Bill Text: IL SB3440 | 2021-2022 | 102nd General Assembly | Introduced
Bill Title: Amends the Criminal Code of 2012. Provides that a person also commits computer tampering when he or she knowingly and without the authorization of a computer's owner or in excess of the authority granted to him or her intentionally introduces ransomware onto a computer, computer system, or computer network. Provides that a violation is a Class 4 felony for a first offense and a Class 3 felony for a second or subsequent offense. Provides that a person also commits aggravated computer tampering when he or she commits computer tampering (rather than computer tampering by accessing or causing to be accessed a computer or any part thereof, a computer network, or a program or data, and damaging or destroying the computer or altering, deleting, or removing a computer program or data) and he or she knowingly causes disruption of or interference with vital services or operations of a health care provider or creates a probability of death or bodily harm to one or more individuals (rather than creates a strong probability of death or great bodily harm to one or more individuals). Defines "ransomware", "health care provider", and "health care facility".
Spectrum: Partisan Bill (Democrat 1-0)
Status: (Introduced - Dead) 2022-04-30 - Chief Sponsor Changed to Sen. Don Harmon [SB3440 Detail]
Download: Illinois-2021-SB3440-Introduced.html
| |||||||||||||||||||||||||||
| |||||||||||||||||||||||||||
| |||||||||||||||||||||||||||
| |||||||||||||||||||||||||||
| |||||||||||||||||||||||||||
| 1 | AN ACT concerning criminal law.
| ||||||||||||||||||||||||||
| 2 | Be it enacted by the People of the State of Illinois,
| ||||||||||||||||||||||||||
| 3 | represented in the General Assembly:
| ||||||||||||||||||||||||||
| 4 | Section 5. The Criminal Code of 2012 is amended by | ||||||||||||||||||||||||||
| 5 | changing Sections 17-51 and 17-52 as follows:
| ||||||||||||||||||||||||||
| 6 | (720 ILCS 5/17-51) (was 720 ILCS 5/16D-3)
| ||||||||||||||||||||||||||
| 7 | Sec. 17-51. Computer tampering.
| ||||||||||||||||||||||||||
| 8 | (a) A person commits
computer tampering when he or she | ||||||||||||||||||||||||||
| 9 | knowingly and without the authorization of a
computer's owner | ||||||||||||||||||||||||||
| 10 | or in excess of
the authority granted to him or her:
| ||||||||||||||||||||||||||
| 11 | (1) Accesses or causes to be accessed a computer or | ||||||||||||||||||||||||||
| 12 | any part thereof, a computer network, or
a program or | ||||||||||||||||||||||||||
| 13 | data;
| ||||||||||||||||||||||||||
| 14 | (2) Accesses or causes to be accessed a computer or | ||||||||||||||||||||||||||
| 15 | any part thereof, a computer network, or
a program or | ||||||||||||||||||||||||||
| 16 | data, and obtains data or services;
| ||||||||||||||||||||||||||
| 17 | (3) Accesses or causes to be accessed a computer or | ||||||||||||||||||||||||||
| 18 | any
part thereof, a computer network, or a program or | ||||||||||||||||||||||||||
| 19 | data, and damages or destroys the computer or
alters, | ||||||||||||||||||||||||||
| 20 | deletes, or removes a computer program or data;
| ||||||||||||||||||||||||||
| 21 | (4) Inserts or attempts to insert a program into a | ||||||||||||||||||||||||||
| 22 | computer or
computer program knowing or having reason to | ||||||||||||||||||||||||||
| 23 | know that such program contains
information or commands | ||||||||||||||||||||||||||
| |||||||
| |||||||
| 1 | that will or may: | ||||||
| 2 | (A) damage or destroy that computer,
or any other | ||||||
| 3 | computer subsequently accessing or being accessed by | ||||||
| 4 | that
computer; | ||||||
| 5 | (B) alter, delete, or remove a computer program or
| ||||||
| 6 | data from that computer, or any other computer program | ||||||
| 7 | or data in a
computer subsequently accessing or being | ||||||
| 8 | accessed by that computer; or | ||||||
| 9 | (C) cause loss to the users of that computer or the | ||||||
| 10 | users of a
computer which accesses or which is | ||||||
| 11 | accessed by such program; or
| ||||||
| 12 | (5) Falsifies or forges electronic mail transmission | ||||||
| 13 | information or
other
routing information in any manner in | ||||||
| 14 | connection with the transmission of
unsolicited bulk | ||||||
| 15 | electronic mail through or into the computer network of an
| ||||||
| 16 | electronic mail service provider or its subscribers; or .
