Justice Department Looks to Sharpen Computer Crime Law

Stung by recent court decisions that have gone against them, Justice Department lawyers are making a fresh push to clarify a computer trespass law that critics malign as overly broad.
Justice Department Looks to Sharpen Computer Crime Law
A computer screen is filled with code as Dan Vera writes a program that he hopes will allow people living in Cuba to bypass the Cuban government sensorship of the internet during the Hackathon for Cuba event on February 1, 2014 in Miami, Florida. Joe Raedle/Getty Images
|Updated:

WASHINGTON — Stung by recent court decisions that have gone against them, Justice Department lawyers are making a fresh push to clarify a computer trespass law that critics malign as overly broad.

The 1986 law, known as the Computer Fraud and Abuse Act, was intended to punish hackers who breach someone else’s computer network and steal information from it.

But federal prosecutors have struggled at times in applying it to people who have permission to access a computer — a police department database, for instance, or a corporate network — but abuse that right by using for purposes that have not been authorized.

The concerns attracted attention this year after President Barack Obama suggested changes to the Computer Fraud and Abuse Act as part of a broader proposal. The Justice Department has appealed to Congress, which is expected to take up other cybersecurity measures in coming weeks.

“These are really hard issues of what should the law cover and what should it not cover,” said George Washington University law professor Orin Kerr. “It’s totally understandable that we’re having this discussion and not sure what the answer should be, because this is a new kind of technological problem.”

Critics, including judges, have long expressed concern that people could be prosecuted under the anti-fraud law for computer use that while technically unauthorized is nonetheless benign. An appeals court raised the prospect that checking sports scores at work could theoretically lead to prosecution, though the Justice Department says it’s never had any interest in going after that kind of behavior.

Justice Department lawyers have sought to allay those fears by proposing to narrow the circumstances for prosecution, such as in instances when someone knowingly exceeds authorized access or when the computer access targets a government database or was part of another felony like blackmailing a colleague.

“What we need is a law that makes clear that if you exceed authorized access for nefarious purposes ... that that’s a violation of the law,” said Assistant Attorney General Leslie Caldwell.