Block on Trump's Asylum Ban Upheld by Supreme Court
Ever use Facebook at work even when you weren't supposed to? You may not have to worry about it -- at least not criminally.
The Ninth Circuit has clarified the application of the Computer Fraud and Abuse Act (CFAA) to individuals who breach company computer policies. Employees who do so with the intent to defraud may be criminally charged. Employees who breach access policies for nonfraudulant, personal reasons do not violate the law.
In other words, Facebooking at work is not a crime.
The court made this important distinction in United States v. Nosal. David Nosal allegedly convinced his ex-colleagues to violate company policy and send him a copy of a digital customer list. Prosecutors charged him under the CFAA, which states that it is illegal when an individual:
"...knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value."
Nosal's attorneys fought the government's definition of "exceeds authorized access." Prosecutors suggested that this occurs when an employee violates an employer's computer access policy. The court agreed, but went on to explain that the law "does not criminalize the mere violation of an employer's use restrictions."
To violate the law, an employee must (1) violate the employer's use restrictions (2) with the intent to defraud (3) and by means of such conduct further the intended fraud and obtain anything of value. The court further made it clear that it has no intention of "mak[ing] criminals out of millions of employees who might use their work computers ... to access their personal email accounts of to check the latest college basketball scores."
This sounds like great news for people who like to check Facebook at work. It is, but there's one additional thing that needs mentioning. You can still be fired for Facebooking at work.