Ronald Mann writes:
The Supreme Court’s decision on Thursday in Van Buren v. United States provides the court’s first serious look at one of the most important criminal statutes involving computer-related crime, the federal Computer Fraud and Abuse Act. Justice Amy Coney Barrett’s opinion for a majority 0f six firmly rejected the broad reading of that statute that the Department of Justice has pressed in recent years.
Among other things, the CFAA criminalizes conduct that “exceeds authorized access” of a computer. Crucially, the statute defines that term as meaning “to access a computer with authorization and to use such access to obtain … information … that the accesser is not entitled so to obtain.” The question in Van Buren was whether users violate that statute by accessing information for improper purposes or instead whether users violate the statute only if they access information they were not entitled to obtain. In this case, for example, a Georgia police officer named Nathan Van Buren took a bribe to run a license-plate check. He was entitled to run license-plate checks, but not for illicit purposes. The lower courts upheld a conviction under the CFAA (because he was not entitled to check license-plate records for private purposes). The Supreme Court disagreed, adopting the narrower reading of the CFAA, under which it is a crime only if users access information they were not entitled to obtain.
Read more on SCOTUSblog.