1. NAT'L INST. OF JUSTICE, U.S. DEP'T OF JUST., COMPUTER CRIME: CRIMINAL JUST. RESOURCE MANUAL 2 (1989) [hereinafter DOJ COMPUTER CRIME MANUAL]. See Jo-Ann M. Adams, Comment, Controlling Cyberspace: Applying the Computer Fraud and Abuse Act to the internet, 12 SANTA CLARA COMPUTER & HIGH TECH. L.J. 403, 409 (1996) (defining computer crime as "those crimes where knowledge of a computer system is essential to commit the crime").

2. See, e.g., Viola v. A&E TV Networks, 433 F. Supp. 2d 613 (W.D. PA. 2006) (stating that government authorities solely held the authority to bring charges under the Communications Decency Act); United States v. Saxena, 229 F.3d 1, 4 (1st Cir. 2000) (finding internet distribution of financial information constituted fraud against investors); Ahern v. O'Donnell, 109 F.3d 809, 811-12 (1st Cir. 1997) (detailing how computers can be used to help a person stalk another individual); eBay, Inc. v. Bidder's Edge, Inc., 100 F. Supp. 2d 1058, 1065-67 (N.D. Cal. 2000) (analyzing traditional trespass claim brought as a result of actions occurring on the internet); Jaynes v. Commonwealth, 634 S.E.2d 357,366 (Va. Ct. App. 2006) (finding that trespass-based spam provisions of the Virginia Computer Crimes Act did not violate First Amendment Free Speech protections, citing Va. Code Ann. § 18.2-152.3:1 (creating felony actions against spamming enterprises that exceed 10,000 attempted recipients in any 24-hour period, 100,000 attempted recipients in any 30-day time period, or one million attempted recipients in any one-year time period)); see also infra section II.A.2.e. of this Article (discussing internet distribution of child pornography); infra section H. A.2.a. of this Article (discussing copyright infringement).

3. Reno v. ACLU, 521 U.S. 844, 849, 852 (1997) (characterizing the internet as "an international network of interconnected computers" possessing "content... as diverse as human thought"). The World Wide Web, the most popular form of internet communication, is "comparable, from the readers' viewpoint, to both a vast library including millions of readily available and indexed publications, and a sprawling mall offering goods and services." Id. at 853.

4. See Neal Kumar Katyal, Criminal Law in Cyberspace, 149 U. PA. L. REV. 1003, 1013 (2001) (describing different types of computer crimes with no real-world analogue); Eric J. Sinrod & William P. Reilly, CyberCrimes: A Practical Approach to the Application of Federal Computer Crime Laws, 16 SANTA CLARA COMPUTER & HIGH TECH. L.J. 177,181-87 (2000) (discussing computer crimes known as "hacking," or "cracking," which at a minimum involves unauthorized access to computer flies, programs or websites); Katyal, supra, at 1023-27 (discussing unauthorized disruption of computer flies, programs or web pages); Katyal, supra, at 1027-28 (noting crackers may also use unauthorized access to steal a computer identity, either by impersonating a computer with network access privileges in order to gain entry into a protected network, or by "page-jacking" a website, in which an internet link or address is modified so that instead of taking the customer to the intended website, it takes the user to a website of the page-jacker's own choosing); Hackers Hit More Federal Web Sites, WASH. POST, June 1, 1999, at AS (describing vandalism of White House, FBI, and U.S. Senate websites).

5. See Stephen P. Heymann, Legislating Computer Crime, 34 HARV. J. ON LEOIS. 373, 373-91 (1997) (analyzing technological advances that require new criminal legislation).

6. See Joseph M. Olivenbaum, Ctrl-Alt-Delete: Rethinking Federal Computer Crime Legislation, 27 SETON HALL L. REV. 574, 575 n.4 (1997) (arguing there exists a "protean difficulty [in] defining a computer crime"). Compare Int'l Ass'n of Machinists & Aero. Workers v. Werner-Matsuda, 390 F. Supp. 2d 479,499 (D. Md. 2005) (noting that the Stored Wire and Electronic Communications and Transactional Records Access Act, 18 U.S.C. § 2701-originally enacted in 1986 as part of the Electronic Communications Privacy Act-directed against illegal access by hackers to protected computers rather than against larcenous acts by persons authorized to access the subject computers) with 440 F.3d 418,420, Int'l Airports Ctrs., L.L.C. v. Citrin (7th Cir. 2006) ("[Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030] concerned with both types of attack: attacks by virus and worm writers, on the one hand, which come mainly from the outside, and attacks by disgruntled programmers who decide to trash the employer's data system on the way out (or threaten to do so in order to extort payments), on the other.").

7. See Marc S. Friedman & Kristin Bissinger, "Infojacking ": Crimes on the Information Super Highway, 5 J. PROPRIETARY RTS. 2, 2 (1997) (explaining that many companies decline to report hacker crimes and prefer to suffer losses quietly rather than risk clients and shareholders discovering their vulnerability to computer attacks); see also Olivenbaum, supra note 6 at 575 n.4 (arguing that victim reluctance to report computer crimes make statistics suspect); Bradley Graham, Lack of Disclosure Impedes Development of Safeguards, WASH. POST, Feb. 28, 1998, at A6 (noting that both businesses and government agencies underreport threats to their computer networks).

8. See Olivenbaum, supra note 6, at 575 n.4 (arguing dual system of prosecution renders statistics suspect).

9. U.S. GEN. ACCOUNTINO OFFICE, INFORMATION secURTTY: COMPUTER ATTACKS AT DEPARTMENT OF DEFENSE POSE INCREASING RISKS, GAO/AIMD 96-84, 3 (1996) [hereinafter INFORMATION secURITY] (revealing Defense Information Systems Agency intentionally "attacked" 38,000 DOD computers to test DOD's security and of the 24,700 penetrations only 4% were detected by system administrators, of which only 27% were reported).

10. MARCH-APRIL 2006 CYBER CRIME NEWSLETTER, National Association of Attorney Generals, available at http://www.naag.org/issues/pdf/2006-mar-apr-cyber.pdf.

11. See DOJ computer crime manual, supra note I.

12. See id.

13. Under state law, computer hardware theft is generally prosecuted under theft or burglary statutes. See, e.g., Commonwealth v. Sullivan, 768 N.E.2d 529,532 (Mass. 2002) (affirming several convictions including burglary conviction for theft of computers); State v. Geer, 799 So. 2d. 698 (La. Ct. App. 2001) (upholding sentencing of a man who pled guilty to state burglary charges for stealing a computer and other items). Under federal law, computer hardware theft may be prosecuted under 18 U.S.C. § 2314 (2000), which regulates the interstate transportation of stolen or fraudulently obtained goods. See, e.g., United States v. Coviello, 225 F.3d 54, 62 (1st Cir. 2000) (stating where defendant is convicted for conspiracy to transport stolen computer disks in interstate commerce, a sentence enhancement is warranted based on the value of the intellectual property located on the disks). Computer software theft is only included in this category if it is located on a tangible piece of hardware; theft of intangible software is not prosecutable under 18 U.S.C. § 2314.

14. See DOJ computer crime manual, supra note 1, at 2.

15. Spam is unsolicited bulk commercial email from a party not having a preexisting business relationship with the recipient. see Matthew B. Prince, After CAN-SPAM, How States Can Stay Relevant in the Fight Against Unwanted Messages: How a Children's Protection Registry Can be Effective, and is Not Preempted, Under the New Federal Anti-Spam Law, 22 J. marshall J. computer & info. L. 29,45 (2003). It was estimated that spam would account for more than 50% of global email traffic by the end of 2003. S. rep. No. 108-102, at 2 (2003). Additionally, spam is often used as a means for distributing viruses, spyware, and other malicious software. Id. at 6. Estimates put the total cost of spam to American businesses in 2003 at more than $10 million in lost productivity and anti-spam measures. Jonathan Krim, Spam's Cost To Business Escalates: Bulk E-Mail Threatens Communication Arteries, wash. post, Mar 13, 2003 at AOl, available at http://www.washingtonpost.com/ac2/ wp-dyn/A 17754-2003Mar12.

16. A virus is a program that modifies other computer programs, causing them to perform the task for which the virus was designed. Katyal, supra note 4, at 1023. It is usually spread from one host to another when a user transmits an infected file by e-mail, over the internet, across a company's network, or by disk. Katyal supra note 4, at 1024. For example, the "Melissa Virus" disrupted e-mail service around the world when it was posted to an internet newsgroup on Mar. 26, 1999. David Smith, the creator of the Melissa Virus, pled guilty to a state computer-related theft charge, and a federal charge under 18 U.S.C. § 1030(a)(5)(2005). Press Release, U.S. Dep't of Justice, Creator of "Melissa" Computer Virus Pleads Guilty to State and Federal Charges (Dec. 9, 1999), available at http://www.cybercrime.gov/melissa.htm. Mr. Smith acknowledged in his federal plea that the virus caused over $80 million in damage. Id.

17. Worms are similar to viruses, but, whereas viruses require human action in order to spread from one computer to the next, worms use computer networks or the internet to self-replicate and "send themselves" to other users, generally via e-mail. Katyal, supra note 4, at 1024 n.57. Worms have far more destructive potential than viruses; the "ILoveYou" worm spread nine times faster than the Melissa virus as a result of its self-replication capability. Katyal supra note 4, at 1024.

18. Trojan horses are programs that have legitimate functions but that also contain hidden malicious code. Katyal, supra note 4, at 1026. Like its namesake, a Trojan horse dupes a user into installing the seemingly innocent program on his or her computer system, and then activates the hidden code, which may release a virus or allow an unauthorized user access to the system. Id. The ILoveYou worm was delivered by Trojan horses in the form of seemingly innocent e-mail attachments. see Clues Lead to I LOVE YOU Writer's Older, Cruder Work (May 6,2000), at http://www.cnn.com/2000/TECH/compudng/OS/06/iloveyou.02 (last visited Oct. 17,2005); see also Katyal, supra note 4, at 1026 (stating Trojan horses are the primary means of transmitting viruses).

19. Logic bombs are programs that are activated by a specific event, such as the arrival of a particular date or time. Katyal, supra note 4, at 1025. They can be destructive but are also commonly used by software companies to protect against violation of licensing agreements by disabling the program upon detection of a violation. Katyal, supra note 4, at 1025. see generally Robbin Rahman, Comment, Electronic Self-Help Repossession and You: A Computer Software Vendor's Guide to Staying Out of Jail, 48 EMORY L.J. 1477 (1999) (suggesting ways that software vendors can restrict their use of logic bombs to avoid legal difficulties).

20. Sniffers, also known as network analyzers, are used to monitor networks and troubleshoot network connections. Rutrell Yasin, Sniffers Overhauled For E-Bii, INTERNET WEEK, May 5, 2000, at 1. Sniffers can help network administrators find and resolve network problems. Troy Denkinger, The Basics of Sniffing, the Sysadmin 's Eye Inside the Network, Cm. TRTB., Apr. 6,2000, at 1. However, a cracker can break into a network and install a sniffer that logs all activity across a network including the exchange of passwords, credit card information, and other personal information. Id.

21. Distributed denial of service attacks are designed to "crash" websites by preventing them from communicating with other computers and use the networks of innocent third parties to achieve this goal. An individual breaks into several network systems, making one the "Master" system and the others the agent systems. Katyal, supra note 4, at 1026. Once activated, the Master directs the agents to bombard the target website with an overwhelming number of simple requests for connection, thus rendering the site unable to respond to legitimate users. Katyal, supra note 4, at 1027. The use of third party "agents" makes it particularly difficult to identify the culprit. Katyal, supra note 4, at 1027. In February 2000, a high school-aged boy used this method to crash websites such as Yahoo, Amazon.com, E*Trade and CNN.com, among others; this was only discovered because he bragged of his success in internet chat rooms. Katyal, supra note 4, at 1027.

22. "Web bots" or "spiders" are data search and collection programs which can create searchable data bases that catalogue a website's activities. Intel Corp. v. Hamidi, 30 CaI. 4th 1342, 1354 (2003) (citing eBay, Inc. v. Bidder's Edge, Inc. (N.D.Cal. 2000) 100 F. Supp. 2d 1058, 1060-1061; O'Rourke, Property Rights and Competition on the internet: In Search of an Appropriate Analogy, 16 BERKELEY TECH. LJ. 561,570-571 (2001); Quitter, The Continuing Expansion ofCyberspace Trespass to Chattels, 17 BERKELEY TECH. LJ. 421, 423-424 (2002).

23. There is a common distinction drawn between "hackers," who have arguably innocuous goals such as exploration, personal challenge, or the elimination of security flaws, and "crackers," or criminal hackers, who have criminal intent to browse, copy, alter, and/or destroy information. see Sinrod & Reilly, supra note 4, at 181-87 (distinguishing between hackers and their criminal colleagues, crackers, and offering motives for both types of activity). Occasionally hackers attack computers in an attempt to help their victims, by pointing out the holes in their security. E.g., United States v. Morris, 928 F.2d 504, 505 (2d Cir. 1991) (accepting defendant's assertion that releasing pernicious "worm" on internet demonstrated security inadequacies).

24. Teenage hackers remain a problem. For example, a nineteen-year-old from Washington state was indicted in May 1999, accused of attacking government computer systems and altering the websites of Vice President Gore, NATO, and the U.S. Information Agency, among others. He pled guilty to one count of computer intrusion in September 1999 after prosecutors agreed to drop two of the three charges against him in exchange for his plea and his promise to pay $36,240 in restitution. Leef Smith, Web Marauder Pleads Guilty; U.S. Government Sites Were Among Targets of 'Zytton,' WASH. POST, Sept. 8, 1999, at B2. Courts have been forced to address the appropriate punishments for these teenage hackers. see, e.g., Boucher v. Sch. Bd. of the Sch. Dist. of Greenfield, 134 F.3d 821,825-29 (7th Cir. 1998) (allowing student to be expelled from high school after an article written by the student about how to hack into the school's computer was published in an underground newspaper); Thrifty-Tel, Inc. v. Bezenek, 54 Cal. Rptr. 2d 468,476-77 (Cal. Ct. App. 1996) (allowing parents to be held civilly liable to a phone company for charges incurred when their teenage sons cracked the phone company's authorization and access codes).

25. Disgruntled employees are widely thought to pose the biggest threat to company computer systems. see Bob Drogin, U.S. Scurries to Erect Cyber-Defenses security: As Threat Rises, Government Task Force Prepares for internet Combat, L. A. TIMES, October 31,1999, at A1 (mentioning that most computer crimes pending at the FBI's National Infrastructure Protection Center involve disgruntled employees who sabotage computers for revenge); Donna Howell, Network security Hackers, security Firms Wage Code War, INVESTOR'S Bus. DAILY, May 2, 2000, at AS (discussing how a bank's computer network was secure from external hackers, but that an employee had launched an attack against the bank's computers from inside the system).

26. See Julie Tamaki, Famed Hacker Is Indicted by U.S. Grand Jury, L. A. TIMES, Sept. 27,1996, at B1 (stating one of history's most notorious hackers, Kevin Mitnick, became an "anti-authority hero in the world of renegade hackers" as a result of his hacking spree, which caused millions of dollars in damage); see also Sinrod & Reilly, supra note 4, at 183-85 (discussing various motives of hackers and crackers, such as sending a political message, being a disaffected employee, or receiving a thrill from breaking into a system).

27. See e.g., Cassell Bryan-Low, Virus for Hire: Growing Number Of Hackers Attack Web Sites for Cash Entrepreneur Asked a Team To Mastermind Strikes Against Rivals, U.S. Says - WeaKnees on Its Knees, WALL ST. J., Nov. 30, 2004, at Al. (describing the indictment of a businessman who paid someone to launch a virus attack against WeaKnees over a proposed business deal); see also. Bob Sullivan, Consumers Still Falling for Phish: FTC, DOJ Announce Prosecution of Teen-ager (Mar. 22, 2004) (discussing case of 19-year-old college student who pleaded guilty to stealing identities by using a "phishing" scam), available at http://www.msnbc.msn.com/id/ 4580909.

28. DOJ COMPUTER CRIME MANUAL, supra note 1, at 2.

29. See, e.g., United States v. Petersen, 98 F.3d 502, 504 (9th Cir. 1996) (affirming conviction of defendant who hacked into credit reporting service to obtain financial information which he used to order fraudulent credit cards in other individuals' names).

30. See, e.g., United States v. Brown, 237 F.3d 625, 628-29 (6th Cir. 2001) (upholding enhanced sentence because of computer use in violating non-computer-dependent child pornography statute).

