Part I: When Somebody Hacks Somebody Else

Week 2 (Oct. 5, 2022): Computer Fraud and Abuse Act (CFAA)

The primary federal anti-hacking law in the United States is the Computer Fraud and Abuse Act (CFAA), originally enacted in 1986. This will be a two-part unit, so we'll continue studying the CFAA next week. This week we'll focus on understanding the basics about the statute and what it means. We'll also read the Supreme Court's first-ever CFAA case, 2021's Van Buren v. United States. 

Week 3 (Oct. 12, 2022): CFAA cont’d.; Digital Millennium Copyright Act (DMCA); Security Research

This week, we’ll continue our study of the CFAA. We’ll examine the effects on cybersecurity (and other) research of the CFAA (and Van Buren) and another law, the Digital Millennium Copyright Act (DMCA).

Weeks 4 & 5 (Oct. 19 & 26, 2022): Electronic Communications Privacy Act (ECPA)

As with the CFAA, we will spend two weeks on ECPA due to its complexity. ECPA does two things: (1) it prescribes the conditions under which the government may engage in various types of electronic surveillance (such as eavesdropping on phone calls), (2) while generally forbidding everyone else from doing so. We’ll cover the latter function now and the former later in the quarter. 

ECPA has three parts: the Wiretap Act (Title I), the Stored Communications Act (SCA) (Title II), and the Pen Register Act (Title III). For now, we’ll focus on certain portions of the Wiretap Act and SCA.