Bill Summary – FastDemocracy

BILL NUMBER: S83
SPONSOR: LIU

TITLE OF BILL:
An act to amend the penal law, in relation to establishing the crime of
larceny by cyber extortion

PURPOSE OR GENERAL IDEA OF BILL:
Relates to establishing the crime of larceny by cyber extortion.

SUMMARY OF PROVISIONS:
Section 1 establishes the crime of larceny by cyber extortion by making
it illegal to implement any type of malicious computer instruction on
another's computer, computer system, or computer network that modifies,
renders inoperable, transmits, records, destroys, or restricts access to
such computer, computer system, or computer network, or any information
or data therein. This section applies to actual, threatened, and falsely
stated implementations of such malicious computer instructions so long
as the perpetrator of the crime attempts to extort money from another
under threat of such malicious computer instructions being on their
computer, computer system, or computer network.

JUSTIFICATION:
In New York, approximately $415 million was paid to perpetrators of
cyber extortion by their victims in 2020 alone. These victims include
not just large corporations with sensitive data at risk of being lost,
but also ordinary persons whose precious photographs and other highly
sensitive personal information are being held hostage and threatened
with public release if payment is not made. Worse still, these are the
incidences of cyber extortions that have been reported; generally, small
cases of cyber extortion and cyber extortion involving people threaten-
ing to divulge sensitive information often go unreported, either to
avoid the inconvenience of making a police report or to prevent having
one's identity broadcast as a victim of cyber extortion. All of these
variables contribute to a situation in which only 15% of all cybercrimes
are reported. This act brings far more certainty for prosecutors seeking
to hold perpetrators of cyber extortion responsible for their crimes.
This bill also includes lies about whether malicious computer
instructions are on one's computer, computer system, or computer
network, and threats of placing such malicious computer instructions on
them. Therefore, bad actors who seek to take advantage of the elderly
and other vulnerable persons will be held accountable for deceiving them
and demanding payment.

PRIOR LEGISLATIVE HISTORY:
05/16/24 REFERRED TO CODES
01/06/23 REFERRED TO CODES
06/03/22 COMMITTED TO RULES

FISCAL IMPLICATIONS FOR STATE AND LOCAL GOVERNMENTS:
To be determined.

EFFECTIVE DATE:
This act shall take effect immediately..
Statutes affected: 
S83: 155.05 penal law, 155.05(2) penal law