1984 Comprehensive Crime Control Act (CFA)
Objectives
After a close examination of the journal article “The Unconstitutionality of the Computer Fraud and Abuse Act”, Michael C. Mikulic addressed the following points:
• Overviewed the history of the Computer Fraud and Abuse Act (CFAA)and its objectives.
• Discussed both the broad and narrow interpretations of the law by various circuit courts.
• Analyzed the broad interpretation of the law and identified key aspects of the law that deem the CFAA unconstitutional.
• Proposed a probable solution to the broad interpretation of the law.
Summary
The author traces the CFAA history to the 1984 Comprehensive Crime Control Act (CCCA) which was narrow in scope, with the purpose to address unauthorized access computer crimes. As computers in households …show more content…
increased the CCCA was amended a total of 9 times to address additional computer crimes. With each amendment, the law grew broader and vaguer in order to cast a wider net. The major change in the law took place in 1996 when the scope of federal computers was broadened to include specific computers. Lastly, the 2008 amendment to the law added further ambiguity by including all computers and adding broad vocabulary to the 18 U.S.C § 1030 (a)(2)(C) which furthered CFAA’s reach. The author dissects the entirety of the CFAA to show the specific wording of the law. In particular, the law deals with two major aspects of computer crimes, unauthorized access and denial of access. The author specifically, in his article concentrates on 18 U.S.C. § 1030 (a)(2)(C) which has caused a large divide in various courts. The broad interpretation of the CFAA is when a person uses a computer that is contrary to a contract or agency agreement. For example, using social media site at work when the employee has contractually been denied its use on work time. On the other hand, the narrow interpretation of the law is user access restrictions and authority. For example, a user is authorized to access a particular database and at a later date their authority is revoked; but the user circumvents access restrictions and accesses the database without authority. The author deems the broad interpretation of the law unconstitutional because of vague wording which leaves millions of Americans liable to computer crimes without their knowledge. In order for a person to be punished of a crime they first have to be aware of the crime, which is protected by the Due Process Clause. The ambiguity of the CFAA leads to discriminatory enforcement. Furthermore, the law is unconstitutional because of the nondelegation principle; in which one branch of government cannot allow another individual to exercise a power they can do themselves. Finally, the lack of definition to contract and agency agreements could lead to criminal penalties.
Results
To that end the author concludes:
• The original narrow scope CCCA law and the subsequent amendments have broadened the interpretation of the law
• Standardize the interpretation of the law to be narrow in scope
• The president could enforce the narrow interpretation of the law unless it meets specified criteria.
• The author contends that the broad interpretation of the law is unconstitutional. …show more content…
Critique After reading the article 2 or 3 times in order to get past the legalese, I found that the article is an eye opener.
In particular, that 45% of the court circuits have adopted as broad interpretation of the law while only 36% have adopted a narrow interpretation of the law (Mikulic, 2016). The cautionary tale that the author spelled out in part I of the article was in particular an eye opener. The famous hacker and “internet troll” (Lennard, 2014) Weev (Andrew Auernheimer) was “sentenced to 41 months in federal prison for revealing to media outlets that AT&T had configured its servers to allow the harvesting of iPad owners' unsecured email addresses” (EFF, 2013). Both Weev and co-defendant Daniel Spitler used “a script that [exploited] the security hole to collect roughly 120,000 email addresses” (EFF, 2013). Weev was indicted under the provisions of the CFAA law, in particular the broad interpretation of the law. In which Weev had exploited a security hole that AT&T had failed to secure. I found that the author described a strong case where millions of Americans can be punished under the broad scope of
CFAA. We all have tablets, and a few of us have rooted our tablets; this violates the Terms of Service that forbid owners from rooting the device (Hoffman, 2014). This would be a punishable crime under the CFAA. Although the ESV Bible in Psalm 115:16 indicates “The heavens are the LORD's heavens, but the earth he has given to the children of man”; that the tablet is your property and that it belongs to you, it does not mean that you can make changes that violate the CFAA which is shown in James 2:10 “For whoever keeps the whole law but fails in one point has become accountable for all of it.” I for one agree with the author that the CFAA in its broad terms is dangerous and allows innocent people to be unjustly punished. In another article the author suggested that rewording the CFAA to apply the “obtain theory” (Jakopchek, 2014) This would apply to “unentitled altering and obtaining” (Jakopchek, 2014) to the law while precluding overreach of the law. Personally, I believe the law should be written a plain as simple, if you are not allowed to have access and you do, then you broke the law and if you stole it and sold it for profit you broke the law; Leviticus 19:11 states “You shall not steal; you shall not deal falsely; you shall not lie to one another.”
Questions
1. How can the law be fixed to address modern day computer crimes without the law being too broad or too narrow?
2. Given the sea of laws and how they interconnect, how many other computer crime laws are vague and broad in nature in order to cast a wider net to various crimes?
3. Could the court system adopt a middle of the road law that is neither too broad or too narrow and has more specific language that could be flexible to change in the rapidly changing computer environment?
