A recent ruling in Parziale v. HP, Inc., arising out of the implementation by Hewlett-Packard (“HP”) of a remote firmware update on many models of the company’s printers, highlights the potentially broad application of the Computer Fraud and Abuse Act (“CFAA”). It also serves as a reminder to technology companies that when distributing software and firmware updates, they must be mindful of providing specific advance notice that such updates may impact product or computer performance.

The Computer Fraud and Abuse Act

In 1986, Congress enacted the CFAA, reportedly in response to concerns arising from the Matthew Broderick film War Games, in which a teenage computer hacker accesses a U.S. Defense Department computer, unintentionally starts the launch sequence on the U.S. nuclear arsenal thinking it is a computer game, and comes close to starting World War III. Saving us all from annihilation, Broderick teaches the computer that when it comes to global thermonuclear war, “the only winning move is not to play.”

The CFAA is the primary computer crime law in the United States. Over the years, it has been amended several times and has broad application. The CFAA criminalizes fraud and certain other specified activities in connection with unauthorized access to computers. The CFAA also provides for civil remedies based on the same prohibited conduct.
Continue Reading Avoiding Claims Under the Computer Fraud and Abuse Act in Connection with Software and Firmware Updates