Balancing Privacy, Public Safety and Network Security
advertisement
NOVEMBER 2001 Balancing Privacy, Public Safety and Network Security Concerns Under the USA PATRIOT Act of 2001 By Mark A. Rush and Lucas G. Paglia* In the aftermath of the September 11, 2001 terrorist attacks on America, Congress and the President acted swiftly to pass new legislation aimed at making it easier for federal, state and local law enforcement to investigate and avert suspected acts of terrorism. On October 26, 2001, President Bush signed into law the USA PATRIOT Act of 2001 (PATRIOT Act or the Act).1 As indicated by its short title Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism the PATRIOT Act was promulgated with the paramount goal of seriously enhancing the ability of Americas intelligence and law enforcement communities to be proactive and prevent terrorism as opposed to reactive. True to its aim, the Act provides literally scores of amendments to existing federal statutes, all of which, to varying degrees, remove obstacles to investigating terrorist acts and acts related or in furtherance of terrorism. At the same point, the PATRIOT Acts broad amendments present a number of new concerns for all businesses operating in the Internet age. As critical financial and technological infrastructures continue to serve legitimate and illicit needs from legitimately driving Americas struggling economy to unwittingly serving as the platforms for illegal international money laundering by terrorists and their sympathizers business owners face the threat of a dragnet approach to surveillance and investigation of suspected terrorists and terrorism. To ensure they are prepared to withstand the tightrope walk of balancing overwhelming national security concerns with their own network integrity and privacy issues, all businesses that rely in any way on computers should understand the full implications of the Act. This article is designed to help you navigate these uncharted waters by: n n n n summarizing the most significant, salient features of the PATRIOT Act as they relate to computer network integrity and the prevention of cyberterrorism; discussing various business, legal and practical issues that private industry is likely to face in the coming months and years under the Act; exploring the ways in which businesses can ensure full comprehension of and compliance with the PATRIOT Acts many provisions and mandates; and concluding with a discussion of the many federal resources available to businesses as they prepare to address the concerns noted above arising from passage of the Act. I. THE USA PATRIOT ACT OF 2001 The Act contains a number of specific amendments to existing criminal laws and enabling statutes, all of which are designed to streamline early detection and *Mark Rush is a partner at Kirkpatrick & Lockhart LLP’s Pittsburgh office who litigates Commercial Litigation and White Collar Crime cases and who represents and litigates on behalf of various corporations and individuals. From 1991 to 1995, Mr. Rush served as an assistant U.S. attorney for the Western District of Pennsylvania where his responsibilities included the investigation and prosecution of various types of fraud and organized crime. Luke Paglia is an associate at Kirkpatrick & Lockhart who practices in the area of intellectual property litigation. The views expressed in this article are the authors’ own; the article does not necessarily reflect the views of any client of Kirkpatrick & Lockhart LLP or the firm itself. Kirkpatrick & Lockhart LLP 1 investigation of suspected terrorist activity. The following is a summary of those provisions of the new law which are most pertinent to network security and privacy concerns. Electronic Surveillance Title I of the PATRIOT Act directs the head of the United States Secret Service to take appropriate actions to develop a national network of electronic crime task forces throughout the country.2 Congress envisions such a network to be modeled after the New York Electronic Crimes Task Force. The main thrust of this initiative is the prevention, detection and investigation of various forms of electronic crimes, including especially potential terrorist attacks against critical technological infrastructures and financial systems.3 Along with its increased focus on eliminating cyberterrorism, Congress included in the Act a significant increase in funding for the Federal Bureau of Investigations Technical Support Center, which provides computer and related technological support for the Bureaus tactical operations against terrorism. The PATRIOT Act authorizes the appropriation of two hundred million dollars to the TSC for each of the fiscal years 2002 through 2004.4 Such appropriations are in addition to the new Counterterrorism Fund established under the Act. The Fund was created with a broad mandate to reimburse any federal government expenditures incurred in the course of investigating, prosecuting or counteracting domestic or international terrorism.5 Finally under Title I, the Act broadens presidential authority under the International Emergency Powers Act,6 enabling the federal government to seize the property of any foreign person, organization or country that the president determines was used to plan, authorize, aid or engage in armed hostilities or attacks against the United States.7 Under this broad provision, the president may confiscate not only financial assets and real property of suspected terrorists, but also computers and other hardware, computer files and related software, and whatever other components of technological infrastructures and network systems that the government believes were used to facilitate terrorist activity. 