Unauthorized Use of Computer

We represent people accused of gaining unauthorized access to computers throughout the state of Massachusetts and in federal courts.

Federal Law

The federal Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030) prohibits (1) accessing a computer without authorization or exceeding one’s authorization and thereby accessing information the U.S. government has deemed needs to be protected against unauthorized disclosure; and (2) intentionally accessing a computer or intentionally exceeding authorization and thereby accessing financial information, information from any department or agency of the U.S. government, or information from any “protected computer.” While this statute appears to limit the computers to which it applies, in reality “protected computer” is defined by the law to be any “electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions, and includes any data storage facility or communications facility directly related to or operating in conjunction with such device” that “is used in or affecting interstate or foreign commerce or communication.” In other words, the term “protected computer” covers any computer, tablet, or smartphone that is connected to the internet.

In addition to prohibiting unauthorized access of a computer, the CFAA prohibits: computer espionage, trespassing on a government computer, committing fraud using a computer, damaging a protected computer (such as with viruses and worms), trafficking in passwords of a government or commerce computer, and threatening to damage a computer.

The Federal Stored Communications Act (SCA) (18 U.S.C. § 2701 et seq.), passed in 1986, prohibits “intentionally access[ing] without authorization a facility through which an electronic communication service is provided; or intentionally exceed[ing] an authorization to access that facility” and thereby obtaining access to electronic communications in electronic storage. The federal circuit courts have split as to whether accessing someone else’s cloud-based email account violates the SCA, and neither the Supreme Court nor the First Circuit Court of Appeals has addressed the issue, leaving it an open question as to whether if someone in Massachusetts logs in to another person’s cloud-based account without authorization they will be found to have violated this federal law.

State Law

Massachusetts General Laws chapter 266, § 120F makes it a crime to access a computer system without authorization, or to remain accessing a computer system after knowing that the access is unauthorized. This statute may cover actions such as: logging in to someone else’s computer without permission, sending or reviewing emails in someone else’s email account, and creating unauthorized online accounts. It is important to note that the term “computer system” does not just mean the computer of another person; accessing someone’s internet accounts, such as email, even if from your own computer may be prosecuted as a violation of this statute.

What does the prosecution have to show in order to prove a violation of this statute? The prosecutor must show (1) that you accessed a computer system; (2) that you knew the computer system required authorization; and (3) and that you knew you did not have that authorization. The law explicitly states that “the requirement of a password or authentication to gain access” puts a person on notice that the computer system requires authorization.

The Massachusetts courts have not had much cause to examine and interpret this law, meaning it is not clear in what situations it might apply. One of the few cases to address this law made clear that while looking at multiple web pages or documents during one unauthorized login is not grounds for multiple charges of violation of this section, repeated unauthorized logins to the same computer system can give rise to multiple charges of unauthorized computer use.

Other than that holding by the Massachusetts Appeals Court, the scope of the law’s application has yet to be defined. One superior court found that although the statute does not define the word “access,” that term was clear enough in the law to withstand constitutional challenge. This decision was unpublished and is not binding on other courts in Massachusetts. The law similarly does not define the term “computer system,” and the relevant federal laws do not use this term, leaving room for defendants to challenge prosecutions for actions other than simply logging in to someone else’s computer. While we have seen the police bring these charges against people for accessing, for example, someone else’s email accounts, it is not clear that an email account is a “computer system” under the law. The law was passed in 1994, and likely did not contemplate the various electronic systems people routinely use today. For example, courts do not yet appear to have taken up the question of whether accessing another person’s smartphone constitutes a violation of this statute, i.e. whether a smartphone is a “computer system.” These are some of the areas we explore in defending our clients against charges of unauthorized use of a computer.

If you have been charged with unauthorized access of a computer system, contact one of our attorneys at 617-742-6020.

Justia Lawyer Rating
Super Lawyers
Martindale-Hubbell - AV Preeminent - Peer Rated For Highest Level Of Professional Excellence 2020
Recognized by Best Lawyers
Best Lawyers - Best Law Firms
Client Reviews
★★★★★
I hired Mr. Duncan to deal with a very sensitive issue that my daughter had. Since the first contact, I had a very good impression of him. He transmitted confidence and appeared to know exactly what to do. I called and emailed him many times, he was polite and comprehensible with the anxiety of a father and appeared to know every step to solve the case. I strongly recommend Mr. Duncan. Flavio Lajoia
★★★★★
If you are reading this review, it means either you or a family member is in trouble and needs immediate legal counsel. Please know your search can end right now because Zalkind, Duncan & Bernstein is the law firm to hire. They are honest, responsive, compassionate and have the experience and expertise to bring... Client
★★★★★
I contacted Zalkind Duncan & Bernstein to assist with a Title IX case. From our initial conversation, Naomi Shatz had a strong understanding of Title IX policies and conducted each step of the process with professionalism, honesty and a responsiveness that did not disappoint. Ms. Shatz displayed confidence and just as important, compassion when needed. Client
★★★★★
I worked with Emma Quinn-Judge and Monica Shah. And from my first contact on the phone, on to my first meeting in their office and during the trial, I found them and the firm's entire team to be a group of consummate legal professionals who are very knowledgeable, patient, dedicated, fair, honest and caring... Chantal C.
★★★★★
I am forever grateful to all the staff at this firm, but in particular, Ms. Shah, Mr. Zalkind and Mr. Silverglate. They represented my son who was being sought for extradition to Scotland. The case took years to fight, covering new legal ground, setting precedence. But each one of these legal eagles went above and beyond the duty of office... Suzanne D.
View More
Submit a Law Firm Client Review