Justice Department studying cybercrime law

Congress, with help from federal agencies and industry, is studying the body of law that applies to the recent rash of hacker attacks and computer crimes in an effort to determine if changes are required to enhance law enforcement agencies' ability to respond to such incidents.

The Justice Department is studying whether the trap-and-trace laws that allow law enforcement to identify the origins and destinations of telephone calls and computer messages need to or can be updated, Attorney General Janet Reno said Wednesday at a Senate appropriations hearing.

"Under current law, in some instances we must obtain court orders in multiple jurisdictions to trace a single communication," she said. "It might be extremely helpful, for instance, to provide nationwide effect for trap-and -race orders."

Justice is also developing a study on whether computer crimes such as last week's denial-of-service attacks can be considered enterprise crimes and thus fall under the Racketeer Influenced and Corrupt Organizations (RICO) Act, said FBI director Louis Freeh.

At the same time, Justice and Congress are looking at strengthening the Computer Fraud and Abuse Act, which now holds that attackers who cause damage to large numbers of systems cannot be prosecuted if no individual computer sustained more than $5,000 in damage. Sen. Patrick Leahy (D-Vt.), ranking member of the Senate Judiciary Committee, said at the hearing that he plans to introduce a bill that would make some of those changes.

To ensure private-sector cooperation with any changes, Reno extended an invitation to industry and academia at Tuesday's White House cybersummit to meet and discuss the current laws and ensure that any changes will not infringe on individual or company privacy rights, she said.