The law depends on reasonable interpretations of intent and harm, not tricks of code. If your nominal piece of code "protects" something that is reasonably understood to be public, and if access cannot reasonably be interpretted to cause harm, then the code does not create a federal crime.
But, wait, isn't that unworkably fuzzy? Who gets to decide what is reasonable? Ultimately the answer would be a judge or jury of your peers.
>The law depends on reasonable interpretations of intent and harm, not tricks of code. If your nominal piece of code "protects" something that is reasonably understood to be public, and if access cannot reasonably be interpretted to cause harm, then the code does not create a federal crime.
Can you cite any court opinion interpreting the CFAA that says anything resembling that?
>But, wait, isn't that unworkably fuzzy? Who gets to decide what is reasonable? Ultimately the answer would be a judge or jury of your peers.
Or more likely your local prosecutor, since the vast majority of cases never go to trial. And given that, shouldn't we try to do better than "unworkably fuzzy"?
What I am describing in my first sentence is an aspect of U.S. law in general. If you can cite precedent that disagrees with my second sentence, I'd be very interested to read it.
All law is fuzzy because human concepts of morality and right and wrong are fuzzy. That is why we rely on human judges and juries to interpret them.
>What I am describing in my first sentence is an aspect of U.S. law in general. If you can cite precedent that disagrees with my second sentence, I'd be very interested to read it.
How about the DMCA prohibition on circumvention of DRM in light of the process set out in 17 U.S.C. 1201(a)(1)(C) regarding the Librarian of Congress exempting DMCA circumvention from criminal liability in specific circumstances. The very existence of the latter admits a violation of your second sentence, because if the law did not prohibit such things in the general case then there could never be anything to request an exemption for. And the possibility of an exemption being granted doesn't disprove the point because any act falling into your category when the "code" is DRM remains prohibited unless an explicit exemption is both applied for and granted, and then renewed every three years. The exemption for jailbreaking phones that recently expired provides a concrete example of that not happening.
>All law is fuzzy because human concepts of morality and right and wrong are fuzzy. That is why we rely on human judges and juries to interpret them.
This is a popular refrain used in response to engineering types who naively expect the law to be so fully specified that it can be subject to mathematical analysis or proved to be internally consistent, etc. And it's true that for pragmatic and practical reasons we can't have laws that are perfectly clear and utterly unambiguous. But that doesn't mean we can't have laws that are more clear and less ambiguous, especially where the starting point is something as overly broad and unclear as the CFAA.
But, wait, isn't that unworkably fuzzy? Who gets to decide what is reasonable? Ultimately the answer would be a judge or jury of your peers.