Programming Question

Using the attached format and following guidance, prepare a 4-5 page White paper for the given 3 Case studies.

Also the explanation needs to be logical analyze the cybersecurity breach situation and try to come up with suitable, logical and legal procedure and conclusion. It’s not only about the grammar and vocabulary It’s more of the logical approach how ur going to tackle it.

I need it to be done with right formatting and u should follow all the guidance

White Paper
The purpose of this white paper is to discuss the 18 USC. Criminal and civil liability is imposed
on people who use computers without authorization or more frequently than permitted. Until
recently, the federal courts of appeal were divided about the definition of exceeding permissible
access in the CFAA and whether an employee with authority to view information on a computer
violates it by misusing it.
A. Background
Concerns about computer and electronic database hacking arose in response to American
businesses’ rapid use of both technologies. In the case of Van Buren, the United States Supreme
Court ruled that common theft and trespass legislation were inadequate to handle cybercrimes
that did not involve the traditional deprivation of computer owners’ property. The court also
noted that Congress enacted the first computer crime provisions in the early 1980s, following a
series of widely publicized hackings that attracted the public’s attention.
The Computer Fraud and Abuse Act is an essential legislation prosecutors can utilize to
address internet crimes. It is in Title 18, Section 1030 of the United States Code. Government
lawyers must consistently apply the Computer Fraud and Abuse Act, and the general public
needs to be adequately informed about how the Department of Justice upholds the law. It is
especially critical as technological advances and criminal activity continues to advance. In order
to achieve these objectives, the Department has the policy to guide government attorneys
regarding the relevant considerations for prosecutors who are considering filing charges under
the CFAA.
A. General Principles
To determine whether or not a particular investigation or prosecution is in line with the charging
policy, a nuanced understanding of technology, the sensitivity of the information involved, tools
for lawfully gathering evidence, issues relating to national and international coordination, and
concerns about victims are necessary(Curtiss, 2016). It might be challenging to comprehend
cases brought under the CFAA.
•
The CFAA forbids unauthorized access to almost all computers connected to the internet.
Anyone who willfully gains access to a protected computer without authorization or goes
beyond what is permitted to do so, as well as anyone who plans to do so, bears both
criminal and civil sanctions. The legislation defines computers as any electronic
equipment that performs logical, mathematical, or storage operations, excluding
typewriters, pocket calculators, and other archaic technologies. In other words, a
computer can be a smartphone or other internet-capable device in addition to a desktop or
laptop computer.
•
The CFAA allows the Federal Bureau of Investigation and the Secret Service the power
to look into possible CFAA infractions, in accordance with an agreement between the
Secretary of the Treasury and the Attorney General.
•
Concerning charging decisions, the government’s attorney is required to have a
conversation with CCIPS to identify any potential fact-based, lawful or policy
considerations; assist in case deconfliction with cases in other Districts that are similar to
the one at hand, to the extent that the attorneys haven’t already done so following other
Department policies and procedures; and evaluate how the case fits into overall national
priorities. CCIPS is responsible for ensuring that the government’s attorney follows all of
these policies and procedures. The government lawyers are encouraged to participate in
this consultation by inviting a District CHIP. The consultation needs to cover important
topics. It is intended to support uniformity throughout the Department in a rapidly
changing field of practice while also assisting the prosecutor. A specific inquiry or
matter’s facts, complexity, and sensitivity will determine the extent of consultation and
the level of information needed to achieve these aims.
B. Legal Opinions
•
According to the government’s interpretation of the “exceeds permitted access”
clause, a mind-boggling quantity of everyday computer usage would be subject to
criminal penalties. For instance, businesses frequently specify that computers and
other electronic devices may only be used for work-related activities. According to
the government’s interpretation, an employee who uses a work computer to send a
personal email or read the news has broken the CFAA(Bellia, 2016). The government
posits that additional clauses could restrict its ability to bring legal action, yet its
charging practice and policy show otherwise.
•
The structure of the Act further undermines the government’s argument. The section
outlines two distinct ways of obtaining information illegally: first, when someone
gains access to a computer without authorization, and secondly when someone gains
access to a computer with authorization and uses that access to obtain data that person
is not permitted to receive.
Example case scenario.
To outbid EF, Explorica reduced their prices. The previous vice president of information
strategy at EF and the current VP at Explorica, Philip Gormley, engaged a third party to
create “scraper” software to extract pricing information from EF’s website. The trip fees
were compared to thousands of tour codes from the EF website. The scraper conducted
over 30,000 EF website requests. According to the First Circuit, the pricing data was
maintained in a spreadsheet with 60,000 lines or eight phone directories(Sellars, 2018).
The file contained the tour codes, departure dates, and cost information for each
tour. An uneducated reader would perceive the tour codes as not significant,” the court
ruled. The codes must be translated to be useful, even though they can be connected to
real tours and destinations. As soon as Gormley translated the data from the trip codes,
Explorica began methodically undercutting EF’s prices to compete with EF. Additionally,
Explorica began preparing its brochures and joined the tour market simultaneously. The
appellate court’s primary point that needed to be answered was whether or not Explorica’s
actions violated the CFAA since they were “without authority or exceeded permissible
access. In the end, the court concluded that Explorica had breached the CFAA because
Gormley’s actions went beyond the boundaries of the confidentiality agreement he had
signed with his previous employer.
C. Closing Opinions
The Department of Justice should take into account the additional factors, even though the
prosecution would be serving a major government interest in a case where it is believed that
the admissible evidence will be enough to secure a conviction:
•
Whether the conduct was pretty heinous or harmful, whether it involved a unique or
widening illegal conduct, whether the alleged perpetrator was a repeat offender,
whether a novel or sophisticated technique was used, whether the offender abused a
position of trust or another sensitive level of access, and so on. Concerns about the
necessity for deterrence and whether or not an investigation or prosecution would be
successful,
•
The extent to which critical infrastructure, public health and safety, fair trading,
diplomatic affairs, or other issues that could have a broad or significant impact on the
interests of a country or an economy are raised by the harm done to or access gained
by a computer system, or the data that is transmitted or stored on it.
•
In cases where there is proof that the defendant’s actions were comprised of and
motivated by good-faith security research, government counsel should decline to
pursue prosecution. The government attorney should use the Register of Copyrights’
definition of “good-faith security research” when interpreting this policy.
References
Curtiss, T. (2016). Computer fraud and abuse act enforcement: Cruel, unusual, and due for
reform. Wash. L. Rev., 91, 1813.
Bellia, P. L. (2016). A Code-Based Approach to Unauthorized Access Under the Computer
Fraud and Abuse Act. Geo. Wash. L. Rev., 84, 1442.
Sellars, A. (2018). Twenty Years of Web Scraping and the Computer Fraud and Abuse Act. BUJ
Sci. & Tech. L., 24, 372.