Supreme Court narrows cybercrime law

The Supreme Court limited the scope of a crucial federal computer fraud law Thursday by overturning the conviction of a former police officer accused of misusing a government database.

The justices sided 6-3 with Georgia police sergeant Nathan Van Buren in his appeal of a conviction under the Computer Fraud and Abuse Act (CFAA). Conservative Justices Clarence Thomas, John Roberts and Samuel Alito dissented.

The 1986 law prohibits accessing a computer “without authorization or exceeding authorized access.”

The Justice Department had argued that Van Buren ran afoul of that law when he took a bribe to access a woman’s license plate information in what was a 2015 FBI sting operation.

The former officer had argued that that interpretation was too broad because he did have legitimate access to the database, even if he misused it.

If simply violating the terms of a system is illegal under the CFAA, his team argued, then people could be charged for things as mundane as using work computers for personal use.

The majority opinion, penned by Amy Coney Barrett, echoed that assessment.

“The Government’s interpretation of the ‘exceeds authorized access’ clause would attach criminal penalties to a breathtaking amount of commonplace computer activity,” the opinion reads. “For instance, employers commonly state that computers and electronic devices can be used only for business purposes. On the Government’s reading, an employee who sends a personal e-mail or reads the news using a work computer has violated the CFAA.”