Nearly every American has received terms of service for a website, application, or other service, and almost all do not read them. Many are likely in unknowing violation of terms of service at some point or another. The same response to terms of service happens at work. Employees receive a computer with access to confidential business and customer information. Along with the computer, employees are often provided a computer-use policy that restricts them to using the computer for authorized work purposes. Despite that kind of restriction, most employees use their work computers to shop online, pay bills, scroll social media, and engage in other personal uses during their downtime. Soon, the Supreme Court will say whether, by doing so, employees violate the Computer Fraud and Abuse Act (CFAA).
Over the last decade, courts have come out split over whether the CFAA imposes liability when a person who is authorized to access certain information uses that access to obtain information for an unauthorized purpose or in violation of a limitation on use, such as those contained in terms of service or employee handbooks. Last November, the Supreme Court heard oral argument in Van Buren v. United States, which promises to resolve the current split of authority among the U.S. circuit courts of appeals and is described in detail below.