The Computer Fraud and Abuse Act is a US federal law that prohibits unauthorized access to secure computers. It protects certain types of computers, including those used by financial institutions and in interstate commerce. The law has been subject to legal disputes over the definition of “unauthorized” use. It also protects against using a protected computer to commit fraud or illegally obtain anything of value. The law is constantly evolving as technology advances. Penalties for violations can include up to 20 years in prison and fines.
The Computer Fraud and Abuse Act is a United States federal law that prohibits unauthorized access to or use of secure computers. Created by Congress in 1986 in response to the growing popularity of computers, the law has undergone many changes since its inception. Penalties for violations are quite severe, with up to 20 years in prison possible for some violations.
The scope of the Computer Fraud and Abuse Act is limited to certain types of computers that the government deems worthy of protection. In the initial act, protection was limited primarily to computers intended for government use. Later provisions broadened this definition to include computers used by financial institutions and computer systems both within the United States and abroad used in interstate commerce and communications.
Courts have long argued over the vagueness the law displays in defining “unauthorized” or “authorized” use of a computer. Several important legal issues have been raised by this dispute, including the expiration of a former employee’s authorization to use a computer system. While case law has varied, it is generally believed that the authorization expires when the employee starts working for a rival firm and then could use information gleaned through a former employer’s computer system to help one of his or her competitors. In one significant case, LVRC Holdings LLC v. Brekka, the 9th Circuit Court of Appeals dismissed some previous rulings for insisting that clearance cannot be revoked while an employee continues to work for the company, even if they use the data obtained to assist a competitive business .
In addition to protecting information, such as national security data or trade secrets, the Computer Fraud and Abuse Act also protects against using a protected computer to commit fraud or illegally obtain anything of value. This may include altering or deleting records or using information obtained to commit fraud. Penalties for this type of violation can include up to five years in prison, fines and seizure of goods or items obtained through fraudulent activities.
The provisions of the Computer Fraud and Abuse Act remain in constant flux, thanks to the ever-changing atmosphere of the computer world. When they were conceived in the 1980s, governments were just starting to use computers in day-to-day activities and the private sector had just begun to glimpse the capacity of computing innovation. As the rules and boundaries around privacy and protected information continue to change, it is likely that the law will continue to see regular additions and changes in the future.
Protect your devices with Threat Protection by NordVPN