Earlier this month, the 2nd U.S. Circuit Court of Appeals came down with a decision that further underscores the need for clarification of a federal fraud law. The court ended up overturning a conviction against a former New York police officer under the Computer Fraud and Abuse Act based on the officer’s online chat room discussions with an undercover cop.
In those discussions, the officer allegedly plotted to kidnap and kill women known by the officer, including his wife. In a previous appeal, it had been determined that the officer was not actually plotting the death of the women, but only engaging in violent fantasies. Where the Computer Fraud and Abuse Act comes in is that the officer had used law enforcement databases to find information about the women he said he was planning to kidnap and kill.
In the recent appeal, it was determined that the officer could not be convicted under the law because of ambiguities in the Computer Fraud and Abuse Act. The specific language at issue had to do with cases where a defendant “exceeds authorized access” of a protected computer. Under the law, there are several provisions requiring prosecutors to prove that the defendant accessed a computer without authorization, while others require proof of accessing a either “without authorization” or “exceed[ing] authorized access.”
Under the law, exceeding authorizing access means to use one’s authorization to access a computer in order to obtain or alter information in the computer which the individual is not allowed to obtain or alter.
In our next post, we’ll continue looking at the Computer Fraud and Abuse Act and what impact the recent decision may have on its interpretation.
Reuters, “2nd Circuit ‘cannibal cop’ opinion deepens appellate rift on anti-hacking law,” Alison Frankel, Dec. 3, 2015.
Department of Justice, OLE Litigation Series: Prosecuting Computer Crimes, Accessed Dec. 16, 2015.