Legal Definitions - Federal Computer Fraud and Abuse Act

The Federal Computer Fraud and Abuse Act (FCFAA) is a United States federal law that makes it illegal to gain unauthorized access to a computer and, as a result, cause damage to that computer system or its data. This law applies to situations where someone intentionally accesses a computer without permission and then harms its information, programs, or overall functionality, either by corrupting them or making them unavailable.

Here are some examples illustrating the FCFAA:

• Example 1: Disgruntled Employee Data Sabotage

  A software engineer, upon learning they are being fired, logs into their company's server using their valid credentials but then proceeds to intentionally delete critical project files and corrupt the database for an upcoming product launch. Although they initially had authorized access, their actions of deleting and corrupting data went beyond their authorized scope and caused significant harm to the company's information and systems. This act of unauthorized damage to the company's computer system and data would likely fall under the FCFAA.

• Example 2: Website Denial-of-Service Attack

  A hacker uses a network of compromised computers to launch a massive "denial-of-service" attack against a popular e-commerce website. The attack floods the website's servers with so much traffic that legitimate customers cannot access the site, effectively shutting down its online sales for several hours. The hacker gained unauthorized access to the website's servers by overwhelming them, and this action impaired the availability of the website's system and information, causing financial damage to the business. This scenario demonstrates a violation of the FCFAA due to unauthorized access leading to impaired system availability.

• Example 3: Corporate Espionage and System Backdoor

  An individual working for a rival company manages to hack into a competitor's research and development network, stealing confidential blueprints for a new product. While inside the system, they also install a "backdoor" program that allows them to maintain future access without detection, potentially compromising the integrity and security of the competitor's network for an extended period. This act involves unauthorized access to a computer system, the theft of sensitive information, and the installation of software that compromises the system's integrity and security, all of which are covered by the FCFAA.