Vagueness Challenges to the Computer Fraud and Abuse Act

27 Pages Posted: 23 Dec 2009 Last revised: 27 Feb 2015

Orin S. Kerr

The George Washington University Law School

Date Written: December 22, 2009

Abstract

This Article argues that the void for vagueness doctrine requires courts to adopt narrow interpretations of the Computer Fraud and Abuse Act. On its face, the CFAA has become extraordinarily broad. Recent amendments indicate that Congress has largely abandoned the job of identifying what conduct involving computers should or should not be a federal crime. Congress has broadened the statute so far that the courts must now narrowly construe the statute to save its constitutionality.

This Article demonstrates how courts should narrowly construe the statute under the void for vagueness doctrine by focusing on two recent criminal prosecutions: United States v. Drew, which considered whether Terms of Service violations trigger CFAA liability, and United States v. Nosal, which asked whether it violates the CFAA for employees to access their employers’ computers in ways contrary to their employers’ interests. These two prosecutions show the critical role of vagueness doctrine in interpreting the CFAA, pointing to a future of judicial narrowing of the statute.

Keywords: computer hacking, CFAA, Computer Fraud and Abuse Act

JEL Classification: k14

Suggested Citation

Kerr, Orin S., Vagueness Challenges to the Computer Fraud and Abuse Act (December 22, 2009). 94 Minnesota Law Review 1561 (2010) ; GWU Legal Studies Research Paper No. 482; GWU Law School Public Law Research Paper No. 482. Available at SSRN: https://ssrn.com/abstract=1527187

Orin S. Kerr (Contact Author)

The George Washington University Law School ( email )

2000 H Street, N.W.
Washington, DC 20052
United States
202-994-4775 (Phone)
202-994-9817 (Fax)

HOME PAGE: http://www.law.gwu.edu/orin-s-kerr

Paper statistics

Downloads
1,347
Rank
10,450
Abstract Views
7,611