CFAA: The imperfect criminal law and order of the digital land
Dec 18, 2024•31 min•Season 1Ep. 12
Episode description
Computer Fraud and Abuse Act (CFAA) of 1986 is a controversial US law addressing computer crime – not only seeking to establish behavioral norms online, but also contributing to enforcement misuse/overreach with unintended consequences offline...
- History of CFAA legislation
- US v Matthew Keys (2012)
- US v Derrick Lostutter (2017)
- HiQ Labs v LinkedIn (2019)
- US v Aaron Swartz (2011)
- "Unauthorized access" (web scraping and who owns data?)
- Safe harbor for ethical/white hat security researchers
- Terms of service (ToS) violations
- "Demonstrable harm" (proportionality of crime vs punishment)
- Aaron's Law
- Tradeoffs of CFAA and reform thereof (free speech/privacy/AI/ML/etc)
This podcast is Al-generated with NotebookLM, using the following sources, research, and analysis:
- California Comprehensive Computer Data Access and Fraud Act (Wikipedia, 2024.12.12)
- Computer Fraud and Abuse Act (Wikipedia, 2024.12.12)
- Critical Fixes for the Computer Fraud and Abuse Act (EFF, 2013.01.29)
- Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act (DOJ, 2022.05.19)
- Explanation of effects of Aaron’s Law with EFF proposed amendments to “access without authorization” (EFF public discussion draft, 2013.01.23)
- Is It Time to Rethink the Computer Fraud and Abuse Act? (GovTech, 2023.02.15)
- Justice Manual 9-48.000: Computer Fraud and Abuse Act (DOJ, 2022.05)
- Legal Risks of Adversarial Machine Learning Research (Kumar/Penney/Schneier/Albert, 2020.06.29)
- Rebooting Computer Crime Law Part 1: No Prison Time For Violating Terms of Service (EFF, 2013.02.04)
- Rebooting Computer Crime Law Part 2: Protect Tinkerers, Security Researchers, Innovators, and Privacy Seekers (EFF, 2013.02.04)
- Rebooting Computer Crime Part 3: The Punishment Should Fit the Crime (EFF, 2013.02.08)
- The Case to Update the Computer Fraud and Abuse Act (GW Law, 2021.04.03)
- The Mirage of Artificial Intelligence Terms of Use Restrictions (Henderson/Lemley, 2024.12.10)
- Why the Government Went After Matthew Keys (Vice, 2015.10.09)
Not investment advice; do your own due diligence!
# cybersecurity cybercrime hackers hacktivism felony legal regulation social media networking internet IRL 1A