Supreme Limits The Scope Of Computer Fraud And Abuse Act – Technology

In a long awaited opinion, the Supreme Court recently resolved a
circuit split regarding the proper interpretation of a statute
implicated in many post-employment disputes. Since its enactment,
federal courts of appeal have been divided over the proper
interpretation of the phrase “exceeds authorized access”
under the Computer Fraud and Abuse Act (“CFAA”), a
primarily criminal statute that also includes a civil cause of
action where an individual accesses a protected computer without
authorization or exceeds authorized access. Some courts have held
that the “exceeds authorized access” requirement only
applies where the individual was authorized to access the computer
itself but not the particular files or information that are the
subject of the dispute.Conversely, the
majority of federal appellate courts have interpreted the phrase to
mean that an individual exceeds authorized access where they are
permitted to access the files or information but only for specified
purposes, typically business purposes. For example, many employers
have instituted computer usage policies that limit an
employee’s authorized access to company documents for the
purpose of performing their employment duties. As a result, a
common CFAA fact pattern involves a so-called disloyal employee
exceeding their authorized access by…