The Justice Department has released a policy that seeks to help federal prosecutors determine when to bring charges or launch an investigation under the Computer Fraud and Abuse Act.
Leslie Caldwell, assistant attorney general for the criminal division at DOJ, wrote in a blog post published Tuesday that the 2014 Intake and Charging Policy for Computer Crime Matters lists eight factors for prosecutors to consider before they charge an offense under the law, such as the extent of damage associated with unauthorized access to computer systems or data.
Government attorneys should consider how unauthorized access to computer systems or data breach raises concerns in terms of national security, public safety and health, critical infrastructure and international relations, as well as the cyber crime’s impact on the victim.
Prosecutors should also take a look at the nature of the criminal conduct’s potential impact on a community or district and the deterrent value of a prosecution or investigation, as well as determine whether the defendant intentionally breached authority limitations when it comes to data access.
The policy also calls for prosecutors to consult with the department’s computer crime and intellectual property section before they bring cyber crime-related charges under the law, Caldwell noted.