Supreme Court Limits Scope of Controversial Hacking Law

2021-06-04 14:15

The United States Supreme Court has ruled that a police officer who received money for obtaining data from a law-enforcement database for an associate did not violate a controversial federal hacking law, marking a victory for the ethical hacking community by limiting the law's scope.

In a landmark ruling in Van Buren v. United States, the court ruled that former Georgia police sergeant Nathan Van Buren did not violate the Computer Fraud and Abuse Act of 1986 when he accessed a police database to retrieve information about a license plate in exchange for $6,000 in cash.

Judges ruled in a 6-3 decision-which now limits the scope of the CFAA-that because Van Buren used his own credentials to access the information, he did not violate the law, "Which subjects to criminal liability anyone who 'intentionally accesses a computer without authorization or exceeds authorized access,'" according to the ruling.

The court pointed to a number of structural issues with the law which go against the federal case for contending that Van Buren violated the CFAA. One of the keys to the decision is the phrase "Exceeds authorized access," which would suggest Van Buren overstepped his authority as a police officer in accessing the database that held the information that was exchanged, according to the ruling.

Eventually, it reached the Supreme Court and its aforementioned ruling in favor of Van Buren.

The Supreme Court did uphold the previous judgment that Van Buren's actions violated his department's policy, however.

News URL

https://threatpost.com/court-limits-scope-hacking-law/166672/

#hacking #supremecourt