2 Title II of the PATRIOT Act provides sweeping enhancements to existing laws governing criminal surveillance procedures, in particular the Electronic Communications Privacy Act.8 Under this Title, the federal government is granted increased authority to intercept wire, oral and electronic communications relating to suspected terrorist activity.9 In addition, the Act amends the Computer Fraud and Abuse Act (CFAA) 10 to broaden government authority to intercept such communications if they relate to suspected computer fraud and abuse as well. 11 Thus, the Act places special focus on the investigation of computer systems and networks that are or may be tools of terrorism. Importantly, the PATRIOT Act amends existing search warrant law to allow for roving warrants to intercept wire, oral and electronic communications.12 No longer will such warrants be limited to one particular wire fund transfer or telephone exchange or computer. Instead, the government may exercise its broad investigative authority under the Act to intercept any communications by any suspected terrorist or terrorism accomplice, with access to any financial, telephone or computer system or network used by such suspects. Obviously, the reach of an investigation into suspected terrorism could extend into literally hundreds of different technology systems throughout the country. Other key aspects of Title II include: n n n n n n expanding the scope of allowable seizures of voice mail messages pursuant to warrants;13 expanding the scope of subpoenas for records of electronic communications;14 allowing for delayed notice of search warrants to allow for sneak-and-peek searches of real and electronic property in anti-terrorism investigation and surveillance;15 allowing ex parte application for court orders requiring the disclosure and production of business records and tangible things belonging to any person or entity;16 broadening the reach of permissible interception of computer trespass communications;17 and providing for nationwide service of search warrants for electronic evidence.18 Title III of the PATRIOT Act is called the International Money Laundering Abatement and Financial Anti-Terrorism Act of 2001.19 This portion of the Act makes it much more difficult for foreign terrorists and criminals to launder funds through the United States financial system.20 The thrust of this new legislation is to empower the Treasury Department with broad discretion to create and enforce regulations regarding compliance programs and record-keeping requirements. As a result, government scrutiny will increase dramatically on financial institutions dealing with suspect foreign countries deemed to be of primary money laundering concerns,21 and all institutions which terrorists potentially could use to launder money may be required to maintain records, file reports, or both, with respect to foreign transactions.22 As a result of all these new requirements, financial institutions now must develop specific programs to comply with the Act, or face harsh consequences if they do not. Without question, the maintenance of such additional information will lead to the proliferation of new and different technological infrastructures to support this network of data. Likewise, in the wake of September 11, law enforcement scrutiny of, and access to, all such networks and infrastructures will only increase. If financial institutions fail to adopt enhanced due diligence, screening, verification, reporting and compliance procedures under the Act, they will invite such scrutiny and may open themselves to investigation, prosecution and conviction if they are anything less than vigilant about insulating their own networks from terrorist-supporting money laundering. 31 In addition, Title III requires financial institutions that open, maintain, administer or manage private accounts for non-U.S. persons to establish appropriate, specific and, where necessary, enhanced due diligence policies, procedures and controls reasonably designed to detect and report money laundering via such accounts.23 Financial institutions also must share information on suspected money laundering with law enforcement and each other to optimize anti-terrorism efforts.24 Finally, Title III requires financial institutions to improve their verification of account holders and to enhance their anti-money laundering practices and procedures.25 Under Title V, entitled Removing Obstacles to Investigating Terrorism, the Act broadens government access to private financial records and private credit reports sought for counter-terrorism purposes.32 This part of the Act also empowers the Secret Service with independent authority to investigate offenses under the anti-terrorism bill.33 Thus, the number and types of government agencies that may have access to a companys business and financial records including the FBI, the CIA, the IRS, the National