The Congressional Record is a unique source of public documentation. It started in 1873, documenting nearly all the major and minor policies being discussed and debated.
“INTERNET SPYWARE (I-SPY) PREVENTION ACT OF 2005” mentioning the U.S. Dept. of Justice was published in the House of Representatives section on pages H3703-H3705 on May 23, 2005.
The publication is reproduced in full below:
INTERNET SPYWARE (I-SPY) PREVENTION ACT OF 2005
Mr. SENSENBRENNER. Mr. Speaker, I move to suspend the rules and pass the bill (H.R. 744) to amend title 18, United States Code, to discourage spyware, and for other purposes, as amended.
The Clerk read as follows:
H.R. 744
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Internet Spyware (I-SPY) Prevention Act of 2005''.
SEC. 2. PENALTIES FOR CERTAIN UNAUTHORIZED ACTIVITIES
RELATING TO COMPUTERS.
(a) In General.--Chapter 47 of title 18, is amended by inserting after section 1030 the following:
``Sec. 1030A. Illicit indirect use of protected computers
``(a) Whoever intentionally accesses a protected computer without authorization, or exceeds authorized access to a protected computer, by causing a computer program or code to be copied onto the protected computer, and intentionally uses that program or code in furtherance of another Federal criminal offense shall be fined under this title or imprisoned not more than 5 years, or both.
``(b) Whoever intentionally accesses a protected computer without authorization, or exceeds authorized access to a protected computer, by causing a computer program or code to be copied onto the protected computer, and by means of that program or code--
``(1) intentionally obtains, or transmits to another, personal information with the intent to defraud or injure a person or cause damage to a protected computer; or
``(2) intentionally impairs the security protection of the protected computer with the intent to defraud or injure a person or damage a protected computer;shall be fined under this title or imprisoned not more than 2 years, or both.
``(c) No person may bring a civil action under the law of any State if such action is premised in whole or in part upon the defendant's violating this section. For the purposes of this subsection, the term `State' includes the District of Columbia, Puerto Rico, and any other territory or possession of the United States.
``(d) As used in this section--
``(1) the terms `protected computer' and `exceeds authorized access' have, respectively, the meanings given those terms in section 1030; and
``(2) the term `personal information' means--
``(A) a first and last name;
``(B) a home or other physical address, including street name;
``(C) an electronic mail address;
``(D) a telephone number;
``(E) a Social Security number, tax identification number, drivers license number, passport number, or any other government-issued identification number; or
``(F) a credit card or bank account number or any password or access code associated with a credit card or bank account.
``(e) This section does not prohibit any lawfully authorized investigative, protective, or intelligence activity of a law enforcement agency of the United States, a State, or a political subdivision of a State, or of an intelligence agency of the United States.''.
(b) Conforming Amendment.--The table of sections at the beginning of chapter 47 of title 18, is amended by inserting after the item relating to section 1030 the following new item:
``1030A. Illicit indirect use of protected computers.''.
SEC. 3. AUTHORIZATION OF APPROPRIATIONS.
In addition to any other sums otherwise authorized to be appropriated for this purpose, there are authorized to be appropriated for each of fiscal years 2006 through 2009, the sum of $10,000,000 to the Attorney General for prosecutions needed to discourage the use of spyware and the practices commonly called phishing and pharming.
SEC. 4. FINDINGS AND SENSE OF CONGRESS CONCERNING THE
ENFORCEMENT OF CERTAIN CYBERCRIMES.
(a) Findings.--Congress makes the following findings:
(1) Software and electronic communications are increasingly being used by criminals to invade individuals' and businesses' computers without authorization.
(2) Two particularly egregious types of such schemes are the use of spyware and phishing scams.
(3) These schemes are often used to obtain personal information, such as bank account and credit card numbers, which can then be used as a means to commit other types of theft.
(4) In addition to the devastating damage that these heinous activities can inflict on individuals and businesses, they also undermine the confidence that citizens have in using the Internet.
(5) The continued development of innovative technologies in response to consumer demand is crucial in the fight against spyware.
