On May 19, 2022, the U.S. Department of Justice directed prosecutors to not charge security researchers who report cybersecurity vulnerabilities in “good faith” with violations of the federal Computer Fraud and Abuse Act (CFAA). The DOJ’s press release titled Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act…
Tag: CFAA
Scientists warn brain implants can be hacked and used to control people (and you thought I was kidding?)
Back in early 2012, I wrote a blog post about whether hacking a human would violate the federal Computer Fraud and Abuse Act. Shortly after publishing it, I received a call from a guy in Austin who said: “dude, someone finally gets it, I need your help!” … I responded that I was a lawyer,…
What does it mean to “hack back” and is it a good idea?
There is more and more talk about companies hacking back against those who attack them in cyber space and whether allowing them to take such measures is a good idea. Right now, hacking back, or active defense, as it is often called, is illegal under the federal unauthorized access law, the Computer Fraud and Abuse…
Fifth Circuit Upholds CFAA Conviction for Former Employee’s Misuse Causing Damage Based on Circumstantial Evidence
In United States v. Anastasio N. Laoutaris, 2018 WL 614943 (5th Cir. Jan. 29, 2018), the United States Fifth Circuit Court of Appeals affirmed a jury verdict finding Laoutaris guilty of two counts of computer intrusion causing damage, in violation of 18 U.S.C. § 1030(a)(5)(A) and (c)(4)(B)(i) of the Computer Fraud and Abuse Act. Laoutaris…
Hacking Into A Company You Sold Can Get You Jail Time
A federal judge sentenced David Kent to a year and a day in prison and ordered him to pay $3.3 million in restitution and pay a $20,000 fine for accessing the computer network of Rigzone.com, an industry-specific networking website. Kent founded Rigzone.com, sold it for $51 million, and after the sale accessed the company’s network to obtain…
Trying to DDoS the White House Website to Protest Trump’s Inauguration Violates CFAA
There has been a lot of buzz this past week about protesters indicating they plan to protest President-Elect Trump’s inauguration by launching a DDoS attack on the White House website. This plan has received some high-profile publicity by articles in magazines such as Forbes and PC World. I initially learned of this discussion when I…
Top 3 CFAA Takeaways from Facebook v. Power Ventures Case in Ninth Circuit
Here are my top 3 key Computer Fraud and Abuse Act (CFAA) takeaways from the Ninth Circuit Court of Appeals’ Order and Amended Opinion issued on December 9, 2016 in Facebook, Inc. v. Power Ventures, Inc. 1. A violation of the CFAA can occur when someone “has no permission to access a computer or when such permission…
Is Key Claim Missing from Pastor’s Lawsuit Over Wife’s Nude Pics Emailed to Swinger Site?
Should a claim for [YOU GUESS] have been included in this lawsuit? See my thoughts below and share your thoughts. The Allegations Behind the Lawsuit A legal team led by Gloria Allred made news by suing Toyota (and others) on behalf of a Frisco, Texas pastor and his wife, Tim and Claire Gautreaux, alleging that a…
Cybersecurity and #IoT – Hackers Steal Over 100 Cars With a Laptop
We have been talking about hacking cars on this blog since 2011 (see posts) so the idea of thieves stealing a car by hacking their way into its computer system is no big surprise. This is the reality of cybersecurity in the era of the Internet of Things (IoT), and cars are just one more…
Cybersecurity Legal Issues: What you really need to know (slides)
Shawn Tuma delivered the presentation Cybersecurity Legal Issues: What you really need to know at a Cybersecurity Summit sponsored by the Tarleton State University School of Criminology, Criminal Justice, and Strategic Studies’ Institute for Homeland Security, Cybercrime and International Criminal Justice. The presentation was on September 13, 2016 at the George Bush Institue. The following are the slides…
You must be logged in to post a comment.