§ 7.03 The Computer Abuse Law of 1984

• Jurisdiction: United States
• Publication year: 2020

§ 7.03 The Computer Abuse Law of 1984

Congress has pursued a dual approach to combating computer crime since 1984 by addressing computer crime issues both as traditional crime committed by new methods and as crime that is unique in character and, thus, requires a new legal frame-work.³⁴ Accordingly, Congress has updated existing statutes governing traditional crimes to address similar crimes perpetrated through "high-tech" means³⁵ and in 1984 passed the Counterfeit Access Device and Computer Abuse Law ("1984 Act")³⁶ which for the first time specifically covered crimes where the computer is the direct target of the criminal activity.

While the 1984 Act for the first time covered such activity its reach was extremely limited and did little more than prohibit the unauthorized use or access of a computer in three comparatively narrow categories.³⁷ First, Subsection (a)(1) of the Act made it a felony to access a computer without authorization, or in excess or authorization, for the purpose of obtaining classified foreign relations or U.S. defense information. Criminal liability under this section, however, inured only in those limited instances where the computer in question was accessed with the intent, or reason to believe, that such information would be used to harm the U.S. or to advantage a foreign nation. A violation of the felony provision of the Act carried with it a $10,000 fine, a possible prison sentence of no more than ten years, or, for the most serious first-time offenders, both. Penalties for repeat offenders were increased so that the maximum sentence for recidivists was a $100,000 fine, up to twenty years of imprisonment, or both.

Second, Subsection (a)(2) of the Act made it a misdemeanor knowingly to access the computer of a financial institution or a consumer reporting agency without authorization, or in excess of authorization. Criminal liability was again limited in scope to those instances where a party knowingly accessed these systems in order to obtain information contained in a financial record or in a consumer file.

Third, Subsection (a)(3) of the Act made it a misdemeanor to knowingly access a computer operated for or on behalf of the U.S. without authorization, or in excess of authorization. In keeping with the first two provisions of the Act, however, criminal liability was limited to those instances where a computer was accessed in order to use, modify, destroy, or disclose information in, or prevent authorized use of, a computer operated for or on behalf of the U.S. if such conduct would affect the government's use of the computer. In addition to these three provisions, the 1984 Act made it a violation for anyone to attempt or conspire to commit any of the above-mentioned acts.

Like the felony portion of the Act, the misdemeanor provisions contained limits on the extent of an individual's liability. The maximum penalty for first-time...