The University Record, April 1, 1997

U-M contributes to creation of new computer crime law

By Theresa Hofer
Information Technology Division

A new computer crime law that goes into effect in Michigan today is being viewed as a model by other states---and the Information Technology Division (ITD) played an important role in its creation.

According to Kirk Tabbey, attorney for the Michigan Computer Crime Task Force and chief assistant prosecutor for the Jackson County Prosecutor's office, previous computer crime laws in Michigan and other states defined computer crimes by the type of technology used. "Technology quickly changes," Tabbey says, "so the laws weren't very effective."

Tabbey saw the need to revise Michigan computer crime laws so that they focused not on the technology, but on the crimes themselves, such as harassment, theft or fraud. However, his office lacked the resources needed to thoroughly analyze and research existing legislation so that new legislation could be developed.

Scott Ziobro, a graduate student research assistant who is now a policy analyst in ITD, examined all existing federal and state laws dealing with computer crime, as well as pending and model legislation. He also analyzed and compared the definitions of a number of key terms to see how they were used in the different laws.

Tabbey and Ziobro worked together on the computer crime law. Tabbey then used their work as a basis for amending other affected laws, as needed, and for preparing a similar set of legislation addressing telecommunication crimes. The bills quickly passed through the legislature and were signed into law by Gov. Engler in July.

"The law didn't add any new crimes," Tabbey says. "It just changed the approach in how we looked at existing crimes committed by computer." In the new law, it is the crime that drives the penalty, not the technology. Because the use of technology, however, increases the effect of the crime and makes the offense harder to detect, the penalties have been increased. The new law also changed the way that the costs of a computer crime are calculated. In the former law, costs were restricted to any damage that might have been done to computer hardware, software or files. If a network owner could not prove that an intruder damaged anything, then there was no basis on which to prosecute the crime. Now the costs of the crime include the cost to the network owner of investigating the incident and taking measures to restore security.

"This law," Tabbey says, "has changed the way we look at laws in the United States regarding high-tech crime. It's making an impact not only in Michigan, but nationally." He reports that Texas and Maryland have already adopted laws based on Michigan's legislation. Tabbey has taken the Michigan laws to the Criminal Justice and Telecommunication Task Forces of the American Legislative Exchange Council, an association of state legislators. The council plans to introduce model legislation based on Michigan's laws at its summer meeting. Tabbey and Ziobro also intend to collaborate on a paper about the legislation.

For Virginia Rezmierski, assistant in policy studies at ITD, successful collaborations such as this one are simply part of the University's role. "Michigan," she noted, "tries to help create models that will assist not only members of this community, but also other schools and colleges."