Just how far can the police go if they suspect one of your employees is a cybercriminal? Can law enforcement search your Personal Digital Assistant without a warrant? What laws are being used to prosecute cybercriminals?

The legal landscape of cybercrime is still mostly uncharted wilderness navigated more through guesswork than actual legal precedent. But the U.S. Justice Department’s Cybercrime.gov is attempting to map out this new terrain.

The Computer Crime and Intellectual Property Section (CCIPS) of the Criminal Division of the Justice Department launched the site in March 2000. At that time, it was primarily a repository for press releases.

But recent additions to this site make it a valuable resource for CIOs, CTOs, and other IT policy decision makers concerned with security issues. If you need to create or simply revise your organization’s security policies, we’ll tell you how to navigate Cybercrime.gov to get the valuable information and resources you need to make sure you don’t put yourself or your company in jeopardy.

How the site is organized
Don’t expect Flash at Cybercrime.gov. This is a humble, text-based site aimed at educating the public about federal law and initiatives regarding encryption, privacy concerns, and prosecution of high-tech crimes.

The home page offers case, document, law, and policy links on computer and intellectual crime. You’ll also see a “General Information” section that includes these headings:

  • How to report Internet-related crime
  • Cyberethics
  • What does CCIPS do?

But the links IT professionals will find most useful fall under the “Other Cybercrime Legal and Policy Issues” category. Here you’ll find information on:

  • Encryption
  • Intellectual property crime
  • International aspects of computer crime
  • Protecting the nation’s critical infrastructures
  • Federal criminal codes relating to search and seizure of computers and electronic evidence

Cybercrime.gov’s home page

One very useful tool is the drop-down menu that allows you to “customize” the site depending on your interests. For instance, you can view material geared for either members of the high-tech industry or those in law enforcement.

The home page does, however, reflect some organizational growing pains: The latest additions to the site are tagged under the heading “New Updates” and are simply listed at the bottom of the page instead of being placed under their proper category heads.

But don’t let the awkward navigation deter you. You’ll find tons of useful documentation here, including Congressional testimony, letters, and Justice Department reports. And, of course, there’s the usual filler—press releases and speeches—you’ve come to expect on government Web sites.

In January, the CCIPS added these documents:

These manuals provide answers about how far law enforcement can search without a warrant, which person on your staff can legally give the police permission to search your company’s work areas, when computers can be seized, and when law enforcement should pursue prosecution for intellectual property crimes.

Another useful resource is the “How to Report Internet-Related Crime” page. This page explains which government agency is responsible for investigating particular cybercrimes. It also includes a list of who to call to report specific cybercrimes.

A partial list of cybercrime contact numbers from Cybercrime.gov

You might also want to check out the FAQs on encryption, although it’s already dated and likely to become more so as the Bush administration establishes its own policies.

Finally, stop by the “case” section of the site. Here you’ll find summaries of prosecuted cases, including information on fines, sentences, and links to press releases about each case. The list goes back to 1998 and includes cases as recent as December 2000.
We’d like to know what computer-related criminal issues you think need to be addressed by the upcoming administration. Post your comments below.