Computer crimes are a worldwide threat. Any individual with access to a computer may become victim to a computer crime. In the summer of 2010, the Pentagon alone received over six million hacking and security threats per day, or 250,000 an hour. One of many measures to prevent computer crimes is the Computer Fraud and Abuse Act (CFAA), a federal statute that prohibits the unauthorized access of a computer or computer data, such as when a hacker obtains bank account information from a financial institution’s network. There is currently disagreement among appellate courts as to the scope and application of the CFAA. Some circuits apply the CFAA only to hacking crimes, while others include violations of a webpage’s terms of service or an employer’s computer-use policy.
A violation of an employer’s computer-use policy could be as minor as checking a personal Facebook page or personal bank account while at work. On the other hand, the violation of an employer’s computer-use policy could be more egregious, as in the case of United States v. Nosal. In Nosal, an en banc panel of the Ninth Circuit examined the scope of the CFAA as applied to an employee who used a work computer for personal purposes, addressing the issue of whether a violation of an employer’s computer-use policy can be considered criminal hacking.
United States v. Nosal: Separating Violations of Employers' Computer-Use Policies from Criminal Computer Hacking Invasions, 43 Golden Gate U. L. Rev. 163