31. See, e.g., United States v. Manzer, 69 F.3d 222,227 (8th Cir. 1995) (finding satellite descrambler program that was "more than seventy-percent similar to the copyrighted software" violated federal copyright statute).

32. See, e.g., United States v. Pirello, 255 F.3d 728, 729 (9th Cir. 2001) (affirming sentence for violation of federal wire fraud statute where defendant posted a fraudulent solicitation for money on a classified-ads website).

33. 18 U.S.C.A. § 1030 (2002) (as amended by the USAPATRIOT Actof2001, Pub. L. No. 1070 -56,§814,115 Stat. 272, 382-84 and by the Cyber Security Enhancement Act of 2002, Pub. L. No. 107-296, § 225, 116 Stat. 2135, 2156 (2002), and as corrected for syntax by the 21st Century Department of Justice Appropriations Authorization Act, Pub. L. No. 107-273, 116 Stat. 1758 (2002)). This Article refers to 18 U.S.C. § 1030 as "NIIPA" when discussing generally its provisions, and as the "1996 Act" when distinguishing between the statute embodied in the 1996 amendments and its predecessors and successor.

34. See, e.g., Am. Online, Inc. v. Nat'1 Health Care Disc., Inc., 174 F. Supp. 2d 890,898-99 (N.D. Iowa 2002) (holding defendant liable under statute for damage caused by unsolicited bulk e-mail); eBay, Inc. v. Bidder's Edge, Inc., 100 F. Supp. 2d 1058, 1069 (N.D. CaI. 2000) (considering whether violation of statute created potential for irreparable harm warranting issuance of a preliminary injunction); see also Peridyne Tech. Solutions v. Matheson Fast Trucking, Inc., 117 F. Supp. 2d. 1366, 1369-75 (N.D. Ga. 2000) (allowing plaintiff to allege violation of statute as possible grounds for money damages but ruling only on jurisdictional and venue issues); Shaw v. Toshiba Am. Info. Sys., Inc., 91 F. Supp. 2d. 942,956 (E.D. Tex. 2000) (allowing violation of the statute to form basis of class action suit); Shurgard Storage Ctrs., Inc. v. Safeguard Self Storage, Inc., 119 F. Supp. 2d 1121,1123-29 (W.D. Wash. 2000) (allowing civil suit to proceed when the entire basis for the suit is violation of the criminal statute); YourNetDating, L.L.C. v. Mitchell, 88 F. Supp. 2d 870, 872 (N.D. ÐÉ. 2000) (holding violation of the statute warrants grant of injunction against the defendant's activities).

35. Pub. L. No. 98-473, Title II, Chapter XXI, § 2102(a), 98 Stat. 1837, 2190 (1984) [hereinafter 1984 Act] (current version at 18 U.S.C. § 1030 (as amended by the USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814, 115 Stat. 272, 382-84 (2001) and by the Cyber security Enhancement Act of 2002, Pub. L. No. 107-296, § 225, 116 Stat. 2135,2156 (2002), and as corrected for syntax by the 21 st Century Department of Justice Appropriations Authorization Act, Pub. L. No. 107-273, 116 Stat. 1758 (2002)). see also H.R. REP. No. 98-894, at 9 (1984) (discussing legislative history of the 1984 Act and indicating difficulties in prosecuting computer-related crime arise because property involved is intangible, making prosecution under traditional theft and larceny statutes difficult); Glenn D. Baker, Note, Trespassers Will Be Prosecuted: Computer Crime in the 1990s, 12 COMPUTER/ L.J. 61,63-66 (1993) (discussing background of 1984 Act).

36. As new computer crime issues arose and more statistics became available. Congress expanded the scope of the Counterfeit Access Device and Computer Fraud and Abuse Law of 1984 by enacting the Computer Fraud and Abuse Act of 1986. Pub. L. No. 99-474, § 2, 100 Stat. 1213 (1986) (current version at 18 U.S.C. § 1030 (as amended by the USAPATRIOT Act of 2001, Pub. L. No. 107-56, § 814,115 Stat. 272,382-84 (2001), and by the Cyber security Enhancement Act of 2002, Pub. L. No. 107-296, § 225, 116 Stat. 2135, 2156 (2002), and as corrected for syntax by the 21st Century Department of Justice Appropriations Authorization Act, Pub. L. No. 107-273, 116 Stat. 1758 (2002)). Congress continued to expand the scope of the computer crime law in 1988, 1989, 1990, and 1994. see Pub. L. No. 100-690, Title VII, § 7065, 102 Stat. 4404 (1988) (current version at 18 U.S.C. § 1030 (as amended by the USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814,115 Stat. 272,382-84 (2001) and by the Cyber security Enhancement Act of 2002, Pub. L. No. 107-296, § 225, 116 Stat. 213S, 2156 (2002), (current version at 18 U.S.C. § 1030 (as amended by the USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814, 115 Stat. 272, 382-84 (2001) and by the Cyber security Enhancement Act of 2002, Pub. L. No. 107-2%, § 225,116 Stat. 2135,2156 (2002), (current version at 18 U.S.C. § 1030 (as amended by the USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814,115 Stat. 272,382-84 (2002) and by the Cyber security Enhancement Act of 2002, Pub. L. No. 107-296, § 225,116 Stat. 2135,2156 (2002), (current version at 18 U.S.C. § 1030 (as amended by the USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814, 115 Stat. 272, 382-84 (2001) and by the Cyber Security Enhancement Act of 2002, Pub. L. No. 107-296, § 225,116 Stat. 2135,2156 (2002), and as corrected for syntax by the 21st Century Department of Justice Appropriations Authorization Act, Pub. L. No. 107-273, 116 Stat. 1758 (2002))).

37. 18U.S.C.§ 1030 (as amended by the USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814, 115 Stat. 272, 382-84 (2001) and by the Cyber security Enhancement Act of 2002, Pub. L. No. 107-296, § 225, 116 Stat. 2135, 2156 (2002), and as corrected for syntax by the 21st Century Department of Justice Appropriations Authorization Act, Pub. L. No. 107-273, 116 Stat. 1758 (2002)). See Jo-Ann M. Adams, Comment, Controlling Cyberspace: Applying the Computer Fraud and Abuse Act to the internet, 12 SANTA CLARA COMPUTER & HIGH TECH. L.J. 403, 424 (1996) (highlighting changes made by 1988, 1989, and 1990 amendments). Note that some courts still refer to 18 U.S.C. § 1030 as the Computer Fraud and Abuse Act. See, e.g., Am. Online, Inc. v. Nat'1 Health Care Disc., Inc., 174 F. Supp. 2d 890, 898 (N.D. Iowa 2002).

38. For example, in 2005 and 2006, the 109th Congress considered (without resolution) several amendments to Title 18: for example, HR 5318 would add specific provisions to § 1030 regarding remote access, would remove some cyber-crime stipulations regarding foreign contact, and would mandate increased interagency cooperation; while § 1789, the PERSONAL DATA PRIVACY AND secURITY ACT OF 2005, would specify the criminal penalties under § 1039.

39. See, e.g., United States v. Brown, 237 F.3d 625,628-29 (6th Cir. 2001) (upholding increased sentence due to computer use in violating child pornography statute).

40. The 1994 Act only covered crimes involving computers located in more than one state. see 18 U.S.C. § 1030(e)(2) (1994 & Supp. FV 1998) (current version at 18 U.S.C. § 1030(e)(2) (200O)). The 1996 Act extended the definition of "protected computer" to include any computer attached to the internet, in order to protect computers against attack from within their home state. 18 U.S.C. § 1030(e)(2) (later amended by USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(d)(l), 115 Stat. 272, 384 (2001)). Although the 1996 Act also extended jurisdiction over computers used in "foreign commerce" in order to reach international computer crimes cases, in the wake of the September 11,2001, attacks this was not considered adequate protection. see COMPUTER CRIME & INTELL. PROP. secTION, U.S. DEP'T OF JUST., THE NAT'L INFO. INFRASTRUCTURE PROT. ACT OF 1996 LEGISLATIVE ANALYSIS [hereinafter LEGISLATIVE ANALYSIS] (analyzing 1996 Act), available at http://www.usdoj.gov/criminal/ cybercrime/1030_anal.html. But cf.. United States v. Ivanov, 175 F. Supp. 2d 367, 374-75 (D. Conn. 2001) (holding the 1996 Act allowed for extraterritorial jurisdiction). Therefore, the USA PATRIOT Act extended the definition of "protected computer" to expressly include computers located outside the United States. USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(d)(1), 115 Stat. 272,384(2001).

41. USA PATRIOT Act of 2001, Pub. L. No. 107-56,115 Stat. 272 (2001) (as amended by the Cyber Security Enhancement Act of 2002, Pub. L. No. 107-296, § 225,116 Stat. 2135,2156 (2002), and as corrected for syntax by the 21st Century Department of Justice Appropriations Authorization Act, Pub. L. No. 107-273,116 Stat. 1758 (2002)) (amending various portions of the code "to deter and punish terrorist acts in the United States and around the world, to enhance law enforcement investigatory tools, and for other purposes"). Note that there are very few cases to date that deal with how the USA PATRIOT Act has affected the prosecution of computer crimes.

42. Cyber Security Enhancement Act of 2002, Pub. L. No. 107-296,116 Stat. 2135,2156 (2002).

43. Computer Software Privacy and Control Act, H.R. 4255, 108th Cong. (2d Sess. 2003) (addressing the growing problem of spyware).

44. The scienter element in the 1994 Act, that the offender intends or has reason to believe the information "is to be used" to the injury of the United States, was eliminated by the 1996 Act, under which it is a violation if the information "could be used" to the injury of the United States. 18 U.S.C. § 1030(a)(1).

45. As there is no requirement that the information be transported or copied, merely reading the information may be considered "obtaining." LEGISLATIVE ANALYSIS, supra note 40. Merely reading information, however, is not considered a thing "of value" for purposes of 18 U.S.C. § 1030(a)(4). See United States v. Czubinski, 106 F.3d 1069,1078 (1st Cir. 1997) (reversing defendant's conviction under 18 U.S.C. § 1030(a)(4) for merely reading tax returns in excess of authorization).

46. "Financial institution" is defined as: (A) an institution with deposits insured by the Federal Deposit Insurance Corporation; (B) the Federal Reserve or a member of the Federal Reserve including any Federal Reserve Bank; (C) a credit union with accounts insured by the National Credit Union Administration; (D) a member of the Federal home loan bank system and any home loan bank; (E) any institution of the Farm Credit System under the Farm Credit Act of 1971; (F) a broker-dealer registered with the securities and Exchange Commission pursuant to section 15 of the securities Exchange Act of 1934; (G) the securities Investor Protection Corporation; (H) a branch or agency of a foreign bank (as such terms are defined in paragraphs (1) and (3) of section 1(b) of the International Banking Act of 1978); and (I) an organization operating under section 25 or section 25(a) of the Federal Reserve Act. 18 U.S.C. § 1030(e)(4XA)-(I) (as corrected for syntax by the 21st Century Department of Justice Appropriations Authorization Act, Pub. L. No. 107-273, § 4002(b)(12)(B), 116 Stat. 1758,1808(2002)).

47. 18 U.S.C. § 1030(a)(2) (2002); see Am. Online v. LCGM, Inc., 46 F. Supp. 2d. 444,450 (E.D. Va. 1998) (finding that defendants' use of AOL membership to harvest e-mail addresses of other AOL members in order to send bulk e-mail advertisements ("spam"), in violation of AOL's terms of service, violated 18 U.S.C. § 1030(a)(2)(C) by exceeding authorized access and obtaining information).

48. 18U.S.C. § 1030(a)(3). If the government or a government agency does not use the computer exclusively, the illegal access must affect the government's use in order to violate § 1030(a)(3). Id. The prior requirement of 18 U.S.C. § 1030(a)(3) - that the access "adversely" affect the government's use - was removed by the 1996 Act, eliminating the possible defense that the access was benign. see National Information Infrastructure Protection Act, Pub L. No. 104-294,110 Stat. 3488 § 102(1)(C)(ii) (1996).

49. 18 U.S.C. § 1030(a)(4). There is an exception if the defendant only obtained computer time with a value of less than $5,000 per year. See id.

50. 18 U.S.C. § 1030(a)(5) (as amended by the USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(a)(1)-(3), 115 Stat. 272, 382 (2001)).

51. See infra note 58 (discussing amendment to the statutory definition of "damage").

52. 18 U.S.C. § 1030(a)(5)(A)(i) (as amended by § USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(a)(1), 115 Stat. at 272, 382 (2001)). See, e.g., Michigan Man Gets 30 Months for Conspiracy to Order Destructive Computer Attacks on Business Competitors, available at http://www.cybercrime.gov/ataboSent.htm (indicting, without specifying financial damages, on charges that included disruption of non-targeted computers' email, data storage, and web interfaces); Computer Virus Broker Arrested for Selling Armies of Infected Computers to Hackers and Spammers, available at http://www.cybercrime.gov/anchetaArrest.htm; United States v. Ancheta, No. CR OS-1060, Grand Jury Indictment (C.D. CA February 2005), available at http://fl1.findlaw.com/ news.findlaw.com/hdocs/docs/cyberlaw/usanchetaind.pdf. (alleging, under 18 U.S.C. § 1030, that the defendant wrote and distributed code that gave defendant control over a botnet (army of infected computers) that generated income for the defendant who sold access and installed adware).

53. See id.

54. Id.; 18 U.S.C. § 1030(a)(5)(A)(ii)-(iii) (2000) (as amended by USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(a)(2)-(3), 115 Stat. 272,382 (2001)).

55. See Am. Online Inc. v. LCOM, Inc., 46 F. Supp. 2d 444, 450-51 (E.D. Va. 1998) (finding defendants violated 18 U.S.C. § 1030(a)(5)(C) of the 1996 Act by accessing computers within AOL's network without authorization and causing damage to its computer network, reputation, and goodwill).

56. See 18 U.S.C. § 1030(c)(3)(A) (making a reckless violation a felony).

57. See 18 U.S.C. § 1030(c)(2)(A) (making a negligent violation a misdemeanor).

58. Under the 1996 Act, "damage" was defined as: any impairment to the integrity or availability of data, a program, a system, or information, that: (A) causes loss aggregating at least $5,000 in value during any 1-year period to one or more individuals; (B) modifies or impairs, or potentially modifies or impairs, the medical examination, diagnosis, treatment, or care of one or more individuals; (C) causes physical injury to any person; or (D) threatens public health or safety. 18 U.S.C. § 1030(e)(8) (1994 & Supp. IV 1998). The USA PATRIOT Act removes the restrictions represented by subsections (A) - (D), so that the definition of "damage" now reads, "any impairment to the integrity or availability of data, a program, a system, or information." USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(d)(3), 115 Stat. 272, 384 (2001). Damage to a computer according to those deleted provisions has become a separate offense under the Act. see USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(a)(4), 115 Stat. 272, 382-83 (2001) (adding subsection (B) to § 1030(a)(5) that designates as a separate offense violation of § 1030(a)(5)(A) under the four conditions formerly included in the § 1030(e)(8) definition of damage, plus one new additional condition); Four Seasons hotels and Resorts B.V. v. Consorcio Barr, S.A., 267 F. Supp. 2d 1268, 1322 (S.D. FIa. 2003) (holding that hotel licensee's spoofing of licensor's computers, in and of itself, constituted the unlawful, intentional transmission of a program, code, or command that caused damage within the scope of 18 U.S.C. 1030(a)(5)); see also In re America Online, Inc. Version 5.0 Software Litigation, 168 F. Supp. 2d 1359, 1372-1374 (S.D. Fla. 2001) (analyzing the ambiguity of pre-USA PATRIOT Act assessment of damages under 18 U.S.C. §1030(a)(5)).

59. 18 U.S.C. § 1030(a)(6).

60. 18 U.S.C. § 1030(a)(7) (as amended by USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(b), 115 Stat 272, 383 (2001)). This provision is necessary because it is unclear whether existing statutes, such as the Hobbs Act, 18 U.S.C. § 1951 (2000) (applying to interference with commerce by extortion), or 18 U.S.C. § 875(d) (2000) (dealing with interstate transmission of threat to injure property), are expansive enough to include such intangible views of harm to property as interference with unfettered access to data or tying up system resources. See LEGISLATIVE ANALYSIS, supra note 40 (explaining that § 1030(a)(7) is designed to respond to the problem of the interstate transmission of threats directed against computers and computer networks).

61. See Scott Charney & Kent Alexander, Computer Crime, 45 EMORY LJ. 931,953 (1996) (discussing areas covered by § 1030(a)(7)).

