Monday, January 13, 2003

Balancing privacy, public safety, and network security concerns after 9/11
May 28, 2002
Auerbach Analysis
By Mark A. Rush and Lucas G. Paglia

In the aftermath of the Sept. 11, 2001, terrorist attacks on America, Congress and the President acted swiftly to pass new legislation to make it easier for federal, state, and local law enforcement to investigate and avert suspected acts of terrorism. On October 26, 2001, President Bush signed into law the U.S.A. PATRIOT Act of 2001 (PATRIOT Act, or “the Act”). As indicated by its short title—“Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism”—the PATRIOT Act was promulgated with the paramount goal of seriously enhancing the ability of America’s intelligence and law-enforcement communities to proactively prevent terrorism. True to its aim, the Act provides literally scores of amendments to existing federal statutes, all of which, to varying degrees, remove obstacles to investigating terrorist acts and acts related to or in furtherance of terrorism.

At the same time, the PATRIOT Act’s broad amendments present a number of new concerns for all businesses operating in the Internet age. As critical financial and technological infrastructures continue to serve legitimate and illicit needs—from legitimately driving America’s struggling economy to unwittingly serving as the platforms for illegal international money laundering by terrorists and their sympathizers—business owners face the threat of a “dragnet” approach to surveillance and investigation of suspected terrorists and terrorism. To ensure they are prepared to withstand the tightrope walk of balancing overwhelming national security concerns with their own network integrity and privacy issues, all businesses that rely in any way on computers should understand the full implications of the Act. This article is designed to help you navigate these uncharted waters by:

  • Summarizing the most significant, salient features of the PATRIOT Act as they relate to computer network integrity and the prevention of cyberterrorism.

  • Discussing various business, legal, and practical issues that private industry is likely to face in the coming months and years under the Act.

  • Exploring the ways in which businesses can ensure full comprehension of and compliance with the many provisions and mandates of the PATRIOT Act.
  • Concluding with a discussion of the many federal resources available to businesses as they prepare to address the concerns noted above arising from the Act.


Title II of the PATRIOT Act provides sweeping enhancements to existing laws governing criminal surveillance procedures, in particular the Electronic Communications Privacy Act. Under this Title, the federal government is granted increased authority to intercept wire, oral, and electronic communications relating to suspected terrorist activity. In addition, the Act amends the Computer Fraud and Abuse Act (CFAA) to broaden government's authority to intercept such communications if they relate to suspected computer fraud and abuse as well. Thus, the Act places special focus on the investigation of computer systems and networks that are or may be tools of terrorism.

Importantly, the PATRIOT Act amends existing search warrant law to allow for “roving” warrants to intercept wire, oral, and electronic communications. No longer will such warrants be limited to one particular wire fund transfer or telephone exchange or computer. Instead, the government may exercise its broad investigative authority under the Act to intercept any communications by any suspected terrorist or terrorism accomplice, with access to any financial, telephone, or computer system or network used by such suspects. Obviously, the reach of an investigation into suspected terrorism could extend into literally hundreds of different technology systems throughout the country.

Other key aspects of Title II include:


  • Expanding the scope of allowable seizures of voice mail messages pursuant to warrants

  • Expanding the scope of subpoenas for records of electronic communications

  • Allowing for delayed notice of search warrants to permit “sneak-and-peek” searches of real and electronic property in antiterrorism investigation and surveillance

  • Allowing ex parte application for court orders requiring the disclosure and production of business records and tangible things belonging to any person or entity

  • Broadening the reach of permissible interception of computer trespass communications

  • Providing for nationwide service of search warrants for electronic evidence

requires guest login or membership
http://www.techrepublic.com/printerfriendly.jhtml?id=r00520020528jdt01.htm&rcode=

No comments:

Post a Comment

con·cept