Computer Abuse

What Is Computer Abuse?

Computer abuse is the legal term for the use of a computer to carry out improper or illegal activities, but which do not constitute financial crimes that would be classified as wire fraud.

Examples of computer abuse include using a computer to expose personally identifiable information (PII) such as Social Security numbers, using a computer to change the content of a website owned by someone else, intentionally infecting one computer with a virus or worm that will spread to other computers, using a computer to illegally share copyrighted items, or using one computer to gain unauthorized access to another. Other examples of computer abuse include cyberbullying and using a work computer for personal tasks on company time.

Understanding Computer Abuse

Computer abuse arises from the use a computer to harm somebody else in some way. People who commit computer abuse may be violating company policies, university policies, or federal law. Responding to computer abuse involves identifying the offending computer(s) and then trying to identify the individual abuser(s).

Some definitions of computer abuse consider computer crime to be a type of computer abuse. Other definitions consider the two to be completely distinct, calling computer abuse something dishonest or unethical and computer crime something illegal. These opinions are irrelevant; however, when it comes to the federal law governing computer abuse: The Computer Fraud and Abuse Act of 1984 (CFAA).

The Computer Fraud and Abuse Act of 1984

The CFAA criminalizes certain types of computer abuse by banning “unauthorized access” of computers and networks. The law has been used to successfully prosecute both high- and low-level hackers for both civil and criminal matters. Early on, for example, the law was used to convict the man who released the first computer worm in 1988. Over the years, however, the law’s vagueness has resulted in punishments as severe as decades in prison for minor abuses that did not cause economic or physical harm.

The CFAA, for instance, makes white lies such as understating your age or weight on a dating site a crime (even though this is rarely if ever prosecuted). It also makes violating a company’s policy on using a work computer for personal use a felony. If the law were widely enforced, almost every white collar worker in America would be in prison for computer abuse. Because it is arbitrarily and sometimes overly enforced, federal judges and scholars have advocated for changing the law to decriminalize terms of service violations. One impediment to loosening the law has been resistance by corporations who benefit from it. One of the changes to the CFAA in 1994, for example, amended the law to allow for civil actions, giving corporations a way to sue employees who steal company secrets.

Examples of Computer Abuse

An incident that many people might not think of as computer abuse is creating a fake social media account. If the social media service’s terms and conditions require users to provide accurate information about their identities when creating an account, they could be prosecuted under the CFAA. This outcome is unlikely unless an individual uses a fake account for malicious purposes, such as cyberbullying, but it is a possibility — and that possibility of being prosecuted for something as minor as the mere creation of a fake account is a major problem with the CFAA. Attorneys have been able to exploit the law’s weaknesses to defend clients who should perhaps have been punished, and prosecutors have been able to exploit the law to obtain convictions for minor incidents.

Aaron’s Law was a bill introduced in the United States Congress in 2013 in honor of Swartz to loosen the CFAA. Though the bill did not pass Congress, it remains an influential bill.