Our colleague Stuart Gerson of Epstein Becker Green has a new post on SCOTUS Today that will be of interest to our readers: “The Supreme Court Limits the Effective Reach of the Computer Fraud and Abuse Act.”
The following is an excerpt:
Those of us who deal regularly with cybersecurity matters have been waiting eagerly for the Supreme Court’s decision in Van Buren v. United States, which raised the question of whether the language of the Computer Fraud and Abuse Act of 1986 (CFAA), 18 U. S. C. §1030(a)(2), which subjects to criminal liability anyone who “intentionally accesses a computer without authorization or exceeds authorized access,” also forbids a person who accesses a computer with authorization “to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.” §1030(e)(6). In an interestingly divided Court, six Justices, in an opinion written by Justice Barrett, have held that an individual “exceeds authorized access” when he accesses a computer with authorization, but then obtains information located in particular areas of the computer—such as files, folders, or databases—that are supposed to be off limits to him.
Click here to read the full post and more on SCOTUS Today.