Security Administration, and now the Secret Service as well has increased along with the permitted scope of such access. Money Laundering and Financial Records Finally under Title III, Congress has expanded the law governing suspicious activity reports (SAR) filed by financial institutions in response to questionable transactions.26 Under the Act, registered brokers and dealers, as well as commodity merchants and traders, now must submit SARs.27 In addition, under the PATRIOT Act the Secretary of the Treasury now is authorized to share SAR filings with federal intelligence agencies.28 Further, the Act expands the reach of the Bank Secrecy Act29 , which requires financial institutions to keep records having a high degree of usefulness in criminal, tax or regulatory investigations or proceedings, to include as well records useful in the conduct of intelligence or counterintelligence activities to protect against international terrorism.30 Protecting Critical Infrastructures Title VII of the PATRIOT Act provides for increased information sharing among federal, state and local law enforcement to facilitate better detection, investigation and prosecutions of multi-jurisdictional terrorist conspiracies and acts.34 Congress has authorized the appropriation of $150,000,000 to help law enforcement establish and operate secure information sharing systems for this purpose.35 Title VIII of the Act focuses on deterrence and prevention of cyber-terrorism, or the use of computer networks to facilitate terrorist acts. The Act amends the CFAA to broaden and clarify the scope of protected computers, which now includes any computer located outside the United States that is Kirkpatrick & Lockhart LLP 3 used in a manner affecting interstate commerce or foreign commerce or communication of the United States.36 The Act also covers broadly any computerrelated offense that poses a threat to public health or safety, thus making anti-terrorism investigations of suspected hackers, disruptions of service, economic cyber-espionage and affected networks easier for the government.37 In addition, the Act increases criminal penalties for violations of the CFAA.38 Theoretically, at least, the PATRIOT Act provides a heightened deterrence against cyber-terrorism. economic prosperity, and quality of life in the United States.41 To assist in this effort to preserve critical infrastructures, the Act mandates the formation of a public-private partnership to combat cyber-terrorism. Specifically, the PATRIOT Act establishes the National Infrastructure Simulation and Analysis Center (NISAC) to serve as a source of national competence to support counter-terrorism, threat assessment and risk mitigation activities designed to address infrastructure protection and continuity concerns. 42 Title VIII also fosters the development and support of regional cyber-security forensic capabilities. Under the Act, the Attorney General must establish regional computer forensic laboratories to Critical to the success of NISAC will be the modeling, simulation and analysis of technological infrastructures to enhance understanding of the complexities and vulnerabilities of such systems, and to facilitate modification thereof to mitigate threats to critical infrastructures across the board.43 The Act contemplates that state and local government and the private sector will contribute to NISAC data necessary to create and maintain models of such systems and of critical infrastructures generally, so that NISAC can educate and train policymakers and the private sector alike on (i) the implications of disturbances to such infrastructures, (ii) optimal responses to such incidents, and (iii) enhancing the stability of, and preserving, critical infrastructures.44 The modeling, simulation and analysis resources of NISAC will be available to all federal, state and local entities responsible for critical infrastructure protection and policy.45 n n n n n support and improve existing examinations of seized or intercepted computer evidence relating to suspected cyber-crimes, including cyberterrorism; provide training and education for federal, state and local law enforcement and prosecutors regarding investigations, forensic analyses and prosecutions of computer-related crimes, including cyber-terrorism; assist in the enforcement of federal, state and local criminal laws relating to computer crime; facilitate and promote the sharing of federal law enforcement expertise and information about the investigation, analysis, and prosecution of computer-related crime with state and local law enforcement and prosecutors, including the use of multi-jurisdictional task forces; and carry out such other activities as the Attorney General considers appropriate.39 The Act authorizes the appropriation of $50,000,000 annually to help the Justice Department establish and maintain such computer forensic labs. Finally, under the miscellaneous provisions of Title X of the PATRIOT Act, Congress enacted the Critical Infrastructures Protection Act of 2001 (CIPA).40 Under CIPA, Congress specifically finds that a continuous national effort is required to ensure the reliable provision of cyber and physical infrastructure services critical to maintaining the national defense, continuity of government, 4 II. IMPACT OF THE PATRIOT