Swing and a Miss: Senator Klobachur’s Foray into Cloud Computing



On September 19, 2012, Senator Klobachur introduced a bill titled “Cloud Computing Act of 2012” (the “Act”) that would amend the Computer Fraud and Abuse Act (“CFAA”). Essentially, the intent of the Act is to make it a criminal offense to access a server without authorization that is owned by a cloud provider. The Act defines a “cloud computing service” as “a service that enables convenient, on-demand network access to a shared pool of configurable computing resources (including networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or interaction by the provider of the service.” While others have criticized the Act for this definition alone, Senator Klobachur used the definition of “cloud computing” that was developed by the National Institute of Standards and Technology, which is the generally accepted definition of “cloud computing.”

The problem with Senator Klobachur’s bill is that it adds to the already confusing CFAA without adding any meaningful protection. The Act applies to a “protected computer” that is part of a “cloud computing service.” The term “protected computer” under the CFAA already has the broadest definition possible; namely, “a computer *** which is used in or affecting interstate . . . commerce or communication.” There is no distinction made as to the location of the computer or its connectivity to other computers. By this definition, every computer connected to the Internet is a “protected computer” because as it interacts with various websites, it is being used in interstate commerce.

Cloud computing is a delivery method for software. It is not, as the Act seems to suggest, a new type of computer that the CFAA failed to account for. It is back to the drawing board for Senator Klobachur.

Written by:

Published In:

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Winthrop & Weinstine, P.A. | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.