On May 19, 2022, the U.S. Department of Justice directed prosecutors to not charge security researchers who report cybersecurity vulnerabilities in “good faith” with violations of the federal Computer Fraud and Abuse Act (CFAA). The DOJ’s press release titled Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act…
Tag: Computer Fraud and Abuse Act
Scientists warn brain implants can be hacked and used to control people (and you thought I was kidding?)
Back in early 2012, I wrote a blog post about whether hacking a human would violate the federal Computer Fraud and Abuse Act. Shortly after publishing it, I received a call from a guy in Austin who said: “dude, someone finally gets it, I need your help!” … I responded that I was a lawyer,…
What does it mean to “hack back” and is it a good idea?
There is more and more talk about companies hacking back against those who attack them in cyber space and whether allowing them to take such measures is a good idea. Right now, hacking back, or active defense, as it is often called, is illegal under the federal unauthorized access law, the Computer Fraud and Abuse…
Fifth Circuit Upholds CFAA Conviction for Former Employee’s Misuse Causing Damage Based on Circumstantial Evidence
In United States v. Anastasio N. Laoutaris, 2018 WL 614943 (5th Cir. Jan. 29, 2018), the United States Fifth Circuit Court of Appeals affirmed a jury verdict finding Laoutaris guilty of two counts of computer intrusion causing damage, in violation of 18 U.S.C. § 1030(a)(5)(A) and (c)(4)(B)(i) of the Computer Fraud and Abuse Act. Laoutaris…
Trying to DDoS the White House Website to Protest Trump’s Inauguration Violates CFAA
There has been a lot of buzz this past week about protesters indicating they plan to protest President-Elect Trump’s inauguration by launching a DDoS attack on the White House website. This plan has received some high-profile publicity by articles in magazines such as Forbes and PC World. I initially learned of this discussion when I…
Top 3 CFAA Takeaways from Facebook v. Power Ventures Case in Ninth Circuit
Here are my top 3 key Computer Fraud and Abuse Act (CFAA) takeaways from the Ninth Circuit Court of Appeals’ Order and Amended Opinion issued on December 9, 2016 in Facebook, Inc. v. Power Ventures, Inc. 1. A violation of the CFAA can occur when someone “has no permission to access a computer or when such permission…
Is Key Claim Missing from Pastor’s Lawsuit Over Wife’s Nude Pics Emailed to Swinger Site?
Should a claim for [YOU GUESS] have been included in this lawsuit? See my thoughts below and share your thoughts. The Allegations Behind the Lawsuit A legal team led by Gloria Allred made news by suing Toyota (and others) on behalf of a Frisco, Texas pastor and his wife, Tim and Claire Gautreaux, alleging that a…
Former Cardinals exec sentenced to prison for hacking Astros
HOUSTON (AP) — A federal judge sentenced the former scouting director of the St. Louis Cardinals to nearly four years in prison Monday for hacking the Houston Astros’ player personnel database and email system in an unusual case of high-tech cheating involving two Major League Baseball clubs. Source: Former Cardinals exec sentenced to prison for…
The CFAA is for Access of a Computer, Not Mere Possession
It often said that the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030, is an access crime — meaning that it is designed to punish the wrongful access of a device. A recent case out of the Northern District of Texas highlights this point.
Cyber Law Update on #DtSR Podcast with Los, Santarcangelo and Tuma
Listen to the Podcast / Join the #DtSR Discussion on Twitter Shawn Tuma was a guest the Down the Security Rabbithole podcast where he and hosts Rafal Los (@Wh1t3Rabbit) and Michael Santarcangelo (@Catalyst) discussed recent events in the world of cyber law.
You must be logged in to post a comment.