ACT ON AMERICAN BUSINESSES The expanded reach of electronic surveillance authority under the PATRIOT Act presents a myriad of new concerns for financial institutions, high technology companies and non-tech entities alike. For example, because the Act expands law enforcements authority to intercept suspected terrorists communications by telephone, email, Internet or other means,46 Internet Service Providers (ISPs) and telephone companies now are likely to be the subject of increased scrutiny. Indeed, any provider of networked communications, including all employers who rely on networked computer systems, should be prepared to comply with the new laws. Focus on E-Transactions and Telecommunications Likewise, financial institutions that are subject to unauthorized network access (hacking) also should expect more frequent law enforcement inquiries and requests to cooperate with new computer forensics efforts under the PATRIOT Act. These entities in particular will be impacted, as law enforcement will pay particular attention to any remotely suspect accounts and transactions, as well employees associated with them. Under the new Acts broad reach, all such individuals are likely to be monitored closely. Further, because law enforcement now is permitted to obtain warrants for roving wiretaps to monitor nationwide any communication devices employed by suspected terrorists,47 all systems and institutions used by suspects are susceptible to surveillance as well. This surveillance will extend to all individuals and groups having any contact with such suspects. As a result, law enforcement can access and monitor private computer system networks, telecommunication systems and Internet accounts of any individual suspected of engaging in or furthering terrorist activity. Virtually every owner and operator of integrated network or communication systems may be impacted by this broader authority and charter. In addition, all such institutions must cooperate with law enforcement officials investigating such communications. Thus, an ISP or long distance carrier may be compelled to turn over customer information if the FBI claims the records sought are relevant to an authorized investigation to protect against international terrorism. Clearly, the reach of an investigation into suspected terrorist activity will extend to nearly every sector of the digital and telecommunications industry, and beyond. 48 Restrictions on Encryption? An even more basic concern to all businesses relying on network systems and Internet communication is the threat of restrictions on encryption in the wake of the terrorist attacks. Encryption is the process by which data is encoded so that it cannot be read by unintended third parties. It is the principal means by which financial institutions and e-businesses alike ensure private, secure transactions over the Internet and via other electronic means (e.g. wire transfers). After September 11, some legislators have called for restrictions on encryption technology unless it permits law enforcement access to otherwise coded data.49 Although such anti-encryption language was not included in the PATRIOT Act, it may well appear in the next wave of legislation aimed at helping the government fight terrorism.50 Indeed, in light of strong suspicion that terrorist networks use encryption tools to shield their communications and transactions from law enforcement, and given the federal governments broad investigative mandate under the Act, such legislation appears imminent. If banks and other businesses are compelled to adapt encryption technology to facilitate law enforcement access to highly sensitive but potentially suspect financial, communication and other data, the landscape of the Internet and its support structures will change forever. As a result, secure online banking and commerce undoubtedly will be affected, and may be compromised absent proactive efforts to maintain security in new and different ways. Aggressive Government Enforcement Recent examples of the governments commitment to the war on terrorism illustrate the real-world impact of new computer crime laws on U.S. business and financial interests. In one case, the FBI arrested a computer hacker who attempted to sabotage Adobes eBook Reader software by allowing potential users to decrypt Adobes built-in copyright safeguards. Despite Adobes request that the government not prosecute Dmitry Skylarov, the government is aggressively pursuing the hacker and his employer under the criminal provisions of the Digital Millennium Copyright Act (DMCA).51 Both men face up to ten years in prison and fines up to $250,000, and Adobe now remains in the middle of a criminal prosecution and potentially disruptive ongoing investigation over which it has no control.52 Importantly, law enforcement and intelligence officials are exempt from the DMCAs prohibitions on hacking and circumvention of network security devices.53 Thus the FBI and other law enforcement officials may take advantage of this exemption to intensify electronic surveillance of suspected terrorists and their related financial and business affairs under the PATRIOT Act. In the name of anti- Kirkpatrick & Lockhart LLP 5 terrorism and national security, law enforcement access to and scrutiny of private financial records and