The Supreme Court says it’s not a violation of the Computer Fraud and Abuse Act to use your lawful access to a computer for unlawful purposes.

Supreme Court limits reach of computer crime law

Pete Williams at CNBC:

The case involved a former police sergeant in Georgia who was offered money to look up a driver’s license record. A man said he’d pay around $5,000 for information about the record of a woman he thought might be an undercover officer.

It turned out to be an FBI sting. After the policeman used a patrol car computer terminal to look up the record, he was arrested and charged with violating the 1986 Computer Fraud and Abuse Act. That law makes it illegal ‘to access a computer and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.'”

Mark Rasch, a former Justice Department computer crimes prosecutor, said the police officer could still be charged with other crimes, such as embezzlement or theft.

Interesting case. My first impression is it decriminalizes things that should not be covered by criminal law. As the ruling notes, the broader reading of the law would “attach criminal penalties to a breathtaking amount of commonplace computer activity,” such as using a work computer to send a private e-mail.

“Rasch agreed. ‘The court had a choice between two readings of the statute. One would have made the majority of people who use the Internet into criminals. The other would not. It chose the latter.’

“Justice Clarence Thomas dissented, in an opinion joined by Chief Justice John Roberts and Samuel Alito. They said the majority’s ruling means the law would not apply to a computer technician who has authority to access a celebrity’s computer to fix a defective hard drive and who then copies and leaks pictures stored on the computer.

Shouldn’t offenses like that be covered by more narrowly focused laws?