Data Security Law Blog
Categories & Search

Industry: Healthcare Fraud

The Supreme Court Punts on Clarifying the Computer Fraud and Abuse Act

by Derek Borchardt and Michael F. Buchanan on October 16, 2017

The federal Computer Fraud and Abuse Act of 1986 (“CFAA”) has generated controversy and disagreement among courts and commentators regarding the scope of its application.  The statute, 18 U.S.C. § 1030, which provides for both criminal and civil penalties, prohibits accessing a computer or protected computer “without authorization” or in a manner “exceeding authorized access.”  Courts are divided as to the meaning of these phrases, yet the U.S. Supreme Court recently declined the opportunity to resolve the circuit split that has developed, leaving the exact scope of this important statute in question.

Go

Hackers Target the Bottom Line: Business Operations and Earnings

by Derek Borchardt and Craig A. Newman on July 31, 2017

Over the past several years, we have witnessed a fundamental shift in orchestrated cyber-attacks from hacking credit card data and healthcare information to targeting businesses, their operations and bottom lines.

Go

The Computer Fraud and Abuse Act Will Need To Wait Another Day In New York’s Commercial Division

On May 24, 2017

Justice Shirley Kornreich recently issued one of the few New York state court decisions  that address the Computer Fraud and Abuse Act (“CFAA”).  Spec Simple, Inc. v. Designer Pages Online LLC,  No. 651860/2015, 2017 BL 160865 (N.Y. Sup. Ct. May 10, 2017).  The CFAA criminalizes both accessing a computer without authorization and exceeding authorized access and thereby obtaining information from any protected computer.  Id. at *3 (citing 18 U.S.C. § 1030(a)(2)(C)). The CFAA also provides a civil cause of action to any person who suffers damage or loss because of a violation of the CFAA.  Id. at *4 (citing 18 U.S.C. § 1030(g)).  As discussed below, the decision provides a helpful look into the interpretation of CFAA claims in the future.

Go