The U.S. Supreme Court will decide whether people who misuse their authorized computer access can be held liable under an anti-hacking law.
The high court agreed to hear an Eleventh Circuit ruling on an appeal from a police officer who was charged with violating the Computer Fraud and Abuse Act for looking up a strip club dancer’s license plate number.
The court’s eventual ruling may have broad consequences for how website owners, employers, and prosecutors can pursue criminal and civil computer hacking and fraud cases.
Its ruling could also clarify an appeals court split on interpreting the law. The First, Fifth and Seventh circuits joined the Eleventh Circuit in applying the anti-hack law to people with authorized access to computers. The Second, Fourth and Ninth circuits have adopted a narrower approach of applying the law only to people who hack into a system, or use it without permission.
“For over a decade we’ve had a split, and now the Supreme Court is going to finally resolve this split and give us guidance and clarity with regard to how the statute should apply,” Mark Krotoski, a partner at Morgan Lewis who specializes on cybersecurity issues, said.
The split means an employee who hands an employer’s confidential information to a rival might only be held liable only in some parts of the country, Dawn Mertineit, a partner at Seyfarth Shaw LLP who specializes in computer fraud issues, said.
“Even though this case involved a criminal conviction, it’s very relevant to employers going forward,” Mertineit said.
The U.S. Court of Appeals for the Eleventh Circuit upheld a jury decision that convicted the defendant, Nathan Van Buren, of violating the anti-hacking law.
The FBI had targeted Van Buren, a former police sergeant in Cumming, Ga., in a sting operation after the officer asked a man for a loan. The $6,000 payment to Van Buren and the request for a license plate search were part of the sting.
The case is Van Buren v. United States, U.S., No. 19-783, review granted 4/20/20