State toughens Internet accessibility, penalties

By Harvey Jacobs

Maryland business-owners can feel a little more confident about the security of their e-mail transmissions and e-commerce transactions under tougher new laws.

Effective Oct. 1, it will be a misdemeanor in Maryland to access or attempt to access without authorization any computer, computer network, computer software, computer database, computer service, computer system, or computer-control language. For purposes of this statute, Maryland has defined each of these cyber components. The law prohibits unauthorized access, or access that exceeds a person's authorized access, to a computer or network to alter, damage or destroy computer data. It will also be illegal to possess, identify, distribute or publicize computer-access codes to any unauthorized person.

Penalties for violating the law (HB 925) include fines of up to $5,000 and/or prison sentences of up to five years. The statute of limitations for prosecuting the misdemeanors will be extended to three years after the offense was committed.

While the mere passage of this legislation will not eliminate computer-based crimes, it does give law enforcement a potent weapon to combat this growing problem. Another effect of this legislation will be that businesses that may have questioned the security of online commerce may now realize that doing business online can be done more securely. When this comfort level increases, the amount of business that is conducted online is likely to increase tremendously.

Keep it clean

Although the Internet may appear to be the ultimate free-speech tool, there are limits to what one can communicate in cyberspace.

Sending lewd, lascivious, harassing or obscene material via e-mail is - effective Oct. 1 - a misdemeanor in Maryland and will subject violators to a maximum fine of $500 and/or up to one year in jail (HB 140).

Objectionable e-mail usage could subject the sender to being sued for defamation, commercial disparagement and other civil claims. Businesses that have installed e-mail access for their employees may wish to adopt e-mail usage policies conforming to the new law's provisions to protect them against potential aiding and abetting liability.

Because there have been no prosecutions under this law yet, there have been no direct legal challenges to its constitutionality. However, similar provisions in the Telecommunications Act of 1996 were struck down as unconstitutionally restricting free speech. Regardless of the constitutionality, businesses e-mailers are advised to heed the warning of this provision.

E-limination of paperwork on the horizon

Maryland has established a pilot project that is likely to be the first step to allow private-sector businesses to conduct e-commerce with the state.

Known as Digital Signature, the project will allow some state agencies to use digital signatures to authenticate communications within or between specified state agencies. The specified agencies include: secretary of state, archives, general services, and budget and management.

The state defines a digital signature as an electronic identifier created by a computer that has the same force and effect as a manual signature, is capable of verification and would become invalidated if the data related to it is altered.

The state agencies held their first meeting in July to assess their digital requirements. When regulations are drafted, they will be published in the Maryland Register for public comment. The secretary of state is scheduled to provide the governor with an interim report on this project no later than Jan. 1 and a final report by October 1999. Other states that have adopted internal digital signature systems have later "opened" those systems to enable members of the public to use digital signature authentication for filing paperwork and for conducting other business with the state.

For more information, contact the secretary of state's office, which has been charged with adopting regulations (House Bill 523) Nikki Trella at (410) 974-5534, Ext. 7.