Damage is defined as any impairment to the integrity or availability of data in any of four ways:
- The damage causes loss aggregating at least $5,000 in value during any 1-year period to one or more individuals
- The damage modifies or impairs, or potentially modifies or impairs, medical diagnosis, treatment, or care of one or more individuals
- The damage causes physical injury to a person
- The damage threatens public health or safety
Three grades of damage to computer systems are defined. In increasing degree of severity, these are:
- Reckless damage
- Intentional damage
Damage is distinguished by criminal intent. Mere damage involves all forms of injury to data or equipment that were not intended yet still occurred. Reckless damage involves negligence, the result of the criminal’s carelessness. The third category, intentional damage, involves knowingly transmitting “a program, information, code, or command” that leads to damage. Examples of intentional damage include maliciously deleting files on a computer or releasing a computer virus or worm.
Convictions on any of the offenses can lead to fines, imprisonment, or both, with the prison sentences scaling upwards depending upon intent. Damage carries a penalty of one year of imprisonment. Reckless damage carries a penalty of up to five years imprisonment. Intentional damage is a felony and carries a penalty of up to five years.