If these confirmations are not in place, it could lead to misunderstandings
and, in the extreme case, prosecution under the Computer Fraud and
Abuse Act or other applicable law. In the case of Sawyer v. Department of Air Force, the
court rejected an employee??™s claim that alterations to computer contracts were made to
demonstrate the lack of security safeguards and found the employee liable, since the
statute only required proof of use of a computer system for any unauthorized purpose.
While a company is unlikely to seek to prosecute authorized activity, people who exceed
the scope of such authorization, whether intentionally or accidentally, run the risk of
prosecution under the CFAA and other laws.
References
State Laws www.cybercrimes.net/State/state_index.html
Cornell Law University www4.law.cornell.edu/uscode/18/1030.html
Computer Fraud Working Group www.ussc.gov/publicat/cmptfrd.pdf
Computer World www.computerworld.com/securitytopics/security/cybercrime/story/
0,10801,79854,00.html
18 USC Sections 2510, et. Seq. and 2701
These sections are part of the Electronic Communication Privacy Act (ECPA), which is
intended to protect communications from unauthorized access. The ECPA therefore has a
different focus than the CFAA, which is directed at protecting computers and network systems.
Pages:
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120