(b) Sense of Congress.--Because of the serious nature of these offenses, and the Internet's unique importance in the daily lives of citizens and in interstate commerce, it is the sense of Congress that the Department of Justice should use the amendments made by this Act, and all other available tools, vigorously to prosecute those who use spyware to commit crimes and those that conduct phishing and pharming scams.
The SPEAKER pro tempore. Pursuant to the rule, the gentleman from Wisconsin (Mr. Sensenbrenner) and the gentlewoman from California (Ms. Zoe Lofgren) each will control 20 minutes.
The Chair recognizes the gentleman from Wisconsin (Mr. Sensenbrenner).
General Leave
Mr. SENSENBRENNER. Mr. Speaker, I ask unanimous consent that all Members may have 5 legislative days within which to revise and extend their remarks and include extraneous material on H.R. 744, the bill currently under consideration.
The SPEAKER pro tempore. Is there objection to the request of the gentleman from Wisconsin?
There was no objection.
Mr. SENSENBRENNER. Mr. Speaker, I yield myself such time as I may consume.
Mr. Speaker, I rise today in support of H.R. 744, the Internet Spyware Prevention Act of 2005. This legislation clarifies and enhances criminal penalties and provides additional tools to prosecute and deter those who utilize spyware and phishing schemes to engage in illegal behavior online.
Since its inception, the Internet has been transformed from an obscure research tool into an electronic medium of unprecedented reach. The impressive growth of the Internet has been facilitated by technology that has customized the online experience of Internet users. However, the same software and technology innovations that have enhanced and personalized usage of the Internet can also provide opportunities for privacy violations and criminal behavior.
This bill establishes strong criminal penalties for those who engage in online criminal behavior using spyware programs and phishing schemes. This legislation enhances criminal penalties for those who obtain personally identifiable information, including a Social Security number or other government-issued identification number or a bank or credit card number with the intent to defraud or injure a person or cause damage to a protected computer.
The bill also authorizes appropriations for the Justice Department to crack down on spyware, phishing, and other online schemes.
As we consider this legislation, Congress must be mindful that there is no single legal regulatory or technological silver bullet to end spyware or phishing. Greater consumer awareness and utilization of commercially available countermeasures are part of the solution. Congressional efforts to curb spyware and phishing are most likely to succeed if we focus on deterring and prosecuting illegal and abusive online behavior, rather than imposing burdensome requirements upon a medium whose growth can largely be attributed to the refusal of the Federal Government to heavily regulate it.
H.R. 744 does not impose a new statutory or regulatory regime that dictates the appearance of a computer's user screen, nor does it degrade the online experience by requiring that Internet users be bombarded with incessant notices. Most importantly, it does not represent a heavy-handed government mandate that may present a greater danger to the Internet than it seeks to correct. Rather, the bill preserves and promotes the integrity of the Internet by increasing criminal penalties for those who employ it to engage in abusive and illegal online activities.
Targeted legislation tailored to address illegal online activity rather than an invasive regulatory regime with unknown consequences represents the right approach to addressing the problems associated with spyware and phishing. Congress ratified this approach by passing substantially similar legislation last Congress by a vote of 415-0.
I would like to thank the gentleman from Virginia (Mr. Goodlatte), the author and lead proponent of H.R. 744 for his leadership on this issue. I urge my colleagues to support this legislation.
Mr. Speaker, I reserve the balance of my time.
Ms. ZOE LOFGREN of California. Mr. Speaker, I yield myself such time as I may consume.
Mr. Speaker, I am proud to have partnered with the gentleman from Virginia (Mr. Goodlatte) on this legislation, H.R. 744, the Goodlatte-
Lofgren I-SPY bill. Spyware is quickly becoming one of the biggest threats to consumers on the Internet. It is one of the reasons why we have an identity theft epidemic in this country. Thieves are using spyware to harvest personal information from unsuspecting Americans. Criminals are even using spyware to track every keystroke an individual makes, including credit and Social Security numbers.
