Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter.
Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 27
27
Thus, the section "outlaws illegal entry, not larceny."303 the CFAA have broader applicability as the Act applies
A person with authorized access to a database does not to "damage caused by unauthorized access or access in
violate the section no matter how malicious or larce- excess of authorization to a computer system...."317 For
nous the intended use of that access.304 example, the statute applies to anyone who "intention-
Communications are in electronic storage within the ally accesses a computer without authorization or ex-
meaning of the SCA even when "the storage is transi- ceeds authorized access, and thereby ob-
tory and lasts for only a few seconds."305 Moreover, in- tains...information from any protected computer if the
formation stored on a server and conveyed from a pri- conduct involved an interstate or foreign communica-
vate Web site to users is subject to the SCA,306 as well as tion...."318 The CFAA is applicable also to anyone who
information held temporarily in random access mem- knowingly and with intent to defraud, accesses a pro-
307
ory. tected computer without authorization, or exceeds author-
In In re Intuit Privacy Litigation,308 the plaintiffs al- ized access, and by means of such conduct furthers the in-
leged that the defendant implanted "cookies" on their tended fraud and obtains anything of value, unless the
computer hard drives when they visited certain Web object of the fraud and the thing obtained consists only of
sites. The court held that for there to be a violation of the use of the computer and the value of such use is not
319
Section 2701, a defendant need not "be a third party to more than $5,000 in any 1-year period...
an electronic communication [that] eventually [is] in The Act is applicable also to anyone, inter alia, who
electronic storage in a facility" or even that there be a "knowingly causes the transmission of a program, in-
communication at all with the defendant.309 All that is formation, code, or command, and as a result of such
required for a violation of the statute is the defendant's conduct, intentionally causes damage without authori-
"act of accessing electronically stored data."310 Although zation, to a protected computer," or who "intentionally
presumably not applicable to transit agencies and real- accesses a protected computer without authorization"
time data, Section 2702(a) of the SCA prohibits volun- and recklessly causes damage or causes damage320 and
tary disclosure of a customer's electronic data by per- by such conduct caused or would have caused "loss to 1
sons or entities providing an electronic communication or more persons during any 1-year period...aggregating
service311 or providing a remote computing service to the at least $5,000 in value...."321
public. Although the term "damage" under the statute
Although the SCA provides for criminal liability, an means "any impairment to the integrity or availability
aggrieved party may bring a civil action for a violation of data, a program, a system, or information,"322 a defen-
of the Act, subject to a 2-year statute of limitations,312 dant's alleged access to and disclosure of trade secrets
and recover actual damages and "any profits made by a may constitute "an impairment [of] the integrity of
313
violation," plus "attorney's fees and other litigation data...or information."323 Moreover, the unauthorized
314
costs." If damages are awarded, the amount is to be access to or disclosure of information may constitute an
315
for no less than $1,000. impairment even though there was no physical change
in or erasure of data.324
B. Computer Fraud and Abuse Act Some courts have found that a license that prohibits
The Computer Fraud and Abuse Act (CFAA),316 a using a Web site or online database for a certain pur-
somewhat complicated statute, appears to be directed pose may subject someone to a Section 1030(a)(2)(c)
primarily at the prevention of unauthorized disclosure claim if the party, nevertheless, accesses information
of data involving the national defense or foreign rela- online and uses it for a purpose for which the party had
tions of the United States. However, other provisions of agreed not to use the information.325 Moreover, it has
been held that a violation of a subscription agreement,
303
such as the unauthorized sharing of a subscriber's con-
Sherman, 94 F. Supp. 2d at 821.
304
Id. 317
305 Charles Schwab & Co., Inc. v. Carter, 2005 U.S. Dist.
Columbia Pictures, Inc. v. Bunnell, 245 F.R.D. 443, 450
LEXIS 5611, at *9 (N.D. Ill. 2005).
(C.D. Cal. 2007) (citation omitted). 318
306 18 U.S.C. § 1030(a)(2)(c) (2009).
Steiger, 318 F.3d at 1047 (citing Konop v. Hawaiian Air- 319
lines, Inc., 302 F.3d 868, 876 (9th Cir. 2002)). Id. § 1030(a)(4) (2009).
320
307
Columbia Pictures, Inc., 245 F.R.D. at 446 (a ruling in- Id. § 1030(a)(5)(i), (ii), and (iii) (2009).
321
volving discovery). Id. § 1030(a)(5)(B) (2009).
308 322
138 F. Supp. 2d 1272 (C.D. Cal. 2001). Id. § 1030(e)(8) (2009).
309 323
Id. at 127576. Shurguard Storage Ctrs., Inc. v. Safeguard Self Storage,
310
Id. at 1276 (footnote omitted). Inc., 119 F. Supp. 2d 1121, 1126 (W.D. Wash. 2000) (holding
311 that the plaintiff's complaint stated a claim and denying de-
Sherman & Co., 94 F. Supp. 2d at 820.
312
fendant's motion to dismiss).
18 U.S.C. § 2707(f) (2009). 324
313
Id.
Id. § 2707(c) (2009). 325
314
See, e.g., EF Cultural Travel BV v. Explorica, Inc., 274
Id. § 2707(b)(3) (2009). F.3d 577 (1st Cir. 2001), and Register.com v. Verio, 356 F.3d
315
Id. § 2707(c) (2009). 393 (2d Cir. 2004) (plaintiff failed to show $5,000 in damage as
316
Id. § 1030 (2009), et seq. required by statute).
