Supreme Court narrows the scope of a key anti-hacking law
Supreme Court narrows the scope of a key anti-hacking law
You can’t be charged under the CFAA if you’re allowed to access a network.
The Computer Fraud and Abuse Act might not get quite so much use in the future. The Verge says the Supreme Court has limited the scope of the CFAA in a 6-3 ruling. The law doesn’t cover instances when someone is abusing a network they’re allowed to access, according to the decision. They could still face other charges in some situations, but not a violation of the Act.
The ruling came in a case involving former Georgia police officer Nathan Van Buren. He’d been accused of violating the CFAA by taking $5,000 to find a woman’s license plate in a database, but his attorneys maintained that he didn’t violate the law as he had permission to access that database.
Justice Amy Coney Barrett, who delivered the court’s opinion, contended that allowing a broader definition would have serious repercussions. “Millions” of people could face CFAA charges simply for bending or breaking the rules like many do on a daily basis, the Justice said.
The ruling could prevent prosecutors from using the CFAA as a catch-all for computer crime, not to mention clarify just what access someone has. The Electronic Frontier Foundation also called the decision a win for researchers, investigative journalists and others who may need to probe a network for security issues or crucial information. While the EFF argued that the court should have narrowed the Act further to answer questions about needing to break “technological access barrier[s],” it felt the language was enough to offer protection for legitimate uses.
(14)