DOJ Gives Up On Arguing That Violating Your Employer's Computer Use Policy Is Criminal Hacking
from the about-time dept
Early last year, we wrote about a very troubling CFAA ruling, which effectively found that if you do anything on a work computer that your employer doesn’t like, you’re a criminal for violating the CFAA. Yes, by failing to abide by your employer’s broad “computer use policy” you could be charged with a being a criminal hacker under the CFAA. That’s what happened to David Nosal. He had accessed some information from his employer’s computer system — which he was authorized to access. He wanted to use that info because he was going to a competitor. That’s obviously questionable on the ethics scale, but computer hacking? Hardly. Except that the district court thought it was.
Thankfully, earlier this year the 9th Circuit appeals court reversed the ruling, with Judge Kozinski noting that it makes little sense to interpret a statute in a manner that turns “ordinary citizens into criminals.”
A few weeks ago, the DOJ (who seemed to love these kinds of cases) seemed to realize that perhaps it was silly to keep arguing against Nosal here, and admitted that it wouldn’t ask the Supreme Court to hear the case on appeal, meaning the 9th Circuit ruling stands. While it’s good that the DOJ apparently realized that pursuing this any further was a bad idea, it’s still ridiculous that it went forward with this theory in the first place, and argued it all the way through the initial appeal. Either way, while Kozinski’s ruling is only binding on the 9th Circuit, hopefully other courts will pay attention to the reasoning behind it.