In a 6-3 ruling, the US Supreme Court decided to narrow the scope of the Computer Fraud and Abuse Act, which is a.
At issue was a former police officer who allegedly received payments in return for searching for a license plate in a police database. The Supreme Court ruling overturns his conviction. Under CFAA, it would be illegal to “access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.”
In an opinion out Thursday, delivered by Justice Amy Coney Barrett, the court found while the provision applies to those who “obtain information from particular areas in the computer—such as files, folders, or databases—to which their computer access does not extend,” the provision doesn’t cover someone who might have “improper motives” for retrieving information they already have access to.
When the case was argued, one of the concerns cited was that the law as it stood could make a variety everyday actions technically illegal, like using a work Zoom account to make a personal call or sharing a Netflix password, as those could be interpreted as “exceeding authorized access.”
Justices Clarence Thomas, John Roberts and Samuel Alito dissented, arguing the police officer exceed his authorized access when he used the database “under circumstances that were expressly forbidden.”