Criminal computer trespass statutes in the United States usually include a specific element requiring proof beyond a reasonable doubt that accessing the computer or computer network was “unauthorized.” See, e.g., 18 U.S.C. §1030(a)(2); N.Y. Penal Law §156.05; Cal. Penal Code §502(c)(7); Pa. Code 18 §7611. Unfortunately, that phrase continues to cause litigation, with the U.S. Supreme Court recently hearing oral arguments about its scope in the case of Van Buren v. United States, 940 F.3d 1192 (11th Cir. 2019). Van Buren specifically concerns the meaning of access without authorization, that is, “exceeds authorized access” under the federal Computer Fraud and Abuse Act (CFAA), 18 U.S.C. §1030.

The oral argument occurred on Nov. 30, 2020 and was illuminated by the stark contrasts in the interpretations by the parties as well as the serious concerns voiced by several members of the court about the larger implications of the case. For instance, during the oral argument, Justice Sotomayor opined that the statute may be viewed “as a very broad statute and dangerously vague,” while Justice Gorsuch asserted that the government’s expansive interpretation of the access provision “would make criminals of us all.”