ANNAPOLIS – Detective Sandra Mapstone, veteran computer investigator for the Baltimore County Police, would love to put a computer vandal in prison.
But even if she can get a judge to understand the nature of computer crime, Maryland law might not provide for a jail term.
“I once spent four hours describing to a judge why I needed a warrant,” she said of a recent case where a household computer contained evidence of fraud – evidence which must be seized quickly because it can be destroyed in the blink of an eye.
“This judge didn’t have a clue about computers,” Mapstone said. She got the search warrant only when she pointed out that telephone lines, too, were being used by the suspects.
One of two full-time computer cops in Maryland and only seven nationwide, Mapstone is swamped with cases of computer tampering – unauthorized entry of systems via telephone lines, with destruction of data or spying in mind.
And she says the circle of justice is not complete: Not only are the laws not tough enough, but many state officials don’t grasp the spreading problem.
“Baltimore County has never lost a case – and no one has gone to jail,” Mapstone said.
State statistics on computer crime are new and far from reliable, said Maryland’s other computer investigator, Sgt. Barry Leese of the State Police. The yearly cost to U.S. businesses is between $3 and $7 billion, he said.
It is estimated that the Internet – a global computer network linked by telephone lines – has 20 million users worldwide. But no one knows for sure how many users there are, not even in Maryland.
What is known is that the Internet’s more vicious patrons are way ahead of the learning curve, making deft use of technology that breaks down computer security barriers designed to keep sensitive information out of the public domain.
“We need to bring everybody up to speed,” Leese said of prosecutors, judges, and elected officials.
Last month, Mapstone told Maryland’s House Judiciary Committee that, if nothing else, tougher penalties would make it harder for convicted hackers to escape a jail sentence.
“We have laws dealing with theft, that’s not the problem,” Michael Langrehr, chief of Maryland’s Office of Information Technology, said of computer vandalism.
Langrehr explained that computer hackers can do great damage without doing what the law regards as stealing.
“What we have a problem with is the destruction of property for which the [perpetrator] gets no gain, but where the victims suffer huge losses,” he said.
In Maryland, computer tampering is a misdemeanor no matter what the damage. Mapstone would like to see crimes causing over $3,000 in damage become felonies. A felony threshold for large- scale crimes would also allow for open-ended investigation, where now there is a one-year statute of limitations.
But no such law will be enacted in this legislative session. In Februardy, after killing a bill that would have toughened sentences, the General Assembly made plans to study the issue during the summer.
“We want to look at it carefully,” said Del. Dana Lee Dembrow, D-Montgomery. “This is a major, long-range initiative.”
However, the prudence that lawmakers are exercising seems to be rare in cyberspace. Experts say that too many Internet users are learning the hard way what it’s like to get valuable or personal information stolen or damaged. For the short-term at least, the number of victims will increase.
Mapstone has developed an analogy to impress the need for computer security on less knowledgeable counterparts.
“You keep files in your cabinet and keep it locked,” she said. “If someone breaks in there, copies the files and puts them back, it’s a crime. Everybody understands that.”
She has a simple message for the Internet newcomer who is not careful: “You will be a victim,” she said. -30-