In a statement before a House Judiciary subcommittee on November 15, a U.S. Department of Justice official proposed amending the federal RICO statute to make violations of the Computer Fraud and Abuse Act (CFAA) a RICO predicate act.
Richard Downing, Deputy Section Chief for Computer Crime and Intellectual Property, testified before the House Judiciary Subcommittee on Crime, Terrorism and Homeland Security. In his prepared statement, Downing emphasized the importance of addressing more targeted, sophisticated, and serious cyber crime and cyber intrusions.
According to Downing, computer technology has become a key tool of organized crime, which now:
(1) Hacks into public and private computer systems, including systems key to national security and defense;The Obama administration has taken significant steps to ensure that the American people, businesses, and governments build better protections against cyber threats, he said.
(2) Hijacks computers for the purpose of stealing identity and financial information;
(3) Extorts lawful businesses with threats to disrupt computers; and
(4) Commits a range of other cyber crimes.
“Through this ongoing work, it has become clear that our Nation cannot improve its ability to defend against cyber threats unless certain laws that govern cybersecurity activities are updated, including the Computer Fraud and Abuse Act.”
RICO Predicate Act
Among the changes proposed by the Department of Justice is making CFAA offenses subject to the Racketeering Influenced and Corrupt Organizations Act.
Downing urged Congress to update the RICO statute because RICO could be an effective tool to fight criminal organizations that use the Internet to commit their crimes.
“The Administration’s proposal would simply make clear that malicious activities directed at the confidentiality, integrity and availability of computers should be considered criminal activities under the RICO statute,” the official noted.
Downing’s statements were issued as part of a broader proposal to update the CFAA, including amendments to ramp up sentencing and other penalties, furnish better tools for investigators and prosecutors, and provide enhanced deterrence for malicious activity directed at critical infrastructure.
The full text of Downing’s statements is available here on the Department of Justice website.