The U.S. Supreme Court

deadlinedd/flickr (CC-BY)

Landmark ruling from Supreme Court limits the scope of cybercrime law

The controversial law had long been criticized for being overly-broad.


Mikael Thalen


The U.S. Supreme Court on Thursday limited the scope of a controversial anti-hacking law while overturning a former police officer’s conviction under the the Computer Fraud and Abuse Act (CFAA).

Nathan Van Buren, who was arrested after accepting payment from an FBI informant to search a police database in Georgia, had been charged with exceeding his authorized access to the network in violation of the CFAA.

In a 6-3 ruling, the court stated, however, that the 1986 law does not apply to individuals who improperly use systems that they are authorized to access.

In a statement on the ruling, Justice Amy Coney Barrett instead argued that the law applies only to those who access systems without authorization.

“This provision covers those who obtain information from particular areas in the computer—such as files, folders or databases—to which their computer access does not extend,” Barrett wrote. “It does not cover those who, like Van Buren, have improper motives for obtaining information that is otherwise available to them.”

The ruling has dealt a major blow to the U.S. Department of Justice, who has repeatedly used the law to convict so-called “insider threats” who use their authorized access to computer networks for unapproved matters.

But Barrett further argued that the ruling has curtailed an overly-vague law that could be applied to millions of Americans who engage in activities such as checking sports scores on work devices in violation of corporate policy.

In statements to Gizmodo, the American Civil Liberties Union has heralded the ruling as “an important victory for civil liberties and civil rights enforcement in the digital age.”

“The Supreme Court’s decision will allow researchers and journalists to use common investigative techniques online without fear of CFAA liability,” the ACLU’s Esha Bhandari said. “It clears away a major barrier to online anti-discrimination testing and research, which is necessary to hold powerful companies and platforms accountable.”

Sen. Ron Wyden (D-Ore.), who co-sponsored legislation that would have amended CFAA, also said the Supreme Court’s decision “helps rectify the damage caused” by the law.

“The Supreme Court recognized today that the terribly written CFAA crossed the line by criminalizing everyday activities like using your work computer to read the news or send personal emails,” Wyden said in an emailed statement. “Today’s ruling helps rectify the damage caused by that reactionary law. However, today’s case highlights the pressing need for Congress to pass comprehensive privacy legislation and to protect users against corporate employees who abuse their access to databases of sensitive personal information.”

Read more of the Daily Dot’s tech and politics coverage

Nevada’s GOP secretary of state candidate follows QAnon, neo-Nazi accounts on Gab, Telegram
Court filing in Bored Apes lawsuit revives claims founders built NFT empire on Nazi ideology
EXCLUSIVE: ‘Say hi to the Donald for us’: Florida police briefed armed right-wing group before they went to Jan. 6 protest
Inside the Proud Boys’ ties to ghost gun sales
‘Judas’: Gab users are furious its founder handed over data to the FBI without a subpoena
EXCLUSIVE: Anti-vax dating site that let people advertise ‘mRNA FREE’ semen left all its user data exposed
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
Share this article

*First Published:

The Daily Dot