Take a Hacker to Work Day - How Federal Prosecutors Use the CFAA

Presented at Black Hat USA 2015, Aug. 5, 2015, 11:30 a.m. (50 minutes)

What would happen if Black Hat invited the Department of Justice (DOJ) to give us a better understanding of the Computer Fraud and Abuse Act (or "CFAA") and explain how federal prosecutors use it and the DOJ actually showed up? Attendees will hear directly from a Department of Justice's Computer Crime & Intellectual Property Section Prosecutor explaining the CFAA in plain English and breaking down the process for deciding whether to bring charges in federal hacking cases. This session will cover data about how the CFAA has been used and pointers on how practitioners and researchers can stay out of hot water. You'll also gain insight into how prosecutors think about the intersection between their mission to protect computer networks and data from criminals, and the efforts of the computer security community to ferret out critical system vulnerabilities. Seating will be limited for this rare briefing to our community. Bring your most thoughtful and meaningful questions, and be on your best behavior- our communities must work closely together to make security research safer while enabling law enforcement to pursue truly criminal behavior.

Presenters:

• Leonard Bailey - Department of Justice
  Mr. Bailey joined the Department of Justice's Terrorism and Violent Crime Section (TVCS) in 1991 where he handled litigation and investigations, managed departmental policies governing criminal enforcement and intelligence collection, and participated in the negotiation of international treaties concerning terrorist funding. He subsequently served as Special Counsel and Special Investigative Counsel to the Department's Inspector General while conducting investigations of senior Department officials and sensitive departmental programs. In 2000, Mr Bailey joined the Computer Crime and Intellectual Property Section (CCIPS) where he has prosecuted cases involving federal violations of computer crime and intellectual property statutes; advised on matters related to searching and seizing electronic evidence, investigating and prosecuting network intrusions, and conducting electronic surveillance; and chaired the Organization of American States' Group of Government Experts on Cybercrime. He has been Special Counsel for National Security in CCIPS since 2008. In 2009, he accepted a position as Senior Counselor to the Assistant Attorney General for the National Security Division, where he managed issues associated with cybersecurity, critical infrastructure protection, and national security investigations and operations involving cyber threats to national security. In 2012, he managed and set cyber policy for the Department of Justice as an Associate Deputy Attorney General before returning to the Criminal Division in 2013. Mr. Bailey received his B.A. from Yale University in 1987 and his J.D. from Yale Law School in 1991. He is an adjunct professor at Georgetown Law School, where he teaches cybersecurity law.

Links:

• https://www.blackhat.com/us-15/briefings.html#take-a-hacker-to-work-day-how-federal-prosecutors-use-the-cfaa
• https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2015/video/Black Hat USA 2015 - Take A Hacker To Work Day - How Federal Prosecutors Use The CFAA.mp4
• https://www.youtube.com/watch?v=IHm4KZsMtsU
• https://www.blackhat.com/docs/us-15/materials/us-15-Bailey-Take-A-Hacker-To-Work Day-How-Federal-Prosecutors-Use-The-CFAA.pdf

Similar Presentations:

• AppSec USA 2013 / Computer Crime Laws - Tor Ekeland, Attorney
• BSidesLV 2016 / Shall We Play A Game? 30 Years of the CFAA
• THOTCON 0x6 (2015) / Hacking the CFAA: What You Need to Know, What’s Happening, and Where It’s Going.