62. See LEGISLATIVE ANALYSIS, supra note 40 (describing case where someone hacked into city government's computer system and encrypted data on system's hard drive, leading victim to fear extortion demand was imminent although demand never came).

63. USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(b), 115 Stat. 272, 383 (2001) (deleting from § 1030(a)(7) the phrase "firm, association, educational institution, financial institution, government entity, or other legal entity").

64. 18 U.S.C. § 1030(d) (2000) (as amended by USAPATRIOT Act of 2001, Pub. L. No. 107-56, § 506(a), 115 Stat. 272, 366-67 (2001)). The secret Service had jurisdiction over offenses under subsections (a)(4), (a)(5)(A), (a)(5)(B), (a)(5)(C), or (a)(7) of the Act. See id.

65. USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 506(a), 115 Stat. 272, 366-67 (2001) (limiting FBI jurisdiction to situations not affecting the secret Service's duties).

66. USA PATRIOT Act of 2001, Pub. L. No. 107-56,1808,115 Stat. 272,378-79 (2001) (amending 18 U.S.C. § 2332B).

67. See LEGISLATIVE ANALYSIS, supra note 40 and accompanying text (explaining changes made by 1996 Act).

68. 18U.S.C. § 1030(a)(4).

69. See United States v. Czubinski, 106 F.3d 1069, 1078-79 (1st Cir. 1997) (reversing conviction because nothing of value was obtained by defendant's mere browsing of IRS files). But see In re Am. Online, Inc. Version 5.0 Software Litigation, 168 F. Supp. 2d 1359, 1372-74 (S.D. Fla. 2001) (holding that internet service provider (ISP) was depriving something of value under 18 U.S.C. 1030(a) when ISP allegedly deprived competitor of subscribers' custom and trade by distributing software program that prohibited or discouraged subscribers' use of competitor's software).

70. See Czubinski, 106 F.3d at 1078.

71. 18 U.S.C. § 1030(e)(8)(a) (2000). See In re Am. Online, Inc. Version 5.0 Software Litigation, 168 F. Supp. 2d 1359, 1372-74 (S.D. Fla. 2001) (analyzing the ambiguity of pre-USA PATRIOT Act assessment of damages under 18 U.S.C. §1030(a)(5)).

72. USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(d)(3), 115 Stat. 272,384 (2001). See supra note 58 (discussing changes to the statutory definition of damage made by the USA PATRIOT Act).

73. See supra note 58 (discussing changes to the statutory definition of damage made by the USA PATRIOT Act).

74. 18 U.S.C. § 1030(b).

75. Id. at § 1030(c) (later modified by USA PATRIOT Act of 2001, Pub. L. No. 107-56, §814, 115 Stat. 272, 383 (2001) and by the Cyber Security Enhancement Act of 2002, Pub. L. No. 107-296, § 225(g), 116 Stat. 2135, 2158 (2002), and corrected for syntax by the 21st Century Department of Justice Appropriations Authorization Act, Pub. L. No. 107-273, 116 Stat. 1758 (2002)). The 1996 Act broadened the definition of recidivism by replacing the words "such subsection" with "this section." Pub. L. No. 104-294, Title Ð, § 201(2)(A), 110 Stat. 3488,3492 (1996).

76. USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(d)(5), 115 Stat. 272, 384(2001) (stating that any person convicted of a computer crime under state law would be eligible for increased sentencing under the Act.).

77. 18 U.S.C. § 1030(c)(1) (2000).

78. 18U.S.C.§ 1030(c)(2)(A) (as amended by USA PATRIOT Act of 2001, Pub. L. No. 107-56, §814(c)(1)(A), 115 Stat. 272, 383(2001)).

79. § 1030(c)(2)(B) (as amended by USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(c)(1)(B), 115 Stat. 272,383 (2001) and as corrected for syntax by § 4002(b)(12)(A), 116 Stat. at 1808 (2002)).

80. § 1030(c)(2)(C) (as amended by USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(c)(1)(C), 115 Stat. 272,383(2001)).

81. § 1030(c)(3)(A)(as amended by USA PATRIOT Act of2001,Pub. L. No. 107-56, § 814(c)(2)(A), 115 Stat. 272,383 (2001)); Id. at § 1030(c)(4XB) (added by USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(c)(3), 115 Stat. 272,383 (2001)).

82. § 1030(c)(3)(B) (as amended by USA PATRIOTAct of 2001, Pub. L. No. 107-56, §814(c)(2)(B), 115 Stat. 272, 383 (2001) and by the Cyber security Enhancement Act of 2002, Pub. L. No. 107-296, § 225(g), 116 Stat. 2135,2158 (2002), and corrected for syntax by §4005(d)(3), 116Stat.at 1813(2002)).

83. USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(c)(3), 115 Stat. 272, 383 (2001) (as amended by Cyber Security Enhancement Act of 2002, Pub. L. No. 107-296, § 225(g), 116 Stat. 2135, 2158 (2002), and as corrected for syntax by § 4005(d)(3), 116 Stat. at 1813 (2002)).

84. Cyber Security Enhancement Act of 2002, Pub. L. No. 107-296, § 225(g)(4), 116 Stat. 2135, 2158(2002).

85. Id.

86. See generally U.S. SENTENCWO GUIDEUNES MANUAL (2005) [hereinafter U.S.S.G. MANUAL]. The United States Supreme Court recently held the United States Sentencing Guidelines to be advisory only, excising two statutory provisions: (1) 18 U.S.C. § 3553(b)(l), which made the Guidelines mandatory; and (2) 18 U.S.C. § 3742(e), an appeals provision that the Court determined was inextricably linked to § 3553(b)(1). See United States v. Booker, 543 U.S. 220 (2005). However, the Booker Court explained that "[t]he district courts, while not bound to apply the Guidelines, must consult those Guidelines and take them into account when sentencing." Id. at 264. The controlling statutory provision in sentencing is 18 U.S.C. § 3553(a), which states that the Guidelines are one among a number of factors - including the purposes of punishment and the nature and circumstances of the offense and the history and characteristics of the defendant - to be considered in imposing federal sentences. Accordingly, the following analysis of the Guidelines remains highly relevant despite their advisory nature.

87. The U.S.S.G. Manual sets the base offense level for § 1030(a)(1) at thirty-five if unlawfully accessed national defense information is top secret, and at thirty otherwise. U.S.S.G. MANUAL § 2M3.2(a) (2005).

88. The offense levels for violations of § 1030(a)(2)-(7) are determined by various U.S.S.G. Manual provisions; those of all but subsection (3) are largely dependent on the value of the loss suffered. Subsections (2), (4), (5), and (6) are covered by U.S.S.G. MANUAL § 2B1.1 (2005) (Theft, Stolen Property, Property Damage, Fraud, Forgery, and Counterfeiting); Subsection (3) by U.S.S.G. MANUAL § 2B2.3 (2005) (Trespass); and Subsection (7) by U.S.S.G. MANUAL § 2B3.2 (2005) (Extortion). Note that the mandatory imposition of at least six months' imprisonment for violations of Subsections (4) and (5) was removed by the Sentencing Commission in its 2002 Guidelines in response to the USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 814(f), 115 Stat. 272, 384 (2001). U.S.S.G. MANUAL app. C, amend. 637 (2005). For a complete explanation of the application of § 2B1.1 and its loss table, see the MAO. AND WIRE FRAUD article in this issue.

89. 18 U.S.C. § 1030(b) (2000).

90. U.S.S.G. MANUAL § 2X1.1 (2005) (setting base offense levels identical to those assigned to respective completed offenses, but reducing levels by three points if acts necessary to commit the offense were not completed or nearly completed).

91. United States v. Petersen, 98 F.3d 502,506-07 (9th Cir. 1996) (finding defendant's computer programming was a "special skill" and thus permitting enhancement under the Guidelines where defendant did not possess formal computer training but demonstrated knowledge of computers not shared by the general public). But see United States v. Lee, 296 F.3d 792, 796-99 (9th Cir. 2002) (holding that developing a basic website does not require "special skills" as established in Petersen); United States v. Godman, 223 F.3d 320, 323 (6th Cir. 2000) (holding defendant's computer skills were not "particularly sophisticated" as required in Petersen, and therefore finding upward departure to be unwarranted).

92. U.S. SENTENCINO COMMISSION, REPORT TO THE CONORESS: INCREASED PENALTIES FOR CYBER secURITY OFFENSES (May 2003) [hereinafter U.S.S.G. REPORT], available at http://www.ussc.gov/r_congress/ cybercrime503.pdf.

93. Cyber Security Enhancement Act of 2002, Pub. L. No. 107-296, § 225(b)-(c), 116 Stat. 2135,2156 (2002).

94. See U.S.S.G. REPORT, supra note 92, at 1; Cyber security Enhancement Act of 2002, § 225(b), 116 Stat 2135,2156(2002).

95. U.S.S.G. MANUAL, app. C (2005).

96. The amendment modifies U.S.S.G. § 2B 1.1 so that approximately 51 percent of ÍÐÑÁ offences sentenced under this section will be affected by increased penalties. The scope of U.S.S.G. § 2B2.3 and § 2B3.2 have been expanded, as well as the penalties increased. U.S.S.G. REPORT, supra note 92, at 1-14.

97. See U.S. SENTENCING COMM'N, COMPUTER FRAUD WORKING GROUP, REPORT SUMMARY OF FINDINGS, 3 (1993) [hereinafter 1993 U.S.S.C. REPORT SUMMARY] (suggesting that while prosecution of computer fraud and abuse continues under traditional generic statutes that apply to many computer-related offenses, some offenses are unique to computers and require prosecution under statutes specific to computer operation and related activities).

98. See, e.g., Jay Lyman, Spam Costs $20 Billion Each Year in Lost Productivity, E-Commerce Times (Dec. 29,2003) (reporting a study stating the cost to businesses from spam is increasing at a rate of more than 100% per year), available at http://www.ecommercetimes.com/perl/story/32478.html.

99. See Jeffrey D. Sullivan & Michael B. De Leeuw, Spam After CAN-SPAM: How Inconsistent Thinking Has Made A Hash Out of Unsolicited Commercial E-Mail Policy, 20 SANTA CLARA COMPUTER & HIGH TECH. LJ. 887, 891-92 (2004) (discussing the history of anti-spam legislation in the United States).

100. 15 U.S.C. §§ 7701-7713 (2000); see also 18 U.S.C. § 1037 (2000).

101. Sullivan & De Leeuw, supra N. 2, at 888 (explaining Congress' attempt at responding to the rapidly growing problem of unsolicited email).

102. 18 U.S.C. § 1037.

103. Id.

104. 15 U.S.C. § 7704.

105. Federal Trade Commission, The CAN-SPAM Act: Requirements for Commercial Emailers, http:// www.ftc.gov/bcp/conline/pubs/buspubs/canspam.htm (explaining the range of fines and criminal penalties for violations of the CAN-SPAM Act) (last visited Oct. 28,2006).

106. Id.

107. Id.

108. See BUSINESS SOFTWARE ALLIANCE, infra note 401 (finding that the U.S. software makers lost $6.645 billion to pirated software).

109. The Software & Information Industry Association recognizes ten kinds of software piracy. Software & Info. Indus. Ass'n, What is Piracy? Types of Software Piracy, http://www.siia.com/piracy/whads.asp (last visited Oct. 26,2006). This is up from seven kinds just six years ago. SOHWAKE & INFO. INDUS. Ass X REPORT ON GLOBAL SOFTWAKE PIRACY 7 (2000), http://www.siia.net/estore/GPR-00.pdf.

110. Id. at 7 (stating programs that took years and millions of dollars to develop can be "duplicated or illegally distributed in minutes with the touch of a button").

111. Id. at 15 (claiming a computer user can duplicate an otherwise expensive product in bulk for no more than the cost of a blank compact disc).

112. Id. at 7 (noting the quality of pirated software is only slightly inferior to the original).

113. See KENNETH COHEN ET AL., U.S. SENTENCINO COMM'N, No ELECRONIC THEFT ACT, POLICY DEVELOPMENT TEAM REPORT (Feb. 1999) [hereinafter 1999 U.S.S.C. NET REPORT], available at http://www.ussc.gov/agendas/ 02_99/NETBRF99.PDF (noting that investigators may have trouble tracking down the creators of infringing websites, since the creators often change their internet service providers to avoid detection).

114. Peter Brown & Richard Raysman, Napster Threatens Copyright Law, 224 N.Y.L.J. 3, 3 (2000) (discussing the ease with which copyrighted music can be distributed via the internet with little or no degradation in quality and exploring the potential for massive copyright infringement because of technological advances).

115. Copyright Act, 17 U.S.C. § 506(a) (2000); H.R. REP. No. 105-339, at 3 (1997) (noting the December 1997 amendments to the Copyright Act, called the "No Electronic Theft" (NET) Act, were expressly enacted to "reverse the practical consequences of United States v. LaMacchia," 871 F. Supp. 535 (D. Mass. 1994), which precluded criminal sanctions for copyright infringement "in instances in which a defendant does not realize a commercial advantage or private financial gain"); Criminal Penalties for Copyright Infringement, Pub. L. No. 102-561, 106 Stat. 4233 (1992) (codified as 18 U.S.C. f 2319 (2000)) (amending 18 U.S.C. § 2319 to provide strict felony penalties for some copyright violations enumerated in Title 17).

116. 17 U.S.C. § 506(a); COMPUTER CRIME & INTELLECTUAL PROP. secTION, CRIMINAL Drv., U.S. DEP'T OF JUSTICE, PROSECUTINO INTELLECTUAL PROPERTY CRIMES MANUAL, at III (2001 ) [hereinafter FEDERAL PROSECUTION MANUAL], available at http://www.usdoj.gov/criminal/cybercrime/ipmanual/03ipma.htm (analyzing elements of criminal copyright infringement).

117. An enforceable copyright must be registered with the Register of Copyrights, be original, and be fixed in a tangible medium of expression. 17 U.S.C. § 102(a) (2000); 17 U.S.C. § 411(a) (West 2006); La Resolana Architects, PA v. clay Realtors Angel Fire, 416 F.3d 1195 (10th Or. 2005) ("[T]he [registration] certificate is prima facie evidence of the validity of the copyright... but it is not required for registration to occur.")..

118. 17 U.S.C. § 506(a)(2).

119. 17 U.S.C. § 506(a) ("Evidence of reproduction or distribution of a copyrighted work, by itself, shall not be sufficient to establish willful infringement."). Courts are split as to whether "willful" mens rea refers to intent to copy or intent to infringe. Compare Repp v. Webber, 132 F.3d 882, 889 (2d Cir. 1997) (noting violators are liable for subconscious copyright infringement of musical compositions), with United States v. Moran, 757 F. Supp. 1046, 1052 (D. Neb. 1991) (accepting defendant's argument that he believed making just one copy was not copyright infringement).

120. This element was added by the NET Act to bring digital copyright infringement within the scope of the statute . see H.R. rep. No. 105-339, at 3 (1997). Previously, the prosecution had to show that the defendant acted with the purpose of private financial gain or commercial advantage. See United States v. LaMacchia, 871 F. Supp. 535,536,541 (D. Mass. 1994).

121. 17 U.S.C. §506(a)(l).

122. 17 U.S.C. § 109(a) (2000) ("Notwithstanding the [copyright owner's exclusive right to distribute copies], the owner of a particular copy or phonorecord lawfully made... is entitled, without the authority of the copyright owner, to sell or otherwise dispose of the possession of that copy or phonorecord."); see Bourne v. Walt Disney Co., 68 F.3d 621, 632-33 (2d Cir. 1995) (applying first sale doctrine to challenged conduct); Quality King Distribs., Inc. v. L'anza Research Int'l, Inc., 523 U.S. 135, 152 (1998) ("[O]nce the copyright owner places a copyrighted item in the stream of commerce by selling it, he has exhausted his exclusive statutory right to control its distribution."). The alleged copyright infringer bears the burden of proving that the first sale doctrine applies. See Microsoft Corp. v. Harmony Computers and Elec., 846 F. Supp. 208,212 (E.D.N.Y. 1994).

123. 17 U.S.C. § 109(d) (noting the first sale doctrine does not apply to "any person who has acquired possession of the copy or phonorecord from the copyright owner, by rental, lease, loan, or otherwise, without acquiring ownership of it"); Adobe Systems, Inc. v. One Stop Micro, Inc., 84 F. Supp. 2d 1086,1089 (N.D. Cal. 2000) (stating a copyright owner "does not forfeit his right of distribution by entering into a licensing agreement."); federal prosecution manual, supra note 116 (noting that under most software licensing agreements, the copyright holder maintains ownership of all distributed copies, so the first sale doctrine is usually not an available defense to software infringement).

