Logging into Facebook, perusing eBay and surfing to other decidedly non-work related sites may not just upset your boss, but it could also be a federal offense.
That's according to two Boston College professors who recently authored a paper on how a broad interpretation of the 1986 Computer Fraud and Abuse Act (CFAA) could criminalize the routine behavior of every employee who uses a workplace computer in their job.
As the First, Fifth, Seventh and Eleventh Circuit Courts of Appeal interpret it, a breach of a company's computer policy for example a ban on accessing dating sites and social media for example, also constitutes a violation of the CFAA.
The law was originally written to punish and deter criminal hacking, but as technology experts point out, innovation in technology has outpaced the laws that govern it.
The CFAA, a 1986 law that predates HTTP and the Web as we know it, makes it a crime to "access a computer without authorization or exceed authorized access ... from [a] protected computer." Based on the law's own definitions, a "protected computer" is virtually any device with a microprocessor and a network connection. Today, virtually everyone "accesses" one when they point their browser to any webpage.
Since the law allows private right of action, companies could, in theory, successfully sue their employees for any computer policy violation, even something as benign as sending your spouse an email about being late for dinner.
