A former police sergeant ran a license-plate search in a law enforcement computer database in exchange for money. His conduct plainly exceeded department policy, which authorized him to obtain database information only for law enforcement purposes. The U.S. Supreme Court was called upon to decide whether he also violated the Computer Fraud and Abuse Act of 1986 (CFAA), which makes it illegal “to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.” The Court concluded that the officer did not.
“This provision covers those who obtain information from particular areas in the computer – such as files, folders, or databases – to which their computer access does not extend. It does not cover those who, like Van Buren, have improper motives for obtaining information that is otherwise available to them.”
Van Buren v. U.S., 141 S.Ct. 1648 (2021).