Segment 1 Of 3 Next Hearing Segment(2)
SPEAKERS CONTENTS INSERTS
Page 1 TOP OF DOC Segment 1 Of 3 72616 PS
FIGHTING CYBER CRIME
SUBCOMMITTEE ON CRIME
COMMITTEE ON THE JUDICIARY
HOUSE OF REPRESENTATIVES
ONE HUNDRED SEVENTH CONGRESS
MAY 24, JUNE 12 AND JUNE 14, 2001
Serial No. 33
Printed for the use of the Committee on the Judiciary
Page 2 PREV PAGE TOP OF DOC Segment 1 Of 3 Available via the World Wide Web: http://www.house.gov/judiciary
For sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov Phone: (202) 5121800 Fax: (202) 5122250
Mail: Stop SSOP, Washington, DC 204020001
COMMITTEE ON THE JUDICIARY
F. JAMES SENSENBRENNER, JR., WISCONSIN, Chairman
HENRY J. HYDE, Illinois
GEORGE W. GEKAS, Pennsylvania
HOWARD COBLE, North Carolina
LAMAR SMITH, Texas
ELTON GALLEGLY, California
BOB GOODLATTE, Virginia
STEVE CHABOT, Ohio
BOB BARR, Georgia
WILLIAM L. JENKINS, Tennessee
ASA HUTCHINSON, Arkansas
CHRIS CANNON, Utah
LINDSEY O. GRAHAM, South Carolina
SPENCER BACHUS, Alabama
JOE SCARBOROUGH, Florida
JOHN N. HOSTETTLER, Indiana
MARK GREEN, Wisconsin
Page 3 PREV PAGE TOP OF DOC Segment 1 Of 3 RIC KELLER, Florida
DARRELL E. ISSA, California
MELISSA A. HART, Pennsylvania
JEFF FLAKE, Arizona
JOHN CONYERS, Jr., Michigan
BARNEY FRANK, Massachusetts
HOWARD L. BERMAN, California
RICK BOUCHER, Virginia
JERROLD NADLER, New York
ROBERT C. SCOTT, Virginia
MELVIN L. WATT, North Carolina
ZOE LOFGREN, California
SHEILA JACKSON LEE, Texas
MAXINE WATERS, California
MARTIN T. MEEHAN, Massachusetts
WILLIAM D. DELAHUNT, Massachusetts
ROBERT WEXLER, Florida
TAMMY BALDWIN, Wisconsin
ANTHONY D. WEINER, New York
ADAM B. SCHIFF, California
TODD R. SCHULTZ, Chief of Staff
PHILIP G. KIKO, General Counsel
JULIAN EPSTEIN, Minority Chief Counsel and Staff Director
Page 4 PREV PAGE TOP OF DOC Segment 1 Of 3
Subcommittee on Crime
LAMAR SMITH, Texas, Chairman
MARK GREEN, Wisconsin
HOWARD COBLE, North Carolina
BOB GOODLATTE, Virginia
STEVE CHABOT, Ohio
BOB BARR, Georgia
ASA HUTCHINSON, Arkansas,
RIC KELLER, Florida
ROBERT C. SCOTT, Virginia
SHEILA JACKSON LEE, Texas
MARTIN T. MEEHAN, Massachusetts
WILLIAM D. DELAHUNT, Massachusetts
ADAM B. SCHIFF, California
JAY APPERSON, Chief Counsel
SEAN MCLAUGHLIN, Counsel
ELIZABETH SOKUL, Counsel
BOBBY VASSAR, Minority Counsel
C O N T E N T S
Page 5 PREV PAGE TOP OF DOC Segment 1 Of 3 HEARING DATES
May 24, 2001
FIGHTING CYBER CRIME: EFFORTS BY STATE AND LOCAL OFFICIALS
June 12, 2001
FIGHTING CYBER CRIME: EFFORTS BY FEDERAL LAW ENFORCEMENT
June 14, 2001
FIGHTING CYBER CRIME: EFFORTS BY PRIVATE BUSINESS INTERESTS
May 24, 2001
The Honorable Lamar Smith, a Representative in Congress From the State of Texas, and Chairman, Subcommittee on Crime
The Honorable Robert C. Scott, a Representative in Congress From the State of Virginia, and Ranking Member, Subcommittee on Crime
Mr. Ronald R. Stevens, Senior Investigator, Bureau of Criminal Investigation, New York, NY
Page 6 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. Michael T. McCaul, Deputy Attorney General for Criminal Justice, Austin, TX
The Honorable Joseph I. Cassilly, State's Attorney, Harford County, Bel Air, MD
LETTERS, STATEMENTS, ETC., SUBMITTED FOR THE HEARING
The Honorable Sheila Jackson Lee, a Representative in Congress From the State of Texas
June 12, 2001
The Honorable Lamar Smith, a Representative in Congress From the State of Texas, and Chairman, Subcommittee on Crime
The Honorable Robert C. Scott, a Representative in Congress From the State of Virginia, and Ranking Member, Subcommittee on Crime
Page 7 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. Michael Chertoff, Assistant Attorney General, Criminal Division, U.S. Department of Justice
Mr. Thomas T. Kubic, Principal Deputy Assistant Director, Criminal Investigative Division, Federal Bureau of Investigation
Mr. James A. Savage, Jr., Deputy Special Agent In Charge, Financial Crimes Division, United States Secret Service
Mr. Alan B. Davidson, Associate Director, Center for Democracy and Technology
LETTERS, STATEMENTS, ETC., SUBMITTED FOR THE HEARING
The Honorable Lamar Smith, a Representative in Congress From the State of Texas, and Chairman, Subcommittee on Crime
June 14, 2001
Page 8 PREV PAGE TOP OF DOC Segment 1 Of 3
The Honorable Lamar Smith, a Representative in Congress From the State of Texas, and Chairman, Subcommittee on Crime
Mr. Harris N. Miller, President, Information Technology Association of America
Mr. Robert Chesnut, Vice President and Deputy General Counsel, eBay, Incorporated
Mr. Robert Kruger, Vice President for Enforcement, Business Software Alliance
Mr. Dave McCurdy, President, Electronic Industries Alliance
LETTERS, STATEMENTS, ETC., SUBMITTED FOR THE HEARING
Page 9 PREV PAGE TOP OF DOC Segment 1 Of 3
The Honorable Lamar Smith, a Representative in Congress From the State of Texas, and Chairman, Subcommittee on Crime
The Honorable Sheila Jackson Lee, a Representative in Congress From the State of Texas
Statements Submitted For The Record
June 14, 2001
Statement on the Council of Europe Draft Convention on Cyber-Crime From the World Information Technology and Services Alliance (WITSA)
Material Submitted For The Record
May 24, 2001
Response to questions From the New York State Police Computer Crimes Unit, Mr. Ronald R. Stevens, Director
Response to questions From the Office of the Attorney General, State of Texas, Mr. Michael T. McCaul, Deputy Attorney General for Criminal Justice
Page 10 PREV PAGE TOP OF DOC Segment 1 Of 3
Response to questions From the State's Attorney for Harford County Maryland, The Chair of the Cyber Crime Committee, National District Attorneys Association, The Honorable Joseph I. Cassilly
June 12, 2001
Response to questions From the United States Department of Justice, Assistant Attorney General Criminal Division, Mr. Michael Chertoff
Response to questions From the United States Federal Bureau of Investigation, the Criminal Investigation Division, Principal Deputy Assistant Director, Mr. Thomas T. Kubic
Response to questions From the United States Department of Treasury, United States Secret Service, Deputy Special Agent in Charge of the Secret Service's Financial Crimes Division, Mr. James A. Savage, Jr.
June 14, 2001
Response to questions From the Information Technology Association of America of Arlington, VA, Mr. Harris N. Miller, President
Response to questions From eBay, Incorporated of San Jose, CA, Mr. Robert Chesnut, Vice President and Deputy General Counsel
Page 11 PREV PAGE TOP OF DOC Segment 1 Of 3
Response to questions From Business Software Alliance of Washington, DC, Mr. Robert Kruger, Vice President for Enforcement
FIGHTING CYBER CRIME:
EFFORTS BY STATE AND LOCAL OFFICIALS
THURSDAY, MAY 24, 2001
House of Representatives,
Subcommittee on Crime,
Committee on the Judiciary,
The Subcommittee met, pursuant to call, at 1:42 a.m., in Room 2237, Rayburn House Office Building, Hon. Lamar Smith [Chairman of the Subcommittee] presiding.
Mr. SMITH. The Subcommittee will come to order. We welcome our witnesses today, and the audience as well, and I do want to explain why the hearing was delayed. It was through no fault of our own. Apparently there were three Subcommittees meeting this morning, and they decided to stagger them rather than have meetings conflict, and unfortunately we were scheduled, therefore, for 1:30 this afternoon. I know this may have inconvenienced our witnesses. I apologize for that, and hope you can still make your flights or get back home as you need to.
Page 12 PREV PAGE TOP OF DOC Segment 1 Of 3 We are going to open the hearing today. I am going to have an opening statement. I will recognize other Members for their opening statements, and then we will get to our witnesses as quickly as possible.
States and localities have the primary responsibility of law enforcement in our Nation, so it is fitting to have State and local officials testify about their law enforcement efforts to reduce cyber crime. This is the Subcommittee on Crime's first of three hearings on the issue. The other two oversight hearings will focus on Federal efforts and businesses' concerns, and those two hearings will be later on in June.
As society has benefitted from cyber technology, so has criminal activity. Technology advanced and cyber crime followed. An article in the Washington Times today describes an Internet scheme that defrauded 56,000 people out of more than $117 million. Cyber crime takes many other forms, such as child pornography, piracy, fraud, computer security breaches, extortion, and e-commerce terrorism.
Terroristic threats to critical infrastructure present significant problems. Such an attack could have disastrous effects. For instance, a cyber crime attack on a utility company control center would cause power outages and halt critical services.
Cyber crime also threatens the safety and security of American children through the rapid spread of illegal child pornography on the web. Its proliferation is a growing public concern. According to a recent poll, some 92 percent of Americans say they are concerned about child pornography on the Internet, and 50 percent of Americans cite child porn as the single most heinous crime that takes place online.
Page 13 PREV PAGE TOP OF DOC Segment 1 Of 3
Unfortunately, laws defining cyber offenses and law enforcement technologies and training appear to lag behind technological advances and criminal activity. The Government Accounting Office recently reported that the lack of adequate information sharing and adequate staffing has hurt anti-cyber crime efforts. Better coordination and cooperation among Government agencies also is needed because cyber crime presents serious jurisdictional issues, some of which we will hear about in a few minutes from our witnesses.
Last week, while I was in Texas, I met with the Austin Police Department's high tech crime unit; the Texas Deputy Attorney General for Criminal Justice, who is here to testify today; and the Chief of the Texas Internet Bureau. All agree that cyber crime is a growing problem confronting States and localities, and that there needs to be enhanced coordination and cooperation at all levels of Government and with the private sector, as well.
Since technological advancement will continue to transform our lives and economy, Americans should feel secure when they use the Internet for business purposes, personal use, and commerce. Today, we will hear testimony from State and local officials about their efforts and needs, and how the Federal Government and private sector can assist them. Additionally, there are questions with regard to protecting privacy while enhancing law enforcement.
I would like to thank the witnesses for appearing before the Subcommittee today on such an important issue, and of course we all look forward to hearing your testimony in a few minutes. I will now recognize the Ranking Member, Mr. Scott of Virginia, for his opening statement.
Page 14 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. SCOTT. Thank you, Mr. Chairman, and I also want to thank you for staggering the Subcommittee meetings so that Members can participate in all of their Subcommittee hearings without having to try and be in two places at the same time.
And I would also like to recognize on our side the gentleman from California, Mr. Schiff, who is officially attending his first meeting of this Subcommittee, although you have been kind enough to allow him to participate in previous meetings in the expectation that his formal membership would be confirmed. And I would like to welcome the gentleman from California.
Mr. SMITH. We all welcome Mr. Schiff, and it is nice to have him officially with us. As you said, Mr. Scott, we were never quite sure before but we did include him.
Mr. SCOTT. Thank you. I am pleased to join you in convening this hearing on State and local efforts to combat what is referred to as cyber crime or crimes committed through the use of electronic communications.
The field of electronic communications is rapidly evolving. During my relatively short tenure in Congress, we have moved from only speculating about the vast potential of the World Wide Web or the Internet superhighway to depending on it for the efficient conduct of daily congressional operations. We all rely heavily on the Internet for communicating with staff in our various offices and for the efficient conduct of many routine activities, personal activities like paying bills and other such uses.
Page 15 PREV PAGE TOP OF DOC Segment 1 Of 3
Given this rapidly growing dependency on electronic communications, the Congress and the rest of the Federal Government is just as subject to cyber crime as any other user, so we have just as much of a stake as anyone else in preventing cyber crime. Crimes such as theft or destruction of property, whether committed over the Internet or through other means, should be dealt with as such.
We have many laws on the books already, State and Federal, for dealing with such crimes. While I remain open to hearing proposals for additional crimes and penalties, I would hope that such additions are based on findings that they are necessary to effectively prevent crimes through electronic communications, rather than merely sending a message, which we have done in other areas of criminal law.
There is much the Federal Government can do and should do to assist State and local governments in addressing cyber crime. Providing funding for training and equipment, and lending technical assistance and cooperation to local and State law enforcement, are some ways. And, as you have indicated, the jurisdictional problems in cyber crime create new challenges for us.
