Make it a crime to threaten to steal or release information from a computer. Current law only permits the prosecution of those who seek to extort companies or government agencies by explicitly threatening to shut down or damage a computer. Violators of this provision are subject to a criminal fine and up to five years in prison.

Make it a felony to employ spyware or keyloggers to damage 10 or more computers regardless of the aggregate amount of damage caused, ensuring that the most egregious identity thieves will not escape with a minimal, or no, sentence.

Eliminate the requirement that damage to a victim’s computer exceed $5,000 before charges can be brought for unauthorized access to a computer. The provision protects innocent actors while punishing violations resulting in less than $5,000 in damage as misdemeanors.

Enable prosecution of those who steal personal information from a computer even when the victim’s computer is located in the same state as the thief’s computer. Under current law, federal courts only have jurisdiction if the thief uses an interstate communication to access the victim’s computer.

Add the remedies of civil and criminal forfeiture to the arsenal of tools available to federal prosecutors to combat cyber crime, and mandate that the U.S. Sentencing Commission review and update its guidelines for identity theft and other cyber crime offenses.

The measure now moves to the Senate.

— Tim Wilson, Site Editor, Dark Reading