accounts, computer networks, e-business transactions and telecommunications surely will increase. Adobe and every other computer-age business must be prepared to accommodate the federal governments proactive approach to protecting critical infrastructures, whether they like it or not. More recently, federal law enforcement officials raided a number of money-exchange operations throughout the United States in a sweep to halt the illegal transfer of funds suspected of aiding terrorist activity, and also to gain more information on the sophisticated financial networks used by terrorists.54 Although the initial search-and-seizure efforts focused on two specific informal financial networks and their American outlets apparently associated with Osama bin Laden, the governments affirmative action to disrupt the terrorists financial networks have and will continue to impact legitimate financial institutions and communications interests as well. For example, one of the targeted networks operates legitimate cash-transfer systems throughout the world, relying on established relationships with major international banks. The same network also provides telecommunication services to its customers, the vast majority of whom apparently have no ties to terrorist activity.55 As a result, many of the networks affiliated financial institutions and telecommunications providers and all of the tech companies that facilitate these services will be subject to increased scrutiny, surveillance and perhaps even search-and-seizure. As with the amendments relating to money laundering,56 the PATRIOT Acts broadened surveillance provisions thus will have an immediate and significant impact on the financial services and telecommunications industries, forcing each to develop stricter customer screening and due diligence mechanisms. Privacy Concerns Already there is some indication that the PATRIOT Acts allowance of so-called sneak-and-peek search warrants might spark Fourth Amendment lawsuits. Such warrants, which permit delayed notice of a search for physical evidence if there is reasonable cause to believe notice will hamper the 6 investigation, are not tied to anti-terrorism investigations under the Act.57 As a result, some privacy advocates fear the government will extend sneak-and-peek authority well beyond the Acts intended scope of detecting and preventing international terrorism.58 However, even if law enforcement limits such searches to anti-terrorism efforts, the number and types of business interests and entities susceptible to such investigation are large indeed. Practically speaking, every U.S. financial institution, telecommunication provider, e-business and hightech company must operate under the assumption that its network is susceptible to covert search by law enforcement at any given time. Further, all such entities must assume that every foreign client who even remotely raises a suspicion of questionable ties to terrorist activity or funding may subject them to such investigation and scrutiny. Due diligence on current customers and potential customers will become a necessity. Finally, private industry must consider the likelihood of greater scrutiny of technological infrastructures by the newly-created White House Office of Homeland Security under the Foreign Intelligence Surveillance Act (FISA).59 Under FISA, the President may direct covert surveillance for up to one year before obtaining a warrant, in order to investigate any target suspected of engaging in international terrorism or otherwise threatening national security, as well as any financial or computer resources used by the target.60 Thus, in pursuit of the protection of national security, and emboldened by the PATRIOT Acts broadening of search-andseizure powers generally, FISA investigations are likely to intensify as well. In the aftermath of September 11, courts will likely tend to find such covert surveillance and related law enforcement access to targeted networks and infrastructures reasonable and proper more often than not.61 As the foregoing illustrates, the PATRIOT Act presents a multitude of new weapons to aid intelligence and law enforcement communities in the fight against terrorism. At the same point, the Act also presents a new set of concerns for every business owner participating in todays technology- driven marketplace. Fortunately, a number of publicprivate cooperatives exist to assist law enforcement and industry alike in optimizing anti-cyberterrorism efforts without unnecessarily compromising network security and privacy interests. III. FEDERAL RESOURCES TO PROTECT NETWORK SECURITY AND Privacy Concerns in the Fight Against Cyber-Terrorism Despite the increased potential for government intelligence and law enforcement access to private computer networks under the auspices of the PATRIOT Act, there remain several very useful government agencies and departments that can help businesses proactively combat the threat of terrorism-related computer hacking, virus spreading and other disruptions of service (DOS). Private industry can and should strive to work with the tide of increased government scrutiny and informationsharing, not against it, in the ongoing battle to eliminate all forms of network DOS. Department of the Treasury, and the Department of Energy, as well