The Supreme Court has ruled that a police officer who ran a license plate search on his patrol-car computer in exchange for money was not violating the Computer Fraud and Abuse Act of 1986. The officer did violate his police department’s policy.
The decision overrules a decision by the 11th Circuit of Appeals. Justice Amy Coney Barrett, who joined the Supreme Court last fall, wrote the opinion and was joined by justices Breyer, Sotomayor, Kagan, Gorsuch and Kavanaugh.
Nathan Van Buren was found guilty of a felony violation of the CFAA for conducting the search. Unbeknownst to him, the search he conducted in exchange for money was part of an FBI sting operation.
The CFAA makes it a federal crime to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter."
In the appeal, Van Buren’s attorneys argued the “exceeds authorized access” clause only applies to those who get information that their computer access does not extend to them. Van Buren had access to the information with his police credentials.
The question before the court was whether Van Buren violated the CFAA.
Barrett’s opinion, writing for the majority, stated simply, “He did not.”
“This provision covers those who obtain information from particular areas in the computer—such as files, folders, or databases—to which their computer access does not extend. It does not cover those who, like Van Buren, have improper motives for obtaining information that is otherwise available to them,” Barrett wrote for the court.