National Information Infrastructure Protection Act (1996)

COSC3360 12/2/1999

Major changes to 1986 Computer Fraud and Abuse Act

1. Name change:
New name: The National Information Infrastructure Protection Act of 1996

2. "Protected Computers" replaced "Federal Interest Computers"
which now include:
a. a computer exclusively for the use of a financial institution
or the United States Government, or in the case of a computer
not exclusively for such use, used by or for a financial
institution or the United States Government and
the conduct constituting the offense affects that use by or
for the financial institution or the Government, or
b. a computer which is used in interstate or foreign commerce
or communications.

3. Provision of an additional offense: 1030(a)7

Protection against the interstate or international transmission of
threats to cause damage to Protected Computer(s) with intent to
extort any money or anything of value from any
body or any organization.

4. Narrowing the definition of the offense of illegally obtaining
national security information.
1030(a)1
It now requires: "willfully communicates, delivers, transmits, or caused to be communicated,
delivered, or transmitted, or attempts to communicate, deliver, transmit or cause to be
communicated, delivered, or transmitted the same to any person not entitled to receive it
or willfully retains the same and fails to deliver it to the officer or an employee of the
United States entitled to receive it."

5. Extension of protection from unauthorized information access. 1030(a)2
Now the protection is provided not just for the financial institutions' information
But also for that from "Any United States Government department or agency and
Also for that from any Protected computers if the conduct involved an interstate or
Foreign communications.

6. Narrowing the definition of Defrauding Protected computers. 1030(a)4
Unauthorized use of a Protected computer must total at least
$5,000 for a year.