Creation of Fake Online Accounts to Study Algorithmic Bias Does Not Violate the Computer Fraud and Abuse Act, D.C. Court Rules

Proskauer - Law and the Workplace
Contact

Proskauer - Law and the Workplace

A federal judge recently held that researchers who violate a website’s terms of service by creating fake online accounts in order to study algorithmic bias in artificial intelligence software do not violate the Computer Fraud and Abuse Act (“CFAA”) (decision available here).

Brief Background

The decision resulted from a lawsuit filed by the American Civil Liberties Union (“ACLU”) against the Department of Justice (“DOJ”) on behalf of researchers and a nonprofit journalism group.  Several of the researchers had created fake employer and employee accounts in order to study the algorithms used by various websites (such as LinkedIn). The researchers were particularly interested in determining whether the algorithms discriminated against applicants on the basis of protected characteristics, such as sex, age, or race.

Realizing that the use of fake accounts violated the terms of service of many of the websites, the ACLU filed suit on behalf of the plaintiffs in order to seek a declaration that their conduct did not violate the CFAA’s “Access Provision,” which criminalizes the “intentiona[l] access [of] a computer without authorization or exceeding authorized access, and thereby obtaining . . . information from any protected computer.” 18 U.S.C. § 1030(a)(2)(C).  The suit contended that the Access Provision unconstitutionally restricted the researchers’ First Amendment right to free speech “by criminalizing their research plans and journalistic activities that involve violating websites’ terms of service.”

After determining that plaintiffs had standing, the Court adopted a narrow interpretation of the “exceeds authorized access” language of the CFAA.  Although the Court held that the conduct in question could expose a party to civil liability under other federal and state laws (e.g., lawsuits by website owners against individual violators to enforce their terms of service), it ultimately found that agreeing to terms of service “is not sufficient to trigger criminal liability under the CFAA.”

Finding that the conduct in question was not criminal in the first instance, the Court did not weigh in on the First Amendment concerns raised by plaintiffs.

Takeaways

While the Court’s decision permits researchers to create fake accounts to study algorithmic bias without concern of criminal liability under the CFAA, it does not absolve individuals of liability arising under other federal and state laws (let alone attorney ethics rules), or shield them from suits by website owners.

This decision further underscores the need for employers to continue to heed caution and consult counsel before unleashing “AI” software in their workplace as individuals and organizations actively seek to covertly assess possible algorithmic bias in AI platforms.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Proskauer - Law and the Workplace | Attorney Advertising

Written by:

Proskauer - Law and the Workplace
Contact
more
less

Proskauer - Law and the Workplace on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.