124. 17 U.S.C. § 107 (2000).

125. 17 U.S.C. § 107.

126. While commercial uses are presumptively unfair, noncommercial and nonprofit activity is presumptively fair. federal prosecution manual, supra note 116, at III.C.3. This factor also considers whether the use "transforms" the work by "infusing it with new meaning, new understandings, or the like." UMG Recordings, Inc. v. MP3.COM, Inc., 92 F. Supp. 2d 349,351 (S.D.N.Y. 2000) (holding that merely retransmitting the original work through a new medium does not amount to "transforming"). But see Kelly v. Arriba Soft Corp., 336 F.3d 811, 818-19 (2003) (finding that a search engine's reproduction of web site images as "thumbnails" was transformative because it improved access to information, which is a different function from the copyright owner's function of artistic expression).

127. See, e.g., Kelly, 336 F.3d 811 at 942-43 (works that are creative in nature are closer to the core of intended copyright protection whereas factual work is more able to be a "fair use"); see also Campbell v. Acuff-Rose Music, Inc, 510 U.S. 569,586 (1994) (noting that this factor is not very useful in resolving parody cases).

128. The greater the size or importance of the portion of the work that is used the less likely the use is to fall under the "fair use" defense. see, e.g.. Harper & Row, Publishers, Inc. v. Nation Enters., 471 U.S. 539, 564-66 (1985).

129. See id. at 568 ("To negate fair use, one need only show that if the challenged use 'should become widespread, it would adversely affect the potential market for the copyrighted work.'") (quoting Sony Corp. of Am. v. Universal City Studios, Inc., 464 U.S. 417,451 (1984)).

130. 18 U.S.C. § 2319 (2000).

131. See id. § 2319(c)(l); see also U.S.S.G. manual § 2B5.3 (2005); H.R. rep. No. 102-997, at 4 (1992), reprinted in 1992 U.S.C.C.A.N. 3569, 3572 (noting that ten copies can represent an infringement of one copyrighted work, or an aggregation of different works of authorship).

132. See U.S.S.G. manual app. A (2005). But see, Booker, 543 U.S. at 239-40 (holding that the Sentencing Guidelines should only be used in an advisory capacity to ensure "a strong connection between the sentence imposed and the offender's real conduct").

133. See U.S.S.G. manual §2B5.3(a) (2005).

134. The appropriate dollar amount for calculating sentence enhancement under § 2B5.3 and the table in § 2B1.1 is the retail value of the counterfeit goods, not the total loss suffered by the copyright owner as a result of the infringement. USSG MANUAL 12Bl.1 see United States v. Bao, 189 F.3d 860,867 (9th Cir. 1999) (finding that district court overestimated the retail value of counterfeited computer manuals and consequently imposed too large a sentence enhancement); United States v. Cho, 136 F.3d 982,984 (5th Cir. 1998) (upholding district court's determination that sentence enhancement under U.S.S.G. manual § 2B5.3(b)(l) must be based on retail value of counterfeit goods, not total loss suffered by copyright owner). The Guidelines' focus on the retail value of the infringing item instead of the retail value of the infringed-upon item highlights the gain to the offender rather than the loss to the victim. Although this departs from the typical loss-based approach to sentencing, the Sentencing Commission intended the gross gain to the offender to be a clear and easily applied proxy for loss to the victim. See 1999 U.S.S.C. NET REPORT, supra note 113, at 4.

135. U.S.S.G. MANUAL § 2B5.3(b)(1) (2005).

136. Digital Millennium Copyright Act, Pub. L. 105-304, 112 Stat. 2863 (1998) (codified as amended at 17 U.S.C. §§ 1201-1205 (2000)).

137. 17 U.S.C. §§ 1201-1205 (2000).

138. As used in § 1201, (A) to "circumvent a technological measure" means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner; and (B) a technological measure "effectively controls access to a work" if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work. 17 U.S.C. § 1201(aX3).

139. 17 U.S.C. § 1201(a)(l). see generally THE DIGITAL MILLENNIUM COPYRIGHT ACT OF 1998: U.S. COPYRIGHT OFFICE SUMMARY (Dec. 1998), available at http://lcweb.loc.gov/copyright/legislation/dmca.pdf (summarizing each of the law's provisions). With the exception of manufacturers of a certain type of VCR, manufacturers of devices that could be used to illegally copy or access copyrighted works are not mandated to implement technological measures preventing consumers from using it in that manner. See 17 U.S.C. § 1201(c)(3).

140. It is a violation of § 1201 to place a hypertext link to another site that offers technology circumvention measures on your website, where the purpose of the hypertext link is to provide the user with access to a technology circumvention measure. see Universal City Studios v. Reimerdes, 111 F. Supp. 2d 294,325 (S.D.N.Y. 2000), off 'd, 273 F.3d 429 (2d Cir. 2001) (stating that while a hyperlink to a site such as the Los Angeles Times which happened to contain a technology circumvention measure among many other types of content would probably not violate the statute, the defendants violated the statute because of the clear statement on their website that the purpose of the hyperlink was to allow access to a technology circumvention measure).

141. This category includes computer code designed to circumvent encryption software protecting a digital work. See id. In Reimerdes, the court declined to extend First Amendment protection to computer code because although it is "expressive," it is also functional, and the court may legitimately regulate the undesirable consequences of its functions. see id. at 304 (stating that the expressive element of computer code "no more immunizes its functional aspects from regulation than the expressive motives of an assassination immunize the assassin's action").

142. See, e.g., Sony Computer Entertainment America v. GameMasters, 87 F. Supp. 2d 976, 985 (N.D. CaI. 1999) (granting preliminary injunction based on evidence that the sale of "game enhancers," devices that circumvented a mechanism on the game console that ensured console would operate only when encrypted data was read from authorized CD-ROMs, likely violated § 1201).

143. The circumvention does not have to act directly against the technology protection measure itself; for example, many copyright owners choose to "stream" their works rather than offering it for download, a technology that permits consumers to view audio and video files without downloading. See RealNetworks v. Streambox. No. 2:99CV02070, 2000 WL 127311. at «2, *3 (W.D. Wash. Jan. 18, 2000). In RealNetworks, RealNetworks designed two separate products, the RealPlayer and the RealServer, which, when acting together, prevent consumers from downloading streamed files without the consent of the copyright holder. see id. The district court granted a preliminary injunction against the production and sale of the Streambox VCR, which is similar enough to the RealPlayer that it fools the RealServer, but which does not contain the downloading restriction technology. see id. at *7, * 10. The preliminary injunction was granted based on the likelihood that this product violates § 1201. See id.

144. 17U.S.C.§1201(a)(2).

145. See § 1201(d) (excepting non-profit library, archive, and educational institutions); § 1201(e) (excepting governmental law enforcement and intelligence activities); f 1201(0 (excepting reverse engineering in cases where a person has lawfully obtained a copy of a computer program in order to make it interoperable with other programs); § 1201(g) (excepting encryption research); § 1201(h) (providing exception for protection of minors); § 1201(i) (providing exception for personal privacy, where the technological measure or the work it protects invades that privacy); § 1201(j) (excepting security testing).

146. 111 F. Supp. 2d 294 (S.D.N.Y. 2000).

147. 17 U.S.C. § 107 (2001). Id. at 322 ("The use of technological means of controlling access to a copyrighted work may affect the ability to make fair uses of the work.").

148. Reimeides, 111 F. Supp. 2d at 323 (stating Congress expressly considered this problem and included the exceptions listed in § 1201(d)-(j) in direct response).

149. See id. (reiterating Congress' conviction that this limitation preserves legitimate uses of the fair use defense).

150. 17 U.S.C. § 1202 (2000). "Copyright management information" includes: (i) the name of the work; (ii) the name of the author, (iii) the name of the copyright owner; (iv) the name and other identifying information about the author of a performance fixed, for example, on audio CD; (v) the name and other identifying information about the writer, performer, or director of a fixed audio-visual work; and (vi) terms and conditions of use. See 17 U.S.C. § 1202(c). The statute also prohibits tampering with the symbols that refer to this information, including internet hypertext links to web pages containing copyright management information. 17 U.S.C. § 1202(c)(7). Finally, "copyright management information" includes any information that the Register of Copyrights may require by regulation. 17 U.S.C. § 1202(c)(8).

151. 17 U.S.C. § 1202(a)-(b). But see Kelly v. Aribba Soft Corp., 336 F.3d 811 (9th Cir. 2003) (holding an internet search engine that stores and displays "thumbnail" versions of visual images without their copyright management information would be a prima facie violation of § 1202, but it is justified under the "fair use" doctrine).

152. See Online Copyright Infringement Liability Limitation Act, 17 U.S.C. § 512 (2000). But see A&M Records v. Napster, 284 F.3d 1091 (9th Cir. 2002) (affirming a district court's ruling that the Napster system, which facilitates trading of copyrighted musical files between users, is not an ISP eligible for the safe harbor defense, because it is not a "passive conduit" for information transmission as envisioned by the legislative history ofDMCA).

153. Id.; see also ALS Scan, Inc. v. RemarQ Cmtys., Inc., 239 F.3d 619, 625 (4th Cir. 2001) (discussing notification requirements under DMCA and noting that, with respect to multiple works, it is not required to identify all of the works - a representative list is sufficient).

154. 17 U.S.C. § 1204(2000).

155. 18 U.S.C. § 2314 (2000). see generally the INTELLECTUAL PROPERTY CRIMES article in this issue.

156. 18 U.S.C. §2314.

157. See United States v. Reeder, 170 F.3d 93, 101, 103-04 (1st Cir. 1999) (holding that a defendant who electronically transported funds across state boundaries with knowledge that funds were obtained through a fraudulent computerized transfer of funds violates NSPA).

158. See United States v. Martin, 228 F.3d 1, 13 (1st Cir. 2000) (holding fraudulently obtained software contained on disks sent to defendant is protected by NSPA, and may therefore contribute to the $5,000 minimum requirement); United States v. Wang, 898 F. Supp. 758, 760 (D. CoIo. 1995) (holding that a computer program does not qualify as "goods, wares, merchandise, securities or money" for purposes of NSPA); United States v. LaMacchia, 871 F. Supp. 535, 536-38 (D. Mass. 1994) (finding use of a computer bulletin board to copy copyrighted software does not involve "physical taking" and thus cannot be prosecuted under NSPA).

159. 18 U.S.C. § 2314; United States v. Pierro, 32 F.3d 611,620 (1st Cir. 1994) (affirming lower court ruling that downward departure from the U.S.S.G. was unwarranted because defendant's theft and interstate resale of stolen computer components clearly fell within § 2314 and U.S.S.G. provisions).

160. U.S.S.G. MANUAL app. A (2005). But see supra note 86 (discussing effect of Booker).

161. U.S.S.G.MANUAL § 2Bl.l(a)(2005).

162. U.S.S.G. MANUAL § 2B1.1(b)(1) (2005).

163. U.S.S.G.MANUAL § 2B1.1(b)(4)(2005).

164. 18 U.S.C. §§ 1341,1343 (2006). See generally the MAIL AND WIRE FRAUD article in this issue.

165. 18 U.S.C. U 1341,1343.

166. STANLEY S. ARHN ET AL., PREVENTION AND PROSECUTION OF COMPUTER AND HIGH TECHNOLOGY CRIME ¶ 3.04[1][a][ii](1991).

167. See United States v. Pirello, 255 F.3d 728, 732 (9th Cir. 2001) (holding that posting a fraudulent solicitation for money on a classified ad website violated § 1343 and warranted two-level sentence enhancement); United States v. Briscoe, 65 F.3d 576,580-81 (7th Cir. 1995) (holding that fraudulent transfer of funds through a computer system violates wire fraud statute); United States v. Gaind, 31 F.3d 73,75 (2d Cir. 1994) (finding wire fraud violation when government contractor altered computer clocks to "backdate" reports to represent falsely that tests were completed within specified period); Mid Atlantic Telecom, Inc. v. Long Distance Serve., Inc., 18 F.3d 260,264 (4th Cir. 1994) (allowing civil RICO action based on violations of §§ 1341 and 1343 where reseller of long distance telephone service used computer program to add extra minutes to calls of customers).

168. See 18 U.S.C. § 1346 (2000); see also ARKIN ET AL., supra note 166,1 3-33 (noting that intangible property is covered by federal mail and wire fraud statutes).

169. Compare United States v. Wang, 898 F. Supp. 758,759 (D. Colo. 1995) (denying motion to dismiss wire fraud charge because computer program, while intangible, is still property and therefore may be prosecuted under both Copyright Act and wire fraud statute), with United States v. LaMacchia, 871 F. Supp. 535,540-44 (D. Mass. 1994) (allowing motion to dismiss wire fraud charge based on use of computer bulletin board to facilitate illegal copying of copyrighted software partially because no plain congressional intent was found for wire fraud statute to reach copyrighted material).

170. 74. 17 U.S.C. § 506(a) (2006).

171. United States v. Rothberg, 222 F. Supp. 2d 1009,1018 (N.D. Ill. 2002).

172. 18 U.S.C. §§ 1341,1343 (2006).

173. Id.

174. U.S.S.G. MANUAL app. A (2005). But see supra note 86 (discussing effect of Booker).

175. Id. §§ 2C1.7(a), 2C1.7(b)(I)(A) (2005).

176. Id. § 2C1.7(b)(I)(A); see, e.g., United States v. Mack, 159 F.3d 208, 220 (6th Cir. 1998) (applying § 2 C1.7(b)(l)(B) to a prison security chief); United States v. ReBrook, 58 F.3d 961, 969 (4th Cir. 1995) (upholding increase in offense level pursuant to § 2C1.7(b)( I)(B) for wire fraud conviction based on video lottery systems because defendant was public official holding high-level decision-making or sensitive position).

177. U.S.S.G. MANUAL § 2B1.1 (2005); see, e.g.. United States v. Catalfo, 64 F.3d 1070, 1082-83 (7th Cir. 1995) (upholding sentencing enhancement for wire fraud by illegal computerized futures trading because defendant could have foreseen possible loss from his conduct and was therefore accountable for monetary loss under former § 2F1.1 ). For a complete explanation of these provisions, see the MAIL AND WIRE FRAUD article in this issue.

178. Pub. L. No. 99-508,100 Stat. 1848 (codified as amended at 18 U.S.C. §§ 2510-2521,2701-2710 (2000)).

179. 18 U.S.C. § 2511 ( 1 )(e) (2000). The Fifth Circuit interpreted ECPA as supplementing the Communications Act of 1934 (codified as amended at scattered sections of 47 U.S.C.). Accordingly, the court held that concurrent prosecution under both acts does not violate the Double Jeopardy Clause of the Fifth Amendment. United States v. Crawford, 52 F.3d 1303,1306-07 (5th Cir. 1995).

180. 18 U.S.C. § 2510(1) (2000) (broadening statutory definition of communications covered to include those "affecting interstate or foreign commerce").

181. 18 U.S.C. § 2516(3) (2000) (granting law enforcement officers the power to file an application to a Federal judge to get authorization to intercept electronic communications where such interception may provide evidence of any Federal felony); see United States v. McNulty (In re Askin), 47 F.3d 100,102-03 (4th Cir. 1995) (holding that conversations on cordless telephones are not communications protected by ECPA, and thus are open to warrantless police monitoring); United States v. Fregoso, 60 F.3d 1314, 1321 (8th Cir. 1995) (holding §§ 2510-2522 do not protect caller identification service decoding electronic impulses to display telephone number of receiving call). For a discussion on the conflict between protecting data privacy while allowing for police monitoring of that data for enforcement and national security reasons, see Richard D. Marks, security, Privacy and Free Expression in the New World of Broadband Networks, 32 Hous. L. REV. 501, 501-08 (1995) (noting advances in computer technology inevitably allow users to develop new techniques to outstrip patchwork computer legislation); see also ARKIN ET AL., supra note 166,19.02[2] (discussing provisions of Act designed to ease law enforcement investigations through interception of oral and wire communications).

182. See United States v. Petersen, 98 F.3d 502, 504-05 (9th Cir. 1996) (upholding ECPA conviction for hacking into telephone system).

183. See supra Section II.A.1. of this article (discussing § 1030).

184. Compare United States v. Chick, 61 F.3d 682, 687-88 (9th Cir. 1995) (permitting government to use ECPA to prosecute defendant for pirating modified satellite descramblers), and United States v. Harrell, 983 F.2d 36, 37-38 (5th Cir. 1993) (acknowledging ECPA's proper application to modified satellite descramblers), with United States v. Shriver, 989 F.2d 898, 904-07 (7th Cir. 1993) (concluding § 2512 covers sale or ownership of satellite descramblers only if descramblers are designed primarily to pirate satellite-transmitted broadcasts).

