12 2 STA T .3564PUBLIC LA W 11 0– 326 — S E PT. 26 , 200 8SEC.209 . DIR EC T I V ET OUN ITED ST A TES SENTENCIN G CO M MISSION. (a)DIRECT I V E .—Purs ua nt t oi ts aut h orit y un de rse c tion 9 9 4 ( p ) o f tit l e 28,U nited S tates C ode, and in accordance w ith this section, the United States Sentencin g Co m mission shall re v iew its guide - lines and policy statements applica b le to persons convicted of offenses under sections 10 28, 1028 A ,10 3 0,2 5 11, and 2 7 01 of title 18, United States Code, and any other relevant provisions of law, in order to reflect the intent of Congress that such penalties be increased in comparison to those currently provided by such guide- lines and policy statements. (b) R E QU IRE M E N T S .— I n determining its guidelines and policy statements on the appropriate sentence for the crimes enumerated in subsection (a), the United States Sentencing Commission shall consider the e x tent to which the guidelines and policy statements may or may not account for the following factors in order to create an effective deterrent to computer crime and the theft or misuse of personally identifiable data
(1) T he level of sophistication and planning involved in such offense. (2) W hether such offense was committed for purpose of commercial advantage or private financial benefit. (3) The potential and actual loss resulting from the offense including— (A) the value of information obtained from a protected computer, regardless of whether the owner was deprived of use of the information
and ( B ) where the information obtained constitutes a trade secret or other proprietary information, the cost the victim incurred developing or compiling the information. (4) Whether the defendant acted with intent to cause either physical or property harm in committing the offense. (5) The extent to which the offense violated the privacy rights of individuals. ( 6 ) The effect of the offense upon the operations of an agency of the United States G overnment, or of a State or local government. (7) Whether the offense involved a computer used by the United States Government, a State, or a local government in furtherance of national defense, national security, or the administration of j ustice. (8) Whether the offense was intended to, or had the effect of, significantly interfering with or disrupting a critical infra- structure. (9) Whether the offense was intended to, or had the effect of, creating a threat to public health or safety, causing injury to any person, or causing death. (10) Whether the defendant purposefully involved a juvenile in the commission of the offense. (11) Whether the defendant ’ s intent to cause damage or intent to obtain personal information should be disaggregated and considered separately from the other factors set forth in USSG 2B1.1(b)(14). (12) Whether the term ‘ ‘victim’’ as used in USSG 2B1.1, should include individuals whose privacy was violated as a result of the offense in addition to individuals who suffered monetary harm as a result of the offense. Revi e w.28USC9 9 4not e.
�
