Thursday, July 14, 2016

Legal Decisions

Orin Kerr:

The U.S. Court of Appeals for the 9th Circuit has handed down a very important decision on the Computer Fraud and Abuse Act, Facebook v. Vachani, which I flagged just last week. For those of us worried about broad readings of the Computer Fraud and Abuse Act, the decision is quite troubling. Its reasoning appears to be very broad. If I’m reading it correctly, it says that if you tell people not to visit your website, and they do it anyway knowing you disapprove, they’re committing a federal crime of accessing your computer without authorization.


At this point you may be thinking: Hey, wait, didn’t the en banc 9th Circuit rule in Nosal I that using a computer in violation of its terms of use is not a CFAA violation? If intentionally using a computer in violation of the terms of use is legal authorized access, as the en banc 9th Circuit held in Nosal I, why is intentionally using a computer after receiving a cease-and-desist letter criminal access “without authorization”? In one case, the user goes to the website and sees the terms; in the other, the website owner contacts the user and shows the terms to them. But it’s the same thing, right?

Bruce Schneier:

In a truly terrible ruling, the US 9th Circuit Court ruled that using someone else’s password with their permission but without the permission of the site owner is a federal crime.

Mark Rumold:

In a dangerously flawed decision unsealed today, a federal district court in Virginia ruled that a criminal defendant has no “reasonable expectation of privacy” in his personal computer, located inside his home. According to the court, the federal government does not need a warrant to hack into an individual’s computer.

1 Comment RSS · Twitter

[…] Mark Rumold of the Electronic Frontier Foundation (via Michael Tsai): […]

Leave a Comment