Jonathan Mayer 84 Geo. Wash. L. Rev. 1644 Over the past decade, courts have radically reshaped the landscape of federal computer crime law. Through a set of innovative interpretive maneuvers, the judiciary has both greatly clarified and sharply narrowed the scope of Computer Fraud and Abuse Act (“CFAA”) liability. This “narrow” CFAA doctrine is winning... Read More

Michael J. Madison 84 Geo. Wash. L. Rev. 1616 Contests over the meaning and application of the federal Computer Fraud and Abuse Act (“CFAA”) expose long-standing, complex questions about the sources and impacts of the concept of authority in law and culture. Accessing a computer network “without authorization” and by “exceeding authorized access” is forbidden... Read More

Michael L. Levy 84 Geo. Wash. L. Rev. 1591 The problem of what constitutes “unauthorized access” and “access in excess of authorization” to a protected computer under 18 U.S.C. § 1030 is proving to be intractable. At the same time, businesses are experiencing significant losses, as disloyal employees, on their way to new employment, take... Read More

Matthew B. Kugler 84 Geo. Wash. L. Rev. 1568 Unauthorized use of computer systems is at the core of computer trespass statutes, but there is little understanding of where everyday people draw the line between permissible and impermissible computer use. This Article presents a study that measures lay authorization beliefs and punishment preferences for a... Read More

Orin S. Kerr 84 Geo. Wash. L. Rev. 1544 This Article argues that the existing regime for sentencing violations of the Computer Fraud and Abuse Act (“CFAA”) is based on a conceptual error that consistently leads to improper sentencing recommendations. The Federal Sentencing Guidelines treat CFAA violations as economic crimes. Most CFAA crimes are rooted... Read More

William A. Hall, Jr. 84 Geo. Wash. L. Rev. 1523 In United States v. Nosal, the Ninth Circuit held that the government may not prosecute certain cases under the Computer Fraud and Abuse Act (“CFAA”) where a computer was accessed by a user with some right of access (i.e., an insider) for a prohibited purpose.... Read More

James Grimmelmann 84 Geo. Wash. L. Rev. 1500 The federal Computer Fraud and Abuse Act (“CFAA”) makes it a crime to “access[] a computer without authorization or exceed[] authorized access.” Courts and commentators have struggled to explain what types of conduct by a computer user are “without authorization.” But this approach is backwards; authorization is... Read More

Josh Goldfoot & Aditya Bamzai 84 Geo. Wash. L. Rev. 1477 Computer crime statutes prohibit accessing a computer without “authorization.” In recent years, this element has attracted considerable controversy, with some courts expressing concern that “authorization” is so indeterminate that the Computer Fraud and Abuse Act (“CFAA”) is void for vagueness. This Article argues that... Read More

Patricia L. Bellia 84 Geo. Wash. L. Rev. 1442 Thirty years ago, Congress passed the Computer Fraud and Abuse Act (“CFAA”) to combat the emerging problem of computer crime. The statute’s core prohibitions targeted one who “accesses” a computer “without authorization” or who “exceeds authorized access.” Over time, the incremental statutory changes and large-scale technological... Read More