Congress just passed this bill, which could be used to prosecute companies who invade our computers with DRM - we all use our computers for interstate and foreign communication; it won't take many of us to aggregate $5000 in damage, and just look at those aggravating circumstances. If were Sony Records I'd be nervous.
SEC. 101. AMENDMENT OF SENTENCING GUIDELINES RELATING TO CERTAIN COMPUTER CRIMES.
(a) DIRECTIVE TO THE UNITED STATES SENTENCING COMMISSION- Pursuant to its authority under section 994(p) of title 28, United States Code, and in accordance with this section, the United States Sentencing Commission shall review and, if appropriate, amend its guidelines and its policy statements applicable to persons convicted of an offense under section 1030 of title 18, United States Code.
(b) REQUIREMENTS- In carrying out this section, the Sentencing Commission shall--
(1) ensure that the sentencing guidelines and policy statements reflect the serious nature of the offenses described in subsection (a), the growing incidence of such offenses, and the need for an effective deterrent and appropriate punishment to prevent such offenses
(2) consider the following factors and the extent to which the guidelines may or may not account for them--
(A) the potential and actual loss resulting from the offense;
(B) the level of sophistication and planning involved in the offense;
(C) whether the offense was committed for purposes of commercial advantage or private financial benefit;
(D) whether the defendant acted with malicious intent to cause harm in committing the offense;
(E) the extent to which the offense violated the privacy rights of individuals harmed;
Title 18 sec 1030 includes this clause:
Sec. 1030. - Fraud and related activity in connection with computers
(5) (A) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
(B) intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage; or
(C) intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage;
(2) the term ''protected computer'' means a computer -
(A) exclusively for the use of a financial institution or the United States Government, or, in the case of a computer not exclusively for such use, used by or for a financial institution or the United States Government and the conduct constituting the offense affects that use by or for the financial institution or the Government; or
(B) which is used in interstate or foreign commerce or communication;
(8) the term ''damage'' means any impairment to the integrity or availability of data, a program, a system, or information, that -
(A) causes loss aggregating at least $5,000 in value during any 1-year period to one or more individuals;