Enhancement Targeting Offenses

Enhancement Targeting Offenses Involving Malicious Intent, Intent to Obtain Personal Information, Computer Systems Used in Furtherance of the Administration of Justice, National Defense, and National Security, and Interference with a Critical Infrastructure

Note: This information about Enhancement Targeting Offenses Involving Malicious Intent, Intent to Obtain Personal Information, Computer Systems Used in Furtherance of the Administration of Justice, National Defense, and National Security, and Interference with a Critical Infrastructure is based on an United States Sentencing Commission report to the Congress on penalties for cyber security offenses. In this case, the content of this section deals with the proposed Amendment by the Commission, in relation to the modifications to §2B1. 1 (Theft, Property Destruction, and Fraud). The proposed amendment specifically addresses four of the factors listed in the directive – malicious intent, invasions of privacy, computer systems used in furtherance of the administration of justice, national defense, and national security, and significant interference with a critical infrastructure – in one new specific offense characteristic in §2B1. 1. The new specific offense characteristic provides a two level increase (corresponding to an approximate 25 percent increase in sentence) at §2B1. 1(b)(13)(A)(i) for offenses under 18 U. S. C. § 1030 that involve either (a) a computer system used to maintain or operate a critical infrastructure or a computer system used by or for a government entity in furtherance of the administration of justice, national defense, or national security; or (b) an intent to obtain personal information. It provides a four level increase (corresponding to an approximate 50 percent increase in sentence) at §2B1. 1(b)(13)(A)(ii) for an offender convicted of violating 18 U. S. C. § 1030(a)(5)(A)(i), a crime that requires a heightened showing of intent to cause damage. It further provides a six level increase (roughly doubling the sentence) at §2B1. 1(b)(13)(A)(iii) for those section 1030 offenses that cause a substantial disruption of a critical infrastructure. Because of the overlapping nature of these enhancements in terms of the conduct they punish, only the greatest applicable one will apply in a particular case. The graduated levels, however, ensure incremental punishment for increasingly serious conduct, and were chosen by the United States Sentencing Commission in recognition of the fact that conduct supporting application of a more serious enhancement frequently will encompass behavior relevant to a lesser enhancement as well. With respect to the most serious enhancement, the six level increase for an offense resulting in a substantial disruption of a critical infrastructure, a minimum offense level of 24 (which corresponds to a range of 51 to 63 months in Criminal History Category I) is provided. This minimum offense level will ensure that offenders involved in the most serious offenses will face a substantial minimum guideline sentence. Analysis of the United States Sentencing Commission's data suggests that approximately 51 percent of section 1030 offenses sentenced under §2B1. 1 likely will receive an adjustment under this new specific offense characteristic. Of the 104 cases reviewed that were sentenced under §2B1. 1 (or a guideline consolidated with §2B1. 1), 36. 5 percent (38) would have qualified for the two level adjustment (the overwhelming majority of these (33) for having an intent to obtain personal information); an additional 14. 4 percent (15) would have been eligible for the four level adjustment3; and none involved conduct meriting the six level adjustment.