COMMITTEE OF EXPERTS ON TERRORISM (CODEXTER) CYBERTERRORISM THE USE OF THE INTERNET FOR TERRORIST PURPOSES UNITED STATES OF AMERICA September 2007 Kapitel 1 www.coe.int/gmt The responses provided below focus on the use of the United States federal criminal law enforcement authorities as the key to combating misuse of the Internet for criminal and terrorist purposes. Therefore, the responses do not seek to address every action the United States might take at the national level with regard to cybercrime or cyberterrorism, but rather those actions and policies that are most commonly employed by federal prosecutors and law enforcement agencies. Furthermore, the United States has attempted to provide responses from national experience that can be readily adopted by other states through full implementation of the Council of Europe s Convention on Cybercrime. A. National Policy 1. Is there a national policy regarding the analysis, detection, prosecution and prevention of cybercrime in general and the misuse of cyberspace for terrorist purposes in particular? If yes, please briefly describe it. In 2003, the President of the United States signed the National Strategy to Secure Cyberspace. The National Strategy s strategic objectives are to (1) prevent cyber attacks against America s critical infrastructures; (2) reduce national vulnerability to cyber attacks; and (3) minimise damage and recovery time from cyber attacks that do occur. As explained in the National Strategy, the United States Department of Justice and the Federal Bureau of Investigation lead the national effort to investigate and prosecute cybercrime. The United States has enacted criminal laws that allow for the investigation and prosecution of a wide range of cybercrimes, whether committed by individuals, organised criminal groups, institutions, or terrorists. Law enforcement agencies at the federal, state and local levels investigate cybercrimes and other criminal offences that target or involve computers and computer networks. The United States works closely with other nations to counter cybercrime, through institutions such as the 24/7 emergency contact network, multilateral treaties such as the Convention on Cybercrime, and bilateral mutual legal assistance and extradition treaties. The United States is a strong proponent of the Convention on Cybercrime and urges all Council of Europe member states and other interested parties who have not done so to implement it as a key step to combat transnational cybercrime and misuse of cyberspace for terrorist purposes. For further information please see the Country profiles on counter-terrorism capacity at www.coe.int/gmt. Pour plus de renseignements, veuillez consulter les Profils nationaux sur la capacité de lutte contre le terrorisme: www.coe.int/gmt.
2 B. Legal Framework 2. Does your national legislation criminalise the misuse of cyberspace for terrorist purposes, and a. are these offences specifically defined with regard to the terrorist nature or technical means of committing the crime, or b. is the misuse covered by other, non-specific criminal offences? How are these offences defined and which sanctions (criminal, administrative, civil) are attached? a. The United States has enacted its cybercrime laws to focus on the acts committed (such as hacking, distributed denial of service attacks, furthering a fraud through the use of a computer), rather than the identity of the perpetrator. Although U.S. cybercrime laws take into account potential results from terrorist acts, those laws do not require proof of terrorist intent. b. The United States has enacted specific criminal offences related to terrorism (such as providing material support to terrorists or financing terrorism), but cybercrimes are investigated and prosecuted as described in the answer to question 2.a. The United States has enacted criminal laws that allow for the investigation and prosecution of a wide range of cybercrimes, whether committed by individuals, organised criminal groups, institutions or terrorists. The United States has also enacted criminal laws that allow for the investigation and prosecution of certain criminal offences related to terrorism (such as providing material support to terrorists or financing terrorism). Furthermore, under U.S. law, the same set of facts may give rise to multiple charges, provided that each charge alleges some different element. Thus a person who commits a cybercrime for the purpose of, for example, providing material support to a terrorist organisation may be guilty of multiple offences arising out of the same conduct. Individuals convicted of violating the key United States federal cybercrime statute, Title 18 U.S. Code, Section 1030 (Fraud and related activity in connection with computers), may, depending on the circumstances, be sentenced to imprisonment for a term of years (or for life, if the offender knowingly or recklessly caused or attempted to cause death for certain violations), ordered to serve a term of supervised release, ordered to pay restitution to victims, and/or ordered to pay a fine. In addition, criminal and civil asset forfeiture statutes may be used to seize and forfeit to the government proceeds and property used in, or derived from, the criminal activity. Individuals convicted of violating terrorism criminal statutes enumerated in Title 18 U.S. Code, Chapter 113B, are subject to similar criminal penalties. U.S. law provides for increased criminal penalties for certain terrorism-related offences. Some violations of Title 18 U.S. Code, Section 1030 (Fraud and related activity in connection with computers), are included within the enumerated list of "federal crimes of terrorism," contained in Title 18 U.S. Code, Section 2332b (Acts of terrorism transcending national boundaries). 3. Do you plan to introduce new legislation to counter terrorist misuse of cyberspace? What are the basic concepts of these legislative initiatives? There are no indications that the executive branch of the U.S. government plans to propose any such legislation. It should be noted, however, that any legislation enacted on this topic would have to be consistent with the freedom of speech protections contained in the First Amendment of the U.S. Constitution. 4. What are the existing national practices in the field of detecting, monitoring and closing down websites used for terrorist purposes? In the United States, federal, state and local law enforcement agencies may, during the course of a criminal investigation and consistent with U.S. law, read and gather information from publiclyavailable websites that promote violations of U.S. law, such as violent crimes, money laundering or
