The Supreme Court has narrowed down the 1986 Computer Fraud and Abuse Act in a 6-3 decision handed down today. The ruling means federal prosecutors can no longer use the law to charge people who misused databases they are otherwise entitled to access.
Quoting the majority ruling. “The Government’s interpretation of the statute would attach criminal penalties to a breathtaking amount of commonplace computer activity. If the ‘exceeds authorized access’ clause criminalizes every violation of a computer-use policy, then millions of otherwise law-abiding citizens are criminals.”
Why do we care?
Laws evolve with specific case law. It seems to me at first glance that access to a system should not imply being able to do anything you want, nor so broad reaching it impacts everything. Seems the Justices agree with me that it can’t be so broad.
Here’s why we care – IT providers need to become versed in the laws regarding the use of systems. Your job isn’t just technical – it’s the implications of the technology and how it’s used. Which laws apply in what cases. Now, the Computer Fraud and Abuse act does not apply for federal prosecutors.