Editing Reverse engineering vs illegal hacking (section)

==Narrowing computer hacking laws==

The Supreme Court's 2021 decision in '''Van Buren v. United States''' fundamentally changed how courts interpret the Computer Fraud & Abuse Act (CFAA).<ref>{{Cite web |title=VAN BUREN v. UNITED STATES
CERTIORARI TO THE UNITED STATES COURT OF APPEALS FOR
THE ELEVENTH CIRCUIT
No. 19–783. Argued November 30, 2020—Decided June 3, 2021 |url=https://www.supremecourt.gov/opinions/20pdf/19-783_k53l.pdf}}</ref> The 6-3 majority adopted a "gates-up-or-down" test: you either have permission to access a computer system or you don't. Violating terms of service or using legitimately accessed data for improper purposes doesn't constitute ''"exceeding authorized access"'' under CFAA.

This decision protects security researchers & reverse engineers who:
*Access publicly available systems
*Use credentials they were legitimately given
*Don't bypass technical access controls
*Violate only terms of service, not technical barriers

The Ninth Circuit applied this framework in '''hiQ Labs v. LinkedIn''' (2022), finding that scraping publicly accessible data doesn't violate CFAA since there are ''"no gates to lift or lower"'' on public websites.<ref>{{Cite web |title=HIQ LABS, INC. V. LINKEDIN CORPORATION, No. 17-16783 (9th Cir. 2022) |url=https://law.justia.com/cases/federal/appellate-courts/ca9/17-16783/17-16783-2022-04-18.html}}</ref>