Van Buren v. United States, No. 19-783: Petitioner Nathan Van Buren, when he was a police sergeant, had access to search the state law enforcement computer data base, and was authorized by his department’s policy to do so only for law enforcement purposes. Van Buren, however, in exchange for money, ran a license-plate search in the database that was requested by an acquaintance. This led to Van Buren’s conviction under the Computer Fraud and Abuse Act of 1986 (“CFAA”), which imposes criminal liability upon anyone who “intentionally accesses a computer without authorization or exceeds authorized access,” and thereby obtains computer information. 18 U.S.C. §1030(a)(2). The Eleventh Circuit affirmed the conviction, over Van Buren’s argument that the “exceeds authorized access” clause applies only to those who obtain information to which their computer access does not extend. Today, the Court reversed, holding that the phrase “exceeds authorized access,” based upon its definition in the statute, covers those who obtain information from particular areas in the computer—such as files, folders, or databases—to which their computer access does not extend, and does not cover those who have improper motives for obtaining information that is otherwise available to them. Justice Barrett issued the Court’s opinion, which was joined by Justices Breyer, Sotomayor, Kagan, Gorsuch, and Kavanaugh. Justice Thomas dissented, joined by Chief Justice Roberts and Justice Alito.
View the Court's decision.