After a close examination of the journal article “The Unconstitutionality of the Computer Fraud and Abuse Act”, Michael C. Mikulic addressed the following points:
• Overviewed the history of the Computer Fraud and Abuse Act (CFAA)and its objectives.
• Discussed both the broad and narrow interpretations of the law by various circuit courts.
• Analyzed the broad interpretation of the law and identified key aspects of the law that deem the CFAA unconstitutional.
• Proposed a probable solution to the broad interpretation of the law.
Summary
The author traces the CFAA history to the 1984 Comprehensive Crime Control Act (CCCA) which was narrow in scope, with the purpose to address unauthorized access computer crimes. As computers in households …show more content…
increased the CCCA was amended a total of 9 times to address additional computer crimes. With each amendment, the law grew broader and vaguer in order to cast a wider net. The major change in the law took place in 1996 when the scope of federal computers was broadened to include specific computers. Lastly, the 2008 amendment to the law added further ambiguity by including all computers and adding broad vocabulary to the 18 U.S.C § 1030 (a)(2)(C) which furthered CFAA’s reach. The author dissects the entirety of the CFAA to show the specific wording of the law. In particular, the law deals with two major aspects of computer crimes, unauthorized access and denial of access. The author specifically, in his article concentrates on 18 U.S.C. § 1030 (a)(2)(C) which has caused a large divide in various courts. The broad interpretation of the CFAA is when a person uses a computer that is contrary to a contract or agency agreement. For example, using social media site at work when the employee has contractually been denied its use on work time. On the other hand, the narrow interpretation of the law is user access restrictions and authority. For example, a user is authorized to access a particular database and at a later date their authority is revoked; but the user circumvents access restrictions and accesses the database without authority. The author deems the broad interpretation of the law unconstitutional because of vague wording which leaves millions of Americans liable to computer crimes without their knowledge. In order for a person to be punished of a crime they first have to be aware of the crime, which is protected by the Due Process Clause. The ambiguity of the CFAA leads to discriminatory enforcement. Furthermore, the law is unconstitutional because of the nondelegation principle; in which one branch of government cannot allow another individual to exercise a power they can do themselves. Finally, the lack of definition to contract and agency agreements could lead to criminal penalties.
Results
To that end the author concludes:
• The original narrow scope CCCA law and the subsequent amendments have broadened the interpretation of the law
• Standardize the interpretation of the law to be narrow in scope
• The president could enforce the narrow interpretation of the law unless it meets specified criteria.
• The author contends that the broad interpretation of the law is unconstitutional. …show more content…
Critique After reading the article 2 or 3 times in order to get past the legalese, I found that the article is an eye opener.
In particular, that 45% of the court circuits have adopted as broad interpretation of the law while only 36% have adopted a narrow interpretation of the law (Mikulic, 2016). The cautionary tale that the author spelled out in part I of the article was in particular an eye opener. The famous hacker and “internet troll” (Lennard, 2014) Weev (Andrew Auernheimer) was “sentenced to 41 months in federal prison for revealing to media outlets that AT&T had configured its servers to allow the harvesting of iPad owners' unsecured email addresses” (EFF, 2013). Both Weev and co-defendant Daniel Spitler used “a script that [exploited] the security hole to collect roughly 120,000 email addresses” (EFF, 2013). Weev was indicted under the provisions of the CFAA law, in particular the broad interpretation of the law. In which Weev had exploited a security hole that AT&T had failed to secure. I found that the author described a strong case where millions of Americans can be punished under the broad scope of
CFAA. We all have tablets, and a few of us have rooted our tablets; this violates the Terms of Service that forbid owners from rooting the device (Hoffman, 2014). This would be a punishable crime under the CFAA. Although the ESV Bible in Psalm 115:16 indicates “The heavens are the LORD's heavens, but the earth he has given to the children of man”; that the tablet is your property and that it belongs to you, it does not mean that you can make changes that violate the CFAA which is shown in James 2:10 “For whoever keeps the whole law but fails in one point has become accountable for all of it.” I for one agree with the author that the CFAA in its broad terms is dangerous and allows innocent people to be unjustly punished. In another article the author suggested that rewording the CFAA to apply the “obtain theory” (Jakopchek, 2014) This would apply to “unentitled altering and obtaining” (Jakopchek, 2014) to the law while precluding overreach of the law. Personally, I believe the law should be written a plain as simple, if you are not allowed to have access and you do, then you broke the law and if you stole it and sold it for profit you broke the law; Leviticus 19:11 states “You shall not steal; you shall not deal falsely; you shall not lie to one another.”
Questions
1. How can the law be fixed to address modern day computer crimes without the law being too broad or too narrow?
2. Given the sea of laws and how they interconnect, how many other computer crime laws are vague and broad in nature in order to cast a wider net to various crimes?
3. Could the court system adopt a middle of the road law that is neither too broad or too narrow and has more specific language that could be flexible to change in the rapidly changing computer environment?