Learn About the Different Types of IP Crime
Trafficking in Counterfeit Goods/Labels
The primary federal criminal law prohibiting trademark infringement is 18 U.S.C section 2320 which prohibits trafficking in counterfeit goods and labels. In order to establish a violation of this section, the government must prove beyond reasonable doubt four separate elements: (1) the defendant trafficked or attempted to traffic in goods or services; (2) such trafficking, or the attempt to traffic, was intentional; (3) the defendant used a “counterfeit mark” on or in connection with such goods or services; and (4) the defendant knew that a counterfeit mark was so used. Thus, this section has two separate mens rea requirements: first, that the trafficking was “intentional.” Second, that the defendant “knows” that the use of the mark on or in connection with those goods or services is counterfeit. Courts have held consistently that the two mental elements identified in (2) and (4) do not require proof of a “specific intent” to violate the statute, namely, proof that the defendant knew that his act violated the law. Rather, courts have held that Congress’ definition of the crime prohibited by section 2320 “explicitly” requires proof of only a general intent.
The act does not require any showing of loss to the victim. The government is not required to prove that the rightful owner of the mark would have made additional sales but for the sales of the counterfeiter, or that the value of its mark was diminished. In the legislative history, Congress noted that the bill was intended to reach all counterfeiting that affects interstate commerce, specifically including “trafficking that is discovered in its incipiency, such as before counterfeit merchandise has left the factory.” Thus, the government need not show that the defendant made any sales, nor any unjust enrichment by the counterfeiter, who may have actually lost money on the counterfeiting operations. Nor is it necessary to prove that the product received under the counterfeit mark was somehow faulty and caused any consequential loss or harm to the recipient. Indeed, it is not even necessary to demonstrate that the product received is of lesser quality than the genuine product. This point is especially salient in cases where the defendant is being prosecuted for trafficking in digital goods bearing a counterfeit mark, such as computer software or music (as sold on, e.g., compact discs) because copies of digital goods can be identical to a legitimate product.
Chapter 4 of my book, Intellectual Property & Computer Crimes, (Law Journal Press) contains a detailed discussion of trafficking in counterfeit goods under 18 U.S.C. section 2320. It has been updated twice a year since first being published in 2003.
Copyright infringement did not become a criminal offense until over one hundred years after the passage of the first federal copyright act in 1790. Until that time, the availability of damages under civil law was considered to be an adequate deterrent against copyright infringement. In addition, nineteenth century technology made it very difficult, if not impossible to illegally reproduce and distribute a copyrighted work on a scale large enough to seriously threaten the copyright owner’s profits. In short, criminal sanctions for copyright infringement were unnecessary in the past. Since then, however, changes in technology, especially in the digitilization of copyrighted works, have made it easier to reproduce and distribute copyrighted works and more difficult for a copyright owner to protect his or her works. In response to these concerns and in recognition of the increased value and importance of intellectual property to the economic well being of the United States, Congress has amended criminal copyright laws numerous times, and has progressively increased the scope and penalties for criminal copyright infringement. An example of this is the No Electronic Theft Act of 1997.
A defendant is guilty of criminal copyright infringement under 18 U.S.C. section 2319 if the defendant acted willfully and either (1) for commercial advantage or private financial gain, or (2) by reproducing or distributing infringing copies of works with a total retail value of over $1,000 over a 180-day period, or (3) by distributing a “work being prepared for commercial distribution” by making it available on a publicly accessible computer network. Copyright infringement is a felony only if the infringement involved reproduction or distribution of at least ten copies of copyrighted works worth more than $2,500 in a 180-day period, or involved distribution of a “work being prepared for commercial distribution” over a publicly-accessible computer network.
Chapter 2 of my book, Intellectual Property & Computer Crimes (Law Journal Press 2003) provides a detailed analysis of criminal copyright infringement under 18 U.S.C. section 2319 including a discussion of caselaw. The book has been updated twice a year since first being published in 2003.
Criminal Trade Secret
Trade secrets have become an important part of the protection of intellectual property in the United States. A trade secret is simply a piece of information that has value and that the possessor takes reasonable steps to keep confidential through confidentiality agreements with third parties or by hiding the information from outsiders. The protection of trade secrets serves a variety of functions. By creating a limited property right in the information, trade secret law is an incentive for investment in innovation. It encourages the development and exploitation of these items of lesser or of a different kind than might be accorded protection under the patent laws, but which items still have an important part to play in the technological and scientific advancement of the United States. Similar to patent and copyright law, trade secret law prompts the independent innovator to proceed with the discovery and exploitation of his invention. Further, without trade secret protection, organized scientific and technological research could become fragmented, and society, as a whole would suffer.
