Cyber Security Framework

Cyber Security Framework

Note: This information about Cyber Security Framework is based on an United States Sentencing Commission report to the Congress on penalties for cyber security offenses. In this case, the content of this section deals with the proposed Amendment by the Commission, in relation to the reference of 18 U. S. C. § 2701 Offenses to §2B1. 1 in Appendix A (Statutory Index). Section 2701 of title 18, United States Code, prohibits unlawful access to stored communications such as e-mail. The amendment provides a reference for 18 U. S. C. § 2701 offenses in Appendix A (Statutory Index). Prior to the Homeland Security Act, an offense under section 2701 was punishable by a maximum term of imprisonment of six months, unless the offense involved one of the identified aggravated purposes, in which case the maximum term of imprisonment was one year for a first offense. Subsequent aggravated offenses were punishable by a maximum term of imprisonment of two years' imprisonment. The Homeland Security Act expanded the scope of section 2701 by adding an additional aggravated purpose to the statute and increased penalties for all violations of section 2701. A first offense under section 2701 is now punishable by a one year statutory maximum term of imprisonment, unless it was committed with one of the aggravated purposes, in which case the maximum term of imprisonment is five years. Subsequent offenses are punishable by a statutory maximum term of five years, and subsequent aggravated offenses are punishable by a statutory maximum term of 10 years' imprisonment. United States Sentencing Commission data indicate that 18 U. S. C. § 2701 has been used infrequently. For fiscal years 1997 through 2001, the United States Sentencing Commission has data for only seven sentenced cases involving a conviction under this statute. All seven of these cases were related to fraud, and were sentenced using the fraud guideline. Given the newly enhanced statutory penalties, the number of prosecutions under this statute may increase, particularly in light of the widespread reliance on e-mail and other forms of wire or electronic communication. Accordingly, the United States Sentencing Commission has provided a specific guideline reference for 18 U. S. C. § 2701 in Appendix A, rather than relying on the generally applicable rule that the most analogous guideline should be used for offenses not listed in the Statutory Index. See USSG §1B1. 2(a). Section 2701 offenses are now referenced specifically to §2B1. 1 because such offenses involve obtaining, altering or denial of authorized access to stored communications, conduct related to theft, property destruction, and fraud.