The bill would expand computer crime provisions in the federal anti-terrorism legislation passed in response to the Sept. 11 terrorist attacks. The government is increasingly concerned about the well-being of government and business computer systems in the face of both teen hackers and foreign cybersoldiers.
"As we increase individuals' physical safety at our airports, borders and even sporting events, we should not forget to strengthen cybersecurity as well," said Rep. Lamar Smith, R-Texas, the bill's sponsor.
The bill would give judges greater flexibility in imposing sentences for computer crimes. Current law ties the severity of the crime to the cost of damage done and limits jail terms to 10 years.
Smith's legislation would require judges to take other factors into account, including the sophistication of the offense, intent and whether the victim's privacy rights were violated.
If the criminal "knowingly causes or attempts to cause death or serious bodily injury," the judge could impose up to a life sentence.
The Justice Department, Microsoft and Internet service providers supported the change in testimony provided to the House Judiciary subcommittee on crime.
John G. Malcolm of the department's criminal division warned about a hypothetical situation in which a hacker shut down a town's phone service, including emergency 911 calls.
"It is easy to envision in such a situation that somebody might die or suffer serious injury as a result of this conduct," Malcolm said. "Although the hacker might not have known that his conduct would cause death or serious bodily injury, such reckless conduct would seem to merit punishment greater than the 10 years permitted by the current statute."
Microsoft attorney Susan Kelley Koeppen suggested that convicted computer hackers also have their computer gear confiscated by the authorities as well, a practice already used in drug cases.
Another portion of the bill would protect Internet providers from lawsuits if, believing someone is in danger, they give records of communications to a government entity.
Microsoft's Koeppen said she believes the term "government entity" could be applied to firefighters or even school principals.
"We believe that such emergency situations will be rare, but that law enforcement personnel may not always be reachable or even the best prepared to take action," she said.
Privacy advocates said the language is too broad and would encourage Internet providers to hand over information too often.
"At the same time that they're expanding the number of people that can get this information, they're bringing down the standard in which they can get it," said Ari Schwartz of the Center for Democracy and Technology.
Schwartz dismissed the idea mentioned by several supporters that the information sharing would be usefl to combat terrorism. Some of the suspected terrorists in the Sept. 11 attacks used the Internet to communicate.
It's not as though law enforcement agencies knew about that information and wanted to get it, Schwartz said. "It was not the standards that failed us, it was the intelligence-gathering that failed us."
© MMII The Associated Press. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed