Editing Computer Fraud and Abuse Act (section)

===Civil cases===
* ''Theofel v. Farey Jones'', 2003 U.S. App. Lexis 17963, decided August 28, 2003 (U.S. Court of Appeals for the Ninth Circuit), holding that the use of a civil subpoena which is "patently unlawful," "in bad faith," or "at least gross negligence" to gain access to stored email is a breach of both the CFAA and the [[Stored Communications Act]].<ref>{{cite web|url=http://cyberlaw.stanford.edu/packets001500.shtml |title=Ninth Circuit Court of Appeals: Stored Communications Act and Computer Fraud and Abuse Act Provide Cause of Action for Plaintiff |website = Center for Internet and Society |publisher= Stanford University |access-date=|date =September 22, 2003|first =  Lauren |last =Gelman }}</ref>
* ''[[International Airport Centers, L.L.C. v. Citrin]]'', 2006, {{uscsub|18|1030|a|5|A|i}}, in which the [[United States Court of Appeals for the Seventh Circuit|Seventh Circuit Court of Appeals]] ruled that Jacob Citrin had violated the CFAA when he [[Data erasure|deleted files]] from his company computer before he quit, in order to conceal alleged bad behavior while he was an employee.<ref>[http://openjurist.org/440/f3d/418/international-airport-centers-llc-v-citrin US v Jacob Citrin], openjurist.org</ref>
* ''[[LVRC Holdings v. Brekka]]'', 2009 1030(a)(2), 1030(a)(4), in which LVRC sued Brekka for allegedly taking information about clients and using it to start his own competing business. The Ninth Circuit ruled that an employee accesses a company computer to gather information for his own purposes does not violate the CFAA merely because that personal use was adverse to the interests of the employer.<ref>[https://www.wired.com/images_blogs/threatlevel/2009/09/brekka.pdf ''U.S. v Brekka''] 2009</ref><ref>[https://www.wired.com/threatlevel/2009/09/disloyalcomputing/ Kravets, David, ''Court: Disloyal Computing Is Not Illegal''], ''Wired'', September 18, 2009.</ref>
* ''[[Craigslist v. 3Taps]]'', 2012. 3Taps was accused by [[Craigslist]] of breaching CFAA by circumventing an [[IP address blocking|IP block]] in order to access Craigslist's website and [[Web scraping|scrape]] its classified ads without consent. In August 2013, US federal judge found 3Taps's actions violated CFAA and that it faces civil damages for "unauthorized access". Judge [[Charles R. Breyer|Breyer]] wrote in his decision that "the average person does not use "[[anonymous proxies]]" to bypass an IP block set up to enforce a banning communicated via personally-addressed [[cease-and-desist letter]]".<ref>{{cite magazine|url=https://www.wired.com/threatlevel/2013/08/ip-cloaking-cfaa/ |magazine=Wired |first=David |last=Kravets |title=IP Cloaking Violates Computer Fraud and Abuse Act, Judge Rules |date=August 20, 2013}}</ref><ref>[http://www.dmlp.org/threats/craigslist-v-3taps Craigslist v. 3taps |Digital Media Law Project<!-- Bot generated title -->]</ref> He also noted "Congress apparently knew how to restrict the reach of the CFAA to only certain kinds of information, and it appreciated the public v. nonpublic distinction—but [the relevant section] contains no such restrictions or modifiers."<ref>[http://www.law360.com/articles/465944 3Taps Can't Shake Unauthorized Craigslist Access Claims – Law360<!-- Bot generated title -->]</ref>
* ''[[Lee v. PMSI, Inc.]]'', 2011. PMSI, Inc. sued former employee Lee for violating the CFAA by browsing Facebook and checking personal email in violation of the company's [[acceptable use policy]]. The court found that breaching an employer's acceptable use policy was not "unauthorized access" under the act and, therefore, did not violate the CFAA.
