Search Penny Hill Press

Monday, January 3, 2011

Cybercrime: An Overview of the Federal Computer Fraud and Abuse Statute and Related Federal Criminal Laws

Charles Doyle
Senior Specialist in American Public Law

The federal computer fraud and abuse statute, 18 U.S.C. 1030, outlaws conduct that victimizes computer systems. It is a cyber security law. It protects federal computers, bank computers, and computers connected to the Internet. It shields them from trespassing, threats, damage, espionage, and from being corruptly used as instruments of fraud. It is not a comprehensive provision, but instead it fills cracks and gaps in the protection afforded by other federal criminal laws. This is a brief sketch of Section 1030 and some of its federal statutory companions, including the amendments found in the Identity Theft Enforcement and Restitution Act, P.L. 110-326, 122 Stat. 3560 (2008) (H.R. 5938 (110th Cong.)).

In their present form, the seven paragraphs of subsection 1030(a) outlaw:
  • computer trespassing (e.g., hacking) in a government computer, 18 U.S.C. 1030(a)(3); 
  • computer trespassing (e.g., hackers) resulting in exposure to certain governmental, credit, financial, or computer-housed information, 18 U.S.C. 1030(a)(2); 
  • damaging a government computer, a bank computer, or a computer used in, or affecting, interstate or foreign commerce (e.g., a worm, computer virus, Trojan horse, time bomb, a denial of service attack, and other forms of cyber attack, cyber crime, or cyber terrorism), 18 U.S.C. 1030(a)(5); 
  • committing fraud an integral part of which involves unauthorized access to a government computer, a bank computer, or a computer used in, or affecting, interstate or foreign commerce, 18 U.S.C. 1030(a)(4); 
  • threatening to damage a government computer, a bank computer, or a computer used in, or affecting, interstate or foreign commerce, 18 U.S.C. 1030(a)(7); 
  • trafficking in passwords for a government computer, or when the trafficking affects interstate or foreign commerce, 18 U.S.C. 1030(a)(6); and 
  • accessing a computer to commit espionage, 18 U.S.C. 1030(a)(1). 
Subsection 1030(b) makes it a crime to attempt or conspire to commit any of these offenses. Subsection 1030(c) catalogs the penalties for committing them, penalties that range from imprisonment for not more than a year for simple cyberspace trespassing to a maximum of life imprisonment when death results from intentional computer damage. Subsection 1030(d) preserves the investigative authority of the Secret Service. Subsection 1030(e) supplies common definitions. Subsection 1030(f) disclaims any application to otherwise permissible law enforcement activities. Subsection 1030(g) creates a civil cause of action for victims of these crimes.

This report is available in abbreviated form—without the footnotes, citations, quotations, or appendixes found in this report—under the title CRS Report RS20830, Cybercrime: A Sketch of 18 U.S.C. 1030 and Related Federal Criminal Laws, by Charles Doyle

Date of Report: December 27, 2010
Number of Pages: 97
Order Number: 97-1025
Price: $29.95

Follow us on TWITTER at or #CRSreports

Document available via e-mail as a pdf file or in paper form.
To order, e-mail
Penny Hill Press  or call us at 301-253-0881. Provide a Visa, MasterCard, American Express, or Discover card number, expiration date, and name on the card. Indicate whether you want e-mail or postal delivery. Phone orders are preferred and receive priority processing.