Schatz Legislation To Help Fight Cybercrime Passes U.S. House, Set To Be Law

WASHINGTON – The U.S. House of Representatives today passed the Better Cybercrime Metrics Act, legislation authored by U.S. Senator Brian Schatz (D-Hawai‘i) that would help fight cybercrime and help keep people safe from online scams. The bipartisan bill, which will improve data collection on cybercrimes and give law enforcement and policy makers more tools to combat cybercrime in the United States, previously passed the Senate in December and is expected to be signed into law by the president.

“To protect people and fight online crimes, including scams and hacks like those we saw in Honolulu against our public transit and water systems, we need to understand how often, when, and where they’re happening,” said Senator Schatz. “Our bipartisan bill will give us the data we need to go after criminals and support victims of cybercrime, and I look forward to seeing it signed into law.”

Each year, hundreds of thousands of Americans are targets of cybercrime incidents that cost billions of dollars. Whether done through online scams and fraud, corporate data breaches, or ransomware attacks, the cost of cybercrime has been increasing annually, from $3.5 billion in 2019 to $4.2 billion in 2020, and impacts an estimated 300,000 to 700,000 victims each year. Last December, cyberattacks against Honolulu’s TheBus and Handi-Van’s public transit systems and the Board of Water Supply left passengers without rides and employees with their personal data exposed. Recent data from the FBI estimates that cybercrimes cost Hawai‘i residents more than $17 million last year.

Unfortunately, these numbers are likely low, as there are no comprehensive metrics on the scale and impact of cybercrime in the United States, or on law enforcement efforts against them. Only 10 to 12 percent of all estimated cybercrime victims report cybercrime incidents in the United States, while other estimates have put that number much higher.

The Better Cybercrime Metrics Act will give law enforcement a clearer picture of online crimes in the United States by requiring the FBI to integrate cybercrime incidents into its current reporting streams to better understand all the types of crime that Americans face. As cybercriminals continue to target vulnerable populations, this data will help lawmakers make an informed case for policy changes to curtail the cybercrime wave, keep Americans safe, and bring these criminals to justice.

The Better Cybercrime Metrics Act will:

• Require the FBI to report metrics on cybercrime and cyber-enabled crime categories, just as they do for other types of property crime;
• Encourage local and federal law enforcement agencies to report incidents of cybercrime in their jurisdictions to the FBI;
• Authorize a study at the National Academies of Science to create a taxonomy for cybercrime incidents in consultation with federal, state, local, and tribal stakeholders, criminologists, and business leaders that would inform the FBI’s reporting of cybercrime and cyber-enabled crime; and;
• Require the Bureau of Justice Statistics at the Department of Justice and the Census Bureau to include questions related to cybercrime and cyber-enabled crime as part of its annual National Crime Victimization Survey.

The legislation is supported by the National White Collar Crime Center (NWC3), former U.S. Attorney and Los Angeles Police Commissioner Eileen M. Decker, the Cybercrime Support Network (CSN), Major Cities Chiefs Association (MCCA), National Association of Police Organizations (NAPO), National Fraternal Order of Police (FOP), and the Major County Sheriffs of America.

The full text of the bill is available here.

###