For those who are unfamiliar with the criminal justice system, it is sometimes assumed that prosecutors have a correct understanding of the laws under which they seek convictions. This isn’t always true, though. Prosecutors can sometimes be mistaken in their interpretation of the law, particularly if the law is ambiguous.
The question of how to properly interpret a federal law dealing with computer-based fraud was recently highlighted in a New York case involving a police officer who used restricted law enforcement databases to access personal information about individuals he is said to have made the subject of violent sexual fantasies in online discussions. The officer had been arrested and charged for violation of the Computer Fraud and Abuse Act, which was the issue in the recent decision.
The Computer Fraud and Abuse Act targets seven types of criminal activity relating to protected computers, which are computers used in or affecting interstate or foreign commerce and computers used by financial institutions and the federal government. Several of the offenses require prosecutors to prove that the defendant accessed a protected computer without authorization to do so, while others require prosecutors to demonstrate that the defendant either was not authorized to access the computer or that he or she “exceeded authorized access.”
The difference between these two terms is that exceeding authorization means accessing a computer with authorization, but doing so in order to obtain or alter information in the computer that the individual is not entitled to obtain or alter. This language has given rise to ambiguities in the way the law is to be interpreted. We’ll take a look at this issue in our next post.
Department of Justice, “Prosecuting Computer Crimes,” Accessed Dec. 19, 2015.
Bna.com, “NYPD ‘Cannibal Cop’ Computer Fraud Conviction Overturned,” Joseph Wright, Dec. 9, 2015.