Supreme Court Rules in Favor of Officer Who Sold Police Data

The U.S. Supreme Court ruled Thursday that a police officer who provided information from a police license plate database to an acquaintance in exchange for around $5,000 did not violate the law.

The case, Van Buren v. United States, appealed former Georgia police sergeant Nathan Van Buren’s felony conviction under the Computer Fraud and Abuse Act of 1986 (CFAA), which makes it illegal “to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.”

Justice Amy Coney Barrett wrote the opinion for the majority, ruling Van Buren did not violate the CFAA in this instance. Justice Barrett was joined by justices Breyer, Sotomayor, Kagan, Gorsuch, and Kavanaugh. Justice Thomas filed a dissenting opinion, joined by Chief Justice Roberts and Justice Alito.

In violation of his department’s policy, Van Buren provided information from the police database to an acquaintance who offered him about $5,000 to search for a license plate number. The acquaintance told Van Buren he wanted to know whether the license plate, supposedly belonging to a woman he met at a strip club, actually belonged to an undercover police officer. The acquaintance turned out to be part of an FBI sting. Van Buren was subsequently convicted of violating the CFAA and sentenced to 18 months in prison. He appealed the decision, arguing the CFAA did not apply to his actions.

The Court sided with Van Buren, interpreting the law to cover individuals “who obtain information from particular areas in the computer – such as files, folders or databases – to which their computer access does not extend. It does not cover those who, like Van Buren, have improper motives for obtaining information that is otherwise available to them.”

To interpret the statute differently, Barrett wrote, would be to criminalize “a breathtaking amount of commonplace computer activity.” She continued, “On the Government’s reading of the statute, an employee who sends a personal e-mail or reads the news using her work computer has violated the CFAA.”

Thomas’ dissent argued common law and statutory laws have historically punished individuals who exceed the scope of their authorization when using another’s property. Thomas noted Van Buren did in fact exceed his authorized access, writing, “Everyone agrees that he obtained [the information] for personal gain, not for a valid law enforcement purpose. And without a valid law enforcement purpose, he was forbidden to use the computer to obtain that information.”

Much of the argument preserved in the majority opinion focused on each side’s interpretation of the word “so” in the statute. The dissent instead focused on the interpretation of the word “entitled,” which, Thomas wrote, necessitates an evaluation of the circumstances surrounding the access.

Additional Reading

Justice Barrett parts ways with 3 conservative justices in ruling on reach of computer fraud law, ABA Journal (June 3, 2021)

Officer Who Sold Police Computer Data Gets A Pass From The Supreme Court, NPR (June 3, 2021)

Van Buren v. United States, 593 U.S. __ (2021)

18 U.S.C. § 1030

Image Credit: RozenskiP /