185. See United States v. Crawford, 52 F.3d 1303,1309-10 (5th Cir. 1995) (affirming convictions under ECPA after defendants repaired and sold modules that descrambled cable television signals).

186. 18 U.S.C. § 2701(a) (2000); see Konop v. Hawaiian Airlines, Inc., 302 F.3d 868, 876 (9th Cir. 2002) (explaining that the purpose of amendments to 18 U.S.C. § 2511 was to reduce protection of voice mail messages to the level of protection provided to other electronically stored communications).

187. See Fraser v. Nationwide Mutual Ins. Co.. 135 F. Supp. 2d 623,633-35 (E.D. Pa. 2001) (stating that "[t]he ECPA has been noted for its lack of clarity" and deciding interception of an e-mail only occurs before the e-mail has been received by the recipient); see also Theofel v. Farcy Jones, 341 F.3d 978,984 (9th Cir. 2003), aff'd, 359 F.3d 1066 (9th Cir. 2004) (holding that e-mail messages delivered to recipient and stored by an ISP were in "electronic storage" and thus were protected under the ECPA); United States v. Reyes, 922 F. Supp. 818, 836-37 (S.D.N.Y. 1996) (concluding that a police officer who pressed button on defendant's pager to discover callers' identities did not "intercept" electronic transmissions pursuant to § 2510(4), but rather accessed electronic storage under § 2701(a)). But see Steve Jackson Games, Inc. v. U.S. Secret Serv., 36 F.3d 457, 458 (5th Cir. 1994) (holding unopened e-mails contained on a computer used to operate an electronic bulletin board were in storage and did not constitute interception under § 2510).

188. U.S. v. Councilman, 418 F.3d 67 (1st Cir. 2005) (en banc).

189. Id. at 80. But see Orin S. Kerr, Computer Crime Law, 457 (2006) (noting that the court did not decide whether there was an interception but suggested in dicta that there was).

190. Id. at 76-78.

191. Steve Jackson Games, 36 F.3d 457.

192. Id. at 458. The 5th Circuit argues that Congress could not have intended for both Title I and Title II to apply to these files. Id. at 462-63. Furthermore, "it is most unlikely that Congress intended to require law enforcement officers to satisfy the more stringent requirements for an intercept in order to gain access to the contents of stored [e-mail]." Id. at 463.

193. Councilman, 418 F.3d at 70.

194. The court in Councilman implied that the transmission ends when the recipient opens the e-mail, id. at 71, but this language was not needed to decide the issue, since the e-mail was intercepted before being placed in the recipient's mail box, and is probably dicta.

195. 18 U.S.C. § 251 l(4)(a) (2006). Under the U.S.S.G., defendants convicted of intercepting communications or eavesdropping receive a base offense level of nine. U.S.S.G. MANUAL § 2H3. l(a) (2005). If the purpose of the conduct was to obtain direct or indirect commercial advantage or economic gain, the offense level is increased by three. U.S.S.G. MANUAL § 2H3.1(b)(l) (2005). Additionally, if the purpose of the conduct was to facilitate another offense with a higher offense level, the guideline applicable to an attempt to commit that offense should be applied. U.S.S.G. MANUAL § 2H3.1(c)(l) (2005).

196. 18 U.S.C. § 2511(4)(b). However, interception of an unscrambled satellite communication intended for retransmission to the public is not punishable under this section. 18 U.S.C. § 2511 (4)(b).

197. See 18 U.S.C. §§ 2520(a), 2707(a) (2000), which authorize civil suits against any "person or entity" other than the United States, in violation of the ECPA's substantive provisions. The Tenth Circuit was the first Federal Court of Appeals to hold that the police had violated § 2701 by seizing computer equipment that they should have known would hinder e-mail access of customers not connected with their investigation. Davis v. Gracey, 111 F.3d 1472, 1484 (10th Cir. 1997). However, the court granted the officers' motion for summary judgment because of their valid good faith defense under § 2707. Id. at 1483-85; see also Brown v. Waddell, 50 F.3d 285,294 (4th Cir. 1995) (holding that law enforcement use of "clone pagers" to intercept numeric transmissions received on digital display pagers violated § 2511 of ECPA and subjected state officials to civil liability); Organizacion JD Ltda. v. U.S. Dep't of Justice, 18 F.3d 91,94-95 (2d Cir. 1994) (per curiam) (holding that governmental "entities" can be subject to liability under § 2707(a) where appellants were intended recipients of electronic fund transfers seized by DEA agents).

198. 18 U.S.C. § 2701(b)(1)(A)(2006).

199. 18 U.S.C.§2701(b)(1)(B).

200. 18 U.S.C. § 2701(b)(2).

201. Telecommunications Act of 1996, Pub. L. No. 104-104, Title V, §§ 501-561, 110 Stat. 56, 133-43 (codified at 18 U.S.C. §§ 1462,1465,2422 (1996) and as scattered sections of 47 U.S.C.).

202. 47 U.S.C. § 223(a)(1)(B) (2000).

203. 47 U.S.C. § 223(d).

204. 47 U.S.C. § 223(a)(1)(B).

205. Reno v. ACLU, 521 U.S. 844 (1997).

206. The Court severed the indecency restriction from the statute because such a ban against undefined indecency would unduly chill the speech of internet users. See id. at 863-64 (affirming district court finding mat the statute "sweeps more broadly than necessary and thereby chills the expression of adults").

207. The Court distinguished § 223(d) from similar, constitutionally permissible enactments because § 223(d) did not require that patently offensive material lack serious literary, artistic, political, or scientific value. See id. at 864-66 (contrasting CDA with law at issue in Ginsberg v. New York, 390 U.S. 629 (1968) (banning certain magazine sales to persons under age seventeen even though magazines were not necessarily obscene to adults)).

208. Furthermore, the Reno majority distinguished the internet from other, more regulated media containing potentially indecent expression, by noting that web surfera usually seek out the materials they encounter. See id. at 868-69 (explaining less regulation to protect children is necessary on the internet in comparison to television or radio because users seldom encounter content on the internet accidentally and sexually explicit images are often preceded by warnings). The global nature of the internet also renders it difficult, if not impossible, for users to predict when their potentially offensive communications will reach a minor. See id. at 880. Consequently, Reno requires courts to apply unqualified First Amendment scrutiny to speech restrictions affecting the internet. Id. at 870.

209. See Reno, at 872-73 (citing Miller v. California, 413 U.S. 15, 18 (1973), which permits states to ban obscene speech in order to ensure general welfare of their citizens).

210. 47 U.S.C. § 223(a)(1)(B) (2000).

211. U.S.S.G. MANUAL § 2G3.1(b)(1)(C) (2005). But see supra note 86 (discussing effect ofBooker).

212. U.S.S.G. MANUAL § 2G3.1(b)(1)(E) (2005).

213. U.S.S.G. MANUAL § 2G3.1(b)(1)(A) (2005).

214. U.S.S.G. MANUAL § 2G3.1(b)(4) (2005).

215. Omnibus Consolidated and Emergency Supplemental Appropriations Act, Pub. L. No. 105-277, Div. C, Title XIV, § 1402, 112 Stat. 2681-736 (codified at 47 U.S.C. § 231 (2000)).

216. 47 U.S.C. § 231(e)(6) (2000).

217. 47 U.S.C. § 231(c).

218. See Ashcroft v. American Civil Liberties Union, 542 U.S. 656,673 (2004) (holding that internet content providers and civil liberties groups were likely to prevail on claim that COPA violated First Amendment by burdening adults' access to some protected speech); see infra notes 287-292 and accompanying text (discussing challenge to COPA's constitutionality on First Amendment grounds).

219. 47 U.S.C. § 231(a)(1).

220. See U.S.S.G. MANUAL 2G3.1(a) (2005).

221. 47 U.S.C. § 231(a)(2).

222. 47 U.S.C. § 231(a)(3).

223. Omnibus Consolidated Appropriations Act, Pub. L. No. 104-208, tit. I, § 121, 110 Stat. 3009, 3009-31 (1996) (amending 18 U.S.C. §§ 2241, 2243, 2251, 2252, 2256, 42 U.S.C. § 2000aa, and adding 18 U.S.C. § 2252(A)).

224. 18 U.S.C. §§ 2252(A), 2256 (2006); see also Oversight Hearing on the Activities of the Federal Bureau of Investigation: Hearing before the House Comm. on Judiciary, Subcomm. on Crime, 105th Cong. (June 5, 1997) (statement of Louis J. Freeh) (warning Congress of the increased risk of danger to children who interact with strangers in Cyberspace). But cf. Sharon Waxman, "Lalita: " Forbidden Fruit for Studios: Does Hollywood Fear Remake of Nabokov?, wash. post, June 30,1997, at Cl (illustrating CPPA's potentially chilling effect on artistic representations of pedophilia).

225. See 18 U.S.C. § 2256(S)(B).

226. Compare United States v. Fox, 248 F.3d 394 (5th Cir. 2001) (holding that CPPA is narrowly tailored to meet government's compelling interest in protecting all children from harm, not merely those who have participated in creation of child pornography), vacated, 535 U.S. 1014 (2002), and United States v. Mento, 231 F.3d 912, 921 (4th Cir. 2000) (holding CPPA's provisions are narrowly tailored to serve government's compelling interest in protecting children) vacated, 535 U.S. 1014 (2002) and United States v. Hilton, 167 F.3d 61, 73-74 (1st Cir. 1999) (holding that CPPA is not unconstitutionally vague, in violation of due process, or so overbroad as to contravene the First Amendment) overruled by Ashcroft v. Free Speech Coalition, 535 U.S. 234 (2002), with Free Speech Coalition v. Reno, 198 F.3d 1083, 1090-91 (9th Cir. 1999) (holding that the CPPA's criminalization of all visual depictions that "appear to be" or "convey the impression" of child pornography is subject to strict scrutiny because it is a content-based classification protected by the First Amendment, and is unconstitutional because there are no compelling state interests when no actual children are involved).

227. See Ashcroft v. Free Speech Coalition, 535 U.S. 234 (2002) (holding that 18 U.S.C. §§ 2256(S)(B), 2256(S)(D) were overbroad because there was no compelling governmental interest to justify a law prohibiting speech that does not amount to obscene speech or child pornography). Another provision of the statute, 18 U.S.C. § 2256(S)(C), prohibiting "morphing" pictures, was not challenged because it involved real minors. Id. at 242.

228. internet False Identification Prevention Act of 2000, Pub. L. 106-578, 114 Stat. 3075 (2000).

229. False Identification Crime Control Act of 1982, Pub. L. 97-398, 96 Stat. 2009 (codified as amended at 18 U.S.C. §§ 1028 & 1738 (2000).

230. 18 U.S.C. § 1028 (a)(1) (2006); see United States v. Carter, No. 00-4115,2000 WL 1729659, at **3 (4th Cir. Nov. 22, 2000) (upholding conviction of defendant for producing false identification cards on his home computer and using them to cash counterfeit payroll checks); United States v. Barrie, 267 F.3d 220,225 (3d Cir. 2001) (recognizing the conviction of a Social security Agency employee for production using authentic equipment without authorization).

231. 18 U.S.C. § 1028(a)(2).

232. § 1028(a)(3) (prohibiting possession of five or more false identification documents or stolen identification documents with the intent to use them unlawfully or transfer them); § 1028(a)(4) (prohibiting possession of even one false identification document or stolen identification document if the purpose of possession is to defraud the United States); § 1028(a)(6) (prohibiting the possession of a stolen or false United States government identification document, if the possessor knows that it was stolen or illegally produced).

233. 18 U.S.C. § 1028(d)(4) ("[T]he term 'false identification document' means a document of a type intended or commonly accepted for the purposes of identification of individuals that is not issued by or under the authority of a governmental entity; and appears to be issued by or under the authority of [a governmental entity].")

234. §§ 1028(a)(3) & (4).

235. § 1028(d)(2) ("[T]he term 'document making implement' means any implement, impression, template, computer file, computer disc, electronic device, or computer hardware or software, that is specifically configured or primarily used for making an identification document, a false identification document, or another documentmaking implement."); United States v. Cabrera, 208 F.3d 309,314 (1st Cir. 2000) (defining the phrase "primarily used" as refering to "the particular use to which the defendant put the device, not its 'general* use within society").

236. 18 U.S.C. § 1028(a)(5).

237. internet False Identification Prevention Act § 3(2)(F) (amending the definition of "transfer" to include "selecting an identification document, false identification document, or document-making implement and placing or directing the placement of such identification document, false identification document, or document-making implement on an online location where it is available to others"); 18 U.S.C. § 1028(d)(10).

238. See internet False Identification Prevention Act § 2(a), (d).

239. 18 U.S.C. § 1028(b)(2).

240. 18 U.S.C. § 1028(b)(1).

241. A maximum sentence of twenty years is prescribed for crimes committed under this title that are intended to facilitate drug trafficking or that are committed in connection with a crime of violence. 18 U.S.C. § 1028(b)(3). A maximum sentence of thirty years is prescribed if the offense is committed to "facilitate an act of domestic or international terrorism." 18 U.S.C. § 1028(b)(4).

242. U.S.S.G. MANUAL §§ 2L2.1,2L2.2,2B1.1 (2005). But see supra note 86 (discussing effect of Booker).

243. U.S.S.G. MANUAL § 2Bl.1, note 19 (2005); see United States v. Kaminski, 229 F.3d 1136 (2d Cir. 2000) (upholding seven-level upward departure in sentencing the defendant for offenses under § 1028(a)(1) and (a)(6) and other statutes, based on the defendant's previous rape conviction and on the likelihood that he would use false police identification documents to gain access for purposes of rape).

244. S. 1789,109th Cong. (2005).

245. Id. §§ 101-103 (establishing stricterpenalties for several types of misuse of personal data including fraud, organized crime, and failure to report breaches of private information).

246. Id. § 401 (creating high-level standards for business and other entities which deal with personal information).

247. 146. False Identification Crime Control Act Amendments of 2004. Pub. L. 108-275, §§ 2(c), 3,118 Stat. 832.

248. Arkansas, California, Connecticut, Delaware, Florida, Georgia, Illinois, Indiana, Louisiana, Maine, Minnesota, Montana, Nevada, New Jersey, New York, North Carolina, North Dakota, Ohio, Pennsylvania, Rhode Island, Tennessee, Texas, and Washington.

249. See, e.g., CaI. Civ. Code § 1798.29(a); § 1798.82; Ark. Code Ann. §§ 4-110-101 to 108.

250. See, e.g., CaI. Civ. Code § 1798.29(a); § 1798.82; Ark. Code Ann. §§ 4-110-101 to 108.

251. For example, free internet Service Providers (ISPs) often do not require any identifiable information about its subscribers because they do not require billing information. Accordingly, if law enforcement attempts to investigate a user for engaging in computer crime over the internet by providing an ISP with a suspected IP address, the ISP may not be able to provide any means of identifying the user. This information may be forensically obtainable, but not without surmounting significant legal and technical barriers. See Pornography, Technology, and Process: Problems and Solutions on Peer-to-Peer Networks: Hearing Before the S. Judiciary Comm., 108th Cong. (2003) (statement of John Malcolm, Deputy Assistant Attorney General, Criminal Division, Dep't of Just.) [hereinafter Malcolm Statement].

252. See supra note 7 (discussing victims' reluctance to report computer crimes).

253. See infra notes 254-68 and accompanying text (discussing FBI and DOJ initiatives to aid in the investigation and prosecution of computer crimes).

254. See Liza Porteus, FBI's New Cyber-Division Quietly Ramps Up, NAT'L J. TECH. DAILY, Apr. 8, 2002, available at http://www.govexec.com/dailyfed/0402/040802tdl.htm.

255. See id.

256. See Fed. Bureau of Investigation, Cyber Investigations, http://www.fbi.gov/cyberinvest/cyberhome.htm (last visited Oct. 21, 2006).

257. See Fed. Bureau of Investigation, Innocent Images National Initiative, http://www.fbi.gov/publications/ innocenthtm (last visited Oct. 25,2006).

258. See id.

259. In 2003, the FBI changed the name of the internet Fraud Complaint Center to the internet Crime Complaint Center in order to better reflect the full-range of internet based criminal activity being reported. See NATI'L WHITE COLLAR CRIME CENTER & THE FED. BUREAU OF INVESTIGATION, THE INTERNET CRIME COMPLAINT CENTER 2005 INTERNET FRAUD CRIME REPORT: JANUARY 1,2005-DECEMBER 31,2005 (2006), http://www.ic3.gov/ media/annualreport/2005_IC3Report.pdf.

