F:\M13\LOFGRE\LOFGRE_006.

XML

[Discussion Draft]

[DISCUSSION DRAFT]
113TH CONGRESS 1ST SESSION

H. R. ll
To lll

IN THE HOUSE OF REPRESENTATIVES

Ms. LOFGREN introduced the following bill; which was referred to the Committee on llllllllllllll

A BILL
To lll 1 Be it enacted by the Senate and House of Representa-

2 tives of the United States of America in Congress assembled, 3 4 5 6 7 8 9

SECTION 1. SHORT TITLE.

This Act may be cited as the Aaronss Law Act.

SEC. 2. CLARIFYING THAT VIOLATIONS OF 18 U.S.C. 1030 ARE LIMITED TO CIRCUMVENTION OF TECHNOLOGICAL BARRIERS IN ORDER TO GAIN UNAUTHORIZED ACCESS.

(a) Section 1030(e)(6) of title 18, United States

10 Code, is amended by
f:\VHLC\013013\013013.110.xml January 30, 2013 (3:49 p.m.)
15:49 Jan 30, 2013

(541176|3)
PO 00000 Frm 00001 Fmt 6652 Sfmt 6201 C:\DOCUME~1\HRBRAZ~1\APPLIC~1\SOFTQUAD\XMETAL\5.5\GEN\C\LOFGRE~1.XML

VerDate 0ct 09 2002

Jkt 000000

F:\M13\LOFGRE\LOFGRE_006.XML

[Discussion Draft]

2 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 (1) striking exceeds authorized access and all that follows; and (2) inserting the following: access without authorization (A) means (i) to obtain or alter information on a protected computer; (ii) that the accesser lacks authorization to obtain or alter; and (iii) by circumventing one or more technological measures that exclude or prevent unauthorized individuals from obtaining or altering that information; and (B) does not include the following, either in themselves or in combination (i) a violation of an agreement, policy, duty, or contractual obligation regarding Internet or computer use, such as an acceptable use policy or terms of service agreement with an online service provider, Internet website, or employer; or (ii) efforts to prevent personal identification of a computer user, or identification of a users hardware device or software, through a users real name, person-

VerDate 0ct 09 2002

f:\VHLC\013013\013013.110.xml January 30, 2013 (3:49 p.m.)

15:49 Jan 30, 2013

(541176|3)
PO 00000 Frm 00002 Fmt 6652 Sfmt 6201 C:\DOCUME~1\HRBRAZ~1\APPLIC~1\SOFTQUAD\XMETAL\5.5\GEN\C\LOFGRE~1.XML

Jkt 000000

F:\M13\LOFGRE\LOFGRE_006.XML

[Discussion Draft]

3 1 2 3 ally identifiable information, or software program or hardware device identifier(s);. (b) Section 1030(a)(1) of title 18, United States

4 Code, is amended by 5 6 7 8 9 and (2) inserting or information between a computer and without authorization. (c) Section 1030(a)(2) of title 18, United States (1) striking or exceeding authorized access;

10 Code, is amended by 11 12 13 14 (1) striking or exceeds authorized access; and (2) inserting or information between a computer and without authorization. (d) Section 1030(a)(4) of title 18, United States

15 Code, is amended by 16 17 18 19 (1) striking or exceeds authorized access; and (2) inserting or information between a computer and without authorization. (e) Section 1030(a)(7)(B) of title 18, United States

20 Code, is amended by 21 22 23 (1) striking or in excess of authorization; and (2) striking authorization or by exceeding. (f) Section 1030(e)(10) of title 18, United States

24 Code, is amended by striking unauthorized access or ex-

VerDate 0ct 09 2002

f:\VHLC\013013\013013.110.xml January 30, 2013 (3:49 p.m.)

15:49 Jan 30, 2013

(541176|3)
PO 00000 Frm 00003 Fmt 6652 Sfmt 6201 C:\DOCUME~1\HRBRAZ~1\APPLIC~1\SOFTQUAD\XMETAL\5.5\GEN\C\LOFGRE~1.XML

Jkt 000000

F:\M13\LOFGRE\LOFGRE_006.XML

[Discussion Draft]

4 1 ceeding authorized access, to a and inserting access 2 without authorization to a protected. 3 4 5 6 7 8 9

SEC. 3. ELIMINATION OF CERTAIN VIOLATIONS OF AGREEMENTS OR CONTRACTUAL OBLIGATIONS RELATING TO INTERNET SERVICE, AND CERTAIN ACTIONS UNDERTAKEN TO PREVENT PERSONAL IDENTIFICATION, FROM THE PURVIEW OF 18 U.S.C. 1343.

Section 1343 of title 18, United States Code, is

10 amended by inserting after the first sentence the fol11 lowing: The following do not in themselves or in combina12 tion violate this section: 13 14 15 16 17 18 19 20 21 22 (1) A violation of an agreement, policy, duty, or contractual obligation regarding Internet or computer use, such as an acceptable use policy or terms of service agreement with an online service provider, Internet website, or employer; and (2) Efforts to prevent personal identification of a computer user, or identification of a users hardware device or software, through a users real name, personally identifiable information, or software program or hardware device identifier(s)..

VerDate 0ct 09 2002

f:\VHLC\013013\013013.110.xml January 30, 2013 (3:49 p.m.)

15:49 Jan 30, 2013

(541176|3)
PO 00000 Frm 00004 Fmt 6652 Sfmt 6201 C:\DOCUME~1\HRBRAZ~1\APPLIC~1\SOFTQUAD\XMETAL\5.5\GEN\C\LOFGRE~1.XML

Jkt 000000