Court Says Sending Too Many Emails To Someone Is Computer Hacking

from the you-can't-be-serious dept

Okay, the courts are just getting out of hand when it comes to the Computer Fraud and Abuse Act (CFAA), which is supposed to be used against cases of malicious hacking. Most people would naturally assume that this meant situations in which someone specifically broke into a protected computing system and either copied stuff or destroyed stuff. And yet, because of terrible drafting, the law is broad and vague and courts are regularly stretching what the CFAA covers in dangerous ways.

The latest example, found via Michael Scott is that the Sixth Circuit appeals court has overturned a district court ruling, and is now saying that a labor union can be sued for violating the CFAA because it asked members to email and call an employer many times, in an effort to protest certain actions. Now some of the volume may have hurt the business, but does it reach the level of hacking? What's really troubling is even just the focus on emails:
The e-mails wreaked more havoc: they overloaded Pulte's system, which limits the number of e-mails in an inbox; and this, in turn, stalled normal business operations because Pulte's employees could not access business-related e-mails or send e-mails to customers and vendors
So... because Pulte's IT folks set up their email boxes such that they could only hold a certain number of emails, suddenly this raises to the level of "hacking"? That seems like a stretch, and you can definitely see how such a rule can and likely will be abused. Especially since the court made some very broad statements, including:
[We] conclude that a transmission that weakens a sound computer system—or, similarly, one that diminishes a plaintiff’s ability to use data or a system—causes damage.
Broad enough for you? I can see this ruling being cited in all sorts of abusive trials now.

Filed Under: cfaa, email, hacking


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    aldestrawk (profile), 9 Aug 2011 @ 7:38pm

    Re: Misleading article . . .I expect better of Techdirt

    The posting in "out-law.com" misunderstood the court's judgement. The court was addressing Pulte's complaint where they claimed both a "transmission" and an "access without authorization" violation in the context of the CFAA. The appeals court agreed with the district court that the access portion of the claim was not valid as LIUNA had a right (i.e. was authorized to) make calls and send emails to Pulte. However, the appeals court reversed the district court's decision and allowed the transmission claim.
    Also, this case is not over. It has been remanded back to the district court.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.