According to a leaked statement that Richard Downing, the DoJ’s deputy computer crime chief, will reportedly deliver to Congress on Tuesday, the DoJ will argue that the Computer Fraud and Abuse Act (CFAA) — an amendment to the Counterfeit Access Device and Abuse Act generally used to prosecute hacking and other serious cyber-crimes, and which went into effect way back in 1986 — must give prosecutors the ability to charge people “based upon a violation of terms of service or similar contractual agreement with an employer or provider.”
According to Downing, the expansion of this law is necessary for law enforcement to prosecute individuals for identity theft, privacy invasion or the misuse of government databases, among other infractions. Limiting “prosecutions based upon a violation of terms of service… would make it difficult or impossible to deter and address serious insider threats through prosecution,” Downing is expected to say.
Orin S. Kerr, professor of George Washington University Law School, will testify against the Department of Justice, arguing that the DoJ’s interpretation of the CFAA is “extraordinarily broad.”
For example, Kerr explains that Google’s terms of service stipulate that if ““you are not of legal age to form a binding contract with Google,” you are forbidden from using any of its sites or services. Seeing as the legal age of contract in most states is 18, “a 17-year-old who conducts a Google search in the course of researching a term paper has likely violated Google’s Terms of Service. According to the Justice Department’s interpretation of the statute, he or she is a criminal,” writes Kerr. read more …