as the intelligence community, state and local governments, and the private sector.63 NIPC agents work directly with private sector businesses to establish computer crime crisis response procedures and a coordinated, timely mechanism for dealing with technological infrastructure breaches and suspected cyber-crimes. Other key resources include: n n n Valuable Government Resources Several federal agencies participate in the investigation of cyber-crimes, including the FBI, the Secret Service, U.S. Customs, the Postal Inspection Service and the Bureau of Alcohol, Tobacco and Firearms, to name a few. Undoubtedly, each of these departments will play a part in facilitating the investigation and information-sharing contemplated under the PATRIOT Act and mandated by Attorney General John Ashcroft at the recent Anti-Terrorism Coordination Conference in Washington, D.C. 62 Better communication will strengthen law enforcements ability to help all businesses detect and prevent cyber-terrorism and other networkrelated crimes. In this vein, private industry has at its disposal a number of cooperative government resources specifically created to aid in the fight against cybercrimes. Chief among them is the National Infrastructure Protection Center (NIPC), an interagency, public-private entity designed specifically to combine government and industry forces to combat high-tech crimes. The NIPC includes representatives from the FBI, the Department of Defense, the n the National White Collar Crime Center (NW3C), a non-profit organization dedicated to providing a nationwide support network for enforcement agencies involved in the prevention, investigation and prosecution of economic and high-tech crime;64 the Internet Fraud Complaint Center (IFCC), a partnership between the FBI and the NW3C whose stated mission is to address fraud committed over the Internet;65 the FBIs National Computer Crime Squad (NCCS), which investigates suspected intrusions into financial and commercial computer systems, including especially violations of the CFAA66 and the Economic Espionage Act67 and coordinates with FBI counterparts in foreign jurisdictions, especially when international computer espionage impacts U.S. public or private business interests; and the Computer Emergency Response Team Coordination Center (CERT/CC), a federallyfunded research and development effort by the Department of Defense under contract with Carnegie Mellon University that has developed systematized response mechanisms for incidents of computer system intrusion and methods for preventing future intrusions.68 All of these public/private initiatives are available to assist any business at risk of computer crimes or terrorist manipulation by analyzing the problem and, if appropriate, opening an investigation under the EEA, the CFAA, or both. Government involvement will vary, depending on strength of evidence, timing, the amount at stake, and the motives of the suspected cyber-criminals.69 In each case, these agencies will work with private industry to protect Kirkpatrick & Lockhart LLP 7 network security and maintain the privacy interests that all Internet-dependent businesses value so highly. According to Special Agent Dan Larkin of the FBIs Pittsburgh Field Office, early detection and reporting of suspected incidents of computer system intrusion are key to averting serious and perhaps irreparable technological damage and mounting a successful criminal prosecution. Moreover, proactive efforts by private businesses will enhance the governments fight against terrorism on the ground and in cyberspace. All companies should vigilantly secure their computer networks and routinely upgrade the security systems that safeguard all their technological infrastructures. As Special Agent Larkin notes, ultimately the federal governments ability to assist private industry depends to a large degree on how much and how well the private sector has helped itself and has shared its technological advances in the proactive safeguard area as well as in the reactive or forensic area. Valuable Public-Private Resources Two additional resources can further assist in the fight against cyber-terrorism. First, CMUs new Institute for Homeland Security Research, a cooperative between the university and private industry that is designed to help the federal government, and in particular the OHS, strengthen national security mechanisms. In particular, the Institute already is developing a system for alerting the nations population about emergency health risks.70 Beyond the Institute, Allegheny County Executive Jim Roddey has pledged to OHS director Tom Ridge the full support of Western Pennsylvanias wealth of technology-based services and resource centers: Sixty years ago, our region was the leader in providing the steel to help win World War II. Today, we possess the resources necessary to fight a different kind of war, and those resources are superior advanced technology. We stand ready to put it to use.71 Indeed, Western Pennsylvania boasts CERT/CC and the Institute, as well as the collective technological resources of CMU, West Virginia University, plus scores of private technology firms to assist in the 8 cooperative effort to eliminate cyber-crime and in particular cyber-terrorism. Second, this region is well on the way