Hastings Communications and Entertainment Law Journal


The Computer Fraud and Abuse Act ("CFAA") has a bad reputation. It is associated with constitutional law challenges and community outrage. It played a role in the tragic suicide of Aaron Swartz, computer programmer, Internet activist and CFAA defendant. It has been decried as a basis for abuse of justice, which is ironic, given its title and focus on punishing abuse. It has been called "the worst law in technology" and "the most outrageous criminal law you've never heard of." It is loathed and feared as a threat to Internet freedom.

A particular concern is that the law could criminalize breaches of terms that most people do not read or take seriously, such as website terms of service and employer handbooks. Under the CFAA, "[w]hoever ... intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains . . . information from any ... computer ... shall be punished" with "a fine ... or imprisonment, or both." Can it be so? Is it a federal crime to violate a website's terms of service? The U.S. federal government's answer to this question is "yes." "No" should be the answer according to scholars, activists, the press, and most people gathered at today's symposium, "The Computer Fraud and Abuse Act: Transformation After Tragedy" at the University of California, Hastings College of the Law. Imposing criminal sanctions for violating terms of service would be a nightmare for Internet freedom and a "nightmare for a country that calls itself free." This speech will take a step back and take another look at freedom, the Internet, computers, and abuse.