A proposal to ban accessing a computer or network without permission is now in the hands of Gov. Nathan Deal.
Supporters of Senate Bill 315 say it's needed to prevent identity theft and other online crimes, while cybersecurity researchers said it would criminalize legitimate efforts to find and fix vulnerabilities. One organization has even called on Deal to veto it.
Georgia lawmakers approved SB 315 on Thursday, the final day of the Georgia General Assembly’s 2018 legislative session.
The state's attorney general, Chris Carr, said the measure would help stop hackers from penetrating computers in hopes of finding information they can later exploit. Georgia is one of three states nationwide that doesn't already prohibit unauthorized computer access.
"This common sense solution will close a window of opportunity for those who wish us harm," Carr said in a statement. "We have a strong interest in making sure Georgia's legal and regulatory environment supports our thriving cybersecurity industry."
The Electronic Frontier Foundation, a San Francisco-based digital civil liberties organization, called on Deal to veto the bill.
“The bill still falls short of ensuring that researchers aren’t targeted by overzealous prosecutors,” wrote Dave Maass, senior investigative researcher for EFF. “Cybersecurity firms — and other tech companies — considering relocations to Georgia will likely think twice about moving to a state that is so hostile and short-sighted when it comes to security research.”
If SB 315 becomes law, unauthorized computer access will be a misdemeanor punishable by up to a year in jail and a $5,000 fine. Georgia laws already prohibit data theft and tampering.
The bill includes exemptions from prosecution for people in the same household, legitimate business activities and terms of service violations.
Never miss a minute of what’s happening in Georgia Politics at PoliticallyGeorgia.com.