We increasingly depend on the availability, integrity, and confidentiality of computer systems and information to conduct our business, communicate with our friends and families, and even to be entertained. With a modem and a computer, a business person can communicate with his or her office, a student can access an on-line encyclopedia at home, or researcher can get weather information from Australia over the Internet. Unfortunately, computer criminals can also use this technology to pry into our secrets, steal confidential Government information, and damage important telecommunications systems. With the advances in global communication, these criminals can do this virtually anywhere in the world.

The facts speak for themselves--computer crime is on the rise. The computer emergency and response team at Carnegie-Mellon University reports that, since 1991, there has been a 498 percent increase in the number of computer intrusions, and a 702 percent rise in the number of sites affected. About 40,000 Internet computers were attacked in 2,460 incidents in 1994 alone. We need to increase protection for this vital information infrastructure to stem the online crime epidemic.

The NII Protection Act seeks to improve the Computer Fraud and Abuse Act by providing more protection to computerized information and systems, by designating new computer crimes, and by extending protection to computer systems used in foreign or interstate commerce or communications. The bill closes a number of gaps in our current laws to strengthen law enforcement's hands in fighting crimes targeted at computers, computer systems, and computer information.

First, the bill would bring the protection for classified national defense or foreign relations information maintained on computers in line with our other espionage laws. While existing espionage laws prohibit the theft and peddling of Government secrets to foreign agents, the bill would specifically target those persons who deliberately break into a computer to obtain the Government secrets that they then try to peddle.

Second, the bill would increase protection for the privacy and confidentiality of computer information. Recently, computer hackers have accessed sensitive data regarding Operation Desert Storm, penetrated NASA computers, and broken into Federal courthouse computer systems containing confidential records. Others have abused their privileges on Government computers by snooping through confidential tax returns, or selling confidential criminal history information from the National Crime Information Center.

The bill would criminalize these activities by making all those who misuse computers to obtain Government information and, where appropriate, information held by the private sector, subject to prosecution. The harshest penalties would be reserved for those who obtain classified information that could be used to injur the United States or assist a foreign state. Those who break into a computer system, or insiders who intentionally abuse their computer access privileges, to secret information off a computer system for commercial advantage, private financial gain or to commit any criminal or tortious act would also be subject to felony prosecution. Individuals who intentionally break into, or abuse their authority to use, a computer and thereby obtain information of minimal value, would be subject to a misdemeanor penalty.

Third, the bill would protect against damage to computers caused by either outside hackers or malicious insiders. Computer crime does not just put information is at risk, but also the computer networks themselves. Hackers, or malicious insiders, can destroy crucial information with a carefully placed code or command. Hackers, like Robert Morris, can bring the Internet to its knees with computer `viruses' or `worms.' This bill would protect our Nation's computer systems from such intentional damage, regardless of whether the perpetrator was an insider or outside hacker.

Under the bill, insiders, who are authorized to access a computer, face criminal liability only if they intend to cause damage to the computer, not for recklessly or negligently causing damage. By contrast, hackers who break into a computer could be punished for any intentional, reckless, or negligent damages they cause by their trespass.

Fourth, the bill would expand the protection of the Computer Fraud and Abuse Act to cover those computers used in interstate or foreign commerce or communications. The law already gives special protection to the computer systems of financial institutions and consumer reporting agencies, because of their significance to the economy of our Nation and the privacy of our citizens. Yet, increasingly computer systems provide the vital backbone to many other industries, such as the telecommunications network. Current law falls short of protecting this infrastructure. Generally, hacker intrusions that do not cross State lines are not Federal offenses. The NII Protection Act would change that limitation and extend Federal protection to computers or computer systems used in interstate or foreign commerce or communications.

Fifth, this bill addresses a new and emerging problem of computer-age blackmail. In a recent case, an individual threatened to crash a computer system unless he was granted access to the system and given an account. The bill adds a new provision to the law that would ensure law enforcement's ability to prosecute these modern day blackmailers, who threaten to harm or shut down computer networks unless their extortionate demands are met.

Finally, the statutory scheme provided in this bill will provide a better understanding of the computer crime problem. By consolidating computer crimes in one section of title 18, reliable crime statistics can be generated. Moreover, by centralizing computer crimes under one statute, we may better measure existing harms, anticipate trends, and determine the need for legislative reform. Additionally, as new computer technologies are introduced, and new computer crimes follow, reformers need only look to section 1030 to update our criminal laws, without parsing through the entire United States Code.

The Kyl-Leahy NII Protection Act would provide much needed protection for our Nation's important information infrastructure. It will help ensure the confidentiality of sensitive information and protect computer networks from those who would seek to damage these networks.

I commend the Department of Justice for their diligent work on this bill, and their continued assistance in addressing this critical area of our criminal law. I look forward to working with my colleagues on refining and improving this bill, as necessary.