Home > INBLF Articles and Media > INBLF Articles > Privacy Law > Supreme Court Rules CFAA Does Not Criminalize Every Violation of a Computer-Use Policy

Supreme Court Rules CFAA Does Not Criminalize Every Violation of a Computer-Use Policy

Rothwell Fig logo 1 | International Network of Boutique and Independent Law Firms

Author: Jennifer B. Maisel

Published: June 7, 2021

In Van Buren v. United States, the Supreme Court resolved a circuit split as to whether a provision of the Computer Fraud and Abuse Act (CFAA) applies only to those who obtain information to which their computer access does not extend, or more broadly to also encompass those who misuse access that they otherwise have. By way of background, the CFAA subjects to criminal liability anyone who “intentionally accesses a computer without authorization or exceeds authorized access,” and thereby obtains computer information. 18 U.S.C. 1030(a)(2). The term “exceeds authorized accessed” is defined to mean “to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.”  18 U.S.C. 1030(a)(2).

Click here to view the entire article at Rothwell, Figg, Ernst & Manbeck P.C.

Supreme Court, privacy law, Computer Fraud and Abuse Act