There are a number of cybercrime laws that are extremely important in the field of digital forensics and cybersecurity as a whole. Two of the most important laws include the Computer Fraud and Abuse Act (CFAA) of 1984 and the Electronic Communications Privacy Act (ECPA) of 1986.
The original intent of CFAA was to address computer related crimes and more specifically protect information assets. The law made it a federal crime to gain unauthorized access to data or information on protected computer systems. It does not come without criticism. Kerr (2009) made many points that the current law is too vague stating that CFAA has become so broad, and computers so common, that expansive or uncertain interpretations of unauthorized access will render it unconstitutional. Nevertheless, the law has been a cornerstone for shaping the way we deal with cybercrime and since its introduction, has been since amended a number of times.
ECPA has been pivotal in setting standards for how government and law enforcement agencies can access digital information. It has been especially both effective as well as controversial in recent years removing barriers from wiretapping, accessing online communications via social networks, online cloud storage, etc. ECPA has been amended several times to better keep up with the ever-changing landscape of online and digital communications. It has also been criticized for being too restrictive and needing to be amended further. Burstein (2008) argues that ECPA impedes the sharing of Internet data with cybersecurity researchers for example. No law will ever be perfect as the challenges presented with keeping up with the technology landscape continue to increase.
- Burstein, A. J. (2008). Amending the ECPA to enable a culture of cybersecurity research. Harv. JL & Tech., 22, 167.
- Butler, B. (2012). 4 Internet privacy laws you should know about. Network World. Retrieved from https://www.networkworld.com/article/2164315/lan-wan/4-internet-privacy-laws-you-should-know-about.html
- Kerr, O. S. (2009). Vagueness Challenges to the Computer Fraud and Abuse Act. Retreived from http://www.minnesotalawreview.org/wp-content/uploads/2012/03/Kerr_MLR.pdf