Congress has enacted a series of statutes that criminalize unauthorized access to electronic data. The Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030, for example, prohibits intentionally obtaining information from a “protected computer” (i.e., any computer used in or affecting interstate commerce or communication—that is, virtually any computer) “without authorization” or in a way that “exceeds authorized access.” The CFAA provides for both criminal enforcement by the U.S. Attorney and a private cause of action by any aggrieved party (including, for example, employers who believe current or former employees may have accessed an employer’s computers improperly for the purpose of aiding a competitor or new employer). ORS 164.373 prohibits similar conduct under Oregon law.
Another similar statute is the Stored Communications Act (“SCA”), which prohibits unauthorized access to non-public electronic communications that were transmitted by an electronic communication system and are in electronic storage. The SCA was created to prohibit the providers of the electronic communications service from divulging the contents of such stored communications to anyone other than the intended recipient. Like the CFAA, the SCA provides for both criminal and civil penalties.
The attorneys at Kauffman Kilberg LLC have represented individuals charged with computer fraud under both state and federal law.