[国会记录：2007年12月7日（参）] [第S15032-S15033]下列ON提出的法案与关节决议通过Feingold的先生：S. 2434的纸币澄清计算机侵入通信USA-下拦截条件爱国者法案;对司法委员会。法因戈尔德先生。主席先生，我很高兴地介绍2007年的计算机非法侵入澄清法案，该法案将修正和澄清美国爱国者法案第217。这项法案实际上与我在第109届国会提出一项法案。爱国者法案的第217节解决非法侵入计算机通讯的拦截。该法案将修改现有的法律，更准确地反映意图的规定，也防止侵犯隐私。第217被设计为允许执法协助谁是受到服务攻击或黑客的其他剧集拒绝电脑一族。该法案的原司法部的草案后来成为爱国者法案包括这一条款。通过分析部分由该部于2001年9月19日提供的A节，声明如下：现行法律可能不允许计算机侵入被害人请求执法协助监控未经允许的攻击，因为它们发生。 Because service providers often lack the expertise, equipment, or financial resources required to monitor attacks themselves as permitted under current law, they often have no way to exercise their rights to protect themselves from authorized attackers. Moreover, such attackers can target critical infrastructures and engage in cyberterrorism. To correct this problem, and help to protect national security, the proposed amendments to the wiretap statute would allow victims of computer attacks to authorize persons ``acting under color of law'' to monitor trespassers on their computer systems in a narrow class of cases. I strongly supported the goal of giving computer system owners the ability to call in law enforcement to help defend themselves against hacking. Including such a provision in the Patriot Act made a lot of sense. Unfortunately, the drafters of the provision made it much broader than necessary, and refused to amend it at the time we debated the bill in 2001. As a result, the law now gives the government the authority to intercept communications by people using computers owned by others as long as they have engaged in some unauthorized activity on the computer, and the owner gives permission for the computer to be monitored--all without judicial approval. Only people who have a ``contractual relationship'' with the owner allowing the use of a computer are exempt from the definition of a computer trespasser under section 217 of the Patriot Act. Many people-- for example, college students, patrons of libraries, Internet cafes or airport business lounges, and guests at hotels--use computers owned by others with permission, but without a contractual relationship. They could end up being the subject of Government snooping if the owner of the computer gives permission to law enforcement. My bill would clarify that a computer trespasser is not someone who has permission to use a computer by the owner or operator of that computer. It would bring the existing computer trespass provision in line with the purpose of section 217 as expressed in the Department of Justice's initial explanation of the provision. Section 217 was intended to target only a narrow class of people: unauthorized cyberhackers. It was not intended to give the government the opportunity to engage in widespread surveillance of computer users without a warrant. Another problem is that unless criminal charges are brought against someone as a result of such surveillance, there would never be any notice at all that the surveillance has taken place. The computer owner authorizes the surveillance, and the FBI carries it out. There is no warrant, no court proceeding, no opportunity even for the subject of the surveillance to challenge the assertion of the owner that some unauthorized use of the computer has occurred. My bill would modify the computer trespass provision in the following additional ways to protect against abuse, while still maintaining its usefulness in cases of denial of service attacks and other forms of hacking. First, it would require that the owner or operator of the protected computer authorizing the interception has been subject to ``an ongoing pattern of communications activity that threatens the integrity or operation of such computer.'' In other words, the owner has to be the target of some kind of hacking. Second, the bill limits the length of warrantless surveillance to 96 hours. This is twice as long as is allowed for an emergency criminal wiretap. With four days of surveillance, it should not be difficult for the government to gather sufficient evidence of wrongdoing to obtain a warrant if continued surveillance is necessary. Finally, the bill would require the Attorney General to report annually on the use of Section 217 to the Senate and House Judiciary Committees. Section 217 was originally subject to the sunset provision in the Patriot Act and therefore would have expired at the end of 2005. However, the USA PATRIOT Improvement and Reauthorization Act, which became law in March 2006, made this provision permanent. Congress needs to do more oversight of the use of this provision. The computer trespass provision now in the law as a result of section 217 of the PATRIOT Act leaves open the potential for significant and unnecessary invasions of privacy. The reasonable and modest changes to the provision contained in this bill preserve the usefulness of the provision for investigations of cyberhacking, but reduce the possibility of government abuse. I urge my colleagues to support the Computer Trespass Clarification Act. Mr. President, I ask unanimous consent that the text of the bill be printed in the Record. There being no objection, the text of the bill was ordered to be printed in the Record, as follows: S. 2434 Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SECTION 1. SHORT TITLE. This Act may be cited as the ``Computer Trespass Clarification Act of 2007''. SEC. 2. AMENDMENTS TO TITLE 18. (a) Definitions.--Section 2510(21)(B) of title 18, United States Code, is amended by-- (1) inserting ``or other'' after ``contractual''; and [[Page S15033]] (2) striking ``for access'' and inserting ``permitting access''. (b) Interception and Disclosure.--Section 2511(2)(i) of title 18, United States Code, is amended-- (1) in clause (I), by inserting ``is attempting to respond to communications activity that threatens the integrity or operation of such computer and requests assistance to protect the rights and property of the owner or operator, and'' after ``the owner or operator of the protected computer''; and (2) in clause (IV), by inserting ``ceases as soon as the communications sought are obtained or after 96 hours, whichever is earlier (unless an order authorizing or approving the interception is obtained under this chapter) and'' after ``interception''. (c) Report.--Not later than 60 days after the date of enactment of this Act, and annually thereafter, the Attorney General shall submit a report to the Committee on the Judiciary of the Senate and the Committee on the Judiciary the House of Representatives on the use of section 2511 of title 18, United States Code, relating to computer trespass provisions, as amended by subsection (b), during the year before the year of that report. ______