Jim Lamm discusses two recent cases in which individuals were found in violation of the Computer Fraud and Abuse Act for using computers “without authorization.” He summarizes,

The first case, decided on July 6, 2016, is United States v. Nosal (a/k/a Nosal II because the Ninth Circuit also issued an opinion on April 10, 2012, involving the same situation). The short summary of Nosal II is that sharing a password can be a crime of accessing a protected computer “without authorization” under the Computer Fraud and Abuse Act. For an excellent recap of the facts and analysis of the case, read this July 6, 2016, article by Orin Kerr that appeared in The Washington Post.

The second case, decided on July 12, 2016, is Facebook v. Vachani. The short summary of Vachani is that accessing a Web site after being notified that you are not authorized to access it can be a crime of accessing a protected computer “without authorization” under the Computer Fraud and Abuse Act. For an excellent recap of the facts and analysis of the case, read this July 12, 2016, article by Orin Kerr that appeared in The Washington Post.

With respect to the Vachani case, the court makes a difficult-to-follow distinction as it interprets the Computer Fraud and Abuse Act, and this issue is described in more detail in Orin Kerr’s article. In Nosal I, the Ninth Circuit court decided that the “exceeds authorized access” prong of 18 U.S.C. § 1030(a)(4) “does not extend of violations of [a company’s] use restrictions” (e.g., violating a Terms of Service Agreement is not a crime under the Computer Fraud and Abuse Act). But, in Vachani, the Ninth Circuit court decided that accessing a Web site after receiving a cease-and-desist letter can be a crime of accessing a protected computer “without authorization” under the Computer Fraud and Abuse Act. The court’s distinction appears to depend on the person’s intent—whether the person at issue “might be unaware that they were committing a crime” (e.g., that is not a crime) versus a person who “deliberately circumvented the rescission of authorization” (e.g., that is a crime).

Read the full story here: Two New Cases on Using Computers “Without Authorization” under the Computer Fraud and Abuse Act

Posted by Allison Trupp, Associate Editor, Wealth Strategies Journal