Congress must update the Computer Fraud and...
Congress must update the Computer Fraud and Abuse Act (CFAA) to counter the rising threat of botnet attacks, said Leslie Caldwell, assistant attorney general for the criminal division, at a Senate Subcommittee on Crime and Terrorism hearing Tuesday, according to her prepared testimony (http://1.usa.gov/1l0sMZm). The government must also continue to fund research and development and to encourage intra-government and private sector collaboration, said Joseph Demarest, assistant director of the FBI’s Cyber Division, according to his prepared remarks (http://1.usa.gov/1mHIeyd). Congress has updated the CFAA several times since its 1986 passage, but not since 2008, Caldwell said. “The intervening years have again created the need for the enactment of modest, incremental changes,” he said, pointing to an administration legislative proposal in 2011 (http://1.usa.gov/UbeqP0). “We continue to support changes like these that will keep up with rapidly evolving technologies and uses.” Caldwell also said “the availability of legal investigative process” granted by the Electronic Communications Privacy Act (ECPA) has been “essential to the success of our anti-botnet initiatives, and to our efforts against cybercrime as a whole.” Lawmakers, and ECPA update advocates have blamed the administration for stymieing efforts to pass legislation requiring the government to get a warrant before accessing emails stored remotely (CD July 14 p9).