In
Van Buren v. United States, the Supreme Court faced the difficult task of determining whether the opaquely-written Computer Fraud and Abuse Act (“CFAA”) would apply to situations in which a person who was authorized to access information for work purposes had accessed that information for improper reasons. In one of Justice Barrett’s first opinions, the six-justice majority found that it would not. Justice Thomas, joined by Chief Justice Roberts and Justice Alito, dissented because he believed it should.
The
Van Buren case began when a financially-troubled sergeant in the Cumming, Georgia police department befriended a known criminal. Sergeant Van Buren decided to leverage that friendship by asking for a loan (falsely claiming it was to pay off medical bills). But his friend wasn’t all that friendly – he went to the county sheriff’s office and reported that Sergeant Van Buren was shaking him down. The FBI got involved and ultimately created a sting operation in which Sergeant Van Buren would be asked to access Federal and State crime databases to provide information about a woman the friend had met at a strip club. Sergeant Van Buren agreed and ran the woman’s license plate information in the databases, then texted his friend that he had the information. When the FBI and Georgia Bureau of Investigation showed up to arrest him, Sergeant Van Buren admitted what he had done, and that he knew it was wrong to obtain the information for non-police purposes. He was then charged with violation of the CFAA and honest services fraud and convicted on both counts.[1]