Sometimes, it is easy to determine if a crime has been committed. A murder, the shipment of a large quantity of illegal drugs, the armed robbery of a bank, all easily classify as a crime. The situation becomes less clear when dealing with other issues that have unsavory or illegal overtones, but may not obviously constitute criminal activity.
Computers present many challenges to lawmakers and prosecutors, because sometimes conduct that is potentially a violation of a contract or internal company policy could be viewed as criminal and charged as such by prosecutors. But unlike robbery, which has been a crime recognized for centuries by Anglo-American jurisprudence, cybercrimes have sparse case law and are built upon a constantly shifting framework of systems and platforms.
The U.S. Justice Department is attempting to have Congress amend the Computer Fraud and Abuse Act, which dates from 1986, to better focus the law on matters involving unauthorized access to computer database information.
Justice has lost several cases due to judge's worries concerning the vagueness and overbreadth of the current statute. As one judge noted, potentially accessing ESPN on your work computer could bring a federal prosecution.
Far-fetched as this sounds, the vast web of state and federal statutes and regulations is now so broad, that if a prosecutor wanted to pile up charges that could coerce a defendant into accepting a plea agreement on a lesser charge, there is often a statute or regulation that will supply their need.
Overcriminalization is dangerous because it grants prosecutors virtually unlimited power and discretion in choosing whether someone will face six-month probation or life in prison.
Source: chicagotribune.com, “Justice Department looks to sharpen computer crime law,” September 9, 2015