While there may be holes in the Federal laws which prevent effective enforcement, and any such holes must be addressed, we must be vigilant to ensure that our zeal to address cyber crimes does not unduly constrain our privacy and individual freedoms, nor innovation. Unnecessary monitoring and oversight by law enforcement authorities could only stymie technology innovation. It could also infringe upon reasonable expectation of individuals to privacy and individual freedoms.
Page 16 PREV PAGE TOP OF DOC Segment 1 Of 3
Most people expect the same kinds of privacy protection in their electronic communications as they receive with their mail and phones. In the absence of probable cause to believe that serious criminal activity is occurring, there is generally no right to invade mail or phone use, and I see no reason why we shouldn't have the same approach with electronic communications in balancing our need to ferret out crime with our privacy and individual rights as we do with mail and phones.
So it is my hope, Mr. Chairman, that before we identify what crimes we can add, that we first identify the problem and all of the potential solutions. To any business or individual requesting that the Federal Government be given more law enforcement oversight over electronic communications, I say we have to be careful as to what we ask for.
I was made aware of a case where one business accused a rival business of sabotaging its computer operations. In investigating the matter, the police confiscated all of the computers of the accused business, thereby essentially putting it out of business. Even though the charges were later dropped, the accused business lost several months of business and spent thousands of dollars for legal and other expenses incurred in trying to get its computers back. Obviously, that kind of cure was worse than the disease.
So I look forward to the testimony by witnesses today on what is occurring with respect to the issue of cyber crime at the State and local level, and what the Government, the Federal Government might do to assist. Thank you, Mr. Chairman.
Mr. SMITH. Thank you, Mr. Scott.
Page 17 PREV PAGE TOP OF DOC Segment 1 Of 3
Are there any other Members who wish to make an opening statement?
If not, we will proceed, and I will introduce the witnesses in the order in which they will testify: Mr. Ronald R. Stevens, Senior Investigator, Bureau of Criminal Investigation, New York, New York; Mr. Michael T. McCaul, Deputy Attorney General for Criminal Justice, Austin, Texas; and Mr. Joseph I. Cassilly, State's Attorney, Harford County, Bel Air, Maryland.
We welcome you all, and Mr. Stevens, if you will begin.
STATEMENT OF RONALD R. STEVENS, SENIOR INVESTIGATOR, BUREAU OF CRIMINAL INVESTIGATION, NEW YORK, NY
Mr. STEVENS. Thank you. Chairman Smith, Congressman Scott, and Members of the Subcommittee, my name is Ron Stevens. I am here representing the State of New York as the Director of the Computer Crime Unit for the New York State Police. I thank you for this opportunity to testify with regard to the current state of cyber crime in New York and what needs to be done in the future to address this growing problem.
The highest priority of Governor George Pataki protection and well-being of the citizens of New York State. The New York State Police, along with more than 500 local police departments, are committed to fulfilling this mission. As one of the 10 largest law enforcement agencies in the Nation, the New York State Police employs approximately 5,000 people in more than 200 locations statewide, including 1,000 investigative specialists. The New York State Police is a full service agency which also operates one of the Nation's leading crime laboratory systems, providing criminal justice agencies with state-of-the-art forensic analytical and investigative capabilities along with expert testimony.
Page 18 PREV PAGE TOP OF DOC Segment 1 Of 3
The New York State Police Computer Crimes Unit was formed in 1992 to provide investigative and forensic capability in cases involving the use of computers and technology. A large portion of the unit's case work includes traditional crimes such as narcotics trafficking, gambling, homicide, sexual assault, and stalking, which can all be facilitated by the use of technology.
Law enforcement efforts directed toward cyber crime in New York State are focused in five primary areas. First, the forensic analysis of digital evidence. This is an evolving discipline in which the New York State Police is working to develop standard procedures and protocols statewide.
Next is critical information systems protection. In this area of growing concern, the New York State Police and the Office for Technology have developed a plan to respond to the increased number of threats to Government-owned computer systems.
The third area is child exploitation. The New York State Police, the Attorney General's Office, and the Division of Criminal Justice Services were among the first grant recipients in the Internet Crimes Against Children's Task Force program, working cooperatively with local, State and national efforts.
Fraud and identity theft are fourth, and account for more than 1,000 complaints received by New York agencies.
Finally, and no less significant, is training. The New York State Police as well as others are striving to meet the diverse training needs of law enforcement required to combat the proliferation of technology-enabled crime.
Page 19 PREV PAGE TOP OF DOC Segment 1 Of 3
These five areas represent unique challenges for law enforcement. The speed and anonymity of the Internet allows criminals to commit crimes across geographic and jurisdictional boundaries. Investigations in this environment require partnership, cooperation, and information sharing between government at all levels, the private sector, and academia.
Agencies fighting cyber crime need strategies to train, retrain personnel who are in high demand in the private sector. The resources available to address these problems are severely inadequate, generally exceed those of most local agencies, and could not realistically be deployed by Federal agencies within the State. The New York State Police has accepted a central role in developing a coordinated cyber crime approach to address these needs.
The New York State Police and the Office for Technology have taken the first step in reaching this goal by developing a multiagency plan to protect State computer systems and to respond to identified emergencies. This plan links a technical emergency response team and an information sharing and analysis center, the statewide deployment of highly trained investigators, and a facility to provide forensic analysis, training, program development, and legal research. Centrally headquartered in Albany, New York, this plan provides the framework to incorporate current law enforcement efforts and capabilities from all regions of the State.
A coordinated statewide initiative to fight cyber crime will require funding strategies that emphasize cooperative effort. We support the Computer Crime Enforcement Act of 2000, the Paul Coverdell National Forensic Science Improvement Act of 2000, and continued funding of the Internet Crimes Against Children's program, the National Cybercrime Training Partnership, and legislation which would improve the legal process that law enforcement must utilize in responding to cyber crime.
Page 20 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. Chairman, I would like to thank the Committee for allowing me to share with it the issues regarding cyber crime in New York State. I look forward to continuing to work with you and the Members of your Subcommittee. At this time, I would be pleased to address any inquiries that you may have.
[The prepared statement of Mr. Stevens follows:]
PREPARED STATEMENT OF RONALD R. STEVENS
Chairman Smith, Congressman Scott and members of the Subcommittee, my name is Ron Stevens, and I am here representing the State of New York as the Director of the Computer Crime Unit for the New York State Police. I thank you for this opportunity to testify with regard to the current state of Cybercrime in New York State, and what needs to be done in the future to address this growing problem.
The highest priority of Governor George Pataki is the protection and well-being of the citizens of New York State. The New York State Police, along with more than 500 local police departments across the state, are committed to fulfilling this mission. As one of the ten largest law enforcement agencies in the nation, the New York State Police employ approximately 5000 people in more than 200 locations statewideincluding 1000 investigative specialists in the Bureau of Criminal Investigation. The New York State Police is a full service police agency, which also operates one of the nation's leading Crime Laboratory Systems providing criminal justice agencies across New York with state-of-the-art forensic analytical and investigative capabilities and expert testimony.
Page 21 PREV PAGE TOP OF DOC Segment 1 Of 3
The New York State Police fully understands and agrees that to successfully combat Cybercrime, law enforcement cannot ''do it alone.'' The ramifications of a ''connected'' society, and the rapid proliferation of computers and the Internet, require that law enforcement work in a collaborative and coordinated manner. That is why the New York State Police has been diligently building relationships with organizations at the State, Local, and Federal levels. We have close working relationships with local police departments and District Attorneys' offices. We participate in regional and statewide task forces, including the New York Electronic Crimes Task Force, and take part in cooperative efforts with the New York State Division of Criminal Justice Services, Office for Technology, and Office of the Attorney General. The New York State Police is involved in training and research efforts with the State University of New York and other colleges and universities, as well as the National Law Enforcement and Corrections Technology Center. We participate in a number of national initiatives including the Scientific Working Group on Digital Evidence (SWGDE), the National Cybercrime Training Partnership (NCTP), and the FBI InfraGard program. We work cooperatively with the National Institute of Standards and Technology (NIST), the National Center for Forensic Sciences (NCFS), the National Infrastructure Protection Center (NIPC), and the American Society of Crime Laboratory Directors (ASCLD).
As one of the first law enforcement agencies to respond to the threats posed by the techno-criminal, the New York State Police launched the Computer Crime Unit in 1992. The Unit was created to provide investigative and forensic capability in investigations involving the use of computers and technology to facilitate crime. The primary function of the Computer Crime Unit is to bridge the communication gaps that exist between investigating police officers, prosecutors, and computer experts by providing the technical expertise and assistance needed.
Page 22 PREV PAGE TOP OF DOC Segment 1 Of 3 WHAT WE ARE DOING TODAY
Many of the crimes that law enforcement confronts everyday are beginning to appear in the digital world. Criminals have adapted to the information age very quickly. More and more traditional crimes such as those involving narcotics trafficking, gambling, auto theft, homicide and assault, stalking, child pornography, fraud, and identity theft are facilitated by the use of technology. As criminals continue to utilize these evolving technologies, it is imperative that all levels of law enforcement are able to adequately respond to this elusive threat.
The Computer Crime Unit currently has five primary areas of responsibilityincluding forensic analysis, computer network and information systems security breaches, Internet crimes against children, fraud and identity theft, and training and researchchallenges faced equally by law enforcement agencies statewide.
Forensic examination of digital evidence can be crucial in the investigation of crimes facilitated by the use of technology. A growing number of investigations involve crime where critical evidence is stored on digital media such as computer hard drives. Whether the case is criminal, civil or administrative, processing digital evidence requires technically skilled personnel with specialized training and equipment. As the volume and complexity of casework grows, it will become increasingly important for additional resources to be allocated in a more efficient and effective manner.
Page 23 PREV PAGE TOP OF DOC Segment 1 Of 3 Since 1997, the Computer Crime Unit has received more than 600 ''containers'' of evidence for forensic analysis. A container of evidence could consist of hundreds of removable media, a laptop computer, or a network server containing multiple disk drives. At present, there are 150 containers onsite awaiting processing. Requests for analyses are received daily, with urgent and time-sensitive cases receiving top priority. Accordingly, evidence in important investigations is analyzed and completed in a short period of time. However, low priority cases tend to have slower processing times due to the sheer volume of cases and available resources. It would take approximately 18 months to clear just the pending cases at current staffing levels, if no additional cases were received.
The fledgling discipline of computer forensics is at a point where the lack of accepted standards and procedural uniformity has prompted independent responses from a myriad of law enforcement agencies at the State, Local, and Federal levels. If this haphazard approach continues, defense challenges could call into question the credibility of computer forensic analysis due to the lack of standardization. The science of computer forensics must evolve to meet the same standards of evidence that have been established for other forensic disciplines such as fingerprinting, ballistics, drugs, and DNA.
We need to ensure that standardized operating procedures in the field of computer forensics are established and incorporated into the training of forensic examiners across the nation. Population, geography, type and level of crime, as well as existing resources need to be evaluated prior to developing future computer forensic laboratories. In addition to the New York State Police Computer Crime Unit, law enforcement in Western New York and the New York City Metropolitan area are developing centralized forensic capabilities. The activities of all laboratories should be closely coordinated to ensure the development of generally accepted standards. At the same time, individual laboratories must be linked to the investigative mission of their respective region.
Page 24 PREV PAGE TOP OF DOC Segment 1 Of 3
Computer Network and Information Systems Security Breaches
The reliance on computer interconnectivity has increased the risks associated with the Internet and computer network use. Malicious and unlawful cyber attacks in both the private and public sectors are becoming increasingly prevalent and of greater concern to mainstream society.
One of law enforcement's newest challenges is responding to attacks on public and private sector computer networks and information systems. Those at greatest risk are the networks and systems linked to state and national critical infrastructures, including information, communication, finance, energy, and transportation.
As society begins to accept law enforcement's role in our connected world, it is increasingly likely that law enforcement will become the ''first responder'' to cyber-based attacks. This will require the use of specialized technical and investigative personnel with a sound understanding of computer technology and advanced forensic analysis. Coordinated public sector resources must work with private sector interests and must be available in multiple jurisdictions in order to effectively protect our vital infrastructures.
In the State of New York, we have embarked on a multi-agency initiative focused on addressing cyber-based vulnerabilities. The New York State Police and the Office for Technology have worked in concert to develop a plan to address the increased risk of network and systems intrusion. The plan calls for the development of end-to-end detection and response capability thus enabling the State to identify and analyze attacks on government-owned computer networks and initiate appropriate technical and law enforcement measures when required. The plan also calls for the State to make every possible effort to ensure that an individual's liberties and privacy rights are protected.
Page 25 PREV PAGE TOP OF DOC Segment 1 Of 3
Internet Crimes Against Children
The threat to our children from predators who hide their identity behind the veil of technology is greater than ever. Law enforcement in every state must act swiftly and decisively to protect innocent and vulnerable potential victims.
As a result of a preexisting multi-agency initiative, New York State was one of the first to receive a federal grant from the Office of Juvenile Justice and Delinquency Prevention (OJJDP), which created the NYS Internet Crimes Against Children (ICAC) Task Force (FY1999$284,760; FY2000$256,250; FY2001$256,250). This dedicated multi-agency initiativecomprised of the New York State Police, Attorney General's Office, and Division of Criminal Justice Servicesinvestigates computer-enabled crimes that exploit children. In addition, the task force works to promote standardized investigative techniques, trains law enforcement personnel, and enhances public awareness. By cooperating with 30 similar task force operations nationwide and local agencies that have received ICAC satellite grants, the NYS ICAC Task Force has been able to successfully investigate, arrest, prosecute, and incarcerate predators who target children.
