It has finally happened. The Federal Computer Fraud and Abuse Act has been limited. See http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2012/04/11/BU7P1O1AST.DTL The Ninth U.S. Circuit Court of Appeals said: "Under the prosecution's interpretation [of the Act], "millions of unsuspecting individuals would find that they are engaging in criminal conduct," said Chief Judge Alex Kozinski in the majority opinion." The defendant in the case is still being prosecuted for engaging in other criminal acts. Although I supported with testimony, helped write, and assisted in getting the original Computer Fraud and Abuse Act adopted, I pointed out that all violations it covered seemed to be covered by existing criminal laws (as was this case) and in most cases had stronger penalties. Several prosecutors told me that they wouldn't apply the new law anyway because violation of existing laws would be more easily understood by the courts. However, there is still value in the Computer Fraud and Abuse Act for three reasons. It has drawn public attention onto crimes in the new IT environments, it encouraged potential victims to protect themselves, and it helped law enforcement agencies get funding and motivation for gaining the skills and knowledge to investigate and prosecute the old crimes in the new IT environments. When I write "new IT environments", I mean where a computer plays one or more of four roles, object of attack, subject (unique environment), tool, and symbol (for deception.) Donn ------------------------------