The Computer Fraud and Abuse Act Applied to Proprietary Database License Misuse

Congress enacted the Computer Fraud and Abuse Act (“CFAA”) 18 U.S.C. § 1030 et seq., in 1984 to combat hackers and to address federal computer-related offenses. The CFAA prohibits individuals from “intentionally access[ing] a computer without authorization or exceed[ing] authorized access, and thereby obtain[ing] … information from any protected computer.” See 18 U.S.C. § 1030(a)(2)(C). A “protected computer” includes a computer “exclusively for the use of a financial institution or the United States Government” or a computer that is “used in or affecting interstate or foreign commerce or communication.” See 18 U.S.C. § 1030(e)(2). The CFAA provides for criminal fines and penalties as well as a private civil right of action to remedy violations. See 18 U.S.C. § 1030(g). Civil remedies are limited to economic damages. Id.