Congressman Blake Moore announced he is co-leading the introduction of a bipartisan, bicameral bill to improve the federal government’s understanding, measurement, and tracking of cybercrime.
“This Better Cybercrime Metrics Act is a critical first step in helping both government and private industry better understand and address the growing challenge of cybercrime and attacks to our cybersecurity. Aggression we see from cyber criminals and adversaries requires a new era of reporting and collaboration between private and public industry,” said Congressman Moore. “I am proud to join my friends, Rep. Abigail Spanberger (D-VA), Rep. Sheila Jackson Lee (D-TX), and Rep. Andrew Garbarino (R-NY), in pursuing commonsense cybersecurity policy that equips our law enforcement and cyber warriors to better understand the scope of the cybercrime challenge. America’s public safety and cyber superiority is on the line, and now is the time to act.”
The federal government currently lacks an effective system to measure cybercrime. In 2018, a nonpartisan study from Gallup found that nearly one in four U.S. households were a victim of cybercrime — making it the most common crime in America. However, the large majority of these crimes are not properly reported or tracked — and in many cases, these incidents are not measured at all. By some estimates, the Federal Bureau of Investigation (FBI) only collects about one in 90 of all cybercrime incidents in its Internet Crime Complaint Center (IC3) database.
The bipartisan Better Cybercrime Metrics Act would improve how the federal government tracks, measures, analyzes, and prosecutes cybercrime. By starting the process of building an effective system to delineate and track cybercrime incidents, this legislation would allow U.S. law enforcement agencies to better identify cyberthreats, prevent attacks, and prosecute perpetrators.
Companion legislation is led in the U.S. Senate by U.S. Senator Brian Schatz (D-HI). Additional U.S. Senate cosponsors on the legislation are Thom Tillis (R-NC), John Cornyn (R-TX), and Richard Blumenthal (D-CT).
“Cybercrime is increasingly putting American families, businesses, and government agencies at serious risk. But for too long, our government has been woefully unprepared for the next generation of cyberattacks. Complacency with respect to our cybercrime classification system could jeopardize public safety, our ability to compete in the global economy, and even our national security,” said Congresswoman Spanberger. “Our nation’s crime classification system is out-of-date — and the Better Cybercrime Metrics Act takes commonsense steps to improve our cybercrime metrics, anticipate future trends, and make sure law enforcement agencies have the tools and resources they need. I am proud to lead the introduction of this bipartisan, bicameral legislation — because this bill would help prevent more Americans from becoming targets and victims online.”
“Cybercrime is rampant, but despite the rising number of attacks affecting Americans, we do not have a clear picture of the full scope of the problem,” said Congressman Garbarino. “I am proud to join Congressman Moore in introducing this bipartisan legislation to help improve tracking and reporting as it relates to cybercrime. We need to utilize every tool at our disposal, especially those offered by CISA and the rest of the Federal government, to fight back against what is one of the greatest threats of our time.”
“Acts of identity theft, fraud, espionage, and other types of victimization perpetrated online cause extensive harm to individuals, businesses, and government agencies. In order to do more to counter cyber threats, we need better data concerning the incidence of these types of crimes,” said Congresswoman Jackson Lee. “That is why I am pleased to join my colleagues in introducing the Better Cybercrime Metrics Act, a bill to require the reporting of information to assist us in preventing further victimization, which is an important focus of my Subcommittee on Crime, Terrorism, and Homeland Security.”
Specifically, the Better Cybercrime Metrics Act would improve federal cybercrime metrics by:
- Requiring the Government Accountability Office to report on the effectiveness of current cybercrime mechanisms and highlight disparities in reporting data between cybercrime data and other types of crime data,
- Requiring that the National Crime Victimization Survey incorporate questions related to cybercrime in its survey instrument,
- Requiring the U.S. Department of Justice to contract with the National Academy of Sciences to develop a taxonomy for cybercrime that can be used by law enforcement, and
- Ensuring that the National Incident Based Reporting System — or any successor system — include cybercrime reports from federal, state, and local officials.
The Uniform Crime Reporting Act of 1988 requires all federal law enforcement agencies to report crime data through the FBI. However, federal agencies like the FBI and Secret Service — which often have jurisdiction over crimes within the broader definition of cybercrime — are not consistently reporting these numbers into the federal systems. State and local law enforcement reporting on cybercrime is also limited and inconsistently reported to federal agencies.
This lack of detailed, consistent systems for collecting and categorizing data on cybercrime is an impediment to understanding the scope of the problem — thus impairing law enforcement’s ability to protect against cybercrime.