260. See id. (describing a slight decrease between 2005 and 2004 in the number of complaints being referred by IC3, and noting that the vast majority of these relate to online auction fraud).

261. See generally U.S. Dep't of Justice, Computer Crime and Intellectual Property section, (providing cases, recent law, press releases, speeches, testimony, reports, letters, manuals, and other documents related to computer crimes and cybercrime), http://www.usdoj.gov/criminal/cybercrime/index.html (last visited Oct. 25, 2006).

262. See Prosecution of Intellectual Property Crimes and the 'STOP!' Initiative: Hearing Before the Subcomm. on Oversight of Government Management, the Federal Workforce, and the District of Columbia of the S. Comm. on Homeland Security and Governmental Affairs, 109th Cong. (2005) (Statement of Laura H. Parsky, Deputy Assistant Att'y Gen., Criminal Division, Department of Justice) (describing recent initiatives of CCIPS targeting online piracy, fraud and illicit peer-to-peer network file sharing) [hereinafter Parsky I.P. Crime Statement].

263. Press Release, U.S. Dep't of Justice, Attorney General Alberto R. Gonzales Renews Commitment to Justice Department's Intellectual Property Task Force (Mar. 9, 2005), available at http://www.usdoj.gov/opa/pr/ 2005/March/05_ag_l 11 .htm.

264. See id.

265. See id.

266. See id.; see also Parsky I.P. Crime Statement, supra note 161 (describing in detail the CHIP program).

267. See Parsky I.P. Crime Statement, supra note 262.

268. See generally U.S. Dep't of Justice, Child Exploitation and Obscenity section, (providing cases, recent law, press releases, speeches, testimony, reports, letters, manuals, and other documents related to child pornography), http://www.usdoj.gov/criminal/ceos/index.html (last visited Oct. 25,2006).

269. See Sexual Crimes Against Children: Hearing on H.R. 2388 and H.R. 2318 Before the H. Comm. on the Judiciary, 109th Cong. (2005) (statement of Laura H. Parsky, Deputy Assistant Att'y Gen., Criminal Division, Department of Justice) [hereinafter Parsky Sex Crimes Statement].

270. See id. ("[l]n fiscal year 1997, 352 cases were filed by the Department of Justice charging child pornography crimes (18 U.S.C 2251-2260), and 299 convictions were obtained. In Fiscal Year 2004, child pornography charges were filed against approximately 1,486 defendants, and approximately 1,066 convictions on such charges were obtained."); Eric Holder, U.S. Deputy Attorney Gen., Remarks at the International Conference on Combating Child Pornography on the internet (Sep. 29, 1999) (stating that federal prosecutions of internet child pornographers have increased 10% every year since 1995, and that approximately 400 internet child pornographers are prosecuted each year in federal court), available at http://www.usdoj .gov/criminal/cybercrime/ dagceos.html (last visited Oct. 25, 2006). But see infra Part H.C (describing the constitutional challenges to federal child pornography statutes).

271. See, e.g., Press Release, U.S. Dep't of Justice, Justice Department Announces Eight Charged in internet Piracy Crackdown (July 28, 2005) ("Operations ... resulted in a total of more than 200 search warrants executed in 15 countries; [one operation] alone has yielded a total of 30 U.S. felony convictions and another 10 convictions overseas."); Press Release, U.S. Customs Serv., 45 Children Rescued, 20 Arrests in U.S. Customs, Danish Police Investigation of Global Child-Molesting, Pornography Ring (Aug. 9, 2002); Press Release, U.S. Customs Serv., U.S. Customs, 10 Foreign Countries, Serve Multiple Search Warrants on internet Child Pornography Ring (Mar. 20, 2002).

272. See Parsky I.P. Crime Statement, supra note 262 (describing the growth of online piracy); Parsky Sex Crimes Statement, supra note 269 (describing the burgeoning problem of child pornography and the ease, speed, and anonymity of distribution over the internet); Malcolm Statement, supra note 251 (describing the problem of anonymous use and the various modes of purveyance of child pornography over the internet, including newsgroups, internet relay chat, and the threat posed by peer-to-peer software).

273. The Supreme Court's decisions in United States v. Lopez, 514 U.S. 549 (1995) (striking down the Gun-Free School Zones Act), and United States v. Morrison, 529 U.S. 598 (2000) (striking down the Violence Against Women Act), significantly curtailed the power of Congress to regulate activity that is purely intrastate and non-economic in nature.

274. See United States v. Robinson, 137 F.3d 652, 656 (1st Cir. 1998) ("The jurisdictional element in § 2252(a)(4)(B) requires an answer on a case-by-case basis to the question whether the particular possession of child pornography affected interstate commerce."); see also U.S. v. Corp, 236 F.3d 325, 332 (6th Cir. 2001) ("While we are faced with serious questions about the constitutionality of the Act under the Commerce Clause power of Congress, we choose not to declare the Act facially unconstitutional. Instead, we assume, along with the... Robinson court[], that Morrison and Lopez have required that the jurisdiction^ components of constitutional statutes are to be read as meaningful restrictions."); United States v. Rodia, 194 F.3d 465, 480 (3rd Cir. 1999) ("Congress's findings that some child pornography is noncommercial do not undermine its findings that child pornography is a multimillion dollar, nationwide industry. Rather, the former findings merely highlight that many people participate in the industry, and that a large number of those involved are independent operators who create child pornography for their own use and, perhaps, the use of their acquaintances. Where, as here, a class of activities is regulated (the shipment or exchange of child pornography) and the class is within the reach of federal power, we cannot rely on the fact that some of the class is engaged in non-commercial activity to invalidate the entire statute.").

275. United States v. Riccardi, 405 F.3d 852 (10th Cir. 2005); United States v. Hampton, 260 F.3d 832 (8th Cir. 2001).

276. United States v. Kimler, 335 F.3d 1132 (10th Cir. 2003).

277. See Corp, 236 F.3d at 332 ("[W]e do not determine the aggregate effect on interstate commerce of the purely intrastate dealing in child pornography. Instead, we conclude that Corp's activity was not of a type demonstrated substantially to be connected or related to interstate commerce on the facts of this case.").

278. In Raich, 545 U.S. 1 (2005), the Court upheld the constitutionality of the Controlled Substances Act and its ability to regulate and criminalize the growth of marijuana for personal medical use. Raich reconciled Lopez, 514 U.S. 549, and Morrison, 529 U.S. 598, with the Court's earlier holding in Wckard v. Filbum, 317 U.S. Ill (1942), permitting the Federal government to regulate local activity as part of a regulatory scheme if there is a "rational basis" for concluding that such activity in the aggregate can substantially affect interstate commerce. Id. at 127-28; see 545 U.S at 24-33.

279. See Rodia, 194 F.3d at 480 ("[N]ot all child pornographers produce pornography with the intent that it enter the stream of commerce. Nevertheless, such congressional findings do not foreclose a conclusion that intrastate possession of pornography affects interstate commerce."); Robinson, 137 F.3d at 656 ("Congress enacted § 2252 based, in large part, upon its finding that 'child pornography and child prostitution have become highly organized, multimillion dollar industries that operate on a nationwide scale,' and 'that such prostitution and the sale and distribution of such pornographic materials are carried on to a substantial extent through mails and other instrumentalities of interstate and foreign commerce.'"); United States v. Winningham, 953 F. Supp. 1068, 1074 n. 13 (D. Minn. 1996) (quoting S. Rep. No. 95-438, at 3-5 (1978). reprinted in 1978 U.S.C.C.A.N. 40, 42-43) ([b]y outlawing the purely intrastate possession of child pornography in § 2252(a)(4)(B), Congress can curb the nationwide demand for these materials... We believe that such possession, "through repetition elsewhere," 514 U.S. at 567, helps to create and sustain a market for sexually explicit materials depicting minors. Accordingly, § 2252(a)(4)(B) passes constitutional muster."); see also United States v. Maxwell, 446 F.3d 1210 (11th Cir. 2006) (under reconsideration in light of Raich, 545 U.S. 1, holding that § 22S2(a) was unconstitutional as applied to the defendant's purely intrastate possession of child pornography).

280. 521 U.S. 844,870-72 (1997) (holding that the CDA violated the First Amendment because (a) the CDA's vague provisions chilled free speech since speakers could not be certain if their speech was proscribed; (b) the CDA's provisions criminalized legitimate protected speech (including sexually explicit indecent speech) as well as unprotected obscene speech, and thus were overinclusive; (c) since the CDA regulated a fundamental freedom, it must be narrowly tailored; (d) time, place, and manner analysis was inapplicable since the CDA regulated the content of speech, not how it was presented; and (e) the CDA was unconstitutional due to its overbreadth).

281. Note that "unqualified" protection does not cover obscenity, which may be totally banned. See discussion, supra Section II.A.2.e.iii. of this Article (discussing the Child Pornography Prevention Act of 1996).

282. See supra notes 201-04 and accompanying text (discussing CDA).

283. See supra notes 205-209 and accompanying text (discussing Reno v. American Civil Liberties Union, 521 U.S. 844 (1997)).

284. Reno, 521 U.S. at 878-84.

285. See Ashcroft v. Free Speech Coalition, 535 U.S. 234 (2002) (holding ban on virtual child pornography under CPPA was overbroad, thus violating the First Amendment).

286. See supra notes 223-27 and accompanying text (discussing CPPA).

287. See supra notes 215-22 and accompanying text (discussing COPA).

288. American Civil Liberties Union v. Reno, 31 F. Supp. 2d 473,498-99 (E.D. Pa. 1999) (holding that COPA was unlikely to survive strict scrutiny).

289. American Civil Liberties Union v. Reno, 217 F.3d 162,166 (3d Cir. 2000).

290. 18. Ashcroft v. American Civil Liberties Union, 535 U.S. 564 (2002).

291. 19. American Civil Liberties Union v. Ashcroft, 322 F.3d 240 (3d Cir. 2003) (holding that COPA did not employ the "least restrictive means" to effect the Government's compelling interest, and therefore violated strict scrutiny test under the First Amendment and that COPA was substantially overbroad and encroached upon a significant amount of protected speech beyond that which the Government could target constitutionally).

292. Ashcroft v. American Civil Liberties Union, 542 U.S. 656 (2004) (holding that the Government failed to prove that there is no less restrictive alternative to COPA because filtering and blocking software may well be more effective means to protect children from materials harmful to them than COPA).

293. See, e.g., Simon & Schuster, Inc. v. Members of N.Y. State Crime Victims Bd., 502 U.S. 105,118 (1991) ("[T]he fact that society may find speech offensive is not a sufficient reason for suppressing it.").

294. See Brandenburg v. Ohio, 395 U.S. 444,447 (1969) ("[T]he constitutional guarantees of free speech and free press do not permit a State to forbid or proscribe advocacy of the use of force or of law violation....")

295. See Chaplinsky v. New Hampshire, 315 U.S. 568,574 (1942) (stating that the government may punish a limited class of speech "likely to provoke the average person to retaliation, and thereby cause a breach of the peace"). But see COMPUTER CRIME & INTELL. PROP. SECTION, U.S. DEP'T OF JUST., LEGAL ASPECTS OF GOV'T-SPONSORED PROHIBITIONS AGAINST RACIST PROPAGANDA ON THE INTERNET: THE U.S. PERSPECTIVE, PRESENTED IN GENEVA, SWITZERLAND AT HATE SPEECH AND THE INTERNET (1997) [hereinafter HATE SPEECH] (explaining that words on the internet are not likely to provoke the average person to retaliation, and thereby cause breach of peace, because there is hardly a risk of immediate physical violence when antagonists have no physical contact whatsoever in online sphere and may be separated by hundreds or thousands of miles), available at http://www.usdoj.gov/criminal/cybercrime/racismun.htm (last visited Oct. 17,2006).

296. See Watts v. United States, 394 U.S. 705, 707-08 (1969) (holding that threats that imply action at an uncertain and future remote time are not true threats and therefore are protected under the First Amendment).

297. See HATE SPEECH, supra note 285 (stating that threats of harm receive no First Amendment protection and threatening e-mails or statements via internet could in many cases be punished); but see United States v. Baker, 890 F. Supp. 1375 (E.D. Mich. 1995) (granting defendant's motion to quash indictment against him for statements he made over the internet because they were not true threats).

298. See HATB SPEECH, supra note 295 (explaining that harassing speech must go beyond speech which simply angers or distresses to not be constitutionally protected).

299. See id. (stating that "U.S. law does not recognize the notion of 'harassment' directed at a general class of persons").

300. See 18 U.S.C. §§ 2510-2521 (2000).

301. See id.

302. See Robert Strang, RECOGNIZING AND MEETING TITLE III CONCERNS IN COMPUTER INVESTIGATIONS (Mar. 2001), at http://www.usdoj.gov/criminal/cybercrime/usamarch200l_2.htm (last visited Oct. 17,2006).

303. See USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 217, 115 Stat. 272, 291 (2001).

304. U.S. CONST. amend. FV. The Fourth Amendment states in relevant part that "[n]o Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." Id.

305. COMPUTER CRIMES & INTELL. PROP. SECTION, U.S. DEP'T OF JUST., SEARCHING AND SEIZING COMPUTERS AND OBTAINING ELEC. EVIDENCE IN CRIM. INVESTIGATIONS (2002) [hereinafter GUIDELINES], available at http:// www.cybercrime.gov/s&smanual2002.htm (last visited Oct. 17, 2006). The DOJ first issued these guidelines in 1994 and supplemented them in 1997, 1999, and 2001. The Federal Guidelines for Searching and Seizing Computers were written by an interagency group, informally called the Computer Search and Seizure Working Group, with the goal of offering systematic guidance to all federal agents and attorneys as they struggle with cases in the emerging area of computer crime law.

306. See id.

307. See id. (addressing whether to conduct search on-site or to remove hardware to another location, how to draft warrant properly, and how to preserve of evidence).

308. 168 F.3d 532 (1st Cir. 1999).

309. Id. at 535.

310. Id.

311. 799 F.2d 1494 (11th Cir. 1986) (finding no error in denying suppression of evidence seized pursuant to a search warrant).

312. Id. at 1508 n.15. State courts have split on extending this principle to their search and seizure jurisprudence. Compare State v. Lehman, 736 A.2d 256, 261 (Me. 1999) (holding that a warrant authorizing the search of the defendant's entire home and seizure of all computer-related equipment was not overbroad because of the potential mobility of computer equipment and because police only knew that pictures of allegedly sexually exploited girls were taken with a digital camera and downloaded onto a computer), with Burnett v. State, 848 So. 2d 1170, 1173-74 (FIa. Dist. Ct. App. 2003) (invalidating a search warrant because the affidavit submitted in support of the warrant "failed to set forth crime-specific facts regarding Mr. Burnett's probable possession of child pornography and the likelihood that it would be found on the computer and diskettes in his bedroom").

313. Sawyer, 799 F.2d at 1508 (holding that in cases involving a "pervasive scheme to defraud, all the business records of the enterprise may properly be seized"); see also United States v. Layne, 43 F.3d 127, 133 (5th Cir. 1995) (holding that a search warrant authorizing the seizure of "computer disks, sexual devices; videotapes; child abuse books; magazines; audiotapes; and any other obscene or child pornographic material" was particular enough because the term "child pornography" would allow the officers executing the warrant to be "sufficiently guided in their discretion to know what items could be seized"); United States v. Hall, 142 F.3d 988,995-97 (7th Cir. 1998) (holding that a search warrant authorizing police to seize computer and related hardware and accessories met the Fourth Amendment's particularity requirement because "the items listed on the warrants were qualified by phrases that emphasized that the items sought were those related to child pornography").

314. See United States v. Musson, 650 F. Supp. 525,532 (D. Colo. 1986) (allowing seizure of disks not listed in warrant, because "in the age of modern technology and commercial availability of various forms of items, the warrant could not be expected to describe with exactitude the precise form the records would take" (quoting United States v. Reyes, 798 F.2d 380,383 (10th Cir. 1986))).

315. Compare United States v. Sassani, No. 97-4011.1998 WL 89875 at *6 (4th Cir. Mar. 4,1998) (upholding a warrant to seize defendant's computer and 382 floppy disks, rather than just those files related to the defendant's alleged distribution and receipt of child pornography because of difficulty determining which files were relevant), with United States v. Carey, 172 F.3d 1268,1273 (10th Cir. 1999) (invalidating the seizure of child pornography off the defendant's computer, when the search warrant only authorized officers to search the computer for "documentary evidence pertaining to the sale and distribution of controlled substances").