3 material support for terrorists. Similarly, the United States Government will, consistent with U.S. law, read and review publicly-available websites that promote violence or terrorism against United States citizens. 5. Does your national legislation provide criteria for establishing jurisdiction over such offences? What are those criteria? The cybercrime offences contained in Title 18 of the United States code can, depending on the offence, have both domestic and extra-territorial application. Both domestically and extraterritorially, this jurisdiction is very broad and based on factors such as whether the offence affects interstate or foreign commerce, the identity of the victim or intended victim, and where the offence is committed. Under Title 18 of the United States Code, Section 1030 (Fraud and related activity in connection with computers), jurisdiction is generally based on whether the affected computer is a "protected computer" as defined in Section 1030(e)(2). Examples of a "protected computer" include a computer which is used in interstate or foreign commerce, a computer exclusively for the use of a financial institution or the United States Government or a computer used by a non-u.s. bank or non-u.s. government agency. 6. Does your national legal system establish ancillary offences related to the misuse of cyberspace? Under United States criminal law, individuals may be convicted of a criminal offence, including a cybercrime or terrorism offence, if they commit the offence themselves, or if they aid, abet, counsel, command, induce or procure another to commit the offence. An individual may also be convicted of attempting to commit, or conspiring to commit, a cybercrime offence. In addition, criminal liability based on attempt and conspiracy applies to most terrorism offences. 7. What kind of national procedures do you have for submitting an application on the activities of Internet-providers and/or hosting companies, to deprive a user from a domain name or to cancel his/her/its registration or licence? Under United States criminal law, any property used to commit a criminal offence, or derived from the proceeds of criminal activity, may be subject to criminal and civil seizure and forfeiture. In certain circumstances, a domain name could be subject to criminal forfeiture. For example, in one criminal prosecution brought by the United States Department of Justice, the domain name for a notorious international, online criminal marketplace was criminally forfeited to the United States government. 8. What non-legislative measures do your have in your country to prevent and counter terrorist misuse of cyberspace, including self-regulatory measures? The United States Government sponsors a number of education and awareness programmes designed to counter cybercrime in general, regardless of the identity or intentions of the perpetrators. For example, the Federal Bureau of Investigation website provides information and resources related to protecting computers from the effects of cybercrime: http://www.fbi.gov/cyberinvest/protect_online.htm. In addition, the United States Government sponsors numerous training programmes, domestically and internationally, focused on preventing, countering, investigating and prosecuting cybercrime and protecting individuals from a wide range of cyber threats. The United States Government actively participates in international organisations that address the issues of cybercrime and cyberterrorism, including the G8, the Council of Europe, the Organization for Security and Co-operation in Europe, the Organization of American States, and numerous others.
4 C. International co-operation 9. Please describe the general framework for international co-operation regarding the misuse of cyberspace for terrorist purposes. The United States is strongly committed to promoting international co-operation in the battle against cybercrime, and firmly believes there is already an adequate international framework for co-operation and mutual legal assistance on the issues of cybercrime and cyberterrorism. The existing international framework includes, inter alia: (1) bilateral mutual legal assistance and extradition treaties; (2) international treaties such as the Convention on Cybercrime; (3) multilateral organisations such as the Council of Europe and the United Nations; and (4) law enforcement contact networks such as the 24/7 emergency contact network. The United States supports the recognition of the Convention on Cybercrime as the one international standard for fighting cybercrime. The United States believes that the investigative and international co-operation tools set forth in the Convention on Cybercrime are precisely the tools needed to identify and prosecute criminals and terrorists for their misuse of, and attacks on, computers and computer networks. 10. What are the existing practices and experiences with regard to international cooperation, in particular in relation to the procedures described in question 4? The international co-operation framework and mechanisms described in the answer to question 9 can be employed to deal with a wide range of criminal or terrorist conduct. As to international co-operation relating to detecting, monitoring, and closing down websites used for terrorist purposes (question 4), the United States does receive foreign requests for such assistance. It processes them in the same way as other requests (prioritizing them according to urgency, etc). D. Institutional Framework 11. Please list the institutions that are competent to countering terrorist misuse of cyberspace. The Federal Bureau of Investigation and the United States Secret Service are the two principal U.S. law enforcement agencies responsible for investigating cybercrime. The Federal Bureau of Investigation has primary responsibility for investigating terrorism crimes that occur in or affect the United States. Two of the top three priorities for the FBI are protecting the United States from terrorist attack and protecting the United States against cyber-based attacks and high-technology crimes. The United States Department of Justice has responsibility for prosecuting both cybercrimes (e.g. hacking and distributed denial of service attacks) and terrorism crimes (e.g. providing material support to terrorists). The United States Department of Homeland Security has responsibility for safeguarding the United States critical infrastructure, including the telecommunications infrastructure and the Internet. 12. Are there any partnerships between the public and private sectors (Internet-service providers, hosting companies, etc.) to counter terrorist misuse of cyberspace? The United States Department of Justice, the Federal Bureau of Investigation, the U.S. Secret Service and the Department of Homeland Security have many formal and informal relationships with public and private sector entities, some of which address the misuse of cyberspace.
5 E. Statistical Information 13. Please provide relevant statistics on offences relating to the misuse of cyberspace for terrorist purposes (including possibly: cases recorded, investigated, brought to court, convictions, victims etc.). The United States does not collect statistics according to these categories. 14. Where possible, please describe briefly the profile of offenders typically involved in the misuse of cyberspace for terrorist purposes (professional background, gender, age, nationality), and possible typical organisational characteristics, including trans-national links and links to other forms of organised crime. The United States does not collect statistics according to these categories.