to finalizing the formation of the National Cyber-Forensics Training Alliance (NCFTA or the Alliance). This Alliance will be a multi-state laboratory and training alliance consisting of industry, academic and government members engaged in cyber-forensic analysis, tactical response development, and technology vulnerability analysis. In addition to key participation from private industry giants and critical academic expertise from CMU, WVU and other universities, NCFTA has received substantial input and support from the Department of Justices Computer Crime and Intellectual Property Section (CCIPS), NW3C, as well as a broad range of federal and state law enforcement offices. In light of the PATRIOT Acts mandate to enhance cyber-forensic capabilities,72 the Alliance is poised to play a critical role in bridging the gap between law enforcement cyber-forensics and private industry efforts to detect, prevent and investigate computer-related crime and terrorist activity. According to FBI Special Agent Bill Shore, a focal point of the NCFTA project is the partnership established between the FBI, NW3C and the academic communities of CMU and West Virginia University. This partnership facilitated a survey of industry, government and academia to assess evolving cyber-crime and Internet-related vulnerabilities. As a result, the Alliance was able to formulate overlapping objectives and prioritize resource strengths to maximize the efficacy of the group to all three sectors. Critical to the war on cyber-terrorism, NCFTA is designed to assemble an unparalleled pool of critical network-related data, combining intelligence from the IFCC and CERT/CC. Armed with this information, the Alliance will be able to continually develop and update response strategies, forensics and advanced training methods, so that private industry can better proactively protect its technological infrastructures from the threat of cyber-crime and ferret out those that have committed such acts. In particular, NCFTA aims to be a private/public initiative that develops applicators for both proactive and reactive cyber situations with the ability and communication challenges to share intelligence with law enforcement. Ultimately, Special Agent Shore and the FBI see NCFTA as a state-of-the-art project that joins public and private resources and law enforcement to create permanent synergies designed to: n n n n n n n develop and implement cyber-forensic analysis programs and related training initiatives for industry, law and academic applications; maximize the use of strong regional and national resources, both public and private; foster the exchange of critical information regarding evolving infrastructure problems and optimal response mechanisms; apply forensic analysis techniques and results to the development of response strategies and proactive measures designed to abate computer crimes and cyber-terrorism; establish multiple, linked critical information centers across the nation to maximize data sharing and anti-cyberterrorism education; coordinate and exploit the extensive resources available among the IFCC, CCIPS, CERT/CC, NIPC, NW3C, NIPC, and NCCS to further all of these goals; and ultimately provide the platform for enactment of broad-based regulations, and internationally supportable law, governing such forensic analysis and proactive anti-cyberterrorism efforts. To date, the Alliance already has reached significant milestones on its mission to eliminate computer crime. For example, according to Special Agent Shore, NCFTA already has established effective joint law enforcement task forces in Pennsylvania and West Virginia that embrace industry and academia as beneficial team members. In addition, the Alliance has established vulnerability testing labs where law enforcement, private industry and academia can exchange and analyze digital data in a secure setting. Finally, NCFTA has established jointly developed state-of-the-art computer forensic training programs, utilizing resources, expertise and perspectives from all three sectors. Clearly, the Alliance is well on its way to reaching its objective of a coordinated, fully integrated public-private defense against cyber-aided terrorism. IV.CONCLUSION In a world of business and finance that depends on secure technological infrastructures for survival, computer network integrity will always be a top priority. Following passage of the PATRIOT Act, the federal government and law enforcement are likely to act in ways that seek to preserve such system integrity against the evils of terrorism, but which may also have the unintended effect of compromising network access, security and privacy concerns. A healthy understanding of the new law, including especially its attendant due diligence and information-seeking and -sharing requirements, will help all businesses to minimize such concerns. Familiarity with the many federal and public-private resources available to help in the fight against cybercrime will lower risk even more. FOR MORE INFORMATION about Kirkpatrick & Lockhart’s White Collar Crime/Criminal Defense practice, please visit www.kl.com/PracticeAreas/WCCrime/wcrime.stm. Endnotes 1 2 3 4 5 6 PL 107-56, 2001 HR 3162, Slip Copy (Oct. 26, 2001, West). Id. at § 105. See id. Id. at § 103. Id. at § 101. 50 U.S.C. § 1702. 