Ever increasing caseloadscurrently more than 1,000 active ICAC investigations in New York State alonerequire more cooperation and centralized coordination. Mechanisms for coordinating and sharing information about undercover operations within each state must be improved to ensure officer safety and the efficient use of law enforcement resources.
A recent federal evaluation of the ICAC program made several recommendations. One critical recommendation addresses capacity building for both forensic analysis and training in response to the growing number of reported cases. The forensic needs and investigative skills required in ICAC investigations are the same for other crimes involving the use of technology, and must be addressed in coordination with efforts in other program areas. Another recommendation proposes that a major ICAC grant be directed to each state. Quickly identifying, arresting, and prosecuting these predators will protect potential future victims. As the volume of cases grows, we need to ensure that there is a centrally coordinated point of contact in each state to advance multi-jurisdictional investigations.
Page 26 PREV PAGE TOP OF DOC Segment 1 Of 3
Fraud and Identity Theft Investigation
Fraud investigations involving a ''petty crime'' are often indicative of more serious and far-reaching illegal activity. The ease and speed of the Internet can be used to facilitate fraud, enabling criminals to commit crimes with relative impunity. Scams of this type can be quickly replicated and disseminated worldwide.
Victims of these techno-crimes are now able to report fraudulent activity on a secure web site administered by the Internet Fraud Complaint Center (IFCC)a joint initiative between the FBI and the National White Collar Crime Center. Complaints are then forwarded to all law enforcement agencies that have jurisdiction. The early success of this IFCC program illustrates the willingness of the public to report fraudulent activity to the proper authorities. Already more than 1,000 complaints have been referred to the New York State Police, and it is projected that this number will grow exponentially as IFCC continues to promote its program and increase its capacity to receive complaints.
The New York State Police has already created a database to record and analyze these IFCC complaints. Additional resources are needed to develop a systematic and coordinated response plan to disseminate complaints to the appropriate law enforcement agencies.
Cyber criminals are now preying upon individuals as well as businesses. The Internet is a venue that can be used to obtain extensive personal and financial information that, if in the wrong hands, can be used to perpetrate crime.
Page 27 PREV PAGE TOP OF DOC Segment 1 Of 3 Recently, there was a case in New York City where an unscrupulous individual used the personal information of more than 200 of the wealthiest people in America to fraudulently obtain credit or services in the victim's name. This high-profile case is just one example of the identity theft complaints that law enforcement receives on a daily basis. In the year 2000, the Federal Trade Commission reported more than 2500 victims of identity theft in New York State.
Training and Research
The demand for highly trained and skilled personnel to investigate computer-enabled crimes is tremendous. This problem is compounded by the rapid advances in technology, which make continual training a necessity. In addition, there is a shortage of qualified instructors available to deliver law enforcement training in this area.
The Computer Crime Unit has provided instruction to thousands of law enforcement personnel throughout the State. At the same time, other law enforcement agencies are engaged in similar training programs. Consequently, duplicative training programs are emerging without coordination. These training efforts must be streamlined in a cooperative manner with delivery channels that result in high-quality instruction and training.
The United States Department of Justice currently funds the National Cybercrime Training Partnershipa consortium of experts from government, academia, and the private sector. New coursework is being developed based on the knowledge, skills, and abilities required today in the field of computer crime. One goal of the partnership is to identify existing, government-owned training and make it available at the local level in each state. Through ''train the trainer'' and distance learning programs, and in cooperation with academia, these modules must be incorporated into law enforcement training and academic degree programs.
Page 28 PREV PAGE TOP OF DOC Segment 1 Of 3
WHAT MAKES THIS AREA SO CHALLENGING?
The broad reach of the Internet, which connects millions of people worldwide, presents a number of unique challenges to law enforcement in the fight against Cybercrime. Technologically sophisticated criminals can exploit the Internet's speed and distributed nature to commit crime and wreak havoc without regard to geographic and jurisdictional boundaries. A single perpetrator is able to anonymously take advantage of millions of vulnerable computer neophytes with relative ease. Law enforcement's dilemma is further complicated by the rate at which technological innovations evolve.
The nature of Cybercrime necessitates that law enforcement overcome institutional resistance to information sharing. Improving existing relationships and forging new partnerships, inside and outside of law enforcement, will improve every police agency's ability to exchange information in an expeditious manner. In so doing, law enforcement will be in a better position to investigate crime.
Attracting qualified candidates in the field of Cybercrime and computer forensics is difficult given the higher salaries offered by the private sector for similar skills. This amplifies the challenge for law enforcement agencies that seek to blend the stability and deployment flexibility of sworn personnel, with the technical expertise of civilian analysts. In addition, this rapidly expanding and evolving field requires personnel to receive training on a continuous basis in order to keep pace with the cybercriminal.
It is neither efficient nor practical for New York State to expect over 500 local police departments to investigate computer crimes and conduct forensic analyses. Most of these small local police departments, many with staffing levels of less than 10, lack sufficient resources needed to provide a comprehensive response.
Page 29 PREV PAGE TOP OF DOC Segment 1 Of 3
Accordingly, the New York State Police with its statewide reach, investigative knowledge and expertise in the field of computer crime, make it the logical choice to play a central role in the development and operation of a coordinated Cybercrime initiative in New York State.
WHAT DO WE NEED TO DO IN THE FUTURE?
Fighting Cybercrime requires a coordinated approach, which unites local resources with those at the state and national level. Government must work cooperatively to ensure that statewide initiatives to fight Cybercrime are not duplicative. New York State, and others, must fit into a coordinated national plan, which ensures that staffing, equipment, and training resources are maximized, and provides a mechanism to share vital information. The federal government should work cooperatively with states to develop statewide initiatives in an effort to advance a systematic approach.
As part of an effort to develop a comprehensive and coordinated statewide initiative, the New York State Police and the Office for Technology took the first step toward meeting this goal by developing a multi-agency plan to protect the State's interconnected information systems.
This framework provides the mechanism by which the Office for Technology can secure the State's information systems, conduct network analysis, share information, and provide technical emergency response. Once a criminal act is identified, the New York State Police would mobilize the requisite investigative and forensic resources.
Page 30 PREV PAGE TOP OF DOC Segment 1 Of 3
Specifically, the New York State Police would deploy highly trained investigative resources regionally around the State to investigate information system threats and crimes involving technology. These regional investigative units would be supported by a centralized operation with a wide range of services. A computer forensics laboratory would process large quantities of digital evidence in an expeditious manner, while meeting the most complex analytical challenges.
Another unit would conduct Cybercrime training initiatives, program development, and legal research and analysis. This unit would be responsible for training members of the State Police, and would work with other agencies to develop statewide training standards. In addition, an onsite legal expert would examine and research the complex challenges which accompany Cybercrime investigations, and at the same time, work closely with prosecutors during criminal investigations, proposing legislation and regulation as necessary.
The proposal also calls for highly trained State Police liaison personnel to be located at the Office for Technology to coordinate and initiate the necessary law enforcement response to a network intrusion or cyber attack.
Overall, this collaborative, multi-agency information systems protection proposal provides the foundation to build a statewide, coordinated Cybercrime initiative in New York State.
Building a framework of this type requires that the unique strengths and capabilities of various regions be considered. These include:
Page 31 PREV PAGE TOP OF DOC Segment 1 Of 3
Western New York:
academic and research institutions in Buffalo and Rochester,
a number of experienced Cybercrime investigators and prosecutors,
geographic proximity to our Canadian partners in Ontario, and
a newly developed Regional Computer Forensic Laboratory, established by the United States Attorney's Office in the Western District of New York.
Upstate New York:
the center of New York State government,
major academic and research institutions, including the University at Albany and Rensselaer Polytechnic Institute,
the hub of the NYeNet, a statewide fiber optic network which supports the New York State E-Government Initiative,
the New York State Police Forensic Investigation Center, along with the headquarters of our major investigative operations into the areas of narcotics, auto theft, and organized crime which operate in close cooperation with governments in New England, New York City, and Quebec, Canada, and
Page 32 PREV PAGE TOP OF DOC Segment 1 Of 3
major research centers at Syracuse University, Cornell University, and the Air Force Research Laboratory in Rome, New York which are vital resources in the development of information assurance and computer security technologies,
New York Metropolitan Area:
the hub of international commerce,
home of the United Nations,
major research universities,
the multi-agency New York Electronic Crimes Task Force, and
the New York City Police Department, the nation's largest law enforcement agency
WHAT CAN THE FEDERAL GOVERNMENT DO TO HELP?
The national and international ramifications of Cybercrime suggest that the federal government develop funding guidelines promoting the adoption of a coordinated, statewide approach to address the growing threat of Cybercrime.
Computer Crimes Enforcement Act of 2000
Page 33 PREV PAGE TOP OF DOC Segment 1 Of 3 We support the Computer Crimes Enforcement Act of 2000 (P.L.106572), which was signed into law on December 28, 2000, and urge Congress to fund this legislation and consider additional funding targeted to those states that develop a statewide coordinated Cybercrime initiative.
Paul Coverdell National Forensic Sciences Improvement Act of 2000
We support the Paul Coverdell National Forensic Sciences Improvement Act of 2000 (P.L.106561), which was signed into law on December 21, 2000, and urge Congress to appropriate funds specifically for computer forensic laboratories, with funding again aimed at states that develop coordinated Cybercrime initiatives.
Office of Juvenile Justice and Delinquency Prevention (OJJDP)
Funding for Internet Crimes Against Children
We support continued funding for the Internet Crimes Against Children program, through the Office of Juvenile Justice and Delinquency Prevention (OJJDP), and urge Congress to direct major grant awards to each state. In addition, funding for forensic capacity should be coordinated with other funding efforts in forensics, and funding for training should be coordinated with the efforts of the National Cybercrime Training Partnership and other training efforts.
National Cybercrime Training Partnership (NCTP)
Page 34 PREV PAGE TOP OF DOC Segment 1 Of 3 We support continued funding for the National Cybercrime Training Partnership program to develop curricula and educate instructors. We urge Congress to establish a dedicated Scholarship Fund that would enable critical personnel from state and local government to participate in existing coursework identified by the partnership.
Mr. Chairman, I would like to thank the committee for allowing me to share with it the facts regarding Cybercrime in New York State. I look forward to continuing to work with you and the Members of your Subcommittee. At this time I would be pleased to address any inquiries you might have.
Mr. SMITH. Thank you, Mr. Stevens.
STATEMENT OF MICHAEL T. McCAUL, DEPUTY ATTORNEY GENERAL FOR CRIMINAL JUSTICE, AUSTIN, TX
Mr. MCCAUL. Thank you, Mr. Chairman. Let me first say it is good to see a fellow Texan in your position. And Members of the Subcommittee, I thank you for this opportunity to testify on the topic of cyber crime and efforts at the State level to combat it.
In my view, two factors have converged in recent years to bring about a major criminal justice problem, and that is the widespread use of computers and the Internet to commit crimes and a critical lack of resources. Last September, Attorney General John Cornyn launched the Texas Internet Bureau to address the rapid growth of cyber crime in Texas. Since that time, the investigators and prosecutors in our office have been faced with a daunting array of cases, from Internet-savvy child predators, online child pornographers, to computer hackers, identity thieves, and fraud online.
Page 35 PREV PAGE TOP OF DOC Segment 1 Of 3
Modern day criminals have learned to exploit the Internet and leverage computer technology to reach a virtually unlimited number of victims while maintaining a maximum level of anonymity, and I have no doubt that the number and variety of computer crimes will continue to mount. It is projected that global e-commerce dollars will rise from $50 billion in 1998 to $1.3 trillion in 2003. The phrase ''follow the money'' applies not only to investors but to criminals as well.
Unfortunately, one of the biggest problems is that computer criminals are targeting the most vulnerable of our society, and that is the children. While the Internet has revolutionized the ways in which the world communicates, there is an equally awesome dark side to it. According to the Federal Bureau of Investigation, child pornography was virtually extinct prior to the advent of the Internet. However, with increased Internet usage in America and the world, there has been an alarming increase in child pornography cases.
According to the U.S. Postal Service. 40 percent of the offenders who have been arrested with child pornography downloaded from the Internet have already sexually assaulted minors. That is a staggering statistic.
The National Center for Missing and Exploited Children issued a report entitled ''Online Victimization: A Report on the Nation's Youth.'' This report presents troubling and startling results. Based on interviews of 1,500 youths between the ages of 10 and 17, the report found that approximately one in five children received a sexual solicitation or approach over the Internet in the last year. One in four children had an unwanted exposure on the Internet to sexually explicit images, and 1 in 17 children were either sexually threatened or harassed.
Page 36 PREV PAGE TOP OF DOC Segment 1 Of 3
A large portion of our case load in Texas involves the investigation of these online child predators. In one case recently investigated, a 25-year-old school teacher was arrested after he solicited sex from a person he believed to be a minor in a chat room entitled ''Younger Girls for Older Men.'' A subsequent investigation revealed that the suspect had previously used the Internet to seduce a 15-year-old girl, and the suspect was rearrested and charged with three counts of sexual assault of a child.
Another case that our office handled involved a school shooting case in Brownfield, Texas, to show you how widely diverse these cases are. Our office became involved after the local police called for our assistance. They had a report that a student was hacking into the high school's computer system.
