Legal Decisions
The U.S. Court of Appeals for the 9th Circuit has handed down a very important decision on the Computer Fraud and Abuse Act, Facebook v. Vachani, which I flagged just last week. For those of us worried about broad readings of the Computer Fraud and Abuse Act, the decision is quite troubling. Its reasoning appears to be very broad. If I’m reading it correctly, it says that if you tell people not to visit your website, and they do it anyway knowing you disapprove, they’re committing a federal crime of accessing your computer without authorization.
[…]
At this point you may be thinking: Hey, wait, didn’t the en banc 9th Circuit rule in Nosal I that using a computer in violation of its terms of use is not a CFAA violation? If intentionally using a computer in violation of the terms of use is legal authorized access, as the en banc 9th Circuit held in Nosal I, why is intentionally using a computer after receiving a cease-and-desist letter criminal access “without authorization”? In one case, the user goes to the website and sees the terms; in the other, the website owner contacts the user and shows the terms to them. But it’s the same thing, right?
In a truly terrible ruling, the US 9th Circuit Court ruled that using someone else’s password with their permission but without the permission of the site owner is a federal crime.
In a dangerously flawed decision unsealed today, a federal district court in Virginia ruled that a criminal defendant has no “reasonable expectation of privacy” in his personal computer, located inside his home. According to the court, the federal government does not need a warrant to hack into an individual’s computer.
