← Back to Topics

CFAA Unauthorized Access

The cluster discusses whether specific actions, such as using computer interfaces in unintended ways or accessing restricted data, constitute violations of the US Computer Fraud and Abuse Act (CFAA), often referencing prosecutions and legal interpretations.

➡️ Stable 0.5x Legal
6,783
Comments
20
Years Active
5
Top Authors
#4583
Topic ID

Activity Over Time

2007
1
2008
18
2009
45
2010
118
2011
236
2012
335
2013
865
2014
396
2015
456
2016
439
2017
390
2018
285
2019
478
2020
382
2021
680
2022
416
2023
423
2024
363
2025
439
2026
18

Top Contributors

tptacek (209) rayiner (70) AnthonyMouse (67) pbhjpbhj (43) mpyne (38)

Keywords

e.g MAC US CI robots.txt CD courtlistener.com MBTA en.m CL unauthorized access hacking criminal crime computer violation robots txt law laws

Sample Comments

ke88y Apr 28, 2023 View on HN

This is almost certainly an instance of Unauthorized Use under the CFAA and therefore criminal in the USA and any jurisdictions with similarly broad anti-hacking laws.

belovedeagle Mar 7, 2017 View on HN

This could probably be spun as a violation of the cfaa. IANAL, but the practical interpretation of that seems to be "don't do bad stuff using a computer", kind of like mail fraud but worse.

dllthomas Mar 25, 2018 View on HN

I wonder if there's a reasonable CFAA case here...

huatilla Oct 26, 2021 View on HN

The Computer Fraud and Abuse Act outlaws "unauthorized access". The website owner clearly did not authorize access to that, so the letter of the law may have been violated. Maybe the law should require malice, criminal intent, and actual harm to have happened for "unauthorized access" to be a crime.

belkarx May 21, 2022 View on HN

United States' Department of Justice recently revised the CFAA to legally permit access of the type you engaged in (contradicting a few other comments here)https://www.bleepingcomputer.com/news/security/us-doj-will-n...

r0m4n0 Aug 31, 2021 View on HN

You may want to read the CFAA and report back.Spoiler alert, it doesn’t involve your intentions or money.https://en.m.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act

free652 Jun 6, 2018 View on HN

You are breaking a US law - CFAA. Which could be an interested showdown CFAA vs GDPR.

msgodel Aug 11, 2025 View on HN

It's arguably a violation of the CFAA.

superkuh Aug 18, 2023 View on HN

Using the interface in unintended (by the creators) ways is a prosecutable crime under the CFAA. People can be and have been imprisoned for it. https://en.wikipedia.org/wiki/Weev#Trial is a notable example.

immibis Apr 17, 2025 View on HN

Sounds like they're breaking the CFAA and should be criminally prosecuted.