After we executed the search warrant, we found in the student's home a written narrative detailing a plan to shoot up the school and murder several students, a master key to the high school, and schematic plans of the high school. And the student was, in fact, hacking into the school's computer system. The investigation led to the prosecution of the juvenile, who is now serving time in a juvenile facility in Texas.
These cases demonstrate that computer crimes have serious consequences: the rape of a child, and a potential school massacre. If we are to stem the flood of cyber crime, State and local authorities must increase their enforcement efforts. Attorney General Cornyn's Texas Internet Bureau is a step in the right direction and, I believe, a model for the Nation, but it is only a first step.
Page 37 PREV PAGE TOP OF DOC Segment 1 Of 3 I believe that any efforts aimed at helping State and local law enforcement authorities to combat cyber crime should be focused on three primary areas of concern: one, jurisdictional issues; two, cooperative initiatives; and, three, resources.
Traditional State and local law enforcement agencies have been keenly aware of the jurisdictional boundaries in which they operate. This model is very effective in handling local crimes where the suspect, the victim, and the crime scene are all in one jurisdiction. The Internet, however, is an environment without boundaries, an environment which enables criminals to victimize local populations from anywhere in the world.
Consider an example: a fraudulent scheme targeting Texas residents is perpetrated from a web site located in Ohio. Investigators don't know where the perpetrator lives, and in order to locate the suspect, we must issue a subpoena and serve that on the ISP in Ohio. Currently, there is no formal mechanism for service of process or compliance with the subpoena, so the ISP could completely ignore the subpoena altogether. Or Texas prosecutors might succeed in convincing the ISP to comply by obtaining help from local authorities in Ohio. The problem with this is that it would be a matter of professional courtesy and not one of a legal process.
This example illustrates the kind of jurisdictional hurdles often faced by State and local authorities, and the need for laws that provide for authority for out-of-State service of process and enforceability of that process.
I am convinced that the problem of computer crime cannot be addressed by any one level of government acting on its own. And while the Feds have taken the lead in this area, they cannot solve this problem alone, and the States need to step up to the plate. It is simply not enough to react to the problem. Law enforcement must learn to interact if we are to triumph over network crime.
Page 38 PREV PAGE TOP OF DOC Segment 1 Of 3
The vast scope of the Internet and its increasing pervasiveness demands that governments develop partnerships and joint initiatives. Recently the National Association of Attorneys General, or NAAG, and the Department of Justice's Computer Crime and Intellectual Property Section, worked together to create a Computer Crime Point of Contact list that contains the name of the investigator and prosecutor for each State. These individuals have agreed to serve as contact points when investigators from out-of-State have questions during the course of a cyber crime investigation or prosecution.
In Texas our office has been involved in another joint initiative which I believe is most significant, and that is the creation of the North Texas Regional Computer Forensics Lab. This lab is a multiagency facility that serves the computer forensics needs of all law enforcement agencies in a 137-county region surrounding the Dallas area.
Prior to the creation of the lab, there was about an 8 to 12 month backlog of seized computers that needed to be examined. Since the creation of the lab, that delay has been reduced to less than 1 month.
Mr. SMITH. Mr. McCaul, I have to interrupt you. I am tracking your statement, and unfortunately we are running short of time. Could I ask you to summarize the remaining part of your statement?
And let me also say to all the witnesses today that, without objection, your entire testimony will be a part of the record.
Page 39 PREV PAGE TOP OF DOC Segment 1 Of 3 Mr. MCCAUL. Yes, Mr. Chairman.
I would like to say we have partnered with the FBI and the Commerce Department's Critical Infrastructure Office to host a conference this fall on cyber terrorism. I believe with the dawn of the Melissa virus and others, the threat to our national security by a rogue nation or a small group of anarchists by computers is really no longer futuristic, but rather is a present-day reality, and it is imperative that the Federal Government partner with the States to protect our critical infrastructure.
My last point, and I think perhaps most importantly in response to Congressman Scott's question about enacting new laws, I believe the area where we need the most help and where we don't need a new law enacted is in the area of the Computer Crime Enforcement Act. That was enacted into law.
That act provided for funding for the States, a grant program to assist State and local law enforcement. It also provided for $25 million over the next 4 years for the purpose of what we are discussing here today, and that is to help the State and local law enforcement authorities. I simply ask that the Congress appropriate the funding that the act authorized. Unfortunately, funding was never appropriated under this act, and I believe without that funding it is virtually impossible for us to do an effective job to combat cyber crime.
Thank you very much.
[The prepared statement of Mr. McCaul follows:]
Page 40 PREV PAGE TOP OF DOC Segment 1 Of 3 PREPARED STATEMENT OF MICHAEL T. MCCAUL
Mr. Chairman and Members of the Subcommittee, I thank you for this opportunity to testify on the topic of cyber crime and efforts at the state level to combat it. Two factors have converged in recent years to bring about a major criminal justice problem: the wide spread use of computers and the Internet to commit crimes, and a critical lack of resources, especially at the state and local level, to combat computer-related crime. Last September, Attorney General John Cornyn launched the Texas Internet Bureau to address the rapid growth of cyber crime in Texas. Since that time the investigators and prosecutors at the Internet Bureau have been faced with a daunting array of casesfrom Internet savvy child predators and online child pornographers to computer hackers, identity thieves and computer fraudsters. Modern day criminals have learned to exploit the Internet and leverage computer technology to reach a virtually unlimited number of victims while maintaining a maximum level of anonymity, and I have no doubt that the number and variety of computer crimes will continue to mount.
Unfortunately, one of the biggest problems is that computer criminals are targeting the most vulnerable of our societychildren. While the Internet has revolutionized the ways in which the world communicates, there is an equally awesome dark side. According to the Federal Bureau of Investigation, child pornography was virtually extinct prior to the advent of the Internet. However, with increased Internet usage in America and the world there has been an alarming increase in child pornography cases. According to the U.S. Postal Service, 40 percent of the offenders who have been arrested with child pornography downloaded from the Internet have sexually assaulted minors. The National Center for Missing and Exploited Children and the Crimes Against Children Research Center's June 2000 report entitled Online Victimization: A Report on the Nation's Youth presents startling and disturbing results. Based on interviews with a nationally representative sample of 1,501 youths ages 10 to 17 who use the Internet regularly, the report found:
Page 41 PREV PAGE TOP OF DOC Segment 1 Of 3
Approximately one in five children received a sexual solicitation or approach over the Internet in the last year.
One in thirty-three received an aggressive sexual solicitationa solicitor who asked to meet them somewhere; called them on the telephone; sent them paper mail, money, or gifts.
One in four children had an unwanted exposure on the Internet to pictures of naked people or people having sex in the last year.
One in seventeen children was threatened or harassed.
Approximately one quarter of the children who reported these incidents were distressed by them.
The interviewed children reported less than 10% of the sexual solicitations and only 3% of the unwanted exposure episodes to law enforcement, the Internet Service Provider, or a hotline.
Only about 25% of the youth sexually solicited or approached told a parent and only 40% of those who experienced unwanted exposure to sexual material told a parent.
Only 17% of youth and approximately 10% of parents could name a specific authority (such as the FBI CyberTipline, or an Internet service provider) to which they could make a report, although more said they had ''heard of'' such places.
Page 42 PREV PAGE TOP OF DOC Segment 1 Of 3
In households with Internet access, one third of parents said they had filtering or blocking software on their computer at the time they were interviewed.(see footnote 1)
A large portion of the Texas Internet Bureau's case load involves the investigation of online child predators. In one case recently investigated by the Internet Bureau, a twenty-five year old school teacher was arrested by Austin police officers and Internet Bureau investigators after he solicited sex from a person he believed to be a minor in a chat room entitled ''Younger Girls for Older Men.'' A subsequent investigation revealed that the suspect had previously used the Internet to seduce a fifteen year old girl, and the suspect was re-arrested on three counts of sexual assault of a child.
Internet Bureau investigators have been involved in other cases as well. For example, last March, an investigator from the Internet Bureau assisted local police in investigating a potential school shooting case in Brownfield, Texas. The Internet Bureau became involved after Brownfield police received a report that a student was hacking into the local high school's computers. When the Internet Bureau and local police searched the student's home, they discovered a written a narrative detailing a plan to shoot up the school and murder several students, a master key to the high school, and schematic plans of the high school. Investigators also learned that the student was, in fact, hacking into one of the school's computers. The investigation led to the prosecution of the juvenile who is now serving time in a juvenile facility in Texas.
These cases demonstrate that computer crimes have serious consequencesthe rape of a child, and a potential school massacre. If we are to stem the flood of cyber crime, state and local authorities must increase their enforcement efforts. Attorney General Cornyn's Texas Internet Bureau is a step in the right direction, but it is only a first step.
Page 43 PREV PAGE TOP OF DOC Segment 1 Of 3
I believe that any efforts aimed at helping state and local law enforcement authorities combat cyber crime should be focused on three primary areas of concern: (1) jurisdictional issues, (2) cooperative initiatives, and (3) resources.
Traditionally, state and local law enforcement agencies have been keenly aware of the jurisdictional boundaries in which they operate. City police officers patrol the city, county sheriff's deputies patrol the county outside of the city, and state police officers patrol the Interstate highway system. This enforcement model is very effective in handling local crimescrimes where the suspect, the victim, and the crime scene are located within one jurisdiction. The Internet, however, is an environment without boundaries; an environment which enables criminals to victimize local populations from anywhere in the world. Consider an example: a fraudulent scheme targeting Texas residents is perpetrated from a website. The website is hosted on a computer in Ohio, and investigators are not sure where the perpetrator is located. In order to locate the fraudster, Texas prosecutors would likely issue subpoenas to the service provider in Ohio, but currently, there is no formal mechanism for service and compliance with this subpoena and the Ohio provider could choose to ignore the subpoena altogether. Texas prosecutors might succeed in convincing the service provider to comply by obtaining help from authorities in Ohio, but this would be a matter of professional courtesy and not legal process. In addition, because service providers often only temporarily maintain records of Internet activity, the delay caused by having to contact out of state authorities and obtain assistance may result in the deletion of the records sought.
Page 44 PREV PAGE TOP OF DOC Segment 1 Of 3 This example illustrates the kind of jurisdictional hurdles often faced by state and local authorities investigating crime on the Internet. State and local authorities need laws that provide authority for out of state service of process and enforceability of that process.
COOPERATION AND COORDINATION
I am convinced that the problem of computer crime cannot be addressed by any one level of government acting on its own. It is simply not enough to react to this problemlaw enforcement must learn to interact if we are to triumph over network crime. The vast scope of the Internet and its increasing pervasiveness demands that governments develop partnerships and joint initiatives. Recently, the National Association of Attorneys General (''NAAG'') and the Department of Justice's Computer Crime and Intellectual Property Section (''CCIPS'') worked together to create a ''Computer Crime Point of Contact List'' that contains the name of an investigator and prosecutor from each state. These individuals have agreed to provide their telephone numbers and to serve as the contact point when investigators from out of state have questions during the course of a cyber crime investigation or prosecution. A copy of this list is available on NAAG's website at www.naag.org.
In Texas, our office has been involved in another joint initiativethe creation of the North Texas Regional Computer Forensics Lab. The North Texas Regional Computer Forensics Lab is a multi-agency facility that serves the computer forensics needs of all law enforcement agencies in a 137 county region surrounding the Dallas metroplex area. The cases investigated and prosecuted by the Texas Internet Bureau often turn on evidence contained within computers, evidence that must be examined and analyzed by experts such as those at the North Texas Regional Computer Forensics Lab. Prior to the creation of the lab, however, there was an eight to twelve month back log of seized computers that needed to be examined. This meant that if an investigator developed probable cause to search a child pornographer's computer for evidence of child pornography, the investigation would be put on hold for almost a year while the computers were analyzed and evidence extracted. Since the creation of the North Texas Regional Computer Forensics Lab, that delay has been reduced to less than a month. Attorney General Cornyn is very proud that the Texas Internet Bureau has joined with the FBI and nine local police departments in creating this Lab as the resource it provides will greatly enhance Texas efforts to bring cyber criminals to justice.
Page 45 PREV PAGE TOP OF DOC Segment 1 Of 3
Because we believe joint law enforcement efforts can have a truly awesome impact, our office is aggressively pursuing collaborations with all levels of law enforcement. For instance, the Texas Internet Bureau is working closely with the Dallas Police Department and the Dallas County Sheriff's office in the Internet Crimes Against Children Task Force. Frequently, investigators from our office conduct joint investigations with the Austin Police Department's High Tech Squad or with the Texas Department of Public Safety's Special Crimes Division.
We are also working with federal agencies. In fact, we were able to attract a top cyber crime prosecutor, Reid Wittliff, from the Dallas US Attorney's office to head the Internet Bureau. Another one of our prosecutors has been selected for a fellowship sponsored by NAAG with funds received from the Bureau of Justice Assistance at the Computer Crime and Intellectual Property Section here in Washington. In prior years, representatives from three attorneys Generals' offices have gained valuable experience during the fellowship. If this years fellowship is funded, we see two benefits coming from it: first, our attorney will gain expertise and training in the area of computer crime and bring that experience to the Texas Internet Bureau, and second, our office will build a closer relationship with the Department of Justice. Following the success of the CCIPS fellowship, the Texas Internet Bureau has plans to start a similar internship program this Fall. We plan on creating two internship positions for local police officers who will come work at the Internet Bureau and gain experience and hands on training, and then take that experience back to their local departments after the internship.
