Posts Tagged: "CFAA"

The United States Supreme Court today ruled that a former police sergeant did not flout Section (a)(2) of the Computer Fraud and Abuse Act (CFAA) because that provision “does not cover those who…have improper motives for obtaining information that is otherwise available to them.” The opinion, authored by Justice Amy Coney Barrett, contradicts the U.S. government’s reading of the statute. Three justices dissented from the majority.

In Van Buren v. United States, argued December 1, the Supreme Court has a chance to address how the Computer Fraud and Abuse Act applies when a defendant is authorized to access and obtain information from a computer but subsequently uses this information for a purpose that is not permitted. The outcome of this case is important to every company that has computer data and will provide guidance on how best to protect that data.

We live in a world where data has become an increasingly valuable asset and huge companies are built on the collection and analysis of publicly available data. Yet, there is no federal statute that directly protects this type of information or even directly addresses how this information should be treated. Instead, businesses are often forced to rely on the Computer Fraud and Abuse Act (CFAA) in order to protect this valuable asset or commodity, which originally only provided criminal sanctions and was enacted to address computer hacking. Most recently, the Ninth Circuit in hiQ Labs, Inc. v. Linkedin Corp., 938 F.3d 985 (9th Cir. 2019), addressed under what circumstances a company may legally “scrape” data from another company’s website. There, the court determined on hiQ’s motion for preliminary injunction that “scraping” publicly available information from LinkedIn likely is not a violation of the CFAA because the LinkedIn computers are publicly accessible and hiQ thus did not access the computers “without authorization” as required by the CFAA. Under these circumstances, the court determined that it did not matter that LinkedIn had sent a cease and desist letter to hiQ prohibiting such access. This is a potentially very important decision for companies on both sides of this issue and for the general public, at least in the Ninth Circuit.