Amid Calls For Reform, A Rare Computer Crime Case Goes To Trial
Jennifer Granick, director of Civil Liberties at the Stanford Center for Internet and Society, spoke with The Recorder's Vanessa Blum about the lack of consensus in both the public and policy debate regarding the Computer Fraud and Abuse Act and the ambiguities within the current law that make litigation a complicated means of enforcing the law.
He won his case before the U.S. Court of Appeals for the Ninth Circuit and made new law in the process.
But David Nosal's legal odyssey, which started in 2005, isn't done yet.
This coming week, the former executive of Korn/Ferry International will stand trial on charges he broke into the recruiting firm's computerized database and stole information to use in a rival executive search business.
Public opinion is not unified on how to handle such cases and neither are the courts, said Jennifer Granick of the Stanford Center for Internet and Society. Federal appeals courts have adopted conflicting interpretations of what constitutes unauthorized access to a computer and members of Congress are currently debating two proposals to amend the CFAA — one known as "Aaron's Law," after Swartz, would narrow its application, while the other would expand it and increase maximum penalties for many violations to 20 years or more, she said.
"Because the language is vague and the way we've used computers has changed so much, there has been a great amount of litigation and dispute about what unauthorized access means," Granick said. "Some litigants have pushed the idea your access is unauthorized if you're violating an employment contract, or violating terms of a service agreement, or acting in a manner that is disloyal."
That view, rejected by the Ninth Circuit in Nosal, has been embraced by some appeals courts, including the Fifth and Eleventh circuits, Granick noted. "The political debate then is do we want heavy criminal and civil sanctions for violations of terms of service that people don't even read."