National Security Telecommunications Advisory Committee, Legislative and Regulatory Task Force Report: Penalties for Internet Attacks and Cyber Crime (Feb. 2003) (full-text).
The President's National Security Telecommunications Advisory Committee's (NSTAC) Legislative and Regulatory Task Force (LRTF) was tasked with identifying existing legal penalties for prosecuting those committing intentional and malicious attacks on the Internet. It then made recommendations about whether current penalties should be strengthened and/or whether additional penalties were needed. This report represents the NSTAC's recommendations regarding cybercrime laws.
The NSTAC recommended that the President:
- Increase prosecution of cyber crime at the State level;
- Allot additional funds to the States to better train personnel in their jurisdictions on how to prosecute cyber crimes, respond to attacks, and address vulnerabilities;
- Encourage Congress to ratify the Council of Europe (COE) Convention on Cybercrime, in conjunction with implementing legislation that provides, among other provisions, for reimbursement of reasonable costs incurred by communications service providers responding to data preservation requests, and encourage other nations to adopt the Convention;
- Work with international counterparts and through multilateral bodies, such as the G-8, COE, European Union (EU), Organization of American States (OAS), and the Asia-Pacific Economic Cooperation (APEC) to:
- Urge other nations to enact substantive and procedural laws implementing the provisions of the COE Convention on Cybercrime or provisions that are at least as comprehensive and that are consistent, wherever possible, with comparable provisions in U.S. law;
- Encourage other nations to adopt data preservation provisions of the sort set forth in the COE Convention, rather than data retention laws, which require retention ex ante of data regarding all communications on a network;
- Encourage countries to dedicate well-trained and well-equipped personnel to combat cyber crime and designate a 24-hour point of contact on such matters for urgent cross-border investigations; and
- Encourage better cooperation among nations for locating and identifying cyber-criminals, gathering evidence to bring them to justice, and implementing procedures to more rapidly and effectively prevent and mitigate cyber attacks.
- Encourage companies to implement cyber security best practices by considering the implementation of relevant best practices as a factor in the awarding of Government information technology (IT) contracts.