Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
ethbr1 14 hours ago

It is a crime!

But CFAA charges should, and this is the issue a lot of people have with them afaict, have a sliding scale for premeditation though.

If I knock on a door, it swings open, and I walk inside and steal something, then imho there should be a lesser maximum charge for possessing burglary tools than if I show up with a lock gun, crowbar, and concrete saw.

A lot of the CFAA excesses are maximum penalties from the CFAA being thrown at people using minimally sophisticated / premeditated methods, in addition to charges about the underlying crime.

That doesn't seem just or fair.

In practice it's turned into an if(computer){increase maximum penalty} clause, solely at the government's discretion.

JambalayaJimbo 14 hours ago | parent | next [-]

>If I knock on a door, it swings open, and I walk inside and steal something, then imho there should be a lesser maximum charge for possessing burglary tools than if I show up with a lock gun, crowbar, and concrete saw.

Why? (I'm not a lawyer...) - shouldn't intent and harm (i.e. the value of the stolen item) be the only relevant details? Now of course its much easier to demonstrate intent if there's a crowbar involved, but once that's already established, it seems irrelevant.

ethbr1 13 hours ago | parent | next [-]

Because that's the way most method-specific laws work, at least in the US.

There's an underlying result crime (eg causing business harm by destroying a database), then the method by which one chose to do it (eg exceeding authorized access to a computer with the intent to cause harm).

The CFAA was originally passed under the erroneous worry that existing laws wouldn't be enforceable against cybercrime, which turned out to generally be false.

When you cause damage, there's almost always a law by which someone can sue you for those damages.

What there wasn't, and what the CFAA created, were extra penalties for computer crimes and an ability to charge people with computer crimes where there were no damages (eg Aaron Swartz).

And why should those things need to exist? Theft is theft. Destruction is destruction.

It was an underspecified law, ripe for prosecutor overreach. See: https://www.congress.gov/crs_external_products/R/HTML/R47557...

It fit with 'premeditated intent' intensifiers (where penalties escalate if premeditated intent can be proven)... but that wasn't actually how it was written or how it is used. Instead, it's a method-based checkbox that allows prosecutors to tack on additional charges / penalties. If a computer was used to destroy this thing, add X years the sentence.

Dylan16807 4 hours ago | parent | prev [-]

If you're saying there should only be theft charges either way, that's fine.

But if there are burglary tool charges, they should depend on whether you used burglary tools to burgle, not how much theft you did.

efdee 14 hours ago | parent | prev [-]

You have a point. But on the other hand you have no idea of what tools the intruder possesses, only (at best!) what they used.

I think intent probably matters a lot more than the technicality of how you succeeded.