Leslie R. Caldwell, Assistant Attorney General for the Criminal Division of DOJ writes:
In a series of recent posts, we’ve been discussing the need for the Administration’s current cybersecurity proposals and discussing how they have been drafted in a careful and targeted way to enable us to protect privacy and security without ensnaring harmless or legitimate conduct. Reaching this balance is important in many parts of the criminal law, but it is particularly important in the law that protects the privacy and security of computer owners and users — the Computer Fraud and Abuse Act (CFAA). This law applies both to the hackers who gain access to victim computers without authorization from halfway around the world, and to those who have some authorization to access a computer — like company employees entitled to access a sensitive database for specified work purposes — but who intentionally abuse that access. Yet the CFAA needs to be updated to make sure that the statute continues to appropriately deter privacy and security violations. The Administration has proposed an amendment that maintains the law’s key privacy-protecting function while ensuring that trivial violations of things like a website’s terms of service do not constitute federal crimes.
Read more on the Department of Justice to see how they try to sell their proposed amendment.