| ||||||
| 17 | (6) Intentionally introduces ransomware onto a | ||||||
| 18 | computer, computer system, or computer network. | ||||||
| 19 | (a-5) Distributing software to falsify routing | ||||||
| 20 | information. It is unlawful for any person knowingly to sell, | ||||||
| 21 | give, or
otherwise
distribute or possess with the intent to | ||||||
| 22 | sell, give, or distribute software
which:
| ||||||
| 23 | (1) is primarily designed or produced for the purpose | ||||||
| 24 | of facilitating or
enabling the falsification of | ||||||
| 25 | electronic mail transmission information or
other routing | ||||||
| 26 | information; | ||||||
| |||||||
| |||||||
| 1 | (2) has only a limited commercially significant
| ||||||
| 2 | purpose or use other than to facilitate or enable the | ||||||
| 3 | falsification of
electronic
mail transmission information | ||||||
| 4 | or other routing information; or | ||||||
| 5 | (3) is
marketed by that person or another acting in | ||||||
| 6 | concert with that person with
that person's knowledge for | ||||||
| 7 | use in facilitating or enabling the falsification
of
| ||||||
| 8 | electronic mail transmission information or other routing | ||||||
| 9 | information.
| ||||||
| 10 | (a-10) For purposes of subsection (a), accessing a | ||||||
| 11 | computer network is deemed to be with the authorization of a
| ||||||
| 12 | computer's owner if: | ||||||
| 13 | (1) the owner authorizes patrons, customers, or guests | ||||||
| 14 | to access the computer network and the person accessing | ||||||
| 15 | the computer network is an authorized patron, customer, or | ||||||
| 16 | guest and complies with all terms or conditions for use of | ||||||
| 17 | the computer network that are imposed by the owner; | ||||||
| 18 | (2) the owner authorizes the public to access the | ||||||
| 19 | computer network and the person accessing the computer | ||||||
| 20 | network complies with all terms or conditions for use of | ||||||
| 21 | the computer network that are imposed by the owner; or | ||||||
| 22 | (3) the person accesses the computer network in | ||||||
| 23 | compliance with the Revised Uniform Fiduciary Access to | ||||||
| 24 | Digital Assets Act (2015).
| ||||||
| 25 | (b) Sentence.
| ||||||
| 26 | (1) A person who commits computer
tampering as set | ||||||
| |||||||
| |||||||
| 1 | forth in subdivision (a)(1) or (a)(5) or subsection (a-5) | ||||||
| 2 | of this
Section is guilty
of a Class B misdemeanor.
| ||||||
| 3 | (2) A person who commits computer tampering as set | ||||||
| 4 | forth
in subdivision (a)(2) of this Section is guilty of a | ||||||
| 5 | Class A misdemeanor
and a Class 4 felony for the second or | ||||||
| 6 | subsequent offense.
| ||||||
| 7 | (3) A person who commits computer tampering as set | ||||||
| 8 | forth
in subdivision (a)(3), or (a)(4), or (a)(6) of this | ||||||
| 9 | Section is guilty of a Class 4 felony
and a Class 3 felony | ||||||
| 10 | for the second or subsequent offense.
| ||||||
| 11 | (4) If an injury arises from the transmission of | ||||||
| 12 | unsolicited bulk
electronic
mail, the injured person, | ||||||
| 13 | other than an electronic mail service
provider, may also | ||||||
| 14 | recover attorney's fees and costs, and may elect, in lieu | ||||||
| 15 | of
actual damages, to recover the lesser of $10 for each | ||||||
| 16 | unsolicited
bulk electronic mail message transmitted in | ||||||
| 17 | violation of this Section, or
$25,000 per day. The injured | ||||||
| 18 | person shall not have a cause of action
against the | ||||||
| 19 | electronic mail service provider that merely transmits the
| ||||||
| 20 | unsolicited bulk electronic mail over its computer | ||||||
| 21 | network.
