Boston, MA - Mon, Oct 22nd 2007, 00:00

Coakley Wants to Get Tough on Cyber Crime

By Catherine Williams - October 22, 2007

State House News Service

BOSTON - Two months after state lawmakers passed a sweeping identity theft law, the state's top law enforcement official and technology business leaders are calling for significant changes to bolster it.

Attorney General Martha Coakley said she is pushing for changes to the bill that would give law enforcement officials fast access to subpoenas, increase cyber crime penalties and define state-level cyber crime jurisdictions.

"We have a good start with that bill. There is still work to be done," said Coakley, in an interview.

In a keynote speech Monday morning during a seminar on cyber crime at the Omni Parker House, the North Adams native said she is working with other law enforcement and justice officials to draft proposals to change the law.

Coakley said she supports giving law enforcement officials the ability to subpoena Internet service providers, such as AOL, quickly to discern how data had been accessed. The cyber crime subpoenas would be similar to phone record subpoenas that are quickly issued – without a grand jury proceeding – when a crime is in progress, she said.

Changes to the law, Coakley said, could also include stiffer penalties for cyber criminals. But it is unclear which penalties she would support, such as fines or sentencing requirements.

Another way to strengthen the law is to clarify the murky lines of jurisdiction between state and federal agencies chasing cyber criminals, said Coakley.

"Cyber space is the Wild West. It is not clear where the jurisdiction lies," she said, adding state lawmakers should set clear boundaries to make it easier to prosecute cyber criminals.

In the spring, Coakley said, she launched a cyber-crime initiative designed to measure cyber-crime rates across the state, train law enforcement officials on cyber crime and formulate proposals to lawmakers about how to improve existing cyber crime laws.

As part of the initiative, more than 200 law enforcement officials are expected to attend a Microsoft Corp. training on cyber crime on Halloween, said Coakley.

Coakley became a victim of credit card theft when her credit card stolen and used to purchase a Dell computer delivered to an address in Texas.

The existing identity theft bill, signed by Gov. Deval Patrick in August, was co-sponsored by Sen. Michael Morrissey, D-Quincy, and Rep. Michael Rodrigues, D-Westport.

The law requires companies who maintain personal data to shred records and encrypt data. The law also requires that thefts are reported to the attorney general's office and Patrick administration's Office of Consumer Affairs. In addition, the law requires credit reporting companies to issue credit freezes for $5 or for free when a customer's information has been compromised.

Pulled From Bill

The penalty and subpoena proposals were pulled out of the original bill to put before the judiciary committee earlier this year, said Donald Jordan, research director for the Committee on Consumer Protection and Professional Licensure.

Morrissey said he supports the attorney general's efforts to strengthen the penalty and jurisdiction pieces of the law, and is hoping the Judiciary Committee responds quickly.

"What we did was an important first step. Now we have to get the Judiciary Committee to report out the rest. We have half a loaf right now. We're going to build on that," said Morrissey.

It’s unclear when Coakley plans to unveil final proposals to push the law further.

Technology industry leaders agree the law needs revamping. Even though the identity theft bill was endorsed by the Massachusetts Technology Leadership Council, one of its board members considers the bill vague.

"It pretends that it is doing something but it is not doing anything," said Anna Sabasteanski, founder and president of Belmont-based Asset Management Network Inc.

Sabasteanski said lawmakers should create a privacy commissioner post dedicated to tracking identity theft and identity fraud across the state.

State legislators and legislative aides attended a forum at the Omni Parker House to learn about tactics to protecting against cyber security breaches including identity theft, computer viruses and spam. The seminar was hosted by Americans for Technology Leadership.