SUPREME COURT HOLDS NO VIOLATION OF FEDERAL ANTI-HACKING STATUTE WHERE USER WAS AUTHORIZED TO ACCESS COMPUTER BUT USED IT TO ACCESS INFORMATION FOR IMPROPER REASONS

In Van Buren v. U.S., the Supreme Court in a 6-3 decisions handed down today, held that the Computer Fraud and Abuse Act (“CFAA”) didn’t apply where a Cumming, Georgia police sergeant used the department’s computer system to access federal and state crime databases to provide information about a woman his friend had met at a strip club. While the sergeant had authorization to access the computer he did not have authorization to access those databases for non-police purposes.

He was charged with violation of the CFAA. That statute makes it a crime when a person “intentionally accesses a computer without authorization or exceed authorized access, and thereby obtains…information from any protected computer.” A “protected computer” includes any computer “which is used in or affecting interstate or foreign commerce or communication, including a computer located outside the U.S. that is used in a manner that affects interstate or foreign commerce or communication of the United States.”

The provision referring to “intentionally accessing a computer without authorization” was written to cover outside hackers,

The Court’s majority noted that the Act, if read otherwise would encompass everyday violations of terms of service, such as use of a work computer to order personal goods from Amazon, posting on Facebook, or checking last night’s sports scores. The Court held that such practices did not exceed authorized access related to computer structures., i.e., prohibitions against accessing certain files, folders or databases to which access does not extend.

So, if you’re an employer, your rules guiding computer use better be detailed and made explicit in personnel manuals, signage, and employee handbook if you want to keep your employees from using their time to surf the net.

See https://www.supremecourt.gov/opinions/20pdf/19-783_k53l.pdf

About ERIC WACHSPRESS

The material on this website is for informational purposes only. It should not be considered legal advice and is not intended to create an attorney-client relationship. If you have questions regarding any material presented herein, we recommend that you consult an attorney. This web site and information presented herein were designed in accordance with Illinois law. Any content in conflict with the laws or ethical code of attorney conduct of any other jurisdiction is unintentional and void. I am a Chicago attorney practicing in the areas of trademark, copyright and information technology law as well as general corporate law. Formerly a trademark examining attorney with the United States Patent and Trademark Office, I have been in private practice since 1987 representing clients in a wide variety of industries, including the consumer products, financial services, information technology and entertainment industries. You can contact me at markscounsel@gmail.com, by phone at 773.934.5855 or by mail at 417 S. Jefferson St., #304, Chicago, IL 60607 USA
This entry was posted in News. Bookmark the permalink.