Spyware also adversely affects the business community, who are forced to spend money to block and remove it from their systems. In fact, Microsoft has stated that spyware is at least partially responsible for approximately one-half of all application crashes reported to them. Experts estimate that as many as 80 to 90 percent of all personal computers contain some form of spyware.
Last year, Earthlink identified more than 29 million spyware programs. In short, spyware is a very real problem that is endangering consumers, damaging businesses and creating millions of dollars of additional costs. I am proud to be a party to H.R. 744, this bipartisan measure, because it identifies the truly unscrupulous acts associated with spyware and subjects them to criminal punishment.
This bill is unique, however, because it focuses on behavior rather than technology. It targets the worst forms of spyware without unduly burdening technological innovation. Why is this important? We know that innovation goes faster than legislation. It is important that we not try to fix the development of legislation in time. Instead, we need to focus on misbehavior, not technology, so that technology innovation can continue to move as rapidly as it does and yet the American consumer and businesses can be protected.
It is important, and this is an issue that there was some question about and I think we can answer quite easily, it is important to note that H.R. 744 does not prevent existing or future State laws which prohibit spyware. This bill only preempts civil actions that are based on violations of this new Federal criminal law in State courts. It does not prevent a State from passing a similar law, nor does it prevent any lawsuits that are premised on existing State laws.
{time} 1430
H.R. 744 also gives the Attorney General the money he needs to find and prosecute spyware offenders. And, finally, it expresses the sense of Congress that the Department of Justice should vigorously pursue online phishing scams in which criminals send fake e-mail messages to consumers on behalf of famous companies and request personal information that is later used to conduct criminal activities.
Phishing and spyware are not just an inconvenience to consumers. They represent a direct threat to the vitality of the Internet itself because if people cannot trust the Internet, they will not utilize Internet commerce.
I would like to note that I also serve on the Committee on Homeland Security, and we are well aware that phishing to the extent that it yields identity theft information is of great concern as we seek to protect the Nation from terrorism. So what we are doing here today is important for consumers, it is important for business, it is important for the future of our high-tech economy, and it is important for the security of the Nation. I would urge my colleagues to strike a blow for the continued vitality of the Internet and again pass this bill unanimously.
Mr. Speaker, I reserve the balance of my time.
Mr. SENSENBRENNER. Mr. Speaker, I yield 4 minutes to the gentleman from Virginia (Mr. Goodlatte), the principal author of the bill.
Mr. GOODLATTE. Mr. Speaker, I rise in strong support of the Internet Spyware I-SPY Prevention Act and thank the gentleman from Wisconsin, the chairman of the committee, for moving this legislation to the floor. This bipartisan legislation which I was pleased to introduce with the gentlewoman from California (Ms. Zoe Lofgren) will impose tough criminal penalties on the truly bad actors without imposing a broad regulatory regime on legitimate online businesses. I believe that this targeted approach is the best way to combat spyware.
Specifically, this legislation would impose up to a 5-year prison sentence on anyone who uses software to intentionally break into a computer and uses that software in furtherance of another Federal crime. In addition, it would impose up to a 2-year prison sentence on anyone who uses spyware to intentionally break into a computer and either alter the computer's security settings or obtain personal information with the intent to defraud or injure a person or with the intent to damage a computer.
In addition to strong penalties, enforcement is crucial in combating spyware. The I-SPY Prevention Act authorizes $10 million for fiscal years 2006 through 2009 to be devoted to prosecutions and expresses the sense of Congress that the Department of Justice should vigorously enforce the law against spyware violations as well as against online phishing scams in which criminals send fake e-mail messages to consumers on behalf of well-known companies and request account information that is later used to conduct criminal activities.
The bill also directs resources to the Department of Justice to combat pharming scams in which hackers intercept Internet traffic and redirect unknowing Internet users to fake Web sites where they often trick consumers into giving their account information and passwords.
I believe that four overarching principles should guide the consideration of any spyware legislation: first, we must punish the bad actors while protecting legitimate online companies; second, we must not overregulate but, rather, encourage innovative new services and the growth of the Internet; third, we must not stifle the free market; and, fourth, we must target the behavior, not the technology.
