Senate bill proposes to outlaw pretexting

The US Senate has approved a bill designed to tighten US cyber-crime laws. An amended version of the Identity Theft Enforcement and Restitution Act of 2007 was unanimously approved by the Senate on 15 November but the measures still need to be approved by the House and the President before becoming law.

The bill, sponsoured by Democrat Senator Patrick Leahy and Republican Arlen Specter, would enable federal prosecutors to seek restitution for the time and money that victims spend restoring their credit histories.

Other measures would make it a felony to install spyware on ten or more computers, regardless of financial damage done. Scams involving threats to access confidential data on a prospective mark's PC would also become easier to prosecute through the bill, which proposes jail sentences of up to five years and fines against convicted cyber-extortionists. Pretexting, the practice of impersonating someone to steal sensitive personal information that became infamous through the HP spying scandal, will become a clearly defined federal crime for the first time through the bill. Creating a botnet of compromised PCs will also be specifically criminalised by the bill.

Requirements to establish losses of $5,000 or more before cybercrime prosecution can be initiated would also be relaxed. Lastly, the bill would mean that small business and corporations are protected by federal computer fraud statutes.

Many of the key provisions of the Identity Theft Enforcement and Restitution Act were originally proposed as part of the Cyber Crime Act of 2007, introduced by Senators Orrin Hatch and Joseph Biden, eWeek reports. ®