Computer Fraud & Abuse Act
Computer Fraud & Abuse Act
Computer Fraud and Abuse Act (18 USC 1030)
COMPUTER FRAUD AND ABUSE STATUTE
' 1030. Fraud and related activity in connection with computers
(a) Whoever
(1) knowingly accesses a computer without authorization or exceeds authorized access, and by means of
such conduct obtains information that has been determined by the United States Government pursuant to
an Executive order or statute to require protection against unauthorized disclosure for reasons of national
defense or foreign relations, or any restricted data, as defined in paragraph y. of section 11 of the Atomic
Energy Act of 1954, with the intent or reason to believe that such information so obtained is to be used
to the injury of the United States, or to the advantage of any foreign nation;
(2) intentionally accesses a computer without authorization or exceeds authorized access, and thereby
obtains information contained in a financial record of a financial institution, or of a card issuer as
defined in section 1602(n) of title 15, or contained in a file of a consumer reporting agency on a
consumer, as such terms are defined in the Fair Credit Reporting Act (15 U.S.C. 1681 et seq.);
(3) intentionally, without authorization to access any computer of a department or agency of the United
States, accesses such a computer of that department or agency that is exclusively for the use of the
Government of the United States or, in the case of a computer not exclusively for such use, is used by or
for the Government of the United States and such conduct affects the use of the Government's operation
of such computer,
(4) knowingly and with intent to defraud, accesses a Federal interest computer without authorization, or
exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains
anything of value, unless the object of the fraud and the thing obtained consists only of the use of the
computer;
shall be punished as provided in subsection (c) of this section.
(5) intentionally accesses a Federal interest computer without authorization, and by means of one or
more instances of such conduct alters, damages, or destroys information in any such Federal interest
computer, or prevents authorized use of any such computer or information, and thereby
http://cio.doe.gov/Documents/CFA.HTM (1 of 5)9/22/2006 4:07:02 PM