chap. 7, Part A (1990)
|
|
(stating the Commission's choice to promulgate policy statements, rather
|
|
than guidelines, for revocation of probation and supervised release
|
|
"until federal judges, probation officers, practitioners, and others
|
|
have the opportunity to evaluate and comment. . . ."). A flexible
|
|
policy statement, rather than a specific sentencing guideline, is a more
|
|
appropriate way to handle sentencing under the Computer Fraud and Abuse
|
|
Act until there has been enough litigation on which to base a guideline.
|
|
|
|
|
|
Judges Must Be Permitted to Craft Their Own Sentences for Cases
|
|
Involving Special Circumstances.
|
|
|
|
Individual sentencing decisions are best left to the discretion of the
|
|
sentencing judge, who presumably is most familiar with the facts unique
|
|
to each case. To promulgate an inflexible sentencing guideline, which
|
|
would cover all crimes that could conceivably be prosecuted under the
|
|
Computer Fraud and Abuse Act, is premature at this time.
|
|
|
|
As discussed above, there have only been five reported decisions where
|
|
the Computer Fraud and Abuse Act has been applied. In three of these
|
|
reported CFAA cases, the judges involved used their discretion and
|
|
fashioned unique sentences for the defendants based on the special facts
|
|
of the case. See, Morris, 928 F.2d at 506 (where the judge placed
|
|
Defendant Morris on probation for three years to perform 400 hours of
|
|
community service, ordered him to pay fines of $10,050, and ordered him
|
|
to pay for the cost of his supervision at a rate of $91 a month); Carron
|
|
at 3 (where the judge found that Defendant Carron's criminal history
|
|
justified a sentence of 12 months incarceration followed by 12 months of
|
|
supervised release and restitution to the two injured credit card
|
|
companies); and DeMonte at 4 (where the trial court judge held that
|
|
Defendant DeMonte's "extraordinary and unusual level of cooperation"
|
|
warranted a sentence of three years probation with no incarceration).
|
|
Judges must be permitted to continue fashioning sentences that are just,
|
|
based on the facts of a specific case.
|
|
|
|
Computer communications are still in their infancy. Legal precedents,
|
|
particularly the application of a sentencing guideline to violations of
|
|
the Computer Fraud and Abuse Act, can radically affect the course of the
|
|
computer technology's future, and with it the fate of an important tool
|
|
for the exchange of ideas in a democratic society. When the law limits
|
|
or inhibits the use of new technologies, a grave injustice is being
|
|
perpetrated. The Electronic Frontier Foundation respectfully asks the
|
|
Commission to hold off promulgating a sentencing guideline for the
|
|
Computer Fraud and Abuse Act until there are enough prosecutions on
|
|
which to base a guideline.
|
|
|
|
|
|
|
|
Thank you in advance for your thoughtful consideration of our concerns.
|
|
We would be pleased to provide the Commission with any further
|
|
information that may be needed.
|
|
|
|
Sincerely yours,
|
|
|
|
|
|
|
|
Shari Steele
|
|
Staff Attorney
|
|
|
|
|
|
|
|
The Electronic Frontier Foundation is a privately funded, tax-exempt,
|
|
nonprofit organization concerned with the civil liberties, technical and
|
|
social problems posed by the applications of new computing and
|
|
telecommunications technology. Its founders include Mitchell Kapor, a
|
|
leading pioneer in computer software development who founded the Lotus
|
|
Development Corporation and developed the Lotus 1-2-3 Spreadsheet
|
|
software.
|
|
|
|
Downloaded From P-80 International Information Systems 304-744-2253
|