Can I use my employer’s computer? (Computer Fraud Abuse Act)
The answer seems obvious, doesn’t it? Of course you can’t get on your employer’s computer unless you have his or her permission. That seems to be common sense. But how much access do you have even if you’re permitted to log on for work purposes? Is it unlimited?
A recent case in federal court struggled with this question. The federal Computer Fraud and Abuse Act* makes it a crime to exceed authorized access to a protected computer and obtain information. Under this law everything that contains a microchip is a “protected computer.” The question becomes one of excessiveness in obtaining information from the computer. In other words, once you’re on can you take a look at his personal settings, email, friends, address book, etc.?
In December, 2010, the 11th Circuit Court of Appeals decided the case of United States v. Rodriguez.** Roberto Rodriguez was a federal employee with the Social Security Administration. His job was to answer questions from the general public over the telephone. He had access to databases that contained sensitive, personal data about U.S. citizens.
During his employment, Rodriguez reviewed the personal records of 17 different individuals for nonbusiness reasons without their consent. He was charged with 17 counts of unauthorized access. He was convicted and sentenced to one year in prison. He appealed the conviction and sentence asserting that he didn’t harm anyone or benefit financially by his actions. The appellate court rejected his position declaring it “irrelevant.” Other court decisions dating back to 1997 have essentially come to the same conclusion.
The message here regarding computer access at work is to follow to the letter the rules given to you by your employer. This area of the law continues to evolve. Better to play it safe than find yourself explaining what you did to a judge or jury.
* 18 United States Code 1030 (1986)
** United States v. Rodriguez, 2010 WestLaw 5253231 2010).