Joint partnerships of federal, state, and local law enforcement agencies such as the North Texas Regional Computer Forensics Lab are the solution to the problem of cyber crimebut these initiatives will not get off the ground without resources. Cyber crime fighting is an expensive endeavor. Technical equipment is expensive, and technology is rapidly changing. The cyber crook is likely to have up to date technology and law enforcement needs to keep pace with him. Funding for personnel is critical. Training an officer is costly. According to the Director of the North Texas Regional Computer Forensics Lab, it costs almost $35,000 to train one of their computer forensics examiners. And once officers are trained, retention becomes a problem as technically trained law enforcement officers are few and far between and often have offers to work at high-paying private sector jobs. The computer crime point of contact list mentioned earlier can be a tremendous resource, but only if the state contacts on the list have the resources and support needed to handle computer crime referrals. Simply put, the states need funding for personnel, training, and not just a one-time allotment, but on a recurring basis. Although Congress authorized money for computer crime investigations and forensics programs last year, the provisions went unfunded. The states desperately need this appropriation. Without it, cash strapped agencies will not be able to effectively investigate the computer crimes reported to them.
Page 46 PREV PAGE TOP OF DOC Segment 1 Of 3
In sum, we believe an effective cyber crime strategy should include: new legislation aimed at breaking down jurisdictional barriers to cyber crime investigations; programs designed to foster multi-agency approaches to computer crime investigations and prosecutions; and finally, an increase in resources to law enforcement for use in cyber crime investigations and prosecutions. We are very pleased to see that Congress is concerned about this pressing criminal justice problem and we look forward to working with the Subcommittee in finding solutions to the growing computer crime problem.
Mr. SMITH. Thank you, Mr. McCaul.
STATEMENT OF JOSEPH I. CASSILLY, STATE'S ATTORNEY, HARFORD COUNTY, BEL AIR, MD
Mr. CASSILLY. Thank you, Mr. Chairman, Members of the Committee. Thank you on behalf of the National District Attorneys Association, representing America's local prosecutors, for the opportunity to express our concerns on cyber crime. I am the Chair of the Cyber Crime Committee of the NDAA, and its representative on an FBI cyber crime working group to develop unified strategies to deal with this epidemic.
I have been a prosecutor for 24 years, elected to office five times. My office has handled numerous types of cyber crimes. I would like to highlight three areas of concern.
Page 47 PREV PAGE TOP OF DOC Segment 1 Of 3
One, training and resources. As has been expressed by other witnesses, there is definitely a need for training. I would like to focus on what local prosecutors need. Computers have created new crimes, such as viruses and denial of service attacks, and provided innovative ways to commit old crimes.
With these problems have come development of new investigative methods, new laws regarding obtaining evidence, working in foreign jurisdictions, and learning a new vocabulary. For the prosecutor comes the task of presenting cyber evidence to judges and juries, and assessing losses for sentencing.
Since cyber crime is a relatively new area, there is a dearth of prosecutors with any knowledge in this area. We need funding to bring classes and speakers to the States and provide multidisciplinary training so that prosecutors, investigators, and technicians can learn together. A traveling curriculum could quickly give local law enforcement the tools we need to plan and react.
Along with this, we do not have the equipment needed to investigate and prosecute cyber offenses and present the cases in the courtroom. We need seed money to get the computer equipment and the skills to use it at the local level. We need intensive efforts to train prosecutors on handling cyber crimes.
Two, forensic labs. Mr. McCaul indicated the problems with forensic labs. One solution that I visited is the regional computer forensic laboratory in San Diego. The lab's physical set-up was acquired principally with Federal money, but it is staffed with law enforcement officers from 27 local, State, and Federal police agencies. This provides the top of the line resources to local law enforcement and leads to standardized procedures, interagency cooperation, and information sharing.
Page 48 PREV PAGE TOP OF DOC Segment 1 Of 3
Contrast this with other places where competing Federal agencies have labs within miles of one another which do not share resources or experience, or cooperate with one another or with neighboring State and local labs. Please visit this lab and understand the work they do. Then Congress should take the lead to ensure that a series of these labs is developed to serve all levels of government.
The third area is standardization, first as it relates to laws. Congress needs to take the lead in uniform laws for securing evidence from out-of-State witnesses, ISPs, and record storage facilities. Federal laws should make it possible for and require Federal law enforcement and U.S. Attorneys to use their offices to assist local law enforcement in the preparation of subpoenas and warrants and the service of same, and to assist in the investigation of cyber crime, to obtain the evidence and relay it to the State. They could do this by possibly cross-designating local attorneys to act as Assistant U.S. Attorneys and give them access to the Federal courts, or by requiring Internet service providers to accept subpoenas from out-of-State as if they were issued from within their own States, without the necessity, as Mr. McCaul indicates, of going through the local prosecutor's office.
Second is laboratory standards. Why is this an issue for local prosecutors? Look at the thousands of hours of prosecutor preparation and court time for hearings in court after court to establish the scientific acceptability and reliability of DNA and DNA laboratory procedures, to understand why a local prosecutor would be interested in a standard set of forensic procedures. Besides law enforcement, there are many other computer forensic laboratories.
Page 49 PREV PAGE TOP OF DOC Segment 1 Of 3 Laboratory standards might best come from the National Bureau of Standards, with input from law enforcement, the IT industry, and others. A uniform set of standards would improve laboratory quality, and allow the prosecutor and the judge or jury to know that evidence they rely on was obtained with the best practices.
If our law enforcement efforts continue to develop in a random manner, our confusion will only be aiding criminals. On behalf of America's prosecutors, the National District Attorneys Association looks forward to working with you to fashion a solution. Thank you.
[The prepared statement of Mr. Cassilly follows:]
PREPARED STATEMENT OF JOSEPH I. CASSILLY
My name is Joe Cassilly and I am the elected prosecutor in Harford County, Maryland. I want to thank you on behalf of the National District Attorneys Association, representing the local prosecutors of this Nation, for the opportunity to give you our concerns on cyber crime. On behalf of our members I want to commend this Committee in pursing an area of vital importance to the citizens and our system of criminal justice.
I am also the Chair of the Cyber Crime Committee of the National District Attorneys Association and have served in various capacities within that organization since 1996. I also serve as the NDAA representative on FBI cyber crime working groups as we attempt to develop unified strategies to fight this epidemic. In addition to these national offices, I am also the president of the Maryland State's Attorneys Association.
Page 50 PREV PAGE TOP OF DOC Segment 1 Of 3 The views that I express today represent the views of that Association and the beliefs of local prosecutors across this Country. Let me assure you that local prosecutors need your help in tackling this every increasing criminal threat.
To place my remarks in contexton both a local level and on the national stage let me briefly tell you about my jurisdiction. Harford County is northeast of Baltimore and lies along the Susquehanna River. It has a population of about 225,000 people living in towns, suburban and rural areas with one large military base within our jurisdiction. I have been prosecutor for 24 years and honored to serve in my current office for 19 years, having been elected to office 5 times. I still actively try cases as well as supervise a staff that includes 23 deputy and assistant state's attorneys. Annually, my office handles more than 2500 felony cases.
During my tenure as a prosecutor, my office has investigated various computer crimes including cyber stalking, bomb and shooting threats in schools, child pornography, identity theft and on-line fraud schemes. In the course of those investigations I have worked with local, state and federal law enforcement agencies as well as security personnel from the information technology industry.
When we think of ''cyber crimes'' we frequently look at the headlines of international bugs and viruseslet me personalize this for you.
Recently, one of my police departments was contacted by a teenager in Arizona and told that a teenage boy on an Internet Relay Chat room had threatened a shooting at a Harford County high school. Working through the night the police with assistance from AOL were able to begin to trace back the message. Unfortunately, the police had to wait until another ISP opened the next morning to complete the information and arrest the juvenile. Due to the opening time of school, we were unable to obtain the information before students began arriving and armed, uniformed police officers had to be stationed around the school as a precaution. Needless to say parents and students were quite upset.
Page 51 PREV PAGE TOP OF DOC Segment 1 Of 3
In another case, the teenage daughter of a local elected official met a man in a cyberspace chat room. She agreed to meet him. He came in from New York. He drugged her drink, undressed her and videotaped her. When he set up a later meeting, the police were waiting. A search warrant executed in his residence found other victims.
And finallychild pornography. Nothing is as truly revolting and heartbreaking as to get into hidden files on a computer disk only to find movies and still photos of a small child being brutalized, degraded and scarred for life. The demand for these images is an international scandal, which starts each time with one child who needs the protection of local police and prosecutors.
I would like to highlight three areas of concern from the perspective of local prosecutor and use those as the catalyst for any further areas of discussion that you wish to pursue. They are the need for resources and training at the local level; the need for regional forensic laboratories and, lastly, the need for standardization of laws and forensic efforts across the nation and even internationally.
TRAINING AND RESOURCES
Crime once required a physical presence but it doesn't anymore. Computers have created new crimes, such as viruses, denial of services attacks, and hacking. Computers provide innovative new ways to commit old crimes; such as theft, pornography and drug dealing. With these problems have come the development of new investigative challenges, contacting hundreds, even thousands, of victims from a single internet solicitation, defining jurisdiction of a crime that spans dozens of states or countries, getting cooperation from service providers, record storage sites and investigators in other states or countries, new laws regarding obtaining evidence or working with laws in foreign jurisdictions. Learning a new vocabulary of IP, IT, URL, encryption, steganography and volatile memories. Additionally for the prosecutor comes the tasks of having courts recognize computer forensic laboratory techniques and technicians, presenting evidence to judges and juries and assessing the losses for sentencing.
Page 52 PREV PAGE TOP OF DOC Segment 1 Of 3
The majority of law enforcement focus will be on financial records, location of stolen property, child pornography, terrorist threats, stalking, trespasses and other thefts and frauds. One or two people on LAN's using the WAN to defraud other smaller users at the other end generally perform these.
One of the major problems of state law enforcement has nothing to do with technology but is basic jurisdiction and cost efficiency. The majority of frauds and thefts are under $100,000 and usually involve parties resident in different states. The federal authorities have little interest in cases under $1 millionso most of the caseload will naturally fall to the states. But will a Prosecutor be willing or have the resources to extradite on a $5,000 theft case?
We also have a lot to learn about search and seizure law as applied to the cyber world. In seizing a computer system it is important to have a very expansive list of items that can and should be seized. Off machine disk drivers can contain more data than the hard drive but if you don't specify them in the warrant you miss crucial evidence.
We also have to recognize that chain of evidence rules still apply and may even be more difficult as hard-and-soft ware goes through various forensic laboratories. A challenge here is when we have to use non-law enforcement organizations (such as the technology industry themselves); then we have to ensure they fully understand the requirements before any thing is actually turned over to them for analysis.
The sheer numbers of cases, which are increasing exponentially every year, is beyond the capability of any one law enforcement agency; yet at the state and local level, where the bulk of our law enforcement capabilities are concentrated, we are particularity unprepared to deal with the sophisticated concepts of cyber crime.
Page 53 PREV PAGE TOP OF DOC Segment 1 Of 3
Usually, new prosecutors are trained by more experienced prosecutors in an office, but since cyber crime has only appeared in the last decade there is a dearth of prosecutors with any knowledge in this area. There is some training available at for example the National White Collar Crime Center in West Virginia, but what we need is funding to bring classes and speakers into the states and provide multi-disciplinary training so that prosecutors, investigators and technicians can learn together.
I would note that NDAA's ''think tank,'' the American Prosecutors Research Institute has done some excellent training on a number of complex topics but has not been provided opportunities to work with prosecutors in this emerging and difficult area. A traveling curriculum could quickly give local law enforcement the tools we need to plan and react. It's impossible to convince a jury of something that you don't understand yourself!
Many of our prosecutors have better computers on their kid's desks at home then they do in their officessome do not even have computers in their offices. In addition you need computers, projectors, zip drives and specialized software to present these cases in the courtroom. By and large we do not have the equipment needed to investigate and prosecute cyber offenses and even when we do it is often out dated compared to the latest equipment that many cyber criminals use.
Bottom linewe need help in seed money to get the computer equipment and the skills to use it at the local level. We need intensive efforts to train prosecutors on trying cases in which computers are used to facilitate the offense.
Page 54 PREV PAGE TOP OF DOC Segment 1 Of 3 Congress receives many pleas for help but the nature of cyber crime demands national attention.
Part of the investigative work necessary to identify and prosecute a cyber criminal is the forensic work that must be done to capture and preserve evidence of the criminal activity. Just as a forensic investigator identifies and analyzes evidence at a ''traditional'' crime scene, evidence from computers must be identified and analyzed. This is, obviously not an easy task and the wait for the work to be done now can be unreasonable. And while we wait for forensic work to be completed cyber criminals may be free to victimize others.
I would like to call the Subcommittees' attention to one solutionthat of the regional computer forensic laboratory that has been established in San Diego. The lab's physical set-up was acquired principally with Federal money but it is staffed with law enforcement officers from 27 local, State and Federal police agencies. Not only does this provide the top of the line resources to local law enforcement, but also it leads to standardized procedures, and inter-agency cooperation and information sharing. The lab also contains a classroom that provides the training we need. I would urge that you visit this lab and understand the complexity of the work they do; then I would urge that Congress take the lead to ensure that a series of these labs is developed to serve all levels of government.
This should be contrasted with other places where competing Federal agencies have labs within miles of one another, which do not share resources or experience or cooperate with one another or with neighboring State and local labs.
