From Clickwrap to RAP Sheet: Criminal Liability under the Computer Fraud and Abuse Act for Terms of Service Violations V. 1

1 1 (March 19, 2020)

handle is hein.crs/govcaxr0001 and id is 1 raw text is:

~* o 0 re.i ,,
Researh Servi kM-

From Clickwrap to RAP Sheet: Criminal

Liability under the Computer Fraud and

Abuse Act for Terms of Service Violations

March 19, 2020
Computers and the internet are ubiquitous, and so too are contractual restrictions on their use. Users of
smarlphones, tablets, personal computers, social media websites, apps, online shopping platfonns,
streaming services, and more are generally bound by terms of service (ToS) agreements-contracts that
govern the use of a product. Often, ToS agreements take the form of clickwrap agreements requiring users
to click a box indicating that they are aware of, and agree to, certain terms on a website. In other instances
ToS agreements may simply amount to a written notification that by using a product, the user agrees to be
bound by the product's ToS. Either way, ToS agreements are now so prevalent that, at least according to
some empirical studies, users generally do not read them. That is perhaps unsurprising given that ToS
agreements are often lengthy, covering everything from the number of authorized users of a product to the
types of content that may be shared through a device or service. But providers of computer and internet
products and services rely on ToS for a variety of purposes, including limiting liability, protecting
proprietary data, and preventing their products or services from being used in a harassing, threatening, or
abusive manner. Against this backdrop, federal courts have diverged on the issue of whether an individual
may-under certain circumstances-be criminally liable under federal law for ToS violations.
The judicial disagreement stems from two conflicting interpretations of the Computer Fraud and Abuse
Act (CFAA), IS U.S.C. § 1030-a civil and criminal cybersecurity law prohibiting certain computer-
related activities. Federal appellate courts are divided on when an individual who violates a ToS
agreement runs afoul of the CFAA and is subject to liability under the statute.
This Sidebar begins with background on the relevant provisions of the CFAA, before examining the split
among the federal appellate courts over when, if ever, the CFAA imposes criminal liability for violations
of ToS agreements. The Sidebar concludes with some considerations for Congress.

The CFAA: Background and Key Provisions

The CFAA prohibits a number of activities where a person illicitly accesses a qualifying computer if he is
without authorization or if he exceeds authorized access. The phrases appear in a number of the

Congressional Research Service
https://crsreports.congress.gov
LSB10423

CRS Leg Sideba
Prepared for Members and

Gomrnittees of Congress

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.

Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most

What Is HeinOnline?

Purchase Access

Contact Us

Log In

NEED HELP?

CONTACT US

Get started

Subscribe to our Newsletter