William A. Hall, Jr.
84 Geo. Wash. L. Rev. 1523
In United States v. Nosal, the Ninth Circuit held that the government may not prosecute certain cases under the Computer Fraud and Abuse Act (“CFAA”) where a computer was accessed by a user with some right of access (i.e., an insider) for a prohibited purpose. The Nosal court’s interpretation relied on a narrow interpretation of the meaning of the phrase “exceeds authorized access” in 18 U.S.C. § 1030(e)(6), and cited applicable legislative history in support of its holding. Nosal has since been adopted by two sister circuits and numerous federal district courts.
This Article contends that the Ninth Circuit failed to examine the legislative history of several important pieces of related federal computer crime legislation, and ignored an axiomatic principle of statutory interpretation in interpreting committee reports related to the passage of the CFAA. It concludes that the Ninth Circuit’s analysis of applicable legislative history was deficient and that, contrary to Nosal’s conclusion, the legislative history of the CFAA and related statutes make clear that Congress intended to permit prosecutions of insiders who “exceed [their] authorized access” by accessing a computer system for a prohibited purpose.
Read the Full Article Here.