Trade secret law also helps maintain standards of commercial ethics. The word “property” as applied to trade secrets “is an unanalyzed expression of certain secondary consequences of the primary fact that the law makes of some rudimentary requirements of good faith.” By sanctioning the acquisition, uses, and disclosure of a person’s valuable, proprietary information by improper means, trade secret law minimizes “the inevitable cost to the basic decency of society when one steals from another.” Thus trade secret law recognizes that “good faith and honest, fair dealing, is the very life and spirit of the commercial world.” The theft of trade secrets threaten these benefits.
Before President Clinton signed into law the Economic Espionage Act of 1996 (the “EEA”), on October 11, 1996, [Note: I was involved in the drafting of the EEA as a trial attorney with Computer Crime & Intellectual Property Section of the United States Department of Justice. Further, the legislative history of the EEA cited a law review article of mine that advocated for a federal criminal trade secrets law. I also prosecuted one of the first EEA cases, United States v. Four Pillars, et al.] a significant gap existed in the protection of trade secrets. Only a minority of states specifically criminalized the theft of trade secrets, under widely varying standards. Moreover, state prosecutors often lacked the resources and expertise necessary to investigate and prosecute this type of crime. Federal law did not provide an effective remedy either, since federal prosecutors were forced to rely on a number of federal statutes that were not intended to punish theft of trade secrets [Note I was the lead prosecutor in a case involving theft of trade secrets under the Interstate Transportation of Stolen Property Act, 18 U.S.C. section 2314 and the Wire Fraud Act, 18 U.S.C. section 1343.]
The EEA contains two separate sections outlawing the theft of trade sections. The first section, 18 U.S.C. section 1831, is directed towards foreign economic espionage and requires that the theft of the trade secret be done to benefit a foreign government, instrumentality or agent. In contrast, section 1832 makes criminal the more common commercial theft of trade secrets, regardless of who benefits. While the two sections clearly are directed at different actors, they share a number of common elements. Under each section, the government must prove the following factors beyond a reasonable doubt: (1) the defendant stole or without authorization of the owner, obtained, destroyed, or conveyed information; (2) the defendant knew this information was proprietary; and (3) the information was in fact a trade secret.
In addition to having to prove the three elements discussed above, in order for the government to establish a violation of section 1831, it must also prove, a second mens rea element, that the defendant intended or knew that the offense would “benefit” a “foreign government, foreign instrumentality or foreign agent.”
In addition to proving that the defendant “knowingly” committed one of the listed acts of misappropriation, the government must also prove the following additional elements: (1) that the defendant acted “with intent to covert a trade secret to the economic benefit of anyone other than the owner thereof;” (2) that the defendant act “intending or knowing that the offense will injure any owner of that secret;” and (3) that the secret be “related to or included in a product that is produced for or placed in interstate or foreign commerce.”
Chapter 5 of my book, Intellectual Property & Computer Crimes, (Law Journal Press 2003), provides a detailed analysis of the elements of an EEA violation, defenses, and a discussion of the cases that the government has brought to date under the EEA.
Criminal Trade Secret
There is no universally accepted definition of “computer crime” or “cybercrime.” Certainly not every crime committed with a computer or that involves the use of a computer can or should be labeled as such. Indeed, given the almost ubiquitous nature of computers in modern life, if the definition of computer crime simply included the use of a computer then almost all crime could be defined as computer crime. It is generally agreed however, that computers can be used in criminal activity in three ways.
First, a computer may be incidental to the crime, for example, where the defendant uses a computer to write a threatening letter or where a drug dealer uses a computer to keep a record of his transactions. In these instances, a computer may provide law enforcement with valuable evidence of a crime.
Second, a computer may be used as the instrument or tool to offenses that occur in the physical world. In these instances, the computer is often being used to further some form of more traditional crimes such as fraud, extortion, intellectual property violations, identity theft, child pornography, harassment, mail and wire fraud and various other crimes. While these are not new crimes, the use of a computer may make the commission of such a crime much more easy and the prosecution more difficult under existing laws. For example, a criminal can make an infinite number of counterfeit copyrighted works which can be transmitted anywhere in the world instantaneously. Similarly, a child pornographer no longer has to be concerned about smuggling the illicit images through customs, but can simply download copies of such images from the Internet.
Third, a computer may be viewed as the subject or direct target of criminal activity. This occurs when a criminal acts to illegally acquire information stored on the target system, to control the target system without authorization or payment, to alter the integrity of data, or to interfere with the availability of or damage the computer, server or communications device. Examples of such crimes include computer hacking, computer viruses or worms, denial of service attacks, etc. The individuals committing these crimes range from disgruntled insiders, hackers, organized crime groups, terrorists, foreign intelligence services and foreign militaries.
