Computer Fraud And Abuse Act (CFAA)

1045 Words3 Pages

What Is the Computer Fraud and Abuse Act?
The Computer Fraud and Abuse Act (CFAA),18 U.S.C. § 1030, is a federal “anti-hacking” statute. While it is primarily a criminal law, a 1994 amendment allows civil actions to be brought by private litigants.

Violations can be committed by either an outside intruder who is not authorized to access the protected computer, such as a hacker, or by someone who is authorized to use the computer, but exceeds their authorized access.

The CFAA lists seven types of offences:
• Obtaining national security information
• Obtaining information from a protected computer
• Trespassing in a government computer
• Accessing a protected computer in order to defraud and obtain value
• Damaging a protected computer and/or …show more content…

How the CFAA Has Grown in Scope
The CFAA began as a 1986 amendment to the Counterfeit Access Device and Abuse Act, passed by Congress two years earlier. It was written to supplement existing mail and wire fraud laws, which Congress concluded didn’t adequately cover the emerging class of computer crimes.
At the time the CFAA was passed, computer networks were mostly limited to universities, government and military institutions. The scope of the CFAA was similarly narrow. It mainly served to criminalize unauthorized access to national defense information, if that information was then used to harm the United States, as well as financial institution and consumer reporting records.
Since then, Congress has amended the CFAA five times, greatly expanding its scope and application.
Major Amendments to the CFAA
1994

The 1994 amendments removed the requirement that the offender access the computer “without authorization”. This introduced a whole new class of offenders: individuals who are authorized to use a third-party computer, and use that access to break the …show more content…

2001

The PATRIOT Act further expanded the CFAA, increasing both its penalties and its effectiveness as a prosecution tool. Some of the changes:

• Prosecutors need only prove a general intent to cause damage, rather than a specific intent to cause a predefined type of damage
• Suspected violations of the CFAA were added to the list of felonies for which the FBI can conduct wiretap surveillance
• CFAA protection was expanded to include computers in foreign countries, if those computers affect interstate commerce within the United States
• Maximum prison sentences were increased to ten years for first-time offenders, and 20 years for second-time offenders
2008

The CFAA was amended by the Identity Theft Enforcement and Restitution Act to address the rise in computer crimes. Among the notable changes, the amendment made it a felony to damage ten or more computers.

In civil cases, the amendment eliminated the need for the Plaintiff’s loss to be greater than $5,000. A Plaintiff still must show that they suffered damage or

More about Computer Fraud And Abuse Act (CFAA)

Open Document