After Aaron's Law reintroduced, new counter-bill aims to crack down on hackers

[InfoSec News <alerts () infosecnews org>]

http://www.zdnet.com/article/bill-introduced-forcing-mandatory-disclosure-of-data-breaches-but-at-the-expense-of-hackers/

By Zack Whittaker
Zero Day
ZDNet News
April 25, 2015

Congress is at odds on new cybersecurity legislation, with the 
introduction of two competing bills aimed at reforming computer misuse 
laws.

On Tuesday, Sens. Mark Kirk (R-IL) and Kirsten Gillibrand (D-NY) 
introduced two new bills -- one with the express aim at "punishing cyber 
criminals" who obtain information "without authorization."

The senators, who announced the draft Data Breach Notification and 
Punishing Cyber Criminals Act (you can read it below), want to increase 
maximum allowable fines and prison sentences for common cyber-crimes, 
including identity theft and obtaining information from a protected 
computer "without authorization."

And that is part of the problem. The bill doesn't fix what's fundamentally 
wrong with the law -- the outdated and overbroad definitions that lump in 
security researchers and those who simply violate a terms-of-service as 
malicious hackers.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/