PRIA Logo
Take the PRIA Score
Title 6Domestic SecurityRelease 119-73

§657 Cyber Security Enhancement Act of 2002

Title 6 › Chapter CHAPTER 1— - HOMELAND SECURITY ORGANIZATION › Subchapter SUBCHAPTER XVIII— - CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY › Part Part A— - Cybersecurity and Infrastructure Security › § 657

Last updated Apr 6, 2026|Official source

Summary

Order the U.S. Sentencing Commission to review and, if needed, change its punishment rules for people convicted of computer crimes under 18 U.S.C. 1030. The Commission must make the rules reflect how serious and common these crimes are and the need to deter them. It must consider things like the actual or possible loss, how much planning or skill was used, whether the crime was for money or gain, whether the defendant acted maliciously, privacy violations, use of government computers for defense or security, harm to critical infrastructure, and any threats to public health or safety. The Commission must keep rules consistent with other guidance, allow for special aggravating or reducing factors, make related changes, and meet the goals of sentencing under 18 U.S.C. 3553(a)(2). The Commission must send a short report to Congress by May 1, 2003, saying what it did and any recommendations about penalties. Any government entity that receives a disclosure under 18 U.S.C. 2702(b) must file a report with the Attorney General within 90 days after that disclosure. The report must say which paragraph of 2702(b) was used, the disclosure date, who got the disclosure, how many customers or subscribers were affected, and how many communications were disclosed. The Attorney General must combine all those reports into one report to Congress 1 year after November 25, 2002.

Full Legal Text

Title 6, §657

Domestic Security — Source: USLM XML via OLRC

(a)This section may be cited as the “Cyber Security Enhancement Act of 2002”.
(b)(1)Pursuant to its authority under section 994(p) of title 28 and in accordance with this subsection, the United States Sentencing Commission shall review and, if appropriate, amend its guidelines and its policy statements applicable to persons convicted of an offense under section 1030 of title 18.
(2)In carrying out this subsection, the Sentencing Commission shall—
(A)ensure that the sentencing guidelines and policy statements reflect the serious nature of the offenses described in paragraph (1), the growing incidence of such offenses, and the need for an effective deterrent and appropriate punishment to prevent such offenses;
(B)consider the following factors and the extent to which the guidelines may or may not account for them—
(i)the potential and actual loss resulting from the offense;
(ii)the level of sophistication and planning involved in the offense;
(iii)whether the offense was committed for purposes of commercial advantage or private financial benefit;
(iv)whether the defendant acted with malicious intent to cause harm in committing the offense;
(v)the extent to which the offense violated the privacy rights of individuals harmed;
(vi)whether the offense involved a computer used by the government in furtherance of national defense, national security, or the administration of justice;
(vii)whether the violation was intended to or had the effect of significantly interfering with or disrupting a critical infrastructure; and
(viii)whether the violation was intended to or had the effect of creating a threat to public health or safety, or injury to any person;
(C)assure reasonable consistency with other relevant directives and with other sentencing guidelines;
(D)account for any additional aggravating or mitigating circumstances that might justify exceptions to the generally applicable sentencing ranges;
(E)make any necessary conforming changes to the sentencing guidelines; and
(F)assure that the guidelines adequately meet the purposes of sentencing as set forth in section 3553(a)(2) of title 18.
(c)Not later than May 1, 2003, the United States Sentencing Commission shall submit a brief report to Congress that explains any actions taken by the Sentencing Commission in response to this section and includes any recommendations the Commission may have regarding statutory penalties for offenses under section 1030 of title 18.
(d)(1)
(2)A government entity that receives a disclosure under section 2702(b) of title 18 shall file, not later than 90 days after such disclosure, a report to the Attorney General stating the paragraph of that section under which the disclosure was made, the date of the disclosure, the entity to which the disclosure was made, the number of customers or subscribers to whom the information disclosed pertained, and the number of communications, if any, that were disclosed. The Attorney General shall publish all such reports into a single report to be submitted to Congress 1 year after November 25, 2002.

Legislative History

Notes & Related Subsidiaries

Editorial Notes

Codification Section was formerly classified to section 145 of this title prior to renumbering by Pub. L. 115–278. Section is comprised of section 2207 of Pub. L. 107–296. Subsecs. (d)(1) and (e) to (j) of section 2207 of Pub. L. 107–296 amended section 1030, 2511, 2512, 2520, 2701 to 2703, and 3125 of Title 18, Crimes and Criminal Procedure.

Reference

Citations & Metadata

Citation

6 U.S.C. § 657

Title 6Domestic Security

Last Updated

Apr 6, 2026

Release point: 119-73