Category Archives: Computer Fraud and Abuse Act

Neural Privacy is Where It’s At — Brain Scanning Technology is Causing States to Look at Protecting the Privacy of Our Thoughts

UPDATES 2024.03.15 Neuralink is now being used to play chess! https://www.youtube.com/watch?v=LfwzfP8cp3A This morning I read an article about how brain scanning technology is causing Colorado and Minnesota to propose legislation that is aimed at establishing rights and protections for information collected from our thoughts through the neural signals that can be scanned and collected from …

Continue reading “Neural Privacy is Where It’s At — Brain Scanning Technology is Causing States to Look at Protecting the Privacy of Our Thoughts”

Feds Will Not Charge Good Faith Security Research Under the CFAA

On May 19, 2022, the U.S. Department of Justice directed prosecutors to not charge security researchers who report cybersecurity vulnerabilities in “good faith” with violations of the federal Computer Fraud and Abuse Act (CFAA). The DOJ’s press release titled Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act …

Continue reading “Feds Will Not Charge Good Faith Security Research Under the CFAA”

Texas Bar Journal 2019 Cybersecurity & Data Privacy Update

The Texas Bar Journal’s 2019 year-end Cybersecurity & Data Privacy Update was once again provided by Shawn Tuma and addressed the following issues: Texas’ New Data Breach Notification Requirements effective January 1, 2020 Whether website scraping allegations are sufficient to invoke Texas and federal “hacking” laws Whether viewing pictures on another’s cellphone violates Texas “hacking” law Cyber …

Continue reading “Texas Bar Journal 2019 Cybersecurity & Data Privacy Update”

Scientists warn brain implants can be hacked and used to control people (and you thought I was kidding?)

Back in early 2012, I wrote a blog post about whether hacking a human would violate the federal Computer Fraud and Abuse Act. Shortly after publishing it, I received a call from a guy in Austin who said: “dude, someone finally gets it, I need your help!” … I responded that I was a lawyer, …

Continue reading “Scientists warn brain implants can be hacked and used to control people (and you thought I was kidding?)”

Fifth Circuit Upholds CFAA Conviction for Former Employee’s Misuse Causing Damage Based on Circumstantial Evidence

In United States v. Anastasio N. Laoutaris, 2018 WL 614943 (5th Cir. Jan. 29, 2018), the United States Fifth Circuit Court of Appeals affirmed a jury verdict finding Laoutaris guilty of two counts of computer intrusion causing damage, in violation of 18 U.S.C. § 1030(a)(5)(A) and (c)(4)(B)(i) of the Computer Fraud and Abuse Act. Laoutaris …

Continue reading “Fifth Circuit Upholds CFAA Conviction for Former Employee’s Misuse Causing Damage Based on Circumstantial Evidence”

What do we in the United States really want from our cyber laws?

In my newsfeed are articles in prominent publications discussing the problems with the federal Computer Fraud and Abuse Act from very different perspectives. In the “the CFAA is dangerous for security researchers” corner we have White Hat Hackers and the Internet of Bodies, in Law360, discussing how precarious the CFAA (and presumably, the state hacking laws …

Continue reading “What do we in the United States really want from our cyber laws?”

Hacking Into A Company You Sold Can Get You Jail Time

A federal judge sentenced David Kent to a year and a day in prison and ordered him to pay $3.3 million in restitution and pay a $20,000 fine for accessing the computer network of Rigzone.com, an industry-specific networking website. Kent founded Rigzone.com, sold it for $51 million, and after the sale accessed the company’s network to obtain …

Continue reading “Hacking Into A Company You Sold Can Get You Jail Time”

Trying to DDoS the White House Website to Protest Trump’s Inauguration Violates CFAA

There has been a lot of buzz this past week about protesters indicating they plan to protest President-Elect Trump’s inauguration by launching a DDoS attack on the White House website. This plan has received some high-profile publicity by articles in magazines such as Forbes and PC World. I initially learned of this discussion when I …

Continue reading “Trying to DDoS the White House Website to Protest Trump’s Inauguration Violates CFAA”

Feds: Chinese Traders Busted, Trading on Info “Hacked” from Law Firms via Email Compromise

A warning for law firms: Preet Bharara, the U.S. Attorney for the Southern District of New York, said the case should serve as a “wake-up call for law firms around the world.” “You are and will be targets of cyber hacking, because you have information valuable to would-be criminals,” Bharara said in a statement. But …

Continue reading “Feds: Chinese Traders Busted, Trading on Info “Hacked” from Law Firms via Email Compromise”

A Cybersecurity Night Before Christmas

My friend Paul Ferrillo (@PaulFerrillo) shared a cybersecurity version of the Night Before Christmas that I thought was brilliant. Wanting to be sure and properly credit this fine work, I asked Paul about attribution … since we can never be too confident in attribution, after all, yet it is critically important. Paul then confessed that it …

Continue reading “A Cybersecurity Night Before Christmas”