Chapter 2: History and Terminology of Computer Crime Investigation

Overview

Seizing, preserving, and analyzing evidence stored on a computer is the greatest forensic challenge facing law enforcement in the 1990s. Although most forensic tests, such as fingerprinting and DNA testing, are performed by specially trained experts, the task of collecting and analyzing computer evidence is often assigned to untrained patrol officers and detectives. While most forensic tests are performed in the analyst's own laboratory, investigators are required to search and seize computers at unfamiliar and potentially hostile sites, such as drug labs, residences, "boiler rooms", small business offices, and warehouse-sized computer centers.

(Rosenblatt 1995)

Besides component theft, some of the earliest recorded computer crimes occurred in 1969 and 1970 when student protestors burned computers at various universities. At about the same time, individuals were discovering methods for gaining unauthorized access to large time-shared computers (essentially stealing time on the computers), an act that was not illegal at the time. In the 1970s, many crimes involving computers and networks were dealt with using existing laws. However, there were some legal struggles because digital property was seen as intangible and therefore outside of the laws protecting physical property. Since then, the distinction between digital and physical property has become less pronounced and the same laws are often used to protect both.

Computer intrusion and fraud committed with the help of computers were the first crimes to be widely recognized as a new type of crime. The first computer crime law to address computer fraud and intrusion, the Florida Computer Crimes Act, was enacted in Florida in 1978 after a highly publicized incident at the Flagler Dog Track. Employees at the track used a computer to print fraudulent winning tickets. The Florida Computer Crimes Act also defined all unauthorized access to a computer as a crime, even if there was no maliciousness in the act. This stringent view of computer intrusion was radical at the time but has since been adopted by every US state except Vermont. This change of heart about computer intrusions was largely in reaction to the growing publicity received by computer intruders in the early 1980s. It was during this time that governments around the world started enacting similar laws. Canada was the first country, to enact a federal law to address computer crime specifically in amending their Criminal Code in 1983. The US Federal Computer Fraud and Abuse Act was passed in 1984 and amended in 1986, 1988, 1989, and 1990. The Australian Crimes Act was amended in 1989 to include Offenses Relating to Computers (Section 76) and the Australian states enacted similar laws at around the same time. In Britain, the Computer Abuse Act was passed in 1990 to criminalize computer intrusions specifically as discussed in Chapter 3.

In the 1990s, the commercialization of the Internet and the development of the World Wide Web (WWW) popularized the Internet, making it accessible to millions. Crime on the global network diversified and the focus expanded beyond computer intrusions. One of the earliest large-scale efforts to address the problem of child pornography on the Internet was Operation Long Arm in 1992, involving individuals in the United States who were obtaining child pornography from a Danish bulletin board system. A more detailed view of the history of computer crime can be found in Hollinger (1997). As the range of crimes being committed with the assistance of computers increased, new laws to deal with copyright, child pornography, and privacy were enacted as discussed in Chapter 3.

Hollinger's Crime, Deviance and the Computer consists of a collection of articles from various authors and is separated into four sections; The Discovery of Computer Abuse (1946–76), The Criminalization of Computer Crime (1977–87), The Demonization of Hackers (1988–92), and The Censorship Period (1993-present).