The Supreme Court issued a 6-3 ruling Thursday determining that improper use of a computer system by someone allowed to use it does not fall under the Computer Fraud and Abuse Act, the nation’s landmark hacking law.
The ruling is a significant step in limiting the bounds of the law, which critics have long blasted as overly broad. It’s the first time the court has ruled on a case involving the decades-old hacking statute.
The case in question involved former Georgia police officer Nathan Van Buren, who was accused of looking up license plate data in a law enforcement database in exchange for bribes. The prosecution argued that Van Buren’s use exceeded “authorized access,” putting him in violation of the Computer Fraud and Abuse Act.
Such an interpretation “would attach criminal penalties to a breathtaking amount of commonplace computer activity,” Justice Amy Coney Barrett, who authored the majority opinion, wrote. “If the ‘exceeds authorized access’ clause criminalizes every violation of a computer-use policy, then millions of otherwise law-abiding citizens are criminals.”
The decision reverses a lower court ruling that had upheld a jury verdict against the officer.
The dissent, issued by Justice Clarence Thomas, argued that the law falls within the logic of physical property violations.
“What is true for land is also true in the computer context; if a company grants permission to an employee to use a computer for a specific purpose, the employee has no authority to use it for other purposes,” he wrote.
The post A Supreme Court ruling limits the reach of a landmark hacking law appeared first on CyberScoop.
– Read More – CyberScoop