Citation: Van Buren v. United States, 593 U.S. ___ (2021)
Facts of the Case:
Nathan Van Buren, a former Georgia police sergeant, used his patrol-car computer to access a law enforcement database to retrieve license plate information in exchange for money. Although Van Buren used his valid credentials, his actions violated department policy against using database information for non-law-enforcement purposes. His conduct was part of a Federal Bureau of Investigation sting operation.
Issue:
The main issue was whether Van Buren’s actions constituted a violation of the Computer Fraud and Abuse Act (CFAA), specifically whether he “exceeded authorized access” by using his access for an improper purpose.
Parties:
Plaintiff: United States
Defendant: Nathan Van Buren
Judgment:
The Supreme Court of the United States held that an individual “exceeds authorized access” when they access a computer with authorization but then obtain information located in particular areas of the computer that are off-limits to them. The court ruled that Van Buren did not violate the CFAA because he accessed information he was authorized to access, even though he did so for an improper purpose.
Detailed Judgment:
Justice Amy Coney Barrett delivered the opinion of the Court, stating that the CFAA’s language focuses on access to particular areas of a computer, not on the purpose for which the access was used. The court emphasized that the CFAA does not cover situations where an individual has authorized access but uses it for an improper purpose. The court concluded that Van Buren’s actions did not meet the definition of “exceeds authorized access” under the CFAA