The targeted approach of the I-SPY Prevention Act will protect consumers by punishing the bad actors without imposing liability on those that act legitimately online. In addition, this legislation will avoid excessive regulation such as one-size-fits-all notice and consent requirements prescribed by the Federal Government. A targeted approach will avoid red tape that hampers the creation of new and exciting technologies and services on the Internet.
By encouraging innovation, the I-SPY Prevention Act will help ensure that consumers have access to cutting-edge products and services at lower prices. Increasingly, consumers want a seamless interaction with the Internet, and we must be careful to not interfere with businesses' ability to respond to this consumer demand with innovative services. The I-SPY Prevention Act will help ensure that consumers, not the Federal Government, define what their interaction with the Internet looks like.
As we move forward, I look forward to continuing to work with all stakeholders to further ensure that bad actors are punished while legitimate businesses are protected including working with the Department of Justice which has expressed an interest in working with our office on this issue. In addition, technological solutions are crucial in winning the fight against spyware. As the spyware debate continues, I look forward to working to ensure that antispyware technologies are fostered and that they are not subjected to frivolous lawsuits from spyware providers.
I urge my colleagues to support this important legislation.
Ms. ZOE LOFGREN of California. Mr. Speaker, I yield myself such time as I may consume.
I would just note that the House will be considering at least two items having to do with spamming and phishing and the like today. Certainly we hope to move this issue forward. I strongly believe that the approach that this bill takes, which is targeting behavior instead of technology, puts us on the soundest footing; and I hope that in the end as we sort through the various approaches that that will be our guide to protect technology innovation.
Ms. JACKSON-LEE of Texas. Mr. Speaker, I support the legislation before us that has been introduced by my colleague from California, Representative Lofgren as well as the Gentleman from Virginia, Representative Goodlatte. It amends the federal computer fraud and abuse statute to make it a clear offense to access a computer without authorization or to intentionally exceed authorized access by causing a computer program or code to be copied onto the computer and using that program or code to transmit or obtain personal information (for example, first and last names, addresses, e-mail addresses, telephone numbers, Social Security numbers, drivers license numbers, or bank or credit account numbers).
Furthermore, H.R. 744 authorizes appropriations for these crimes and discourages the practice of `phishing.' As we all know too well, spyware is quickly becoming one of the biggest threats to consumers on the information superhighway. Spyware encompasses several potential risks including the promotion of identity theft by harvesting personal information from consumer's computers. Additionally, it can adversely affect businesses, as they are forced to sustain costs to block and remove spyware from employees' computers, in addition to the potential impact on productivity.
Spyware has been defined as ``software that aids in gathering information about a person or organization without their knowledge and which may send such information to another entity with the consumer's consent, or asserts control over a computer with the consumer's knowledge.'' Among other things, criminals can use spyware to track every keystroke an individual makes, including credit card and social security numbers.
Some estimates suggest 25 percent of all personal computers contain some kind of spyware while other estimates show that spyware afflicts as many as 80-90 percent of all personal computers. Businesses are reporting several negative effects of spyware. Microsoft says evidence shows that spyware is ``at least partially responsible for approximately one-half of all application crashes'' reported to them, resulting in millions of dollars of unnecessary support calls.
Mr. Speaker, again, I am strongly in support of the legislation.
Ms. ZOE LOFGREN of California. Mr. Speaker, I yield back the balance of my time.
Mr. SENSENBRENNER. Mr. Speaker, I yield back the balance of my time.
The SPEAKER pro tempore (Mr. Radanovich). The question is on the motion offered by the gentleman from Wisconsin (Mr. Sensenbrenner) that the House suspend the rules and pass the bill, H.R. 744, as amended.
The question was taken.
The SPEAKER pro tempore. In the opinion of the Chair, two-thirds of those present have voted in the affirmative.
Mr. SENSENBRENNER. Mr. Speaker, on that I demand the yeas and nays.
The yeas and nays were ordered.
The SPEAKER pro tempore. Pursuant to clause 8 of rule XX and the Chair's prior announcement, further proceedings on this motion will be postponed.
____________________
