Using a fake login to access a website may violate the Computer Fraud and Abuse Act

Posted byShawn E. Tuma 8 Comments on Using a fake login to access a website may violate the Computer Fraud and Abuse Act

BEWARE: if you create a fake login to access and obtain information from a website you could be violating the Computer Fraud and Abuse Act.

This is what was alleged in a lawsuit against AtHomeNet, Inc. in the lawsuit Associateionvoice, Inc. v. AtHomeNet, Inc. Ultimately the parties reached a settlement that led to the entry of a Final Judgment against AtHomeNet, Inc. and included a relatively broad permanent injunction prohibiting it from using any information gained through the improper access to the website. The court filings do not indicate whether there was a financial component to the settlement. To read more about the lawsuit go HERE where you can view a copy of the  Final Judgment.

The lesson here is that you, your company, and your employees should not access websites in violation of their Terms of Service and/or through the use of fake login information. That is a no-no that can get you in trouble under the Computer Fraud and Abuse Act.

Related articles

Published by Shawn E. Tuma

Shawn Tuma is an attorney who is internationally recognized in cybersecurity, computer fraud and data privacy law, areas in which he has practiced for nearly two decades. He is a Partner at Spencer Fane, LLP where he regularly serves as outside cybersecurity and privacy counsel to a wide range of companies from small to midsized businesses to Fortune 100 enterprises. You can reach Shawn by telephone at 972.324.0317 or email him at stuma@spencerfane.com.

Join the Conversation

8 Comments

  1. You would think that if they were found to be wrong that they would have had to pay all the costs. it is unfortunate that they both had to split the costs with each paying their court costs, etc.

    Just my thoughts – but there is a lot of this going on daily on the web, just not getting caught in the act.

    Bob

    Reply

    1. Bob, that is a good point about the costs. In this case the matter was resolved by agreement so this was simply a point of negotiation among the parties. With regards to the Computer Fraud in Abuse Act, however, the result may very well have been the same had this determination been made by the court because the CFAA does not currently have a provision that permits the award of attorneys fees and costs to the prevailing party.

      Concerning all of the improper activities going on daily on the web, Amen to that! My newsfeed is full every day with stories of Internet web related misconduct but one of the biggest problems is that a lot of this activity is taking place in other countries and even when the perpetrators are caught in the act there’s little, if anything, that anyone can really do about it. This is truly the modern-day Wild Wild West!

      Thank you for the insightful comment, I really appreciate it!

      Reply
  2. Pingback: Senate Committee Hearing on Updating the Computer Fraud and Abuse Act « Shawn E. Tuma
  3. Pingback: Improperly Sharing a Website Login Info Could Be a Federal Crime « Shawn E. Tuma
  4. Pingback: AtHomeNet Around The Web – 475th Edition | AtHomeNet
  5. Pingback: Discussion of Problems with Proposed Cybercrime Legislation « Shawn E. Tuma
  6. Pingback: comScore Lawsuit and that Pesky Loss Requirement of the Computer Fraud and Abuse Act « Shawn E. Tuma
  7. Pingback: Senate Judiciary Committee Hearing on Updating the Computer Fraud and Abuse Act « Shawn E. Tuma

Leave a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from Business Cyber Risk

Subscribe now to keep reading and get access to the full archive.

Continue reading