3

I originally looked at this for web scraping, but upon reading it more, it seems like it could be interpreted to include all types of common mistakes.

Does this even include something like a customer who entered his/her personal credentials issued by representatives of the service just for him into the wrong URL on the website as an attempt to "intentionally access without authorization/exceed" even though he thought that was the correct URL, like with different pages of demo and live accounts?

Can someone claim that the user intentionally tried to login regardless of good faith thinking it was the right place + right auth vs user clicks on a random button that lied and actually tried to log him in without authorization instead? Does the law anywhere says something like common day activities like this don't count? This law just seems really vague/broad in that it include a lot of reasonable mistakes.

jwodder
  • 170
  • 1
  • 10
clarity_not_ambiguity
  • 39
  • 1

1 Answers1

6

A law has to be "broad" to include a lot of possible crimes and intent of criminals and account for the good faith of non-criminals.

"Intentionally access without authorization/exceed" is actually fairly specific; "intent" is the keyword. Someone making a mistake may have intent to login, but no intent to commit a crime. Someone confused by "different pages of demo and live accounts" can easily defend their actions by pointing out that they were confused.

It's up to the reasonableness of the pertinent law enforcement and prosecutors to take into account the evidence that reasonable mistakes were made by little old ladies and not charge them with a crime. And for the most part, 98% of the time, law enforcement and prosecutors are reasonable.

BlueDogRanch
  • 19,184
  • 5
  • 37
  • 62