Page 55 PREV PAGE TOP OF DOC Segment 1 Of 3
Years ago, when DNA first became useful as evidence in criminal cases we were slow to realize it's potential to both condemn and clear individuals of criminal activity. And because we were slow we did not develop the laboratory capacity at either the national or state levels to accomplish the necessary forensic capability to support our criminal justice system. We need to learn from this and make sure that we develop forensic facilities for cyber crime before it over whelms our system.
Standardization relates to two areas.
First, laws. Just as the action of Congress is responsible for a uniform .08 alcohol reading across the United States, Congress could take a lead in uniform laws for securing evidence from out of state witnesses, ISP's and other record storage facilities. For example, America On Line's corporate headquarters are across the Potomac in Loudon County, Virginia. Loudon County is around 200,000 citizens.
According to the Commonwealths Attorney for Loudon County, a day does not go by that his office is not called upon for information and assistance to serve subpoenas, warrants and court orders on AOL for prosecutors from New York to California. In other words the taxpayers of Loudon County are supporting the efforts in other states to fight a national crime problem. This inequity is repeated in many other local prosecutors offices where Internet service providers are located.
Page 56 PREV PAGE TOP OF DOC Segment 1 Of 3 Federal laws should make it possible for Federal law enforcement and U.S. attorneys to use their offices to assist in the preparation of subpoenas and warrants and the service of same to assist local law enforcement in the investigation of cyber crime to obtain the evidence and relay it to those states.
Second, laboratory standards. Why is this an issue for local prosecutors? One only has to look at the thousands dollars and thousands of hours of prosecutor preparation and court time for hearings to establish the scientific acceptability and reliability of DNA and the accompanying laboratory procedures for its analysis in court after court to understand why a local prosecutor would be in a standard set of forensic procedures. Since besides law enforcement there many private, national security and other computer investigators and forensic laboratories, laboratory standards might best come from the National Bureau of Standards with input from law enforcement, the IT industry and others.
A uniform set of standards would improve laboratory quality and from a prosecutor's perspective allow the prosecutor and the judge or jury to know that evidence they rely on for guilt or innocence determinations was obtained with the best practices and is not likely to be attacked in court
It is crucial that we have the ability to investigate and prosecute cases involving cyber technologyour citizens deserve nothing less. We cannot do this unless we adopt courses of action that afford a unified approach to the problem. If out law enforcement efforts continue to develop in a random manner, as they are at this time, we will not be protecting out citizens and our confusion will only be aiding criminals.
Page 57 PREV PAGE TOP OF DOC Segment 1 Of 3 On behalf of America's prosecutors I, and the National District Attorneys Association look forward to working with you on limiting and even ending crimes committed using advanced technology.
For further information contact
Director, Government Affairs
National District Attorneys Assn
(703) 5191651 or email@example.com
Mr. SMITH. Thank you, Mr. Cassilly.
The thrust of my questions is going to be to ask each one of you what you think the specific problem is that you confront, and also what you think the solution is, in the way of either changing current laws or perhaps drafting new laws. Mr. Stevens, in your testimony you mentioned that the newest challenge you face was the attacks on the public computer networks. If you will give us some examples of that, tell us why it is a problem, and then tell us what the solution is.
Mr. STEVENS. Yes, Mr. Chairman. What we have established in New York, and what we feel that will be the answer to this model, on the publicly owned or, if you will, government owned computer systems, will be a cooperative effort between the Office for Technology as well as the New York State Police, with advisory Committees from each one of the State organizations, with a rapid response team as well as teams that would be set up that would be able to manage their own computer systems, so that they could see that attacks were coming in and they could see if this attack was in fact being escalated to the point that it was an accidental probe or some intentional probe, where it may be compromising the system, and this may necessitate the need for investigative specialists and law enforcement then to go and pursue this investigation.
Page 58 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. SMITH. What legislation, if any, would you like to see Congress pass to address that?
Mr. STEVENS. I am not sure if I know what legislation it would be, sir, but support in our efforts as well as financial support.
Mr. SMITH. I was just going to say more resources, more personnel, probably.
Mr. STEVENS. More resources and more personnel, for sure.
Mr. SMITH. We hope to have that coming with a bill passed at the very end of last year that supplied $25 million for cyber crime efforts. That has not been appropriated yet. So we hope to get some money toward some of those efforts.
Mr. McCaul, in your testimony you mentioned the rapid growth of cyber crime in Texas, and you specifically singled out child pornography. You were nice enough last week to tell me examples of how you all had apprehended those engaged in that trade in Texas.
I am wondering if you consider that to be the most serious type of cyber crime you face. You mentioned, for example, that one out of five children today are confronted with unwanted pornography over the Internet. Or is there some other type of cyber crime that you think we need to address? And also, if you will, tell all of us what you mentioned to me last week about any changes in legislation you think would be helpful to you.
Page 59 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. MCCAUL. Yes. I believe that in terms of prioritizing these crimes, and there are so many of them, that the first and foremost one is to protect the kids and the children who are most vulnerable over the Internet, and so that is what my boss, the Attorney General, has mandated me to do, and that is what we have effectively done. It is so pervasive out there, and it is relatively untapped or unenforced, that it is frightening.
We have made a dent in that through partnerships like the Internet Crimes Against Children Task Force that we have with the Dallas police, but I think a model that has already been presented, that seems to work, that I think I would like to see go nationwide, and it is something that others have referred to, are these computer, regional computer forensics labs. The first one started in San Diego, and it is truly a joint State, local, Federal initiative.
In this area you have to combine the forces of government. You can't do it alone. And I would like to see, you know, we have done that in Dallas. You know, in Texas we have a regional lab, and it just opened a few months ago. It is working extremely well. This is something I would like to see go across the country, that I think could truly make a dent in attacking cyber crime.
Funding takes us to the next issue, that the Dallas office needs more funding. And I do believe with the act that I referred to you earlier, the funding was authorized and provided for. It just hasn't been appropriated. I believe with that funding we could truly bring our law enforcement efforts up to speed.
Mr. SMITH. Okay. Thank you, Mr. McCaul.
Page 60 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. Cassilly, let me address my last question to you and ask you why you called cyber crime an epidemic in your testimony, And also, and perhaps from the point of view of the DAs, you might have some specific suggestions for legislative changes.
Mr. CASSILLY. Well, an epidemic, I mean, right now I am working with the National District Attorneys Association. We are having a summer conference which is completely focused on cyber crime. Everywhere I go, people are looking for training. They are trying to find, ''Where can I go to learn about this?'' It is very difficult, I mean, for prosecutors especially, because a lot of us are in small, two and three, four-man offices. and to have to go away for a long period of time impacts the office, so they are looking for the training to be easily available and accessible.
To give you an example of the impact of cyber crime on a local DA's office, Loudoun County, Virginia is the corporate headquarters for AOL. Loudoun County is about 200,000 people. I talked with the Commonwealth Attorney for Loudoun County, Virginia, and he told me probably a day doesn't go by where they don't get a request from prosecutors from New York to California, to help them to prepare search warrants or to prepare petitions for court orders to serve on AOL to obtain evidence.
And so what you have is the taxpayers of Loudoun County, Virginia supporting the nationwide war on cyber crime. That is the type of thing that the Federal Government should become involved in by going to the Justice Department, the U.S. Attorneys Offices and saying, ''Hey, you guys should be the ones out there giving this assistance to the local prosecutors who are trying to pursue these people across State lines.'' Without that help, it is very, very difficult.
Page 61 PREV PAGE TOP OF DOC Segment 1 Of 3
We recently had a school shooting threat by cyber crime. We couldn't get the information from the ISP because they were closed for the night until after the school opened the next morning. So you had a school opening surrounded by armed police officers, and finally we managed to intercept, you know, get the information and do it. But it is the distance that is involved that really troubles, I think, a lot of local prosecutors in dealing with this.
Mr. SMITH. Thank you, Mr. Cassilly.
The gentleman from Virginia is recognized for his questions.
Mr. SCOTT. Thank you. I would like to ask the witnesses some jurisdictional questions, because this is one of the challenges with cyber crimes. Generally, you catch someone within your jurisdiction, a search warrant is issued for information that is physically within the jurisdiction, and some of the challenges that cyber crimes might have.
Mr. Cassilly, you indicated that if someone wants to subpoena evidence from AOL, they have to go to Loudoun County?
Mr. CASSILLY. Well, AOL will accept certain types of subpoenas directly from my office. For example, I can fax a subpoena. But under the Electronic Privacy Act, the Federal act, you can get certain information by way of a subpoena but if you want to go beyond that information, you have to get a search warrant or you have to get a court order. Those two documents have to be issued by a judge with jurisdiction specifically over AOL, so we have to go to Loudoun County for that sort of thing.
Page 62 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. SCOTT. A subpoena, you just ask for the information. You don't have to ask permission to issue a subpoena?
Mr. CASSILLY. I guess I should clarify. AOL is good enough to accept our subpoenas without requiring us. Other ISPs actually require us to go through the local prosecutor to get a local subpoena. But AOL is trying to be as cooperative as they can be.
Mr. SCOTT. What standard do you need to issue a subpoena?
Mr. CASSILLY. Really, just a reasonable basis that there is criminal activity. But the evidence that you can get by a subpoena is very limited, also. All you can get really is the name, address, phone number, that sort of thing. If you want to go beyond that initial information, you have to get search warrants, which you are now moving into the area of probable cause.
Mr. SCOTT. And if a crime is being committed in cyber space, how do you know where it is being committed?
Mr. CASSILLY. You are askingI go to the computer guys and I say, ''Guys, figure out where this is being committed.''
Mr. MCCAUL. I think the first step, you have to goand I am not the expert either, but you have toAOL is one of the few ISPs that actually will accept our subpoenas. A lot of them don't. Having a Federal law that would require them to accept State subpoenas would be helpful. But you have to go to the ISPs to get the subscriber identifying information, to find out
Page 63 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. SCOTT. Well, let's just give some examples. Somebody is ina North Carolina prosecutor thinks a crime is going on in Raleigh, North Carolina. The ISP is AOL, and you need some information. How does the local prosecutor in Raleighwhat do they do?
Mr. STEVENS. If I might assist you, Mr. Scott, if we take the Raleigh case, it is probably very similar to New York. But we have to think about AOL as being one of the largest, and let's even think, let's go one step further. AOL really is not the Internet. AOL is the largest network, computer network, potentially, in the world, without going one step beyond to the outside world, being the Internet.
But within their own network, if you will, in New York State what we would need to do, it would be a grand jury subpoena, and we often have to gowe have to go before a grand jury to initiate an investigation. A subpoena would be issued to provide you with the information as to who the subscriber would be relative to that screen name that you may have, that you suspect in your case, and the only thing that is going to give you, Mr. Scott, the subscriber information, the name, the address where they live. That just starts your initial investigation.
Mr. SCOTT. How long does it take you to get that information?
Mr. STEVENS. Sometimes it may take up to a week or 2 weeks. In the case of online, let's say an online threat to a suicide, where someone calls you up and there is an online threat to a suicide, often this will take you several hours to get this information. There is a mechanism with AOL, and AOL works very well with law enforcement.
Page 64 PREV PAGE TOP OF DOC Segment 1 Of 3
But now you have a suspect, or not a suspect, you have a potential victim online that is threatening suicide. And what we have to do is send a letter and prove to them that we have a police emergency here, and they will fax you forms to fill out and then you fax it back to them. And then you will get the subscriber information, which may not even be within your State, it may not be within your Nation, to get law enforcement within that jurisdiction to go and see if this person is at home.
Mr. SCOTT. How should it work?
Mr. STEVENS. I believe that, as my colleagues here have stated, we need subpoena power within our own States that will get us the Federal type of information that is needed. If we have an Internet service provider in California and there is no point of presence in New York, I am not sure that a New York subpoena works, sir. I am certainly not a lawyer. I am law enforcement. But I am not sure a New York subpoena would work in another jurisdiction.
Mr. MCCAUL. Yes, it depends on the ISP, whether they want to accept that subpoena out of State. If the ISP is out-of-State yet the victim, the victimization is occurring in Texas, for instance, where I am, that would be a nice standard to have under Federal law, that the ISP should accept service of process for that subpoena, and that that subpoena can be enforced. Because through that ISP there are illegal acts occurring in the State where the subpoena is originating.
Mr. CASSILLY. I mean, I think, Mr. Scott, your concern is, you don't want unnecessary or frivolous subpoenas being served to collect information. You have a privacy concern, which I understand. But I think that if the Federal law
Page 65 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. SCOTT. It is also a jurisdictional thing. If everything is going on in Virginia, a Kansas prosecutor can't be issuing subpoenas.
Mr. CASSILLY. Well, if there is a FederalI mean, what I think would work is a Federal statute, if you want to put on that statute certain standards or requirements for certain information to be met, but the point being that if the Kansas prosecutor is dealing with the school bomb threat or the school shooting threat, and they don't have lots of time to go through, back and forth, and getting a prosecutor in another State to get a judge out of bed to, you know, sign something, and then hand-carry that down to the ISP or somebody.
So, I mean, I can understand the privacy concerns, and if there was Federal legislation, you could require certain findings or certain information be contained in the subpoena. The ISP could satisfy itself that, yes, there is legitimate need for this information, but they would then respond to that subpoena.
I mean, the only people that are concerned with jurisdictional issues are the local prosecutors and the local police. The ISPs don't know anything about jurisdiction. They areyou know, AOL could have somebody sending messages from England through AOL to California or something, and the only thing that is in Virginia is simply an electronic pass-through and a large computer that tracks Internet addresses and Internet information.
