The U.S. is trying to dabble in policing the Internet again, but in a vastly different way. Meet S.1469 or the International Cybercrime Reporting and Cooperation Act.
The bill was introduced recently into the Senate by Senator Kirsten Gillibrand of New York. It’s goal is “to require reporting on the capacity of foreign countries to combat cybercrime, to develop action plans to improve the capacity of certain countries to combat cybercrime, and for other purposes.” What are those other purposes? Let’s read the proposed bill and find out!
After the introduction and definitions of various parts of the bill, it gets into what the bill is all about. Section three is called the “Annual Report” and it requires the head of whatever new Federal agency is made to combat cybercrime to report to Congress. They are to report on “the extent and nature of activities relating to cybercrime that are attributable to persons or property based in the country and impact the United States Government, United States persons, or United States electronic commerce.” They are also to report on the “effectiveness of the laws” and “measures taken by the government to protect consumers from cybercrime.”
Section four, titled “Utilization of Foreign Assistance Programs” deals with how the U.S. will cooperate with foreign countries in battling cybercrime. The bill says that the President will give priority to improving “the effectiveness and capacity of the legal and judicial systems and the capabilities of law enforcement agencies with respect to cybercrime.”
The countries that will receive the most aid are those that the U.S. determines to have “a low capacity to combat cybercrime.”
The bill would also let the U.S. provide foreign countries with the tools to improve “critical infrastructure, telecommunications systems, financial industry, legal or judicial systems, or law enforcement capabilities of that country” to combat cybercrime.
Section five, titled “Action Plans for Combating Cybercrimes for Countries of Cyber Concern” says that after the report mentioned in section two is made to Congress that the President must create an action plan that will assist “the government of that country to improve the capacity of the country to combat cybercrime.”
There is also a provision that says the President will have to reassess the countries that have been placed under action plans. Countries may be removed and placed on action plans at will if they cease or become countries of “cyber concern.”
The President will be required, under section five, to meet with the leaders of each country of “cyber concern” to formulate action plans to combat cybercrime.
If a country fails to meet an action plan benchmark, which is one year after the action plan has been developed, the U.S. is given three courses of action to punish the country into complying with its request - block any new financing or loans for the countries in question, restrict trade to the countries in question and restrict foreign assistance.
Thankfully, there is an exception that states “the President may not suspend, restrict, prohibit, or withdraw assistance … that is provided for humanitarian or disaster relief or for projects related to building capacity or actions to combat cybercrime.”
The President is allowed to waive the requirement of an action plan if the President “determines that such a waiver is in the national interest of the United States” and “submits to Congress a report describing the reasons for the determination.”
Section six only details the responsibilities of the Secretary of State to designate a “high-level employee of the Department of State” to coordinate the combating of cybercrime on a state and international level.
Section seven details that the President appoint an “employee of the United States Government with primary responsibility with respect to matters relating to cybercrime policy.” This employee must also “consult with industry groups in the United States, civil society organizations, and other organizations with an interest in combating cybercrime.”
Finally at the end, section eight demands that the President take into account “the efforts of the government of that country to combat cybercrime” before finalizing or modifying any trade agreements.
This bill seems like the U.S. wants to be the head coordinator of a global cybercrimes unit. The fact that the bill gives the President the power to freeze funds and trade to countries that do not comply is somewhat worrying. The bill was referred to committee and could be up for a vote whenever they feel like it. We'll keep you up to date on any changes.
The entire bill can be found on Open Congress. Read it for more information and become informed.
Do you think that the U.S. is trying to become an international cybercrime police force? Or is this just a step in the right direction in stopping cybercrime? Let us know in the comments.