In a recent federal appeals court decision, the U.S. Department of Justice can proceed to monitor password theft — actions that take their legality from a 1984 anti-hacking law, Reuters reported on Tuesday (July 5).
In a 2-1 decision handed down by the Ninth U.S. Circuit Court of Appeals in San Francisco, it was voted that David Nosal, a former Korn Ferry employee, along with two accomplices, used a colleague’s password to access the firm’s computers, take information and start a new firm, said the newswire. These incidents took place in 2005.
The law violated, and cited in the case, is the Computer Fraud and Abuse Act. The court said that Nosal acted “without authorization” in using the password, which had been voluntarily provided by Nosal’s secretary. Nosal, at that point, said the newswire, had been working as an independent contractor, and his company credentials had been revoked.
The case, according to Reuters, is high on many radar screens, as digital privacy groups have been concerned over broader leeway to prosecute password sharing, even if that occurs with consent of the other party.
In an interview with Reuters, speaking on the aforementioned concerns, Jamie Williams, who serves as an attorney with the Electronic Frontier Foundation, stated: “The court is criminalizing conduct that ordinary Americans do every day online.”