Your SlideShare is downloading. ×
0
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

The Latest Developments in Computer Crime Law

2,240

Published on

SOURCE Seattle 2011 - Marcia Hofmann

SOURCE Seattle 2011 - Marcia Hofmann

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
2,240
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
22
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. The Latest Developments in Computer Crime Law SOURCE Seattle June 15, 2011 Marcia Hofmann, EFF
  • 2. what we’ll talk about today✪ The federal hacking law and why it’s problematic.✪ A couple trends that have emerged from recentcases in which courts have interpreted the scope ofthis law.✪ What these trends suggest about the future.
  • 3. BackgroundThe Computer Fraud and Abuse Act 18 U.S.C. § 1030
  • 4. seven basic prohibitions1) espionage2) improperly accessing financial records, government information, or information on a “protected computer”3) trespass to government computers4) improperly accessing someone else’s computer with intent to defraud5) causing damage to someone else’s computer6) password trafficking with intent to defraud7) extortion
  • 5. improper accessThe CFAA prohibits, among other things,“intentionally access[ing] a computer without authorization or in excess of authorization, and thereby obtain[ing] . . . information from any protected computer.”18 U.S.C. § 1030(a)(2)(C).
  • 6. improper access Courts have interpreted “obtaining information” broadly.Basically any computer connected to the internet is a “protected computer.” So the major limiting principle is “authorized.”
  • 7. development 1expansive theories of unauthorized access/exceeding authorized access
  • 8. Some people have argued that authorization ends when an employee violates a duty of loyalty to an employer... International Airport Centers v. Citrin LVRC Holdings v. Brekka
  • 9. Others have gone so far as to argue thatauthorization ends when a person violates a web site’s terms of use. United States v. Drew Facebook v. Power Ventures United States v. Lowson
  • 10. The case law in this area recently took a turn for the worse when an appeals court found that violating an employer’s computer use policies “exceeds authorized access.” United States v. Nosal
  • 11. The future?Lee v. PMSI, Inc. Sony v. Hotz
  • 12. development 2attempts to double-count penalties for unauthorized access
  • 13. A first-time violation of the “unauthorized access” provision is generally a misdemeanor.However, it can be elevated to a felony in certain circumstances, like when the offense is committed in furtherance of another crime or tortious act.
  • 14. United States v. DrewGovernment: felony unauthorized access to a computer in furtherance of intentionally inflicting emotional distress.Jury: no, misdemeanor unauthorized access. Judge: no, violating terms of service is not unauthorized access.
  • 15. United States v. KernellGovernment: felony unauthorized access to a computer in furtherance of unauthorized accessto email and unauthorized access to a computer.
  • 16. United States v. KernellGovernment: felony unauthorized access to a computer in furtherance of unauthorized accessto email and unauthorized access to a computer. Do over!
  • 17. United States v. KernellGovernment: felony unauthorized access to acomputer in furtherance of invasion of privacy and aiding and abetting other unauthorized accesses to a computer.Jury: no, misdemeanor unauthorized access.
  • 18. United States v. CioniGovernment: felony unauthorized access to acomputer in furtherance of unauthorized access to email. Jury: yup, two felonies. (This is a problem.)
  • 19. The CFAA prohibits unauthorized access to and obtaining information from a computer. (Here, email.) The Stored Communications Act prohibitsunauthorized access to an electronic communication service and obtaining stored communications. (Here, email.) It’s the same thing.
  • 20. United States v. CioniGovernment: felony unauthorized access to acomputer in furtherance of unauthorized access to email. Jury: yup, two felonies.Appeals court: no, these are misdemeanors.
  • 21. The future?legislative changes(enhanced penalties?)
  • 22. questions? Marcia HofmannSenior Staff Attorney, EFF marcia@eff.org

×