Page Hero

Hero Image

Computer Fraud and Abuse Act (CFAA)

The Computer Fraud and Abuse Act (CFAA) was enacted in 1986, as an amendment to the first federal computer fraud law, to address hacking. Over the years, it has been amended several times, most recently in 2008, to cover a broad range of conduct far beyond its original intent. The CFAA prohibits intentionally accessing a computer without authorization or in excess of authorization, but fails to define what “without authorization” means. With harsh penalty schemes and malleable provisions, it has become a tool ripe for abuse and use against nearly every aspect of computer activity.

As technology advances, the use of the criminal law to regulate conduct using such technology also advances. Perceptions concerning the role of technology in both traditional and high-tech criminal conduct prompted Congress to enact the first federal computer crime law thirty years ago. Increases in computer availability and mainstream usage, however, have propelled government regulation of computer conduct into overdrive.

Over the course of thirty years, federal computer crimes went from non-existent to touching on every aspect of computer activity for intensive and occasional users alike. The Computer Fraud and Abuse Act (CFAA) was enacted in 1986, as an amendment to the first federal computer fraud law, to address hacking. Over the years, it has been amended several times, most recently in 2008, to cover a broad range of conduct far beyond its original intent.

The CFAA prohibits intentionally accessing a computer without authorization or in excess of authorization, but fails to define what “without authorization” means. With harsh penalty schemes and malleable provisions, it has become a tool ripe for abuse and use against nearly every aspect of computer activity.

The breadth and ambiguity of the CFAA are deeply troubling. NACDL supports wholesale reform of the CFAA and, in particular, believes violations of website terms of services should not be federal crimes. NACDL opposes any additional expansion of the CFAA and is actively working to reform the CFAA through amicus support, coalition building, and legislative advocacy.

Join NACDL to get involved

Additional information on the CFAA and NACDL's reform efforts are available at the hyperlinks below.

Join NACDL to get involved
 

Provisions of the Computer Fraud & Abuse Act
18 U.S.C. § 1030 

Offense 

Section 

Sentence* 

Obtaining National Security Information

(a)(1)

10 yrs (20)

Accessing a Computer and Obtaining Information

(a)(2)

1 or 5 yrs (10)

Trespassing in a Government Computer

(a)(3)

1 yr (10)

Accessing a Computer to Defraud and Obtain Value

(a)(4)

5 yrs (10)

Intentionally Damaging by Knowing Transmission

(a)(5)(A)

1 or 10 yrs (20)

Recklessly Damaging by Intentional Access

(a)(5)(B)

1 or 5 yrs (20)

Negligently Causing Damage and Loss by Intentional Access

(a)(5)(C)

1 yr (10)

Trafficking in Passwords

(a)(6)

1 yr (10)

Extortion Involving Computers

(a)(7)

5 yrs (10)

Attempt and Conspiracy to Commit such an Offense

(b)

10 yrs for attempt but no penalty specified for conspiracy in section (c)

*The maximum prison sentences for second convictions are noted in parentheses.

Join NACDL to get involved

Continue reading below

Featured Products

Explore keywords to find information

RECENTLY ADDED & UPCOMING

  1. The Champion
    /Nacdl/media/image_library/StayInformed/Champion/ChampionCovers/March-April-2025.jpg?ext=.jpg

    March/April 2025

    What are the evidentiary implications of field sobriety tests in marijuana cases? Does the odor of marijuana give officers probable cause to search a vehicle?

  2. Amicus Brief
    /Nacdl/media/image_library/Elements/global/amicus.png

    Jenner & Block LLP v. U.S. Department of Justice

    Brief of the National Association of Criminal Defense Lawyers and New York Council of Defense Lawyers as Amici Curiae in Support of Plaintiff’s Motion for Summary Judgment.

  3. News Release
    /Nacdl/media/image_library/Elements/global/newsrelease.png

    News Release ~ Law Enforcement Executive Order

    NACDL Warns Executive Order's Dangerous Overreach Undermines Community Safety and Trust in Police – Washington, DC ( April 29, 2025) – The National Association of Criminal Defense Lawyers (NACDL) expressed deep concern regarding the Executive Order titled "Strengthening and Unleashing America’s Law Enforcement to Pursue Criminals and Protect Innocent Citizens," cautioning that several of its proposals represent a dangerous overreach that undermines these goals by jeopardizing individual rights and the legitimacy of law enforcement in the eyes of the community.

  4. Event
    /Nacdl/media/image_library/Learn/nacdlcleinstitute/2025_Post-Dobbs_Trial_Tactics_2025-02-26_v02_Event-Listing_2.jpg?ext=.jpg

    Trial Tactics for Pregnancy-Related Cases: Skills for Every Defender

    LOCATION: The University of Texas School of Law, Austin, TX
    DATE: May 16-17, 2025
    COST: FREE (registration is required)
    CLE Credit: Up to 14.5 credits 

  5. Webinar
    /assets/img/nacdl_og.png

    Collaborative Approaches to Appellate Defense: Recognizing Clients' Legal Expertise

    WHEN: Thursday, May 8, 3:00-4:30pm ET / 12:00-1:30pm PT
    CLE CREDIT: not available
    COST: Free