Zachary Schapiro
Computers have become a ubiquitous part of everyday life—used in the office and the home for a wide array of features. Prior to using a computer, people must agree to various software and website terms of use. Additionally, employers typically adopt computer use policies which prohibit use of a company computer for personal matters. Many people, either knowingly or unknowingly, violate these terms and policies. Is violating these policies and agreements criminal? Circuit courts disagree on the answer. In some jurisdictions, simple violations of a website’s terms of use or a company’s computer policies could result in criminal liability under the Computer Fraud and Abuse Act (CFAA) where individuals have limited permission to use a computer or website and they exceed the scope of their permission. In other jurisdictions, courts have interpreted the Act narrowly such that one can only violate it by accessing unauthorized files and information. In 2019, in United States v. Van Buren, the Eleventh Circuit recognized the conflicting interpretations of the CFAA as it upheld a defendant’s conviction under a broad interpretation of the statute. The defendant petitioned for certiorari, and, in April 2020, the Supreme Court granted it to settle this statutory ambiguity. Now that certiorari has been granted, the rule of lenity requires the Court adopt the narrower interpretation of the CFAA so that private parties do not determine criminal behaviors.