7 PL 107-56, 2001 HR 3162 at § 106, 50 U.S.C. § 1702(a)(1)(C). 8 18 U.S.C. §§ 2901, et seq. 9 PL 107-56, 2001 HR 3162 at § 201, et seq. 1 0 18 U.S.C. § 1030. 1 1 PL 107-56, 2001 HR 3162 at § 202. 1 2 See, e.g., id. at § 206, 219. Kirkpatrick & Lockhart LLP 9 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 10 Id. at § 209. Id. at § 210. Id. at § 213. Id. at § 215. Id. at § 217. Id. at § 220. For a more detailed summary of the IMLA, see Mark A. Rush and Heather Hackett, USA PATRIOT Act Money Laundering and Asset Forfeiture, prepared for Pennsylvania Bar Institute, November 2001, www.kl.com/ practiceareas/financial/publications/fin-111301.pdf. PL 107-56, 2001 HR 3162 at §§ 301, et seq. Id. at § 311(a). Id. at § 311(b). Id. at § 312. Id. at § 314. Id. at §§ 326, 352. For more on the IMLA, see Rush et. al, supra at note 19. See 31 U.S.C. § 5318(g). PL 107-56, HR 3162 at § 356(a), (b). See id. at § 358. See 12 U.S.C. §§ 1829b(a), 1953(a). PL 107-56, HR 3162 at § 358. Under the PATRIOT Act, the maximum fine for money laundering or any violation of money laundering laws by financial institutions has been increased to one million dollars. Id. at § 363. PL 107-56, HR 3162 at § 505. Id. at § 506. Id. at § 701. Id. Id. at § 814(d), amending 18 U.S.C. § 1030(3)(e). See id. at § 814(a), amending 18 U.S.C. § 1030(a)(5). Id. at § 814(c), amending 18 U.S.C. § 1030(c). PL 107-56, 2001 HR 3162 at § 816. Id. at § 1016. Id. at § 1016(b)(3). The Act defines critical infrastructure as systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters. Id. at § 1016(e). Id. at § 1016(d). See id. at § 1016(d)(2). See id. Id. at § 1016(d)(3). PL 107-56, 2001 HR 3162 at §§ 201, et seq. See id. at §§ 206, 219. See id. at § 215. On the other hand, in a recent development, the European Union declined to adopt the United States broadening of electronic surveillance and investigation capabilities, opting instead to maintain limited access provisions relating to telecommunications data in a Union-wide data-protection law currently in draft before the European Parliament. See European Union Set to Vote on Data Law, http:// www.nytimes.com/2001/11/13/technology. 4 9 See Mike Godwin, Just Say No: Will Strong Cryptography Be One of the First Casualties in the War on Terrorism? IP W ORLDWIDE, November 2001, at 47. 5 0 See id. at 47. 5 1 18 U.S.C. § 1201, et seq. 5 2 See Jeffrey T. Green and Matthew J. Perry, The Long Arm of Copyright Law, BUSINESS CRIMES BULLETIN, October 2001 at 1. 5 3 See id. 5 4 See U.S. Moves to Cut Two Financial Links for Terror Group, NEW YORK TIMES, Nov. 8, 2001 at A1 (hereinafter, U.S. Moves); U.S. Raids Terrorist Banks, USA TODAY, Nov. 8, 2001 at 1A. 5 5 See U.S. Moves at B8. 5 6 For more on the IMLA, see Rush et. al, supra at note 19. 5 7 See PL 107-56, 2001 HR 3162 at § 213 (amending 18 U.S.C. § 3103a); see also Marcia Coyle, Suit Seen as Likely Over New Search Law, NATIONAL LAW JOURNAL, Nov. 5, 2001 at A1. 5 8 See id. 5 9 50 U.S.C. § 1805, et seq. 6 0 See id.; see also John Gibeaut, Winds of Change, ABA JOURNAL, Nov. 2001 at 32. 6 1 See id. 6 2 See Ashcroft Orders Intelligence Sharing Protocols, http://www.cnn.com/2001/LAW/11/13/ashcroft.terrorism/ index.html. Ashcroft ordered all U.S. Attorneys to develop intelligence- and information-sharing protocols among federal, state and local law enforcement officials, and he stressed the need for state and local officials to cooperate in the effort. See id. 6 3 See generally http://www.nipc.gov. 6 4 See generally www.nw3c.org. 6 5 See generally http://www.ifccfbi.gov. 6 6 See supra at 4. 6 7 18 U.S.C. §§ 1831, et seq. 6 8 See generally www.cert.org. 6 9 To learn more about each of these government resources, see Mark A. Rush and Lucas G. Paglia, Preventing, Investigating and Prosecuting Computer Attacks and ECommerce Crimes: Public/Private Initiatives and Other Federal Resources, W HITE COLLAR CRIME REPORTER, JulyAugust, 2001. 7 0 See Christopher Davis, Maria Guzzo, CMU Takes on Terror: Institute for Homeland Security Research Created, PITTSBURGH BUSINESS TIMES, Oct. 19-25, 2001. 7 1 See id., quoting Roddey spokeswoman Margaret Philbin. 7 2 See PL 107-56, 2001 HR 3162 at § 816. Kirkpatrick & Lockhart LLP 11 75 State Street Boston, Massachusetts 02109 617.261.3100 PHONE 617.261.3175 FAX 3100 Bank One Center 1717 Main Street Dallas, Texas 75201 214.939.4900 PHONE 214.939.4949 FAX Payne Shoemaker Building 240 North Third Street Harrisburg, Pennsylvania 17101 717.231.4500 PHONE 717.231.4501 FAX 10100 Santa Monica Boulevard Seventh Floor Los Angeles, California 90067 310.552.5000 PHONE 310.552.5001 FAX Miami Center - 20th Floor 201 South Biscayne Boulevard Miami, Florida 33131 305.539.3300 PHONE 305.358.7095 FAX The Legal Center One Riverfront Plaza, Seventh Floor Newark, New Jersey 07102 973.848.4000 PHONE 973.848.4001 FAX 1251 Avenue of the Americas 45th Floor New York, New York 10020 212.536.3900 PHONE 212.536.3901 FAX Henry W. Oliver Building 535 Smithfield Street Pittsburgh, Pennsylvania 15222 412.355.6500 PHONE 412.355.6501 FAX Four Embarcadero Center, 10th Floor San Francisco, California 94111 415.249.1000 PHONE 415.249.1001 FAX 1800 Massachusetts Avenue, N.W. Second Floor Washington, DC 20036 202.778.9000 PHONE 202.778.9100 FAX SM www.kl.com Kirkpatrick & Lockhart LLP Challenge us. SM
