Tuesday, May 15, 2012

Password Protection Act: “There are two things you don’t want to see being made – sausage and legislation”

Pictured Above: Senator Blumenthal (D-CT) (Left) & Congressman Heinrich (D-N.M.) (Right)

Plainly put – this draft legislation is farcical, and hopefully, as written, is dead on arrival! 

First, there is no realistic enforcement mechanism.  The proposed legislation is a series of amendments to the Computer Fraud & Abuse Act, and the sole enforcement mechanism is a criminal prosecution by the United States, and, upon conviction, the sole remedy is a fine.  

Second, the language of one section articulates a defense that is dependent on the employer establishing “good cause” for discharge or other discipline.  While, for years, I have advocated a simple, unitary, federal law establishing just cause as the standard for termination, a “stealth” or, probably, just less than thoughtless piece of legislation like this does little good in that regard, and a whole lot of bad.

Third, the exemptions for federal employees with access to classified information seem excessively broad.

Fourth, presumably, as drafted, the provisions of the Computer Fraud & Abuse Act authorizing civil actions do not apply to this proposed new substantive prohibition.  And, in any event, the damages preconditions to a civil action under the CFAA could hardly ever, to the point of never, be fulfilled by an employee.  And, the relief would simply be an injunction and, as there is no fee-shifting provision, there is no incentive for the private bar to take such cases.  

Finally, the retaliation provisions are thoughtlessly lifted from other statutes, and, as written, presumably would only come into play if one “causes” the United States to institute a civil action or if one testified or “is about to” testify in such civil action. 
Whoever drafted this bill needs to be taken to the woodshed.  Sausage like this, we do not need!

Please be sure to visit our website at http://RobertBFitzpatrick.com

No comments: