Two senators have drafted a bill that aims to help prosecutors keep foreign hackers and governments from stealing American intellectual property and trade secrets.
On Monday, Sens. Sheldon Whitehouse, D-R.I., and Lindsey Graham, R-S.C., released a “discussion draft” bill (doc) that would amend the Economic Espionage Act, which was enacted in 1996. Among proposed changes are provisions that would help prosecutors hold foreign hackers and nation states allegedly accountable for trade secret theft, as well as companies that are “substantially subsidized” by culpable foreign governments.
“This proposal would ensure that the statute would apply to a hacker whose code passes through American computers, but who is never physically present in the United States,” the draft bill said.
In addition, amendments would include instances when a “private thief,” or someone who operates privately or on their own their behalf, steals intellectual property at the request of a nation-state.
Companies with American operations that are “substantially subsidized” by a foreign government and accused of economic espionage could also face up to $10 million in fines or three times the value of the stolen trade secret. Individuals who violate the law can may face up to 15 years in prison and pay $5 million fines.
Other amendments would allow the owners of stolen trade secrets to keep case filings sealed so that their sensitive data or interests are kept confidential. Furthermore, if the negotiating details or strategies of a company (or its law firm) are stolen, the crime would also be covered under the revised Economic Espionage Act.
Sens. Whitehouse and Graham, who respectively serve as chairman and ranking member of the Senate's Judiciary Committee on Crime and Terrorism, plan to hold a subcommittee hearing this fall where the draft bill will be considered.
In recent months, lawmakers have introduced a number of new bills aimed at curbing the threat of cyber espionage to U.S. businesses. In May, a group of senators called for the creation of a “watch list” of countries believed to be engaged in such acts, which would include blocking certain imports from offenders.
Concerns about intellectual property and trade secret theft have been of particular concern in Washington since security firm Mandiant released a detailed report in February that a Chinese government-backed group stole massive amounts of data from dozens of organizations in the U.S.
In April, Verizon's 2013 "Data Breach Investigations Report" was released, revealing that the majority of state-affiliated campaigns were operating out of China and targeting the manufacturing, professional and transportation industries.