Effort to update computer fraud law draws warning from Justice Dept

The Justice Department told lawmakers that inside attacks could go unpunished if they bow to the concerns of public interest groups and change anti-hacking laws to protect computer users who breach Web terms of service agreements.

The 1986 Computer Fraud and Abuse Act, which is expected to be updated as part of a larger cybersecurity overhaul, currently allows the government to convict people who have violated rules set by employers or service providers for surfing the Web. In advance of a Senate Judiciary Committee hearing on revising the law, activists from across the ideological spectrum sent a letter to Committee Chairman Sen. Patrick Leahy (D-VT) and Ranking Member Charles Grassley (R-Iowa) asking lawmakers to remove leeway in the phrase "exceeds authorized access" so that, for instance, employers cannot go after non-criminal personnel who unintentionally run afoul of access rules. But Justice officials said restricting the wording could let computer crooks off the hook.