References
U.S. Department of Justice www.usdoj.gov/criminal/cybercrime/1030_new.html
Computer Fraud and Abuse Act www.cio.energy.gov/documents/ComputerFraud-
AbuseAct.pdf
White Collar Prof Blog http://lawprofessors.typepad.com/whitecollarcrime_blog/computer_
crime/index.html
Chapter 2: Ethical Hacking and the Legal System
29
State Law Alternatives
The amount of damage resulting from a violation of the CFAA can be relevant for either
a criminal or civil action. As noted earlier, the CFAA provides for both criminal and civil
liability for a violation. A criminal violation is brought by a government official and is
punishable by either a fine or imprisonment or both. By contrast, a civil action can be
brought by a governmental entity or a private citizen and usually seeks the recovery of
payment of damages incurred and an injunction, which is a court order to prevent further
actions prohibited under the statute. The amount of damage is relevant for some but not
all of the activities that are prohibited by the statute. The victim must prove that damages
have indeed occurred, defined as disruption of the availability or integrity of data, a program,
a system, or information. For most of the violations under CFAA, the losses must
equal at least $5,000 during any one-year period.
Pages:
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114