How the CFAA, which was originally intended to target criminals for havoc-wreaking computer break-ins and data theft, came to be used to convict people for using someone else's password is a study in prosecutorial overreach and shows how the law has failed to keep up with technology. Congress needs to step up and overhaul this flawed and outdated law. This summer, the U.S. Court of Appeals for the Ninth Circuit issued two confusing rulings in two separate cases that could allow prosecutors to charge users with CFAA violations for seemingly innocuous conduct—specifically, sharing a password.

Monday, October 17, 2016
The Hill