Mr. SCOTT. Thank you.
Mr. SMITH. Thank you, Mr. Scott.
Page 66 PREV PAGE TOP OF DOC Segment 1 Of 3
The gentleman from Wisconsin, Mr. Green, is recognized for his questions.
Mr. GREEN. Thank you, Mr. Chairman.
Well, obviously the questions that Mr. Scott is asking really touch upon the crux of the matter and the challenges we have to deal with.
Mr. Cassilly, in the same area of your testimony in which you talk about these very issues, you also say that Federal laws should make it possible for Federal law enforcement and U.S. Attorneys to use their offices to assist in the preparation of subpoenas and warrants and the service of same. If you would go into some more detail on that, how the U.S. Attorney's Office could be helpful to you.
Mr. CASSILLY. Well, one of the ways they could be helpful is by designating, predesignating specific local prosecutors as Assistant U.S. Attorneys, and allowing them to prepare subpoenas or search warrants and go to the Federal court as cross-designated Assistant U.S. Attorneys, and have Federal warrants or Federal court orders issued which are then transmitted to the ISP or the record storage facility, so that the standard that is being used is the standard that would be applied by a Federal judge to do this sort of thing.
That gets a little scary, because I know that there aren't any Federal judges out there that are just sitting around with nothing to do, so I mean, that becomes somewhat of a problem in terms of the total numbers of these things that are coming in. That is why it seems to me that the more practicalI mean, you could reserve that for search warrants, reserve that for court orders only, and have just the informational subpoenas, have a Federal requirement that the ISPs submit or accept and honor subpoenas for the bare identifying information from wherever they were received.
Page 67 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. GREEN. Would we then have to, in our Federal law, specify the uniformity of those warrants, so that you have got the ISP not receiving conflicting warrants or all different kinds of requests?
Mr. CASSILLY. It seems to me that that would be reasonable from the ISP's standpoint. It would also cut back in delay. If the prosecutor knew what was required and could put that information in up front, then they wouldn't waste time with sending a subpoena to an ISP only to have it bounce back because their legal department says this isn't a good subpoena. So I think it would benefit both sides to have very specified information that was required.
Mr. GREEN. So the first step would be to federally provide for this type of service; then, secondly, a massive educational effort in reaching out to every State's prosecutor throughout the Country and saying, ''This is available. This is how it's done.''
Mr. CASSILLY. I can assure that the National District Attorneys Association would be more than happy to make a national educational effort to do that, to convey that information.
Mr. GREEN. Interesting. I have no more questions, Mr. Chairman.
Mr. SMITH. Thank you, Mr. Green.
Page 68 PREV PAGE TOP OF DOC Segment 1 Of 3 The gentlewoman from Houston is recognized for her questions. Although Mr. Delahunt, I could tell, was ready and able. May we go to Mr. Delahunt?
Ms. JACKSON LEE. That is fine, Mr. Chairman.
Mr. SMITH. Okay. The gentleman from Massachusetts is recognized for his questions.
Mr. DELAHUNT. I don't mind waiting.
Mr. SMITH. Mr. Delahunt, let me explain. As you know, the full Chairman is happy just to recognize people in the order they arrived, and that is supposedly the way we need to have our Subcommittees run, as well. And since you were here first, I thought the gentlewoman from Texas wouldn't mind yielding to you.
Mr. DELAHUNT. Well, I will do whatever you wish, Mr. Chairman, but if you want to establish a different set of standards than the full Chair in the Committee, I won't squeal. I will keep it between us.
Mr. SMITH. I think we will recognize the gentleman from Massachusetts for his questions.
Mr. DELAHUNT. I appreciate the problems that you have articulated. Before I make this comment, I want to preface it by saying that I was an elected State's prosecutor for 21 years myself. But I think if the problems that youand I think we should address them along the lines that you have suggested.
Page 69 PREV PAGE TOP OF DOC Segment 1 Of 3
At the same time, I presume in most cases there will be, if there is a violation of a State statute, there is a corresponding substantive violation of the United States Code, so that a call to the United States Attorney's Office outlining the problem and deferring to the United States Attorney is oneI see Mr. Cassilly is really ready to respond to thiswould be an approach that could be taken.
Mr. CASSILLY. I will bite my tongue.
Mr. DELAHUNT. But Iand I do, by the way, share that same concernbut I mean, there are ways to deal with it. But I think it is important, honestly, that we do empower State and local jurisdictions also.
Mr. CASSILLY. I mean, my sense about going to the U.S. Attorney's Office is that I recently took a child pornography case to the U.S. Attorney's Office because the Federal law on child pornography was better than the Maryland statute on child pornography, one; two, the case, the computer evidence had been in the lab for so much time that the statute of limitations on the misdemeanor charges in Maryland had run already, and I could not get the U.S. Attorney's Office to not only take the case, but you know, even give me a reason for not taking the case, so
Mr. DELAHUNT. They declined jurisdiction?
Mr. CASSILLY. They declined the case, and it was a child pornography case, which I was appalled that that wasn't something that they would grab onto. So, I mean, given the number of prosecutors around, local prosecutors around the Country, I don't think that the U.S. Attorneys are going to be lining up to take our cases or consider most of this stuff. A lot of the attitude isand I think, for example, computer fraud, many, many, many computer frauds are way under the guideline cutoffs that the U.S. Attorneys use. You couldn't get them to touch it.
Page 70 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. DELAHUNT. What are the guidelines, in terms of is it a $10,000 standard
Mr. CASSILLY. My U.S. Attorney is using $100,000.
Mr. DELAHUNT. $100,000?
Mr. CASSILLY. Right, and a lot of computer frauds are much less than that. If you don't deal with them, the guy is just encouraged to keep doing it again and again.
Mr. DELAHUNT. Right. No, again, I mean, but I think it is important that the panel be aware that there is jurisdiction out there, Federal jurisdiction that I would dare say in the vast majority of cases runs parallel to State and local jurisdiction in terms of the substantive crime itself, so that
Mr. MCCAUL. If I could just add, two of our prosecutors are actually cross-designated to practice in the Western District and the Northern District of Texas, but typically we will make that determination early on, is this going to be a Federal or a State case
Mr. DELAHUNT. Right.
Mr. MCCAUL [continuing]. Based on the threshold amount of money or, you know, the penalty provisions, Federal versus State. But I agree, I think, yes, there are certainly some State offenses that may not be Federal, and vice versa, and you need to respect those differences.
Page 71 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. DELAHUNT. Is the NDAA and NAAG and other groups, are you working on any kind of model legislation? I mean, this is clearly just a hearing, and I think that you can infer from the questions that are being asked, you know, how should it work, that it might be well worth the time and effort to begin drafting some concrete proposals in terms of legislation for Congress to consider.
I mean, I can understand the jurisdictional issues. I also think that in a forensicyou know, you said computer laboratories out in San DiegoI would even expand it. I always, in high profile cases or serious cases, it was always an inclination on the part of local or State prosecutors to utilize the FBI lab, and we all know there is a long wait there, and there have obviously been problems there. But the concept of a forensic laboratory I think is something that is, on a regional basis, that would be readily available for local, State law enforcement, just makes an awful lot of sense, particularly now with the issue of cyber crime.
Mr. MCCAUL. It is a great training mechanism, too, because the FBI initially operates those labs. They can train law enforcement and then turn it over to the local people.
Mr. DELAHUNT. But having NAAG and NDAA working with the Department of Justice, too, to establish standards, I mean that can be done in a working group environment.
Mr. MCCAUL. And NAAG has highlighted the issue of the jurisdictional disputes and boundaries. I think they are paying close attention. I think that is an excellent idea, that they could take a stab at drafting something.
Page 72 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. CASSILLY. It would be done a lot better, too, if there was some financial assistance or incentive for some more regional cooperation, too. I mean, it is really interesting that the San Diego regional forensic lab has police officers working in the lab from 27 different jurisdictions. I mean, I challenge anybody to find anything similar to that anywhere in this country.
Mr. DELAHUNT. That is good.
Mr. SMITH. Thank you, Mr. Cassilly.
The gentleman from Virginia, Mr. Goodlatte, is recognized.
Mr. GOODLATTE. Thank you, Mr. Chairman, and I want to thank you and commend you for holding this hearing on a subject that is of great interest to me. As Chairman of the Congressional Internet Caucus, I see all of the great wonders of the Internet, its uses for education, for conducting business, for communications. It is really, now and in ways that we can't even foresee, revolutionizing the way we live.
But it has on it virtually all of the seamier sides of life, as well, and while not every type of crime that is committed off of the Internet is committed on the Internet, a great many of them are, of all degrees of magnitude and all types, and that requires a great deal of work by local law enforcement to handle those things. It cannot be handled entirely by the Federal Government, by any stretch of the imagination.
Page 73 PREV PAGE TOP OF DOC Segment 1 Of 3 But, by the same token, it creates a whole set of new challenges for local law enforcement, both from the standpoint of training and from the standpoint of doing work, as Mr. Cassilly pointed out, that really is benefitting somebody in a whole different part of the country in terms of fighting crime, but the burden gets spread around.
In my part of Virginia we have a local sheriff's department that is very, very dedicated to this, has been for the past several years, called Operation Blue Ridge Thunder, the Bedford County Sheriff's Department, that operates originally under a grant from the U.S. Department of Justice's Office of Juvenile Justice and Delinquency Prevention. And they have referred people for arrest in literally dozens of jurisdictions around the country, that they have in their task force and their sting operations and so on uncovered people attempting to communicate with children and others in their area.
So having Federal Government support to help lift this burden I think is very important, and I think this discussion about possibly looking into ways to facilitate the recognition and action on subpoenas that go across State lines might be something that this Committee could very well work on.
I would like to ask each of these three witnesses if they have participated in the pilot projects that I have referred to. It started out with 10 cities and counties around the country. I think they have expanded that to 20. They are now attempting to give smaller grants to more law enforcement agencies, and they are trying to use the ones that have the larger grants to be sort of a training ground and a source of assistance for other local law enforcement agencies in their particular States.
Page 74 PREV PAGE TOP OF DOC Segment 1 Of 3 Mr. Stevens?
Mr. STEVENS. Yes, sir. If I may address that, as a matter of fact, we have cooperated with the Blue Ridge Thunder, some of their investigations. We were one of the first 10 grant recipients in this Internet Crimes Against Children's Task Force, and we have heard how important this is protecting our most valuable asset, our children. As a matter of fact, the case that we worked with, I had 5 seconds of glory on 48 Hours, I believe.
But that is a unique model. It is a model that is being funded by the Federal Government, giving local and State law enforcement agencies Federal tools to work with. It is a unified, systematic program where they are trained, where we are trained, and though we have mentioned jurisdictional issues here, we found a way to bridge these jurisdictional issues by all working off the same model.
For instance, in Blue Ridge Thunder's case, they provided us with our probable cause, and we made application and got a search warrant and waited at the airport for this predator to show up.
Mr. GOODLATTE. Along with the 48 Hours crew, I might add.
Mr. STEVENS. Yes, sir. Yes, sir. But it is a great model. That needs support. That is a great
Mr. GOODLATTE. Does it need more funding? Would it be a recommendation of you that the Congress put more money into this program and empower more local law enforcement to
Page 75 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. STEVENS. Yes, sir. What I strongly suggest is that each State has a model like this, at least one point of contact in that model. There are satellite grants that are issued. Satellite grants are a much smaller amount. But this is a great tool. It is a great tool for all of us, to protect our children, our grandchildren.
Mr. GOODLATTE. Let me ask you, what I found in this areaand we had a demonstration here on Capitol Hill through the Internet Caucus a couple of years ago, of the types of these crimes that occur on the Internet, and it is truly, I think, astounding to most Members when they first seeMr. Chairman, I think you had the opportunity to see some of these types of absolutely the most hard-core pornography, victimizing hundreds of thousands of children, and they make these initial contacts in chat rooms.
And I find that Operation Blue Ridge Thunder and probably your organization focuses on the ones who actually then become what are referred to as travelers, and go to other jurisdictions to try to meet with these children. But cutting them off at the pass, when they engage in these initial, highly explicit sexual discussions with minors on the Internet, have you any experience in attempting to prosecute people for that initial contact?
If we could make those chat rooms safer for children, both in terms of educating them, keeping them away from them, but also in terms of prosecuting people who attempt to engage in that type of sexual discussion with minors, I don't know where the constitutional line is, but I think it ought to be tested and we ought to find out whether there is a way to put a chilling effect on that very type of behavior.
Page 76 PREV PAGE TOP OF DOC Segment 1 Of 3 Mr. STEVENS. Many times, sir, what happens is you have to continue these chats, because technology crime is no different than any other crime, but it is often you have to be able to place someone at that keyboard. Who is that person, that person you can't see?
And I often use the analogy that ''she'' can be a ''he'' and 13 can be 30 on the Internet. No one knows who is at the other end of that monitor and who is chatting with you, and often you have to continue to communicate so that you can figure out who that is. And there may be problems with some of the laws, that you may only have an attempt to commit a crime at that point because they haven't made that overt act. But legislation certainly could be drafted, and
Mr. GOODLATTE. Well, we want some guidance on that. Before we jump out and challenge the Constitution, we want to make sure we think we are on the right side.