316. See, e.g., United States v. Ponce, 51 F.3d 820 (9th Cir. 1995) (affirming admission of printout made from computer disk seized in search because disk from which printout was made contained drug ledger and was found at defendant's home).

317. See United States v. Sissler, No. 1:90-CR-12,1991 WL 239000 at *4 (W.D. Mich. Aug. 30,1991) ("The police were not obligated to give deference to the descriptive labels placed on the discs.... Otherwise, records of illicit activity could be shielded from seizure by simply placing an innocuous label on the computer disk containing them.").

318. See United States v. Hall, 142 F.3d 988, 994-95 (7th Cir. 1998) (upholding a warrant allowing law enforcement officers to seize defendant's computer from a computer repair shop and take it to the police station to be searched); United States v. Gawrysiak, 972 F. Supp. 853, 866 (D.N.J. 1997) (approving seizure of computer files for off-site search because the "Fourth Amendment's mandate of reasonableness does not require the agent to spend days at the site viewing the computer screens to determine precisely which documents may be copied within the scope of the warrant"); see also Sissler, 1991 WL 239000, at *3-4 (upholding seizure of computer and disks for off-site searching for practicality reasons).

319. See id. at *5 n.7 (declining to uphold seizure of printer on grounds of practicality because printers contain no internal memory device and can be used with a variety of computers).

320. See 18 U.S.C. § 3127 (2000).

321. See COMPUTER CRIME & INTELL. PROP. SECTION, U.S. DEP'T OF JUST., FIELD GUIDANCE ON NEW AUTHORITIES THAT RELATE TO COMPUTER CRIME AND ELEC. EVIDENCE ENACTED IN THE USA PATRIOT ACT OF 2001, at http://www.usdqj.gov/criminal/cybercrime/PatriotAct.htm (acknowledging that the FBI has been using the original Pen Register/Trap and Trace statutes to obtain internet address information) (last visited Oct. 17, 2006).

322. See Smith v. Maryland, 442 U.S. 735 (1979) (holding pen registers were not subject to Fourth Amendment protection).

323. However, the Fourth Circuit has held that a criminal defendant has no reasonable expectation of privacy in the information he provides to his internet service provider, including his billing address, IP address, and credit card information. See United States v. Hambrick, 225 F.3d 656 (4th Cir. 2000); see also United States v. Kennedy, 81 F. Supp. 2d 1103, 1110 (D. Ran. 2000) (holding that the defendant did not have reasonable expectation of privacy in information provided by his internet service provider, including his IP address, name, and physical address, to the FBI).

324. See generally Steven A. Osher, Privacy, Computers and the PATRIOT Act: The Fourth Amendment Isn't Dead, but No One Will Insure It, 54 RA. L. REV. 521 (2002).

325. See id. at 539-40 (claiming that skeptics believe the FBI is acquiring more information when it uses its internet surveillance software, "Carnivore," than it should be entitled to under the Constitution).

326. Although the FBI has reportedly retired its much vaunted but controversial "Carnivore" internet surveillance software, it makes use of a variety of other information tracking applications. See Kevin Poulsen, FBI Retires its Carnivore, secURirvFocus, Jan. 14, 2005, http://www.securityfocus.com/news/10307. According to reports submitted to Congress by the FBI and acquired by the Electronic Privacy Information Center under the Freedom of Information Act, the FBI used commercially available software for its information interdiction efforts on the internet, deploying such applications to data networks on eight separate occasions in 2003, and on five occasions in 2002. See FBI, CARNrvoRE/DSC 1000 REP. TO CONG. (Jan. 21, 2006), http://www.epic.org/privacy/ carnivore/2003_repoit.pdf (last visited Jan.. 21, 2006); see FBI, CARNIVORE/DSC 1000 REP. TO CONO. (Jan. 26, 2006), http://www.epic.org/privacy/carnivore/2002_report.pdf (last visited Oct. 23, 2005). The FBI has also employed a keystroke logger system to circumvent the difficulty associated with intercepting encrypted internet communications. See Ted Bridis, FBI Develops Eavesdropping Tools, AP ONUNE, Nov. 22,2001 ; United States v. Scarfo, 180 F. Supp. 2d 572,581 (D.N.J. 2001) (holding that the FBI's use of a key stroke logger system to obtain a password to an encrypted file on the defendant's personal computer that allegedly contained evidence of an illegal gambling and loansharking operation run by the defendant did not violate the defendant's Fourth Amendment rights or the federal wiretap statute, 18 U.S.C. § 2510 (200O)).

327. Title ID places a higher burden on the real-time interception of oral, wire and electronic communications than the Fourth Amendment requires because of the privacy value it protects. See generally Geoffrey A. North, Carnivore in Cyberspace: Extending the Electronic Communications Privacy Act's Framework to Carnivore Surveillance, 28 RUTOERS COMPUTER & TECH. LJ. 155 (2002) (discussing the interplay between privacy and government surveillance on the internet). Under Title III, "the government needs a court order for a wiretap which is obtained through a showing that normal investigative techniques for obtaining the information have or are likely to fail and that any interception will be conducted to ensure that the intrusion is minimized." "Carnivore" and the Fourth Amendment: Hearing Before the Subcomm. on the Constitution of the H. Comm. on the Judiciary (July 24, 2000) (statement of Kevin V. DiGregory, Deputy Assistant Attorney General, Department of Justice) ("Carnivore is, in essence, a special filtering tool that can gather the information authorized by court order, and only that information"), available at http://www.usdoj.gov/criminal/cybercrime/camivore.htm (last visited Jan. 17, 2006).

328. See statement of Kevin V. DiGregory supra note 327 (explaining OEO reviews each proposed Title QI application to ensure that interception satisfies Fourth Amendment requirements, and is in compliance with applicable statutes and regulations).

329. See id. (stating that though proposal is approved by OEO, it must also be approved by a Deputy Assistant Attorney General).

330. See id. (explaining that courts will evaluate application under Fourth Amendment using standards of Title UJ). The application to the court must show, through a sworn affidavit, why the intercept is necessary as opposed to other less-intrusive investigative techniques and must also provide additional detail, including whether there have been previous interceptions of communications of the target, the identity of the target (if known), the nature and location of the communication facilities, and a description of the type of communication sought and the offenses to which the communication relate. Id.

331. See id.

332. See id. (explaining that many federal courts require periodic reports on number and success of the interceptions).

333. See id. (listing remedies for violating Title UJ by improperly intercepting electronic communications).

334. See id. (stating that a remedy of suppression is also available for violations of the Fourth Amendment). But see 18 U.S.C § 2515 (2000); United States v. Giordano, 416 U.S. 505 (1974) (holding that statutory exclusionary rule of Wiretap Act provides protection beyond the judicially created exclusionary rule under Constitution for wiretap interception); see generally Michael S. Leib, E-mail And The Wiretap Laws: Why Congress Should Add Electronic Communication to Title Ill's Statutory Exclusionary Rule And Expressly Reject a "Good Faith " Exception, 34 HARV. J. ON LEOIS. 393 (1997) (calling for Congress to give electronic communication the same legal protection of wire communication).

335. See United States v. Lamb, 945 F. Supp. 441, 459 (N.D.N.Y. 1996) (stating that "[t]he doctrine of stateness applies when information proffered in support of a warrant application is so old that it casts doubt on whether the fruits or evidence of a crime will still be found at a particular location").

336. 119 F.3d 742 (9th Cir. 1997).

337. See id. at 746 ("[W]e are unwilling to assume that collectors of child pornography keep their materials indefinitely, but the nature of the crime, as set forth in this affidavit, provided 'good reason! Ã to believe the computerized visual depictions downloaded by Lacy would be present in his apartment when the search was conducted ten months later.").

338. See United States v. Cox, 190 F. Supp. 2d 330,334 (N.D.N.Y. 2000) (refusing to grant defendant's motion to suppress evidence seized pursuant to a search a warrant because the probable cause used to grant the warrant was based on stale information).

339. See Strong, supra note 302.

340. Pub. L. No. 96-440, 94 Stat. 1879 (1980) (codified as 42 U.S.C. § 2000aa (2000)).

341. 42 U.S.C. §2000aa(a)(1),(b)(1).

342. Pub. L. No. 96-440,94 Stat. 1879 (1980), as amended by Pub. L. 104-208, § 101(a)(6), 110 Stat. 3009, 3009-30 to 3009-31 (1996) (codified at 42 U.S.C. § 2000aa-aal2 (200O)). The Privacy Protection Act includes "mechanically, magnetically or electronically recorded cards, tapes, or discs" in its definition of "documentary materials." 42 U.S.C. § 2000aa-7(a)).

343. At least one court interpreted the unamended Privacy Protection Act as not protecting materials used in dissemination of child pornography. see DePugh v. Sutton, 917 F. Supp. 690,696-97 (W.D. Mo. 1996).

344. 42U.S.C.|2000aa.

345. Id.

346. See USAPATRIOT Act of 2001, Pub. L. No. 107-56, § 217,115 Stat. 272,291 (2001).

347. See id.

348. See id.

349. See USA PATRIOT Act of 2001, Pub. L. No. 107-56, § 212,115 Stat. 272,284-85 (2001).

350. See id., § 220,115 Stat. 291-92.

351. see id., § 506,115 Stat. 366-67.

352. ARE. REV. STAT. ANN § 13-2316 (2000).

353. FLA. STAT. §§ 815.01-815.07 (1996 & Supp. 1999).

354. ALA. CODE §§ 13A-8-100 to 13A-8-103 (1994); ALASKA STAT. §§ 11.46.200(a)(3), 11.46.484(a)(5), 11.46.740,11.46.985,11.46.990(2000); ARIZ. REV. STAT. ANN. §§ 13-2301(E), 13-2316(2000); ARK. CODE ANN. §§ 5-41-101 to 5-41-108 (1997); CAL. PENAL CODE §§ 502, 1203.047 (West 1998 & Supp. 2004); COLO. REV. STAT. §§ 18-5.5-101 to 18-5.5-102 (2000); CONN. GEN. STAT. §§ 53a-250 to 53a-261 (1999 & Supp. 2001); DEL. CODEANN. tit. 11, §§ 931 to 939 (1995 & Supp. 2000); FLA. STAT. §§ 815.01 to 815.07 (2000); GA. CODEANN. §§ 16-9-90 to 16-9-94 (1998); HAW. REV. STAT. §§ 708-890 to 708-893 (1999); IDAHO CODE ANN. §§ 18-2201 to 18-2202, 26-1220 (1997); 720 ILL. COMP. STAT. 5/16D-1 to 5/16D-7 (1998 & Supp. 1999); IND. CODE §§ 35-43-1-4, 35-41-2-3 (1998); IOWA CODE ANN. §§ 716A.1 - 716A.16 (West 1993 & Supp. 2000); KAN. STAT. ANN. § 21-3755 (1995 & Supp. 1999); KY. REV. STAT. ANN. §§ 434.840 - 434.860 (1999); LA. REV. STAT. ANN. §§ 14:73.1 -14:73.5 (1997 & Supp. 2001); ME. REV. STAT. ANN. tit. 17-A, §§ 431 - 433 (West Supp. 2000); MD. CODE, CRIM. LAW, § 7-302 (West 2004); MASS. GEN. LAWS ch. 266, §§ 30, 33A, 12OF (1992 & Supp. 2000); MICH. COMP. LAWS §§ 752.791 - 752.797 (1991 & Supp. 2000); MINN. STAT. §§ 609.87 - 609.894 (1998); Miss. CODE ANN. |§ 97-45-1 to 97-45-13 (2000); Mo. REV. STAT. §§ 569.095 (1994) (amended by Stolen Property Services - Penalty Provisions, 2002 Mo. Legis. Serv. 194 (West)); MONT. CODE ANN. §§ 45-6-310, 45-6-311 (1999); NEB. REV. STAT. §§ 28-1343 to 28-1348 (1995); NEV. REV. STAT. §§ 205.473 to 205.491 (2000); N.H. REV. STAT. ANN. §§ 638:16 to 638:19 (1996 & Supp. 2005); NJ. STAT. ANN. §§ 2A:38A-1 to 2A:38A-6 (West 2000), 2C20-23 to 2C:20-34 (West 1995 & Supp. 2000); N.M. STAT. §§ 30-45-1 to 30-45-7 (1997 & Supp. 2000); N.Y. PENAL LAW §§ 156.00 to 156.50 (McKinney 1999 & Supp. 2001); N.C. GEN. STAT. §§ 14-453 to 14-457 (1993 & Supp. 1998) (amended by An Act Concerning Unlawful Access or Damage to a Government Computer or Causing Denial of Service Affecting a Governmental Computer, 2002 N.C. Sess. Laws 147); N.D. CENT. CODE §§ 12.1-06.1-08 (1997 & Supp. 2003); OHIO REV. CODEANN. § 2913.04 (West 1997 & Supp. 1999); OKLA. STAT. ANN. tit. 21, §§ 1951-1958 (West Supp. 2001); OR. REV. STAT. §§ 164.125, 164.377 (1999); 18 PA. CONS. STAT. ANN. § 7601, 7603, 7611, 7615, 7616 (West Supp. 2003); R.I. GEN. LAWS §§ 11-52-1 to 11-52-8 (2000); S.C. CODE ANN. §§ 16-16-10 to 16-16-40 (Law. Co-op. 1985 & Supp. 2000) (amended by Computer Abuse Act of 2002, 2002 S.C. Acts 169); S.D. CODIFIED LAWS §§ 43-43B-1 to 43-43B-8 (1997); TENN. CODE ANN. §§ 39-14-601 to 39-14-603 (1997 & Supp. 2000); TEX. PENAL CODE ANN. §§ 33.01 to 33.04 (Vernon 1994 & Supp. 2001); UTAH CODEANN. §§ 76-6-701 to 76-6-705 (1999 & Supp. 2000); VT. STAT. ANN., tit. 13, §§ 4101 to 4107 (Supp. 1999); VA. CODE ANN. §§ 18.2-152.1 to 18.2-152.15 (1996 & Supp. 2000); WASH. REV. CODE §§ 9A.52.110-9A.52.130 (1998); W. VA. CODE. §§ 61-3C-1 to 61-3C-21 (2000); Wis. STAT. § 943.70 (1998); WYO. STAT. ANN. §§ 6-3-501 to 6-3-505 (1999 and Supp. 2000).

355. S. 240, 96th Cong. § 1 (1979); S. 1766, 95th Cong. § 1 (1977); see also Federal Computer Systems Protection Act: Hearings [on S. 1766] Before the Subcomm. on Criminal Laws and Procedures of the [Senate] Comm. on the Judiciary, 95th Cong. 170-71 (1978) (setting forth proposed 1977 legislation).

356. See Robin K. Kutz, Note, Computer Crime in Virginia: A Critical Examination of the Criminal Offenses in the Virginia Computer Crimes Act, 27 WM. & MARY L. REV. 783, 789-90 (1986). Two states, Ohio and Massachusetts, took a third approach, choosing only to "redefine certain terms in their criminal codes to ensure that their statutes covered computers and computer-related intangible property." Id. at 790.

357. See Jerome Y. Roache, Computer Crime Deterrence, 13 AM. J. CRIM. L. 391,392 (1986) (explaining how prosecution is aided by eliminating the need for prosecutors, attorneys, and judges to rationalize the application of a traditional criminal law in a technical, computer-related context).

358. See Marc. D. Goodman, Why the Police Don't Care About Computer Crime, 10 HARV. J. L. & TECH. 465, 468-69 (1997).

359. See CAL. PENAL CODE § 502.01 (West 1998 & Supp. 2004); N.J. STAT. ANN. § 2C:64-1 (West 1995 & Supp. 2000); N.M. STAT. ANN. § 30-45-7 (1997). Illinois distributes half the forfeited proceeds to the local government agency that investigated the computer fraud for training and enforcement purposes, and half to the county in which the prosecution was brought, where it is placed in a special fund and appropriated to the State's Attorney for use in training and enforcement. 720 ILL. COMP. STAT. 5/16D-6 (1998 & Supp. 1999).

360. See ALASKA STAT. § 11.41.270 (2000); MICH. COMP. LAWS ANN. § 750.41 l(h)(e)(vi) (West Supp. 2000); OKLA. STAT. ANN. tit. 21, § 1173 (West Supp. 2001); Wis. STAT. § 947.0125 (2001); WYO. STAT. ANN. § 6-2-506 (1999).

361. ALA. CODE § 13A-ll-8(b)(l)(a) (1994 & Supp. 2000); CONN. GEN. STAT. § 53a-183 (2001); IDAHO CODE ANN. § 18-6710(3) (1997); N.H. REV. STAT. ANN. § 644:4(11) (1996 & Supp. 2000); N.Y. PENAL LAW § 240.30 (McKinney 1989 & Supp. 2001).

