by Susanna Griffith*
Can an employee who has accessed computer database information in violation of use restrictions and direct instructions from his employer be convicted under the Computer Fraud and Abuse Act for accessing data “without authorization” or “exceed[ing] authorized access”? Susanna Griffith (’17) reflects on this question, based on her experience at the 2016 Spong Moot Court Tournament, hosted by William & Mary Law School. Her Contribution discusses the legal landscape and circuit split regarding the applicability of the statute to employees who have violated use restrictions and directives from employers. The Contribution argues that the narrow, code-based view is preferable as the clearly constitutional reading that also comports with standards of excellence in the field of cyber-security.