This Article discusses and examines the various cases that pertain to the issue of exceeding authorized access throughout the years from United States v. Morris to the recent United States v. Nosal. Further, this Article thoroughly examines the Ninth Circuit’s approach regarding the issue of exceeding authorization; specifically, the need for the Ninth Circuit’s narrower interpretation in United States v. Brekka and Nosal. Finally, this Article proposes an alternative phrasing for the term “exceeding authorization,” and a revised interpretation of the phrase and the relevant offenses under the Computer Fraud and Abuse Act. This recommended interpretation suggests establishing different degrees of authorization. In accordance with the new approach promoted by Nosal and Senator Lofgren’s Aaron’s Law Bill, this Article argues that misuses of information by authorized users should not be categorized as a computer misuse offense, but rather as a privacy law issue.
Vasileios Karagiannopoulos, From Morris to Nosal: The History of Exceeding Authorization and the Need for a Change, 30 J. Marshall J. Info. Tech. & Privacy L. 465 (2014)