362. E.g., MICH. COMP. LAWS ANN. §750.145(d) (West Supp. 2004) (proscribing "use of the internet or a computer, computer program, computer network, or computer system to communicate with any person for the purpose of... [c]ommitting, attempting to commit, conspiring to commit, or soliciting another person to commit conduct proscribed... [in] which the victim or intended victim is a minor").

363. See Vives í. City of New York, 405 F.3d 115 (2d Cir. 2005) (reserving judgment on the constitutionality of CAL. PENAL CODE § 502.01 (West 1998 & Supp. 2004)); State v. Brobst, 857 A.2d 1253 (N.H. 2004) (holding that N.H. REV. STAT. ANN. § 644:4(1) (1996 & Supp. 2000) was unconstitutionally overbroad). section § 644:4 was subsequently amended. § 644:4(1) (Supp. 2005) (effective Jan. 1,2006); ACLU v. Johnson, 194 F.3d 1149 (10th Cir. 1999) (affirming issuance of preliminary injunction against N.M. STAT. § 30-37-3.2(A) (1978), on likely success of suit challenging constitutionality of statute designed to ban communication of indecent material to minors); ACLU of Georgia v. Miller, 977 F. Supp. 1228,1231 (N.D. Ga. 1997) (granting preliminary injunction against GA. CODE ANN. § 16-9-93.1 (1996), designed to prevent use of pseudonyms in electronic communication, on likely success of suit challenging its constitutionality).

364. Arkansas, California, Colorado, Connecticut, Delaware, Idaho, Illinois, Iowa, Kansas, Kentucky, Louisiana, Maryland, Minnesota, Missouri, Nevada, North Carolina, Ohio, Oklahoma, Pennsylvania, Rhode Island, South Dakota, Tennessee, Utah, Virginia, Washington, West Virginia, and Wisconsin all have enacted some permutation of anti-spam legislation. see DAVTD E. SORKIN, SPAM LAWS (Apr. 20, 2005) available at, http://www.spamlaws.com/state/summary.html (last visited Jan. 21,2006).

365. State v. Heckel, 24 P.3d 404,412 (Wash. 2001) (holding that WASH. REV. CODE § 19.190.020 (2001) was constitutional).

366. See id. (reasoning that the Act did not violate the dormant commerce clause because it did not impose liability for messages merely routed through Washington or read by a Washington resident who was not actual addressee, and the local benefits of the Act outweighed any burdens placed on those sending commercial e-mail messages).

367. See NEB. REV. STAT. § 28-1343(5) (1995).

368. See ARK. CODE ANN. § 5-41-106 (1997); CONN. GEN. STAT. § 52-57Ob (Supp. 1999); DEL CODE ANN. tit. 11, § 939 (1995 & Supp. 2000); GA. CODE ANN. § 16-9-93 (1998); 720 ILL. COMP. STAT. 5/16D-3(4)(c) (1998 & Supp. 1999); Mo. REV. STAT. § 537.525 (1994); NJ. REV. STAT. §§ 2A:38A-1 to 2A:38A-6 (2000); OKLA. STAT. ANN tit. 21, § 1955 (West Supp. 2001); R.I. GEN. LAWS § 11-52-6 (2000); W. VA. CODE § 61-3C-16 (2000).

369. See Strassheim v. Daily, 221 U.S. 280,285 (1911) (delineating rule that to satisfy minimum requirements for an exercise of criminal jurisdiction over out-of-state conduct, there must be (i) an act occurring outside the state; (ii) which is intended to produce detrimental effects within the state; and (iii) is the cause of detrimental effects within the state).

370. See Terrence Berg, State Criminal Jurisdiction in Cyberspace: Is There a Sheriff on the Electronic Frontier?, 79 MICH. B. J. 659, 660 (2000) (explaining that although a resident of that state is affected by a computer crime such as a fraudulent scam for money, the website may have "a real-world address" in another state, and may be hosted by an internet service provider in yet another state).

371. See id. at 659 (explaining that in criminal cases, "[u]nlike the jurisdictional analysis in civil cases, the 'minimum contacts' analysis does not apply when determining criminal jurisdiction ..., [instead] the analysis focuses on the intent of the defendant and the effects within the forum state").

372. See id. at 661 (stating that some "[s]tates that have broadened the... approach by also allowing jurisdiction where a result of the offense, whether an element or not, occurs in the forum state, are: Arizona, Kansas, New York, and Missouri"). Wisconsin's criminal statute permits jurisdiction even when no result occurs in the state. see Wis. STAT. ANN. § 939.03(l)(c) (West 1996 & Supp 2003) (extending jurisdiction where the out-of-state person "does an act with intent that it cause in this state a consequence set forth in a section defining a crime"). Alabama, California, and South Dakota have statutes providing for jurisdiction where an offense is commenced outside the state and "consummated" within the state. see Berg, supra note 370, at 661 (citing CAL. PENAL CODE 1778 (Deering 1998); S.D. CODIFIED LAWS § 23A-16-2 (1998)).

373. BUREAU OF JUSTICE STATISTICS, DEP'T OF JUSTICE, NATIONAL SURVEY OF PROSECUTORS: PROSECUTORS IN STATE COURTS, 2001 5 (2002) (noting that in 2001,42 percent of prosecutors' offices reported prosecuting either felony or misdemeanor computer-related crimes under their state's computer statutes, and 97 percent of offices serving populations of one million or more conducted such prosecutions).

374. Id.

375. See Reno v. ACLU, 521 U.S. 844, 851 (1997) (defining cyberspace as "unique medium... located in no particular geographical location but available to anyone, anywhere in the world, with access to the internet").

376. See Walter Gary Sharp, Sr, Note, Redefining National security in Today's World of Information Technology and Emergent Threats, 9 DUKE J. COMP. & INT'L L. 383,384 (1999) (describing the threat to national security due to advances in information technology); See also Steve Shackelford, Note, Computer-Related Crime: An International Problem in Need of an International Solution, 27 Tfex. INT'L LJ. 479,494 (1992) (describing globalization of access to computer systems).

377. See Larry Lange, Trust a Hacker Under 30? You 'd Better, ELEC. ENO'O TIMES, Aug. 19,1996, (estimating that $800 million was lost by banks and other corporations because of attacks on their computer systems, such as one perpetrated by Russian programmer Vladimir Levin who tampered with Citibank's computer system by transferring $10 million to various bank accounts around the world). See generally the FINANCIAL INSTITUTIONS FRAUD, SECURITIES FRAUD and MAIL AND WIRE FRAUD articles in this issue.

378. See, e.g., Kalyal, supra note 4, at 1048-49 (describing how Rami Yousef, who masterminded the 1993 World Trade Center bombing, used encryption to store details of scheme on his laptop computer).

379. See Kate Reder, Ashcmft v. ACLU: Should Congress try, try, and try again, or does the international problem of regulating internet pornography require an international solution? 6 N.C. J.L. & TECH. 139 (2004); John T. Soma et al., Transnational Extradition for Computer Crimes: Are New Treaties and Laws Needed? 34 HARV. J. ON LEGIS. 317, 359-60 (1997) (listing actions called for by United Nations' resolution on computerrelated crimes).

380. See Ulrich Sieber, Computer Crimes and Other Crimes Against Information Technology: Commentary and Preparatory Questions for the Colloquium of the AIDP in Wuerzburg, 64 REV. INT'L DE DROIT PENAL 67, 69-70 (1993) (discussing adoption of computer crime legislation).

381. See generally U.S. DEP'T OF JUST., COMPUTER CRIME AND INTELL. PROP. secTION, INTERNATIONAL ASPECTS OF COMPUTER CRIME (providing cases, recent law, press releases, speeches, testimony, reports, letters, manuals, and other documents related to G-8, European Union and OECD efforts to combat cybercrime), available at http://www.usdoj.gov/criminaVcybercrime/intl.html (last visited Jan. 21, 2006). For national reports on computer-crime legislation and prosecution in a number of countries, see generally AIDP-Preliminary Colloquium, Computer Crime and Other Crimes Against Information Technology, 64 REV. INT'L DE DROIT PENAL 49 (1993) (reporting on Austria, Belgium, Brazil, Canada, Chile, China, then-Czechoslovakia, Egypt, Finland, France, Germany, Greece, Hungary, Israel, Italy, Japan, Luxembourg, The Netherlands, Poland, Portugal, Romania, South Africa, Spain, Sweden, Switzerland, Tunisia, Turkey, the United Kingdom, and the United States); see also Miguel Deutch, Computer Legislation: Israel's New Codified Approach, 14 J. MARSHALL J. COMPUTER & INFO. L. 461 (1996) (evaluating Israel's new Computer Law in light of its original aims); Stefano Agostini, Focus on Italy: Overview of Intellectual Property Legislation, 7 No. 1 J. PROPRIETARY RTS. 8 (1995) (describing modifications of Italian Criminal Code's computer crime rules and criminalization of software copyright violations).

382. Laura H. Parsky, U.S. Deputy Assistant Attorney General, Remarks at International Conference on Intellectual Property Protection (Oct. 14, 2004) (describing international cooperation in combating intellectual property crime), available at http://www.usdoj.gov/criminal/cybercrime/parskySpeech.htm (last visited Jan. 21, 2006).

383. See Amy Knoll, Any Which Way But Loose: Nations Regulate the internet, 4 TUL. J. INT'L & COMP. L. 275 (1996) (describing and evaluating legislation in Belarus, China, Croatia, the European Union, France, Germany, Russia, Singapore, and the United States). China has implemented regulations which criminalize the "distribution or consumption via the internet of... 'harmful information.'" Michael Laris, Beijing Launches a New Offensive to Squelch Dissent on internet, WASH. POST, Dec. 31, 1997, at A16 (describing regulations). Cuba has allowed only 200 of its some eleven million citizens to have access to the internet, and the government has since cracked down on even that access. see Patrick Symmes, Che is Dead, WIRED MAGAZINE, Feb. 1998, at 140, 145 (describing internet culture in Cuba). Countries observing strict Islamic law are also struggling with the growth of the internet. Habib Al-Rida, Assistant Under-secretary of the Ministry of Information, United Arab Emirates, noted, "The challenge facing us now is how to protect our society against the potentially harmful influences coming through the system, whether criminal or otherwise, while at the same time, making it possible for our companies and individuals to benefit from the valuable access to the worldwide pool of skills and information that the internet represents." Ahmad Mardini, Gulf-Culture: Officials Worry About Smut on internet, INTER PRESS SERV (1996).

384. The German Penal Code (Strafgesetzbuch) proscribes distributing any fascist or other related literature. § 86 Nr. 1.4 StGB; § 131 Nr. 1 StGB.

385. See French Penal Code R. 645-1 (2001).

386. See generally Elissa A. Okoniewski, Yahoo!, Inc. v. LJCRA: The French Challenge to Free Expression on the internet, 18 AM. U. INT'L L. REV. 295 (2002) (illustrating the legal tensions that emerge between nations as cultural and constitutional norms come into conflict).

387. See Silvia Ascarelli & Kimberley A. Strassel, Two German cases Show How Europe Still Is Struggling to Regulate internet, WALL ST. J., Apr. 21,1997, at B9.

388. See Yahoo!, Inc. v. La Ligue Contre le Racisme et L'Antisemitisme, 169 F. Supp. 2d 1181 (N.D. Cal. 2001), rev'd, 379 F.3d 1120 (9th Cir. 2004).

389. See Silvia Ascarelli, Two On-line Services Companies Investigated in Racial Hatred case, WALL ST. J., Jan. 26,1996, at B2.

390. See Silvia Ascarelli, Technology & Takeovers: Politician Is Acquitted in internet case in Berlin, WALL ST. J. EUR., July 1,1997, at 11.

391. See Yahoo!, Inc. v. La Ligue Contre le Racisme et L'Antisémitisme, 169 F. Supp. 2d 1181 (N.D. Cal. 2001).

392. See Cybercrimes - Coordinated Effort to Attack Cybercrimes, 3 No. 1 CYBERSPACE L. 32, 32 (1998) (discussing cooperative effort to coordinate internet legislation between Britain, Canada, France, Germany, Italy, Japan, Russia, and the United States); Cole Durham, The Emerging Structures of Criminal Information Law: Tracing the Contours of a New Paradigm: General Report for the AIDP Colloquium, 64 REV. INT'L DE DROIT PENAL 79, 97-109 (1993) (discussing patterns of convergence in computer crime legislation with regard to unauthorized access, unauthorized interception, unauthorized use of computer, alteration of data or programs, computer sabotage, computer espionage, unauthorized use or reproduction of computer programs, unauthorized reproduction of topography, computer forgery, and computer fraud).

393. See generally Clifford Miller, Electronic Evidence - Can You Prove the Transaction Took Place?, 9 No. 5 COMPUTER L. 21 (1992) (analyzing problems of getting evidence of computer crimes admitted under United Kingdom rules of evidence as representative of challenges faced by prosecutors in Belgium, France, Germany, and United States). In the United Kingdom, the English Law Commission proposed removing the evidentiary requirements that currently impose a heightened standard upon computer evidence, and returning to the common law evidentiary "presumption that the machine works." THE LAW COMMISSION, CONSULTATION PAPER No. 138, CRIMINAL LAW; EVIDENCE IN CRIMINAL PROCEEDINGS: HEARSAY AND RELATED TOPICS 207 (1995); see also JOHN ANDREWS & MICHAEL HIRST, ANDREWS & HIRST ON CRIMINAL EVIDENCE 380-85 (3d ed. 1997) (describing problems with current English evidentiary regime, and agreeing with proposed changes). However, these changes had not been approved by Parliament as of 1997.

394. COUNCIL OF EUROPE, CHART OF SIGNATURES AND RATIFICATIONS (noting that 37 countries have signed the treaty including four parties outside of the Council of Europe, including the United States, South Africa, Japan, and Canada) available at http://conventions.coe.int/Treaty/Commun/ChercheSig.asp7NT= 185&CM=8&DF=9/ 3/04&CL=ENG (last visited Oct. 31,2006).

395. COUNCIL OF EUROPE, CONVENTION ON CYBERCRIME, available at http://conventions.coe.int/Treaty/en/ Treaties/Html/185.htm (last visited Oct. 31,2006).

396. See DEP'T OF JUSTICE, FREQUENTLY ASKED QUESTIONS AND ANSWERS ABOUT THE COUNCIL OF EUROPE CONVENTION ON CYBERCRIME (Update as of November 10, 2003), available at http://www.usdoj.gov/criminal/ cybcrcrime/COEFAQs.htm (last visited Oct. 31,2006).

397. Statement of Michael Chertoff, Assistant Attorney General Criminal Division, Before the Subcomm. on Crime, H. Conun. on the Judiciary, 107th Cong. 1 (June 12,2001), available at http://judiciary.house.gov/legacy/ 72616.pdf (last visited Oct. 31,2006).

398. Id.

399. See Durham, supra note 392, at 97 n.51 (citing efforts by Council of Europe, Organization for Economic Co-operation and Development (OECD), and United Nations). The OECD is an intergovernmental organization designed to encourage multilateral dialogue and cooperation on economic and social policies that have transnational effects. Although the OECD does not have legal powers, its guidelines, reports, and publications can have a significant influence on policy-making for both member and non-member countries. see Stewart A. Baker, Decoding OECD Guidelines for Cryptography Policy, 31 INT'L LAW. 729,732-33 (1997) (providing background on OECD). As of November 2000, OECD is comprised of 29 countries: Australia, Austria, Belgium, Canada, the Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Japan, Korea, Luxembourg, Mexico, The Netherlands, New Zealand, Norway, Poland, Portugal, Spain, Sweden, Switzerland, Turkey, the United Kingdom, and the United States. See ORGANISATION FOR ECONOMIC COOPERATION AND DEVELOPMENT, OECD ONLINE, at http://www.oecd.org/about (last visited Oct. 31,2006).

400. See generally BUSINESS SOFTWARE ALLIANCE, at http://www.bsa.org (last visited Oct. 31,2006).

401. See BUSINESS SOFTWARE ALLIANCE AND INTERNATIONAL DATA CORPORATION, THIRD ANNUAL BSA AND IDC GLOBAL SOFTWARE PIRACY STUDY (2006) available at http://www.bsa.org/globalstudy/upload/ 2005%20Piracy%20Study%20-%20Official%20Version.pdf. Software piracy remains at around 35% worldwide. In practical terms, this means that approximately 35% of all business software applications existing on PCs around the world continue to be unpaid-for, illegal copies.