* ''[[Sony Computer Entertainment America v. George Hotz]]'' and ''Hotz v. SCEA'', 2011. SCEA sued "Geohot" and others for [[Privilege escalation|jailbreaking]] the PlayStation 3 system. The lawsuit alleged, among other things, that Hotz violated {{uscsub|18|1030|a|2|c}} ([by] taking info from any [[protected computer]]). Hotz denied liability and contested the Court's exercise of personal jurisdiction over him.<ref>[http://www.groklaw.net/staticpages/index.php?page=SonyHotz#c167a_02 See the links to the original lawsuit documents which are indexed here]</ref> The parties settled out of court. The settlement caused Geohot to be unable to legally [[Hack (computer security)|hack]] the [[PlayStation 3]] system furthermore.
* ''[[Pulte Homes, Inc. v. Laborers' International Union]]'' 2011. [[Pulte Homes]] brought a CFAA suit against the [[Laborers' International Union of North America]] (LIUNA). After Pulte fired an employee represented by the [[labor union|union]], LIUNA urged members to [[Telephone call|call]] and send [[email]] to the company, expressing their opinions. As a result of the increased traffic, the company's [[Email server|email system]] [[Crash (computing)|crashed]].<ref>[http://www.techdirt.com/articles/20110809/03492415447/court-says-sending-too-many-emails-to-someone-is-computer-hacking.shtml techdirt.com] 2011 8 9, Mike Masnick, "Sending Too Many Emails to Someone Is Computer Hacking"</ref><ref>[http://www.employerlawreport.com/2011/08/articles/labor-relations/sixth-circuit-decision-in-pulte-homes-leaves-employers-with-few-options-in-response-to-union-high-tech-tactics/#axzz2JEeJ24GX Hall, Brian, ''Sixth Circuit Decision in Pulte Homes Leaves Employers With Few Options In Response To Union High Tech Tactics'', Employer Law Report, 3 August 2011.] Retrieved 27 January 2013.</ref> The [[Sixth Circuit]] ruled that the LIUNA's instruction to call and email "intentionally caused damage," reversing the lower court's decision.<ref>https://www.employerlawreport.com/files/2013/09/Pulte-Homes.pdf {{Bare URL PDF|date=August 2024}}</ref>
*''Facebook v. Power Ventures and Vachani'', 2016. The Ninth Circuit Court of Appeals ruled that the CFAA was violated when Facebook's servers were accessed despite an IP block and [[cease and desist]] order.<ref>{{Cite web|url=https://arstechnica.com/tech-policy/2016/07/startup-that-we-all-forgot-gets-small-win-against-facebook-on-appeal/|title=Startup that we all forgot gets small win against Facebook on appeal|last=Farivar|first=Cyrus|date=2016-07-12|website=Ars Technica|language=en-us|access-date=2020-03-31}}</ref>
*[[HiQ Labs v. LinkedIn]], 2019. The Ninth Circuit Court of Appeals ruled that [[Web scraping|scraping]] a public website without the approval of the website's owner is not a violation of the CFAA.<ref>{{Cite web|url=https://arstechnica.com/tech-policy/2019/09/web-scraping-doesnt-violate-anti-hacking-law-appeals-court-rules/|title=Web scraping doesn't violate anti-hacking law, appeals court rules|last=Lee|first=Timothy B.|date=2019-09-09|website=Ars Technica|language=en-us|access-date=2020-03-31}}</ref> LinkedIn petitioned for the Supreme Court to review the decision and the court remanded the case based on its [[Van Buren v. United States]] decision. The Ninth Circuit ultimately affirmed its original decision.
*''Sandvig v. Barr'', 2020. The [[United States District Court for the District of Columbia|Federal District Court of D.C.]] ruled that the CFAA does not criminalize the violation of a website's terms of service.<ref>{{Cite web|url=https://arstechnica.com/tech-policy/2020/03/court-violating-a-sites-terms-of-service-isnt-criminal-hacking/|title=Court: Violating a site's terms of service isn't criminal hacking|last=Lee|first=Timothy B.|date=2020-03-30|website=Ars Technica|language=en-us|access-date=2020-03-31}}</ref>