Did Donald Trump Jr. Admit to Violating the Computer Fraud and Abuse Act?

A law-nerd discussion, posted up at Lawfare.


Over at Lawfare, I have posted a long analysis about whether a recently-disclosed e-mail from Donald J. Trump Jr. indicates that he violated the Computer Fraud and Abuse Act when he logged into a server using a password that Wikileaks had guessed and then provided to him. It begins:

The recently-released Minority report of the House Permanent Select Committee on Intelligence (HPSCI) discloses a copy of an e-mail sent by Donald J. Trump Jr., on September 21, 2016, to a group of top Trump campaign officials. The e-mail is interesting because Trump may have confessed in it to committing a federal crime, specifically 18 U.S.C. § 1030(a)(2). It's just a misdemeanor based on the facts we know. But depending on the circumstances, the violation could also be a felony.

Here are the law-nerd details.

Check out Lawfare for the rest.

NEXT: Libel by WiFi Network Name

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. Interesting analysis. One question: is the claim that, if the government can show that the “access” element is met, it needn’t prove anything more to show that the “obtained information” element is met? Wouldn’t that render the “obtained information” element mere surplusage? I thought that that was a no-no.

  2. The CFAA is breathtakingly broad and we should not be surprised if all humankind eventually falls foul of it. Consider that a “protected computer” includes any computer located anywhere that “affects interstate or foreign commerce or communication of the United States” which arguably sweeps up any computer accessible from the US over the Internet. Consider too that ? 1030(f) exempts authorized acts by US law enforcement but not that of any other country. Now imagine the surprise of the Scotland Yard child pornography squad that the US considers them felons for their diligence in searching UK computers for evidence in UK prosecutions.

    1. Yet another reason why that poorly-drafted piece of [expletive redacted] should be overturned or repealed and Congress told to start over from scratch.

  3. He should have been a little more patient – the site apparently went public shortly thereafter. Archive.org has a copy of the web site from 23Sep16.

  4. “where information obtained by a violation of ? 1030(c)(2)(B)(iii) does not have a readily ascertainable market value, it is reasonable to use the cost of production as a means to determine the value of the information obtained.”

    I don’t think that’s particularly reasonable, nor do I know how one would determine that in the case of information.

  5. I think it clearly violates the statute in question. Even “(iii) the value of the information obtained exceeds $5,000” is a fairly easy case to make since the production costs of the website easily exceeded $5,000, and a political target of the website gaining access surely nullifies a lot of that value.

    At the same time I think he gets off for much the same reason Clinton got off, stuff like this isn’t a very big deal and is pretty common, no reasonable prosecutor would pursue this.

  6. So…. violating the CFAA is a problem if you are Trump Jr. but is not a problem when you are the next progressive hope, Maura Healey?

    Bharani Padmanabhan MD PhD


  7. Looking at the website on the wayback machine, it looks to me as though it was just a collection of widely available allegations, and some editorializing. Worth a chuckle, maybe, but I’m not sure a chuckle gets you over the felony threshold.

  8. Lawfare? The blog where the editor helped Comey leak classified memos in a way that they can claim it wasn’t a leak?

  9. In the words of Former Dir FBI, No reasonable prosecutor would move forward with this case because there is not the requisite intent to commit the crime. If as later described by the Director, he thought “extremely sloppy” handling of classified information did not rise to the level of intent in a gross negligence statute, the actions and admissions set out in this snippet and in the main article are just grasping at straws

    1. Agreed. And it looks like so does Prof .Kerr, hence the ‘law-nerd details’ bit at the end.

      I do like the few worthies making partisan hay out of this molehill. I’m sure there are some on the left if I looked elsewhere.

    2. A prosecutor would have to have lots of time on their hands to bother with this, but I’m surprised you call out lack of intent. Intent seems to be the one attribute it does have, or do you believe Don Jr. typed that password from the e-mail through negligence or accident?

Please to post comments