Computer Fraud and Abuse Act (CFAA) [18 U.S.C. § 1030 (c)]
Purpose. The purpose of the CFAA is to prevent unauthorized access to computers and applies to any “protected computer” used in interstate commerce or communication. This broad definition has allowed the CFAA to be applied to any computer connected to the Internet. The CFAA establishes multiple crimes and imposes criminal penalties when a person or entity “intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains information from any protected computer.” 18 U.S.C. § 1030(a)(2)(c). The CFAA prohibits knowingly transmitting “a program, information, code or command” or “intentionally access[ing] a protected computer without authorization” that causes damage to a “protected computer.” 18 U.S.C. § 1030(5)(A)(i). Damage. Some of the CFAA provisions require that “damage” be proven in the form of “impairment to the integrity or availability of data, a program, a system, or information.” 18 U.S.C. § 1030(e). Civil and Criminal Remedies. Punishments range from fines to imprisonment for up to 20 years depending on the nature of the offense. “Any person who suffers damage or loss by reason of a violation of this section may maintain a civil action against the violator to obtain compensatory damages or injunctive relief or other equitable relief.” 18 U.S.C. § 1030(g). Damage must cause a loss aggregating at least $5,000 in value during any one-year period to one or more individuals. 18 U.S.C. § 1030(e). Exceeding Authorized Access. In some cases, under the CFAA, a violation is triggered when one “exceeds authorized access.” This means to “access a computer with authorization and to use such access to obtain or alter information in the computer that the accessor is not entitled so to obtain and to alter.” 18 U.S.C. § 1030(e) (6).
51
Made with FlippingBook - Online Brochure Maker