On May 19, the Department of Justice announced a new policy concerning how it will charge cases under the Computer Fraud and Abuse Act, or CFAA, the primary statute used against those who engage in unlawful computer intrusions. Over the years, the statute has been criticized because it has been difficult to determine the kinds of conduct it criminalizes, which has led to a number of problems, including the chilling of security research.

Stephanie Pell sat down with Andrea Matwyshyn, professor of law and associate dean of innovation at Penn State Law School to discuss DOJ's new charging policy and some of the issues it attempts to address. They talked about some of the problems created by the CFAA's vague terms, how the new charging policy tries to protect good faith security research, and the significance of the requirement that prosecutors must now consult with the Computer Crimes and Intellectual Property section at main Justice before charging a case under the CFAA.

Support this show http://supporter.acast.com/lawfare.

Hosted on Acast. See acast.com/privacy for more information.