Reason.com - Free Minds and Free Markets
Reason logo Reason logo
  • Latest
  • Magazine
    • Current Issue
    • Archives
    • Subscribe
    • Crossword
  • Video
  • Podcasts
    • All Shows
    • The Reason Roundtable
    • The Reason Interview With Nick Gillespie
    • The Soho Forum Debates
    • Just Asking Questions
    • The Best of Reason Magazine
    • Why We Can't Have Nice Things
  • Volokh
  • Newsletters
  • Donate
    • Donate Online
    • Donate Crypto
    • Ways To Give To Reason Foundation
    • Torchbearer Society
    • Planned Giving
  • Subscribe
    • Reason Plus Subscription
    • Print Subscription
    • Gift Subscriptions
    • Subscriber Support

Login Form

Create new account
Forgot password

Policy

Use a Computer, Go to Jail

How a federal law can be used to prosecute almost anyone who visits a website

Jacob Sullum | From the July 2012 issue

Share on FacebookShare on XShare on RedditShare by emailPrint friendly versionCopy page URL
Media Contact & Reprint Requests

If you are reading this column online at work, you may be committing a federal crime. Or so says the Justice Department, which reads the Computer Fraud and Abuse Act (CFAA) broadly enough to encompass personal use of company computers as well as violations of website rules that people routinely ignore.

In April the U.S. Court of Appeals for the 9th Circuit rightly rejected this view of the CFAA, which Chief Judge Alex Kozinski noted could conceivably make a criminal out of "everyone who uses a computer." Unfortunately, other appeals courts have been more receptive to the Justice Department's interpretation, which gives U.S. attorneys the power to prosecute just about anyone who offends or annoys them.

Congress passed the original version of the CFAA in 1984, when the Internet was in its infancy and the World Wide Web did not exist, to protect government computer systems and financial databases from hackers. As a result of amendments and technological developments, George Washington University law professor Orin Kerr explains in a 2010 Minnesota Law Review article, "the law that began as narrow and specific has become breathtakingly broad." 

The 9th Circuit case involved David Nosal, who left the executive search firm Korn/Ferry International in 2004 and allegedly enlisted two former colleagues to feed him proprietary client information with an eye toward starting a competing business. Nosal was charged with conspiracy, mail fraud, trade secret theft, and violating the CFAA, which criminalizes unauthorized computer access in various circumstances.

Although Nosal's confederates were authorized to use Korn/Ferry's database, prosecutors argued that improperly sharing information with him rendered their access unauthorized. As Judge Kozinski noted, "the government's construction of the statute would expand its scope far beyond computer hacking to criminalize any unauthorized use of information obtained from a computer."

The felony Nosal was accused of committing involves unauthorized access "with intent to defraud." But the CFAA also makes someone guilty of a misdemeanor, punishable by up to a year in jail, if he "intentionally accesses a computer without authorization or exceeds authorized access" and "thereby obtains…information."

Based on the government's definition of unauthorized access, Kozinski observed, that provision would apply to "large groups of people who would have little reason to suspect they are committing a federal crime," such as employees who violate company policy by using workplace computers to play games, read blogs, watch YouTube videos, or check sports scores. Even people using their own computers on their own time could be prosecuted for violating "terms of service" they have never read by fibbing about their age or weight on dating sites, posting photos of other people without permission, or sharing content Facebook deems offensive.

Kerr notes that terms of service "are written extremely broadly to give providers a right to cancel accounts and not face any liability." Hence "violating the TOS is the norm," and criminalizing it "would give the government the ability to arrest anyone who regularly uses the Internet."

That danger is not merely theoretical. Remember Lori Drew, the Missouri woman who was widely vilified in 2007 after she played a MySpace prank on a 13-year-old girl who later committed suicide? Although Missouri prosecutors concluded that Drew had broken no laws, Thomas O'Brien, then the U.S. attorney in Los Angeles, took it upon himself to prosecute her for violating the CFAA by disregarding MySpace's TOS.

In 2009 U.S. District Judge George Wu threw out Drew's conviction, ruling that O'Brien's reading of the CFAA would make the law unconstitutionally vague, giving grandstanding prosecutors like him unbridled discretion while leaving their potential targets—pretty much everyone—uncertain about how to comply with the law. As Kozinski put it, "we shouldn't have to live at the mercy of our local prosecutor." 

Senior Editor Jacob Sullum is a nationally syndicated columnist. © Copyright 2012 by Creators Syndicate Inc.

Start your day with Reason. Get a daily brief of the most important stories and trends every weekday morning when you subscribe to Reason Roundup.

This field is for validation purposes and should be left unchanged.

NEXT: No to Nukes

Jacob Sullum is a senior editor at Reason.

PolicyNanny StateScience & TechnologyCivil LibertiesCriminal JusticeTechnologyRegulationInternetCensorshipFree Speech
Share on FacebookShare on XShare on RedditShare by emailPrint friendly versionCopy page URL
Media Contact & Reprint Requests

Show Comments (37)

Latest

The App Store Freedom Act Compromises User Privacy To Punish Big Tech

Jack Nicastro | 5.8.2025 4:57 PM

Is Shiloh Hendrix Really the End of Cancel Culture?

Robby Soave | 5.8.2025 4:10 PM

Good Riddance to Ed Martin, Trump's Failed Pick for U.S. Attorney for D.C.

C.J. Ciaramella | 5.8.2025 3:55 PM

Trump's Tariffs Are Already Raising Car Prices and Hurting Automakers

Joe Lancaster | 5.8.2025 2:35 PM

Trump's Antitrust Enforcer Says 'Big Is Bad'

Jack Nicastro | 5.8.2025 2:19 PM

Recommended

  • About
  • Browse Topics
  • Events
  • Staff
  • Jobs
  • Donate
  • Advertise
  • Subscribe
  • Contact
  • Media
  • Shop
  • Amazon
Reason Facebook@reason on XReason InstagramReason TikTokReason YoutubeApple PodcastsReason on FlipboardReason RSS

© 2024 Reason Foundation | Accessibility | Privacy Policy | Terms Of Use

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

r

Do you care about free minds and free markets? Sign up to get the biggest stories from Reason in your inbox every afternoon.

This field is for validation purposes and should be left unchanged.

This modal will close in 10

Reason Plus

Special Offer!

  • Full digital edition access
  • No ads
  • Commenting privileges

Just $25 per year

Join Today!