Computer Crime Law

Strict Liability

Strict liability is the risk of a non-careless vender to a third individual with whom the dealer has no probity of agreement. As strict liability developed rapidly in the courts, there was a move toward standardization in the Restatement (Second) of Torts.

Impediments of Strict Liability

Notwithstanding the way that strict liability may appear to be widely inclusive, there are cutoff points to its appropriateness. Exacting obligation stretches out just to those outsiders whom a maker can hope to be jeopardized by utilization of the item. In the event that the retailer is required to adjust or review the item, and injury results in light of the fact that the retailer neglected to do as such, the maker isn’t responsible.

Due Process

Due Process is the prerequisite that set up laws and principles of conduct should be followed during any authority follow up on the piece of the state to guarantee that the person’s privileges are not encroached upon. Due Process is applicable to any data innovation (IT) setting for which the equity framework has importance, including consistence, corporate administration and security. The term is habitually utilized concerning singular rights to protection and security in regards to online correspondences. An alliance of security advocates, online organizations and research organizations called Digital Due Process looks for corrections to the Electronic Communications Privacy Act (ECPA) to manage advances, correspondence examples and volumes of client information that were unexpected when the Act was made.

Overbreadth

Over breadth in criminal liability rules, especially in federal law, is abundant and much lamented. Over breadth is avoidable if it results from normative mistakes about how much conduct to criminalize or from insufficient care to limit open texture in statutes. This mismatch problem is acute if persons engaging in properly criminalized behaviors deliberately alter their conduct to avoid punishment and have resources to devote to avoidance efforts. In response to such efforts, legal actors are apt to expand liability rules further, feeding a cycle of evasion and over breadth that characterizes important areas of contemporary criminal law. Lawmakers cannot purge the resulting over breadth from liability rules without producing under breadth, at significant cost to regulatory objectives. I conclude that, in some areas of expanding substantive criminal law, answers to “over criminalization” therefore lie not in reducing the scope of conduct rules but in greater reliance on mens rea doctrines, redesign of enforcement institutions, and modification of sentencing practices

Prosecutorial Discretion

Today, the CFAA is over-inclusive of criminal activity, creating over-criminalization that is only checked by prosecutorial discretion. There are two reasons for this. First, Congress never defined “authorization.” This creates vagueness and has resulted in a Circuit split between the Seventh and Ninth Circuit. Second, the CFAA is a bright line rule with no exceptions. Sentences are harsher and unpredictable than in other federal cases because the CFAA’s definition of loss is very broad and not limited to foreseeable damages. Furthermore, the prosecution’s burden of proof is very low. The effect is that, many defendants are cornered into accepting a plea deal as their only rational legal option, rather than opt for a trial and risk significant prison time and more expenses.

In conclusion, CFAA sentencing is determined according to a calculation of loss incurred that are made not intended to be an absolute solution, and not everyone will agree with the views presented. But, as the literature on the subject has shown, legal scholars agree that the CFAA is in need of reform. Ultimately, this Note seeks to raise awareness about this issue, and encourage further thinking and action. So, I disagree that strict liability, due process, potential over breadth and prosecutorial discretion as a legislature has enacted CFAA at its full potential.

Secondary liability

Authorizing hack back is a good idea which might help cushion the effects of the attacker. Under a well stated argument of all the properties that perceive a hack back then when implemented after an attack at the right time has the ability to recover data in scenarios that it Is intended to be used as ransom. Authorizing a hack back can be divided in two cases , one is the attacked able or not able to minimize the effect of the attack, in a series where the attacked is capable then immediate action will be required to at most prevent a detected intrusion into the system , in cases where the attacked is too late then a hack back has to be defined in such a manner that the “illegal” entry into the attacker will most certainly achieve something at least help reduce the damage. With such a case where the defined hack back doesn’t achieve something then this may result into illegal entry into the said system illegally , if there is proof that that is the system then in cases where data was to be used as ransom this would greatly reduce successful negotiations from the attackers when aiming to get the data back , in cases where there is no proof that the said system was the attacker then this turns in to a criminal case where there was illegal entry into the system without the owners consent. Generally the benefits outweigh the cost as at first when detected a hack back might help neutralize the attacker , self-defense, before they can cause damage to the system and even so after an attack the attacked can be able to reduce the effects of the damage and manipulation either by erasing the data to be used as ransom.