| ||||||
| 22 | (5) If an injury arises from the transmission of | ||||||
| 23 | unsolicited bulk
electronic
mail,
an injured electronic | ||||||
| 24 | mail service provider may also recover
attorney's fees and | ||||||
| 25 | costs, and may elect, in lieu of actual damages, to | ||||||
| 26 | recover
the greater of $10 for each unsolicited electronic | ||||||
| |||||||
| |||||||
| 1 | mail
advertisement transmitted in violation of this | ||||||
| 2 | Section, or $25,000 per day.
| ||||||
| 3 | (6) The provisions of this Section shall not be | ||||||
| 4 | construed to limit any
person's
right to pursue any | ||||||
| 5 | additional civil remedy otherwise allowed by law.
| ||||||
| 6 | (c) Whoever suffers loss by reason of a violation of | ||||||
| 7 | subdivision (a)(4)
of this Section may, in a civil action | ||||||
| 8 | against the violator, obtain
appropriate relief. In
a civil | ||||||
| 9 | action under this Section, the court may award to the | ||||||
| 10 | prevailing
party reasonable attorney's fees and other | ||||||
| 11 | litigation expenses.
| ||||||
| 12 | (d) As used in this Section, "ransomware" means a computer | ||||||
| 13 | contaminant or lock that restricts access by an unauthorized | ||||||
| 14 | person to a computer, computer system, or computer network or | ||||||
| 15 | any data in a computer, computer system, or computer network | ||||||
| 16 | under circumstances in which a person demands money, property, | ||||||
| 17 | or a service to remove the computer contaminant or lock, | ||||||
| 18 | restore access to the computer, computer system, computer | ||||||
| 19 | network, or data, or otherwise remediate the impact of the | ||||||
| 20 | computer contaminant or lock. | ||||||
| 21 | (Source: P.A. 99-775, eff. 8-12-16.)
| ||||||
| 22 | (720 ILCS 5/17-52) (was 720 ILCS 5/16D-4)
| ||||||
| 23 | Sec. 17-52. Aggravated computer tampering. | ||||||
| 24 | (a) A person commits
aggravated computer tampering when he | ||||||
| 25 | or she commits computer
tampering as set forth in subsection | ||||||
| |||||||
| |||||||
| 1 | (a) paragraph (a)(3) of Section 17-51 and he or she knowingly:
| ||||||
| 2 | (1) causes disruption of or interference with vital
| ||||||
| 3 | services or operations of
State or local government, or a | ||||||
| 4 | public utility,or a health care provider; or
| ||||||
| 5 | (2) creates a strong probability of death or great | ||||||
| 6 | bodily harm to one or
more individuals.
| ||||||
| 7 | (b) Sentence. | ||||||
| 8 | (1) A person who commits aggravated
computer tampering | ||||||
| 9 | as set forth in paragraph (a)(1) of this Section is
guilty | ||||||
| 10 | of a Class 3 felony.
| ||||||
| 11 | (2) A person who commits aggravated computer tampering | ||||||
| 12 | as
set forth in paragraph (a)(2) of this Section is guilty | ||||||
| 13 | of a Class 2 felony.
| ||||||
| 14 | (c) In this Section: | ||||||
| 15 | "Health care facility" means a type of health care | ||||||
| 16 | provider commonly known by a wide variety of titles, | ||||||
| 17 | including, but not limited to, a hospital, medical center, | ||||||
| 18 | nursing home, rehabilitation center, long term or tertiary | ||||||
| 19 | care facility, physician office, or other facility established | ||||||
| 20 | to administer health care in its ordinary course of business | ||||||
| 21 | or practice. | ||||||
| 22 | "Health care provider" means a person who is licensed, | ||||||
| 23 | certified, or otherwise authorized or permitted by the law of | ||||||
| 24 | this State to administer health care in the ordinary course of | ||||||
| 25 | business or practice of a profession, including, but not | ||||||
| 26 | limited to, a physician, nurse, health care facility, or any | ||||||
| |||||||
| |||||||
| 1 | employee, officer, director, agent, or person under contract | ||||||
| 2 | with such a person. | ||||||
| 3 | (Source: P.A. 96-1551, eff. 7-1-11.)
| ||||||
