Call Today for a free Consultation
262-923-8761 24 Hour Emergency Contact

Supreme Court declines cases defining computer system hacking

Under the 1986 Computer Fraud and Abuse Act, it's a criminal act to intentionally access a computer or computer system without authorization. The law also allows victims of unauthorized access to sue for damages. In the modern world of the internet and social media, the definition of "unauthorized" has become contentious, however.

The CFAA does not specifically define who has the power to authorize access, so courts have had to do their best to determine what Congress meant when it passed the law, or similar laws.

In two cases, the 9th Circuit Court of Appeals ruled that only the owner of a computer or system can legally grant access. It seems that the appellate court has determined that third parties to the system, such as customers or employees, do not have that authority.

The appellants, along with the Electronic Frontier Foundation and other rights groups, say that definition is too limited for criminal law. They argue that clearly non-criminal behavior such as sharing your Facebook password with your spouse is made criminal under the 9th Circuit's definition.

The first case involved a Cayman Islands-based company called Power Ventures, Inc., which was providing its users with the ability to access their Facebook accounts through its own online portal. Facebook sued for damages, but the company denied accessing anything without authorization. It had obtained each user's consent before providing the access, along with consent to access whatever data they had stored in their Facebook accounts. Facebook said Power Ventures was accessing data from other users as well, however, making its data collection insecure.

In the second case, an executive recruiter was found to have accessed a confidential database owned by his former employer. He was assisted by two other former employees who obtained the login of a third employee who was still at the company. A jury found him guilty of violating the CFAA.

The two 9th Circuit cases had been consolidated in a bid for a hearing before the U.S. Supreme Court, but the high court has declined the cases. That leaves the 9th Circuit definition in place for the foreseeable future -- and that means both criminal and civil liability for the appellants.

It may also mean that access to a computer or system by virtually anyone but the account holder and the owner is unauthorized if the owner prohibits password sharing, as most do. As the appellants and rights groups pointed out, this could have major implications for spouses, small companies and others who feel that password sharing is useful or important.

The high court's inaction leaves a dangerously narrow rule in place, making it possible for seemingly innocent behavior to be interpreted as criminal.

No Comments

Leave a comment
Comment Information
Choosing the Right Lawyer Buting for the Defense In The News

Our Office

Brookfield Office
400 N. Executive Drive
Suite 205
Brookfield, WI 53005

Phone: 262-923-8761
Phone: 262-821-0999
Fax: 262-821-5599
Map & Directions

Glendale Office
6165 North Green Bay Avenue
Glendale, WI 53209

Map & Directions

How Can
We Help You?

Free
Consultation

Bold labels are required.

Contact Information
disclaimer.

The use of the Internet or this form for communication with the firm or any individual member of the firm does not establish an attorney-client relationship. Confidential or time-sensitive information should not be sent through this form.

close

Privacy Policy

Email Us For A Response
Back To Top payment