Van Buren v. United States
A former Georgia police officer who was wrongly convicted under the notoriously vague Computer Fraud and Abuse Act ("CFAA") is asking the Supreme Court to reject a dangerously overbroad interpretation of the law. In Van Buren v. United States, Nathan Van Buren was accused of taking money in exchange for looking up a license plate in a law enforcement database. He was convicted of violating the CFAA because he allegedly used that database for an improper purpose, even though it was a database that he was allowed to access for work purposes. Under this expansive interpretation of the CFAA, it would be a federal crime any time a person violates a website's terms of service. If violating terms of service is a crime, private companies get to decide who goes to prison and for what, putting us all at risk for everyday online behavior.
Mr. Van Buren successfully petitioned the Supreme Court to review his case. EFF filed briefs both encouraging the Court to take the case and urging it to make clear that violating terms of service is not a crime under the CFAA. In an amicus brief filed on behalf of computer security researchers and organizations that employ and support them, we explained that the broad interpretation of the CFAA puts computer security researchers at legal risk for engaging in socially beneficial security testing through standard security research practices, such as accessing publicly available data in a manner beneficial to the public yet prohibited by the owner of the data.
Updates
-
Following an FBI raid of his home last year, the freelance journalist Tim Burke has been arrested and indicted in connection with an investigation into leaks of unaired footage from Fox News. The raid raised questions about whether Burke was being investigated for First Amendment-protected journalistic activities, and...
-
Following an FBI raid of his home last year, the freelance journalist Tim Burke has been arrested and indicted in connection with an investigation into leaks of unaired footage from Fox News. The raid raised questions about whether Burke was being investigated for First Amendment-protected journalistic activities, and...
-
The Computer Fraud and Abuse Act (CFAA), the notoriously vague anti-hacking law, is long overdue for major reform. Among many problems, the CFAA has been used to target security researchers whose work uncovering software vulnerabilities frequently irritates corporations (and U.S. Attorneys). The Department of Justice (DOJ) today announced...
-
The Computer Fraud and Abuse Act (CFAA), the notoriously vague anti-hacking law, is long overdue for major reform. Among many problems, the CFAA has been used to target security researchers whose work uncovering software vulnerabilities frequently irritates corporations (and U.S. Attorneys). The Department of Justice (DOJ) today announced...
-
Reiterating its prior common-sense opinion, the Ninth Circuit Court of Appeals ruled in hiQ v. LinkedIn that the Computer Fraud and Abuse Act likely does not bar scraping data from a public website against the wishes of the website owner. Last year, after the Supreme Court decided its first...
Pages