The US Department of Justice is changing its policy around a controversial anti-hacking law, addressing longstanding complaints from cybersecurity researchers that the law could criminalize good-faith efforts to improve technology.
The Computer Fraud and Abuse Act, or CFAA, is a federal statute outlawing unauthorized access to computers and networks. While prosecutors have used the law to convict thousands of people, critics have long said the statute, enacted in 1986, is overly broad and gives prosecutors the flexibility to charge defendants for innocuous digital activity.
