Is the Computer Fraud and Abuse Act Ripe for Reform?

A recent ruling raises questions regarding the Computer Fraud and Abuse Act (CFAA) and whether it needs to be reformed. The particular case, United States v. Nosal, upheld some of the charges against a man who used another individual’s password to access his former employer’s client database.

For Reason’s Scott Shackford, the United States v. Nosal ruling highlights why the CFAA needs reform.

Recent media attention towards the fact that the CFAA makes it a federal crime to access a computer system without authorization is a good thing. However, according to Shackford, the CFAA’s exact wording, which criminalizes any “unauthorized access” to a computer system or database as fraud, has been in place since 1986.

Furthermore, the CFAA’s original purpose was to criminalize hacking into an account, not the voluntary exchange of a password to another person.

This overly broad interpretation of the law has prompted the ACLU to file a law suit against provisions in the statute that could be used to punish journalists and researchers trying to conduct normal and acceptable investigation techniques.

Concerns surrounding broad use of the CFAA, to prosecute individuals, like those Shackford highlights, relate to the growing issue of overcriminalization in the United States.

More Blog Posts

04-05-2018 08:04pm

Second Chances for Prisoners Help All of Us

Read more

03-20-2018 09:03am

Iraq at 15

According to a new poll conducted by the Charles Koch Institute and Real Clear, Americans do not think that the Iraq War has made the United States safer, nor do they think the Middle East is more stable.

Read more

02-13-2018 09:02am

Julie Warren Profile

After working at the U.S. Department of Justice, and as a criminal appellate lawyer for the West Virginia Attorney General’s Office, Julie Warren is devoted to improving the system for everyone—from parolees to police.

Read more

Sign up for updates

Sign up to receive weekly updates in news and events.