While it may be argued that this third category does not constitute a new type of crime because, for example, hacking can be analogized to trespass or burglary, this claim does not account for the real differences between the real world and the virtual world. Prior to the invention of the computer and the rise of the Internet, an individual was required to have a physical presence within the country in which the crimes were committed, and the ability to commit a crime was limited by physical constraints such as the amount of property that could be physically carried or the number of houses that could be broken into within a day. With a computer, an enterprising individual can cause tremendous damage to computer systems located anywhere in the world or can download vast amounts of information which may be worth far more than any physical property. Criminals no longer need a physical connection to a particular country to commit a crime in that country. Individuals can commit crimes remotely and anonymously, operating across national borders, leaving evidence of their activities just about anywhere in the world. The crimes that fall under this category are really new types of crimes which cannot easily be prosecuted under traditional criminal statutes. In response, Congress passed, in 1986, the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. section 1030, which has been amended numerous times since then. [During my more than five years with the Computer Crime and Intellectual Property Section of the Criminal Division of the United States Department of Justice, I was involved in a number of investigations and prosecutions involving violations of this act.]
Computer Fraud and Abuse Act
The CFAA seeks to protect the confidentiality, integrity, and availability of data and systems. The CFAA contains seven major provisions that create liability for different types of crimes against “protected computers”–those used in interstate or foreign commerce or communications, and any computer connected to the Internet.
1030(a)(1) Protection of Classified Government Information
Subsection 1030(a)(1) protects against the knowing access of government computers to obtain classified information. This subsection criminalizes transmitting classified government information, to the detriment of the United States or to the benefit of a foreign country that was obtained by accessing government computer files without authority or by exceeding authority. This specifically covers the conduct of a person who deliberately breaks into a computer without authority, or an insider who exceeds authorized access and thereby obtains classified information and then communicates the information to another person, or retains it without delivering it to the proper authorities with the belief that the classified information so obtained could be used to the injury of the United States or to the advantage of any foreign nation.
1030(a)(2) Protection of Financial, Government and Other Computer Information
Subsection 1030(a)(2) is concerned with the protection of information. It prohibits the intentional access of a protected computer (essentially any computer connected to the Internet)without authorization or in excess of authorization for the purpose of obtaining information from financial institutions, the federal government, or private sector computers involved in interstate commerce or foreign communications.
1030(a)(3) Protection of Government Computer Systems
This subsection proscribes the intentional and unauthorized access of a United States department or agency non-public computer even when no information is obtained during such trespasses. If the computer is not used exclusively by the government or a government agency, the illegal access must affect the government’s use of the computer in order to violate this subsection.
1030(a)(4) Unauthorized Use of Computers
This subsection addresses the access and fraudulent use of a protected computer (essentially any computer connected to the Internet). It prohibits the unauthorized access of a protected computer, with the intent to defraud and obtain anything of value, including the use of the computer, if the value of the use exceeded $5,000. This subsection therefore requires more than mere unauthorized use. It also contains a “computer use” exception that exempts fraudulent conduct to obtain only the use of the computer where the computer use involved is less than $5,000 during any one-year period.
1030(a)(5) Protection from Damage to Computers
Subsection 1030(a)(5) generally applies to whomever knowingly or intentionally causes the transmission of a program, information, code, or command, and as a result of such conduct causes damage without authorization, to a protected computer. Defendants can damage computers through a wide variety of actions, such as through a “denial of service attack” that prevents legitimate users from accessing the computer or by the transmission of a virus or worm that also makes the system unavailable to legitimate users. This subsection is intended to address all of these situations. The level of culpability under this provision depends upon the intent and authorization of the actor.
In particular, subsection 1030(a)(5)(A) criminalizes the knowing transmission of a program, information, code, or command, and as result of such conduct, intentionally causes damage without authorization, to a protected computer. Thus this provision requires that the government establish beyond a reasonable doubt that the defendant “knowingly” cause the transmission of a program and “intentionally” cause damage. This subsection applies to both insiders and outsiders; therefore, authorized users may be culpable for intentional damage to protected computers. The dual mens rea requirement of 1030(a)(5)(A) stands in contrast to subsections 1030(a)(5)(B) and (a)(5)(C) that proscribe the intentional access, without authorization of a protected computer, but do not require an intent to cause damage and apply only to outsiders, those individuals who have no authority to access the computer system. Subsection 1030(a)(5)(B) requires that the action be reckless, while 1030(a)(5)(C) does not contain any intent on the part of the defendant; therefore, unauthorized users can be culpable even if their transmission was not intentional, but merely caused damage and loss.
1030(a)(6) Trafficking in Passwords
This subsection proscribes trafficking in passwords or other similar information that would permit access, without authorization, to a government computer, or if such trafficking would affect interstate commerce or foreign communications.
1030(a)(7) Protection from Threats Directed Against Computers
This subsection prohibits the transmission of any threat, in interstate or foreign commerce, to cause damage to a protected computer with the intent to extort something of value. Essentially, this provision criminalizes threats by hackers to crash a system if not given system privileges, money or some other thing of value.
Chapter 7 of my book, Intellectual Property & Computer Crimes, (Law Journal Press 2003) provides a detailed analysis of 18 U.S.C. section 1030.