Croncast Facebook Group  Follow Kris on Twitter 
 
Search Results
I've read about cfaa 1 time.

Search Results RSS for




Unauthorized software downloads did not violate Computer Fraud and Abuse Act
(via - Internet Cases )
I read it on 06/24/09 at 03:28 PM
Posted on 06/24/09 at 04:32 AM

Cassetica Software made an application available for download on the web and entered into a license agreement for that application with Computer Sciences Corporation (CSC). Cassetica alleged that CSC continued to download the application after the license agreement expired.

download

So Cassetica sued in federal court, alleging a number of causes of action, including violations of the Computer Fraud and Abuse Act, 18 USC 1030 et seq. (CFAA). CSC moved to dismiss pursuant to FRCP 12(b)(6) for failure to state a claim. The court granted the motion, finding that Cassetica did not plead either damage or loss as required by the CFAA.

What the CFAA requires

Interpreting the CFAA differently that at least one other judge in the Northern District of Illinois has (cf. Garelli Wong & Assoc. v. Nichols, 551 F.Supp.2d 704 (N.D.Ill. 2008)), Judge Kendall held that Cassetica was required to plead either damage or loss as such terms are defined in the CFAA. (In Garelli Wong, the court held that both damage and loss must be pled.)

Under the CFAA, damage is defined as any impairment to the integrity or availability of data, a program, a system, or information. Loss is defined as any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service.

Insufficient damage allegations

The bare allegations of damage in the complaint were not enough. The court found that Cassetica did not allege any facts that would plausibly suggest that the software downloads authorized or not caused a diminution in the computers or usability of [Cassetica's] computerized data. The court went on to observe that [c]ritically absent from the Complaint are allegations that CSC's downloads resulted in lost data, the inability to offer downloads to its customers, or that the downloads affected the availability of the software.

Insufficient loss allegations

Cassetica's complaint also failed to plead loss. The allegations primarily dealt with the lost fees Cassetica would have received had the alleged unauthorized downloading not taken place. Because Cassetica did not allege that it lost revenues as a result of an interruption in service caused by CSC, its claim for lost revenue fell outside the CFAA's definition of loss.

Download picture courtesy Flickr user soren_nb under this Creative Commons license.




Tags: cassetica  loss  damage  cfaa  court  


 
 
 



 
 
Scratch   Archive All


  March 2010 (16)
February 2010 (29)
January 2010 (15)
December 2009 (13)
November 2009 (52)
October 2009 (36)
Sep. 2009 (19)
August 2009 (2)
June 2009 (1)
May 2009 (7)
April 2009 (8)
March 2009 (11)
February 2009 (11)
January 2009 (8)
July 2008 (10)
June 2008 (60)
May 2008 (59)
April 2008 (62)
March 2008 (81)
February 2008 (37)
January 2008 (45)
December 2007 (28)
November 2007 (75)
October 2007 (55)
Sep. 2007 (70)
August 2007 (34)
July 2007 (42)
June 2007 (35)
May 2007 (48)
April 2007 (40)
March 2007 (13)
February 2007 (24)
January 2007 (34)
December 2006 (30)
November 2006 (30)
October 2006 (41)
Sep. 2006 (19)
August 2006 (31)
July 2006 (33)
June 2006 (24)
May 2006 (26)
April 2006 (33)
March 2006 (9)
January 2006 (3)
December 2005 (5)
November 2005 (8)
October 2005 (13)
Sep. 2005 (13)
August 2005 (14)
July 2005 (7)
June 2005 (13)
May 2005 (13)
April 2005 (14)
March 2005 (13)
February 2005 (19)
January 2005 (21)
December 2004 (24)
November 2004 (18)