Section 1030(a)(4) criminalizes "knowingly and with intent to defraud" computer accessing without authorization and/or obtaining something of value as a result.
CFAA criminalizes this behavior elsewhere in the statute. Section 1030(2)(2)(B) criminalizes accessing computer systems without authorization and obtaining information from a US agency or department.
It also prohibits accessing without authorization any "protected computer." The ill-defined term invites abuse. It can mean any government operated one.
Conduct prohibited under section 1030(a)(4) is redundant. It's covered under the wire fraud statute (18 USC 1343). It criminalizes wire communications for fraudulent schemes.
Redundant sections let overzealous prosecutors pile one. They can add multiple charges. They can ratchet up penalties. They can turn minor infractions into major ones.
Other statutes also address computer crime. Employees using their computer credentials for access into corporate systems to obtain sensitive proprietary information can be charged with misappropriation of trade secrets under 18 USC 1832.
Improperly accessing Social Security numbers for identity theft purposes can be prosecuted under the identity theft statute (18 USC 1028).
Aggravated identity theft can be charged under 18 USA 1028A. Persons trafficking in stolen passwords for an online bank account face charges of trafficking in a stolen access device under 18 USC 1029.
"Repeat offenses should trigger harsher punishments only if they happen after a prior conviction," says EFF.
Computer misdemeanors shouldn't be criminalized. They're misunderstood. Maximum penalties are one year or less imprisonment.
Felonies bring more than one year. Multiple ones pile on. Harsher punishment follows. Doing so should be restricted to serious crimes.
Offenses causing little or no harm should be minor misdemeanors. Lives shouldn't be ruined for slight infractions. Loss of freedom is serious. Probation terms can be onerous. Minor violations can bring harsh punishment.
Felonies should be restricted to unauthorized access for commercial advantage or private fair market financial gain exceeding $10,000.
They should be related to other felonies. Examples include identity theft, obtaining trade secrets, criminal copyright infringement, or stealing classified government information.
They should apply to damaging computer systems if doing so impairs medical diagnoses or treatment, injures people other ways, creates public health or safety issues, affects government computers used for justice, national defense, or national security, and/or is done for commercial advantage or significant private financial gain.
After Aaron Swartz's death, EFF called for fixing draconian computer crime law. Doing so requires penalties proportionate to wrongdoing.