The U.S. statutes on password related crimes – overview by states

June 18th, 2009 by Olga Koksharova

In this entry I’d like to suggest a kind of a list of various legal decisions on password [ab]use I could find on the web. Your add-ins are welcome, just put in any other acts you know…

Georgia Computer Systems Protection Act
(e) Computer Password Disclosure. Any person who discloses a number, code, password, or other means of access to a computer or computer network knowing that such disclosure is without authority and which results in damages (including the fair market value of any services used and victim expenditure) to the owner of the computer or computer network in excess of $500.00 shall be guilty of the crime of computer password disclosure.
(2) Any person convicted of computer password disclosure shall be fined not more than $5,000.00 or incarcerated for a period not to exceed one year, or both.
Georgia Code 16-9-90, 91, 92, 93, 93.1, 94 – Computer Crime, Computer Theft, Computer Trespass,
http://www.legis.ga.gov/legis/2003_04/gacode/16-9-93.html
Hawaii Computer Crime Statute
§708 – Computer fraud in the second degree.
(1) A person commits the offense of computer fraud in the second degree if the person knowingly, and with the intent to defraud, transfers, or otherwise disposes of, to another, or obtains control of, with the intent to transfer or dispose of, any password or similar information through which a computer, computer system, or computer network may be accessed.
http://www.hawaii.edu/infotech/policies/policyframes/appendixa.html
Kansas Statutes: Computer crime; computer password disclosure; computer trespass [Statute 21-3755]
(c) (1) Computer password disclosure is the unauthorized and intentional disclosure of a number, code, password or other means of access to a computer or computer network.
(2) Computer password disclosure is a class A nonperson misdemeanor.
http://kansasstatutes.lesterama.org/Chapter_21/Article_37/21-3755.html
Mississippi Code: Computer Crime and Identity Theft
SEC. 97-45-5. Offense against computer users; penalties.
 (b) Use or disclosure to another, without consent, of the numbers, codes, passwords or other means of access to a computer, a computer system, a computer network or computer services.
…(2) Whoever commits an offense against computer users shall be punished, upon conviction, by a fine of not more than One Thousand Dollars ($1,000.00), or by imprisonment for not more than six (6) months, or by both such fine and imprisonment. However, when the damage or loss amounts to a value of One Hundred Dollars ($100.00) or more, the offender may be punished, upon conviction, by a fine of not more than Ten Thousand Dollars ($10,000.00), or imprisonment for not more than five (5) years, or by both such fine and imprisonment.
http://www.mscode.com/free/statutes/97/045/0005.htm
Missouri Revised Statutes [Section 569.095]
569.095. 1. A person commits the crime of tampering with computer data if he knowingly and without authorization or without reasonable grounds to believe that he has such authorization:
…(4) Discloses or takes a password, identifying code, personal identification number, or other confidential information about a computer system or network that is intended to or does control access to the computer system or network;
http://www.moga.mo.gov/statutes/c500-599/5690000095.htm
Pennsylvania Statute Title 18 § 3933 – Unlawful use of computer.
 (a) Offense defined.–A person commits the offense of unlawful use of a computer if he, whether in person, electronically or through the intentional distribution of a computer virus:
…3. intentionally or knowingly and without authorization gives or publishes a password, identifying code, personal identification number or other confidential information about a computer, computer system, computer network or data base.
http://www.cybertelecom.org/states/pa.htm
South Dakota Statute
CHAPTER 43-43B COMPUTER PROGRAMS
43-43B-1. Unlawful uses of computer system. A person is guilty of unlawful use of a computer system, software, or data if the person:
… (3) Knowingly copies or obtains information from a computer system, or compromises any security controls for the computer system, or uses or discloses to another, or attempts to use or disclose to another, the numbers, codes, passwords, or other means of access to a computer system without the consent of the owner;
http://legis.state.sd.us/statutes/DisplayStatute.aspx?Type=Statute&Statute=43-43B-1
Arkansas Code
5-41-206. Computer password disclosure.
(a) A person commits computer password disclosure if the person purposely and without authorization discloses a number, code, password, or other means of access to a computer or computer network.
(b) Computer password disclosure is a Class A misdemeanor.
(c) If the violation of subsection (a) of this section was committed to devise or execute a scheme to defraud or illegally obtain property, the person is guilty of a Class D felony.
http://www.spamlaws.com/state/ar.shtml
Colorado Statute
18−5.5−102 − Computer crime.
(1) A person commits computer crime if the person knowingly:
…(c) Accesses any computer, computer network, or computer system, or any part thereof to obtain, by means of false or fraudulent pretenses, representations, or promises, money; property; services; passwords or similar information through which a computer, computer network, or computer system or any part thereof may be accessed; or other thing of value;
http://www.internetlibrary.com/statuteitem.cfm?Num=14

Tags: , , , , ,

Sign up for free ElcomSoft Password Recovery Software newsletter

2 Responses to “The U.S. statutes on password related crimes – overview by states”

  1. sexy_tie says:

    I would also be interested in any stats on enforceability of these statutes. Have they been invoked in the past?

  2. Sorry, we don’t have such statistics.

Leave a Reply