Mr. MCCAUL. On undercover work, one case I illustrated in my opening statement, in these chat rooms, the Internet Crimes Against Children Task Force, they work very closely with us on these cases. When the actual solicitation is made online, we typically tend to follow it through with a meeting, say at a hotel room or something to that effect, so you do have the overt act and it is a predisposition, you know, he is predisposed.
Mr. GOODLATTE. I agree with that, but the problem there is, that sends the message to the person engaged in this type of activity that as long as they keep it on the Internet, it is okay to do it, and it is only when they attempt to try to have a face-to-face meeting with the child, are they at risk. And if we could have a reach into those chat rooms and have some enforcement mechanism to put a stop to this, there are literally hundreds of thousands of those conversations going on right now, as we sit here, and it is an amazing phenomenon and a very dangerous one, too.
Page 77 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. STEVENS. Anyone can create a chat room. Anyone can name it anything they want. Whether they are going to get someone to chat with them, that is another story, but
Mr. GOODLATTE. I don't want to discourage you from going after the ones that arewe arrested one in Bedford County who had a machete and a baseball bat in the back seat of his car, and who thought he was meeting with a 14-year-old girl and had come up from North Carolina. They prosecuted a former chief of staff to the Governor of West Virginia. I mean, they have had great success in doing those things, but we need to take it a step further. We need to figure out a way to do that constitutionally and effectively.
Mr. SMITH. Thank you, Mr. Goodlatte.
The gentlewoman from Texas, Ms. Jackson Lee, is recognized for her questions.
[The prepared statement of Ms. Jackson Lee follows:]
PREPARED STATEMENT OF THE HONORABLE SHEILA JACKSON LEE, A REPRESENTATIVE IN CONGRESS FROM THE STATE OF TEXAS
Thank you Mr. Chairman.
Mr. Chairman, all Americans have a vested interest in balancing the policing of cyber crimes with the protections, of civil liberties and speech on the internet. Finding the right balance is crucial.
Page 78 PREV PAGE TOP OF DOC Segment 1 Of 3
Last year this Subcommittee held a hearing on the series of well-planned and coordinated cyber attacks on several of the nation's biggest Internet sites. Two popular sites, Yahoo.com. and Buy.com, were shut down for several hours, while cites such as CNN.com, ZDNet.com, Amazon.corn, eBay.com, and E*Trade were similarly terrorized. These cyber attacks effected millions of Internet users and resulted in revenue losses for several sites. While this damage was relatively minimal in proportion to volume of the internet, these events were a wake-up call to many of us as to the extent of cyber crime, and the degree to which we are all vulnerable.
The world of electronic communications is a developing one. Clearly, there is a growing need for enforcement, and in many instances, strengthening of our laws so that our law enforcement professionals can do their jobs and keep us all safe from cyber criminals.
Having said this, we must also recognize the need to heed the warnings from the examples of deprivations of civil liberties that are more and more abundant as the internet continues to grow, and law enforcement struggles to keep up.
In a recent case in the state of Texas which I represent, law enforcement acting on a tip from a local business, confiscated all of its competitor's business computers based on the accusation that the competitor engaged in electronic ''spamming.'' As a result, the accused business, against which charges were eventually dropped, lost months of business while incurring legal and other costs to get its equipment back.
To balance enforcement with protections, there must be a concerted effort to coordinate law enforcement between federal, state and local entities. We must provide them with the equiptment and training to enable them to keep up with the criminals who are operating in the cyber environment. In the process, we must protect the rights of Americans to free political, commercial, and other speech over the Internet.
Page 79 PREV PAGE TOP OF DOC Segment 1 Of 3
To this end we have many challenges. We need a balanced international strategy for combating cybercrime. We need round-the-clock federal, state and local law enforcement officials with expertise in, and responsibility for, investigating and prosecuting cybercrime. We need new and more expansive procedural tools to allow state authorities to more easily gather evidence located outside their jurisdictions, and need to assess whether we have adequate tools at the federal level to effectively investigate cybercrime. We need to work in partnership with industry to address cybercrime and security, where we can discuss challenges and develop effective solutions that do not pose a threat to individual privacy. Finally, we need to teach our young people about the responsible use of the Internet.
It is the role of government to protect all of these forms of speech, as well as interstate commerce that over the Internet. To this end, we must send a clear message to those who would attempt to interfere with the free speech and mobility of citizens and industry through the internetAmericans take this very seriously. Cyber criminals will be dealt with as are all other criminals.
I look forward to your comments.
Ms. JACKSON LEE. I thank the witnesses very much for your presentation, and I have had the opportunity to peruse your written statements, and so I am going to raise some of the questions and concerns even though I did not get to hear all of your testimony. And I welcome you, Mr. McCaul. You are based in Austin?
Mr. MCCAUL. Yes, ma'am.
Page 80 PREV PAGE TOP OF DOC Segment 1 Of 3
Ms. JACKSON LEE. I welcome you and thank you for the very special work that the State of Texas is doing on these issues. I think if there is something that the Federal Government has, it is the bully pulpit, if you will, and I hesitate to use the word ''bully'' because we are in another date, another time, yesterday, trying to diminish bullying in the school yard. But I do think that the Federal Government has that privilege because the Internet, although it is personal and private, it is viewed as a national entity. Just the very sound of its name suggests that it flows throughout the country, and of course throughout the world.
And with that in mind, I would likeI noted, Mr. Stevens, the list of legislative initiativesbut I would like us to just be creative and imagine what other roles the Federal Government could take in this. And I appreciate Mr. McCaul's comment that not one level of government is the answer. It is an integrated process.
So let me ask a general question, but let me be pointed in my questioning. First of all, we know that the criminal prosecution or the ability to charge persons unfairly crosses all technologies. You can go down to the Justice of the Peace court and file against your neighbor wrongly. But I cite the case in Texas, the business case where a business was accused of spamming, and of course all records were seized, and it proved I guess to be a false case.
I would like to distinguish that because in that instance it is a business issue. It doesn't seem to have any life or death questions, except of course a business person certainly doesn't like being put out of business. But when we deal with children, I think we can raise the ante, because besides the chat room, I think the most horrific final results of the predator is to solicit that child from the safety of their home, their family, their neighborhood, their community, to leave that home and possibly never to be found again.
Page 81 PREV PAGE TOP OF DOC Segment 1 Of 3
We have certainly had some stories where we have discovered the criminal act, but we don't know if we have had those that we have not discovered. Solicitation after the child has been brutalized psychologically and feels that this is a place that they should go, and maybe ultimately winding up in a loss of life of that child.
I would like Mr. McCaul to walk me through the case that you cited regarding a 25-year-old school teacher, how your Internet Bureau actually was able to intercede, permeate this particular situation. Were you called in by the police on the ground, or did your Internet Bureau first discover this particular
Mr. MCCAUL. I believe that was a case that originated out of the Internet Crimes Against Children's Task Force, and there is asome of this is sort of sensitive in terms of techniques in undercover operations, so I am a little hesitant to get into specifics in that respect, but the suspect was clearly predisposed to this type of behavior and then went into this chat room and solicited sex. We had an undercover officer, obviously, on the other end, where there were conversations online about meeting in the hotel room and having sex.
He showed up to athis is a school teacher, which is to me frighteninghe showed up to a hotel room in Austin, Texas, and was met with the Austin police and our peace officers. He showed up with pornographic materials and various other sundries I would rather not get into.
Ms. JACKSON LEE. His prototype, then, was made prior to. You knew that he fit thehe had been sort of made beforehand
Page 82 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. MCCAUL. That is correct.
Ms. JACKSON LEE [continuing]. And you were able to intercept him and do the work through the Internet Bureau.
Mr. MCCAUL. As you know, if they are not predisposed, then you have entrapment issues. He was clearly predisposed at that point in time. And then we discovered, frighteningly, that he had alsothat he had already raped a 15-year-old in Waco, Texas, and so he is facing charges on that.
Ms. JACKSON LEE. Let me ask all three of you now the question I would like to pose, and I think I asked sort of the broad question, what the Federal Government can do. I think that there is always a higher standard for criminal acts, but here we have a situation where it is very hard to get our hands around it.
But in relation to the Internet and technology, can we strike a balance dealing with the respect for privacy and civil liberties, and can we strike a balance with how we do property crimes? My concern, if a hacker, a teenager, a 15-year-old is fooling around and causes property loss, dollars, should I be so punitive and so final on his penalties versus those that are engaged in these heinous acts dealing with our children? Because that is where you get the radar screen. That is where people begin to be horrified. Can we manage to find some balance in that? Have we done so in the law generally? Mr. Stevens?
Mr. STEVENS. If I might answer that, I have been involved in technology crime for the past 10 years, and when we first got started, my previousthe division of work I was doing prior to this was undercover narcotics. When I came into this field, I was very sensitive and still am extremely sensitive to privacy issues. And I have 26 years with a police department, with the New York State Police, and the last thing that I want to do is violate anyone's civil rights or violate anyone's rights or privileges.
Page 83 PREV PAGE TOP OF DOC Segment 1 Of 3
And I have encountered several different cases, one of which was a bomber. He actually created a bomb, but he was a journalist as well, so his writings were protected by law. The judge issued an order. I made application for a search warrant, and a search warrant was authorized. I couldn't visually examine his computer, but I could create a search string to search for any bombs, nitrates, any word I could come up with that referred to bombs and things of that nature, thereby protecting his journalistic respect.
Properly trained law enforcement officers, with training relative to legal issues, is the answer. And training is a big resource that we all need, we all need at the State government and at local government. That is a real big issue.
Mr. SMITH. Mr. Stevens, I have heard of journalists throwing verbal bombs but not material bombs. That is interesting.
Ms. JACKSON LEE. May I let Mr. McCaul and Mr. Cassilly answer that sort of broad question?
Mr. SMITH. If you all will respond to the question, please. Thanks.
Mr. MCCAUL. I'm sorry. Could you repeat the question?
Ms. JACKSON LEE. The balance between civil rights, civil liberties, and property crimes, and crimes of sex against children, how do you find the balance?
Page 84 PREV PAGE TOP OF DOC Segment 1 Of 3
Mr. MCCAUL. Yes, I think you obviously respect civil rights. I think that in our office we have, as I mentioned earlier, prioritized these crimes. You cannotunfortunately, it is so pervasive, you cannot attack every one. We have prioritized these, first and foremost protecting the kids, as I said, the child pornography type cases, child predator type cases.
And with respect to a crime of property versus child pornography or a more violent act over the Internet, I think most prosecutors would lean toward the more violent act. But you are really in an area of prosecutorial discretion, and in our State, as you know, there are district attorneys all across the State and they have discretion to do what they want to do. But I will say that most of them do the right thing, and I think they put crimes of violence at the top.
Ms. JACKSON LEE. Thank you.
Mr. CASSILLY. I think one of the points, too, is that property crimes probably for the most part go unreported. I recently attended a workshop with private investigators in the cyber crime area. These are people that are hired by large corporations and businesses to investigate attacks on their computer systems and theft of their intellectual property. And one of the points made by the private investigator was that, for the most part, these folks don't want them going to law enforcement once they have solved the cases, because they don't want to attract the publicity, they don't want this sort of stuff known.
The other problem with property crimes is, they are much more difficult to prosecute. I recently had a complaint from eBay, where eBay had tracked back to my county a solicitation where some guy was selling some collector's item for $35 apiece, and eBay had something like 100 complaints from all over the Nation where this guy had taken people's $35 and hadn't sent them anything. They wanted to know if I would prosecute, and I said, ''Well, where are the victims?'' Well, the victims werethere wasn't a single victim inside the State of Maryland. I am not spending $300 a victim to fly them in to testify about a $35 theft, even though the cumulative value was $3,500. So basically the guy got away with a crime.
Page 85 PREV PAGE TOP OF DOC Segment 1 Of 3
I think that for most of us, as a local prosecutor, I don't need to go looking for work, and if there is anything that is shady or close to the line or something, I just throw it on the shelf and go to the next thing that is more up front and easier to prove, and just is that much more simple and direct as far as the case I have got.
Ms. JACKSON LEE. Thank you, Mr. Chairman.
I just, Mr. Cassilly, since you are close to this, being the people's lawyer, would that mean for example trying to deal reasonably with a 15-year-old that is doing the property crime? You know, the concern is, our children are sophisticated on one end, meaning that they are expert computer users or have knowledge, that they might be one of those offenders, those hackers, etcetera. Do we round them up and throw them in jail?
Mr. CASSILLY. In my State system, and this is probably peculiar to Maryland, I am not aware of the other States, but before the prosecutor even gets to the juvenile, the juvenile is referred to the juvenile services folks who determine whether counseling is appropriate, look at the background, look at the availability of a whole bunch of other resources. It is only in the event that they can't work out anything with the kid and his parents, that the prosecutor becomes involved.
Ms. JACKSON LEE. Thank you.
Mr. SMITH. Thank you, Mr. Cassilly.
Page 86 PREV PAGE TOP OF DOC Segment 1 Of 3 Thank you all, and let me say that we have learned a lot today, both about standardization, about jurisdiction, about subpoenas, and the need for additional resources for both training and prosecution, so it has been very helpful to us. We appreciate your testimony, and frankly will look forward to your continued good advice, and the Subcommittee stands adjourned.
[Whereupon, at 2:55 p.m., the Subcommittee was adjourned.]
Next Hearing Segment(2)
(Footnote 1 return)
David Finklehor, Kimberly J. Mitchell, & Janis Wolak, Online Victimization: A Report on the Nation's Youth (The National Center For Missing and Exploited Children 2000) (June 2000).