Elements

Section summary§1030(a)(4) requires unauthorized access (or exceeding access), intent to defraud, and obtaining something of value beyond de minimis computer use.

Elements:

  • Access to protected computer.
  • Without authorization or exceeding access.
  • Intent to defraud.
  • Obtained anything of value (more than de minimis computer use).

Intent to Defraud

Section summarySpecific intent to defraud is required. The fraud element distinguishes this from §1030(a)(2). Standard fraud-element analysis applies.

Intent considerations:

  • Specific intent to defraud.
  • Deception with intent to obtain something of value.
  • Pattern of conduct supports intent.
  • Use of authorized access for purely fraudulent purpose.

Anything of Value

Section summary"Anything of value" is broadly defined — money, property, information, services. De minimis computer use alone does not satisfy the element.

Value categories:

  • Money.
  • Property.
  • Information with value.
  • Services.
  • Anything having pecuniary or quasi-pecuniary value.

Wire Fraud Overlap

Section summary§1030(a)(4) is often charged alongside wire fraud (§1343). Wire fraud has 20-year maximum; CFAA has 5-year maximum. Charging strategy varies.

Wire fraud overlap:

  • Wire fraud: §1343, 20-year maximum.
  • CFAA fraud: §1030(a)(4), 5-year maximum.
  • Common to charge both for same conduct.
  • Wire fraud often the lead count due to higher sentence.

Sentencing

Section summaryUp to 5 years for §1030(a)(4) base offense. Loss amount drives Sentencing Guidelines analysis.

Sentencing framework:

  • 5-year statutory maximum.
  • Sentencing Guidelines apply.
  • Loss amount affects offense level.
  • Sophisticated means enhancement available.

Need defense counsel?

L&L Law Group, PLLC handles Computer Crimes Defense cases throughout DFW. Initial consultations are free.

Call (972) 370-5060 →

Forensic Foundation

CFAA Fraud Under §1030(a)(4) cases turn on digital-forensic evidence: device images, file metadata, network logs, cloud-account records, malware reverse engineering, and attribution analysis. Counsel handling a §1030(a)(4) fraud charge must engage with the forensic record at a technical level, not just legal level.

The defense's threshold task is review of the government's forensic methodology. Was the device imaged using accepted procedures? Was the image hash-verified against the original? Did the examiner have appropriate certifications? Did the analysis follow the examiner's lab's standard operating procedures? Each step in the chain produces potential challenges at hearing and trial.

Where the case turns on contested forensic findings, the defense should retain an independent examiner. The defense expert reviews the government's work, performs parallel analysis where possible, and is available to testify if needed. Funding for defense experts is available in federal cases under the Criminal Justice Act (18 U.S.C. §3006A) and in Texas indigent cases under Code of Criminal Procedure Article 26.05.

Van Buren and Authorization Screen

The Supreme Court's decision in Van Buren v. United States, 593 U.S. 374 (2021), reshaped the CFAA "exceeds authorized access" analysis. The Court held that the statute applies only where the defendant accessed an area of a computer system they were not entitled to enter at all — not where they had credentials but used them for an improper purpose. The "gates-up-or-down" inquiry asks whether the user could or could not access the specific area, not why they accessed it.

For a §1030(a)(4) fraud charge (where authorization is in issue), the defense must screen the indictment against the post-Van Buren framework. Cases built on theories that the defendant misused authorized access — rather than entering a system they had no right to enter — should be evaluated for dismissal under Van Buren. Many CFAA charges filed before 2021 survived only because the law had not yet been clarified; charges filed since must satisfy the gates-up-or-down standard.

The defense should also consider whether parallel state charges (Texas Penal Code §33.02) provide the same protection. Texas "effective consent" analysis under Chapter 1 of the Penal Code is broad. A defendant who had colorable authorization — an unrevoked password, a shared account, an implied license — has a defense to the access element under state law that runs parallel to the federal Van Buren analysis.

The CFAA fraud provision and its statutory elements

Title 18 U.S.C. Section 1030(a)(4) prohibits knowingly and with intent to defraud accessing a protected computer without authorization, or exceeding authorized access, and by means of such conduct furthering the intended fraud and obtaining anything of value. The provision is among the most frequently charged CFAA subsections in cases involving insider misconduct, business email compromise, and other forms of computer-enabled fraud. The penalty structure permits up to five years of imprisonment for a first offense and up to ten years for a subsequent offense.

The statutory elements have specific components that the government must prove. The defendant must have accessed a protected computer, which includes virtually any computer connected to the internet or used in interstate commerce. The access must have been without authorization or in excess of authorized access, which raises the central question after Van Buren v. United States about what constitutes exceeding authorization. The defendant must have acted knowingly and with intent to defraud, which is a substantial mens rea element distinct from mere unauthorized access. The defendant must have furthered the intended fraud through the access. And the defendant must have obtained anything of value, which is interpreted broadly.

The five-thousand-dollar value threshold under Section 1030(a)(4) excludes from prosecution cases where the only value obtained is use of the computer itself if that value does not exceed $5,000 during a one-year period. The threshold creates a substantial limitation on prosecution for low-value computer use cases but does not affect prosecutions for cases involving substantive theft of money, data, or other items of value beyond mere computer use.

The post-Van Buren authorization analysis

The Supreme Court decision in Van Buren v. United States, 593 U.S. 374 (2021), fundamentally reshaped the authorization analysis under the CFAA. The Court held that exceeding authorized access does not include accessing files or systems that one is permitted to access but for purposes that violate use policies. The decision narrowed CFAA liability substantially and provides a strong defense in many cases involving alleged use-policy violations.

The Van Buren framework distinguishes between gate-up and gate-down access. Gate-up access involves entering systems or accessing files that one is not permitted to enter or access at all. Gate-down access involves entering systems or accessing files that one is permitted to access but using them in ways that violate policies. The Court held that CFAA reaches gate-up access but not gate-down policy violations. The framework provides a clear analytical structure for evaluating CFAA cases.

The defense application of Van Buren focuses on identifying the specific access that the government alleges was unauthorized and determining whether the access fits the gate-up or gate-down framework. An employee who used legitimate credentials to access systems the employee was authorized to access, even if the employee used the access for personal or improper purposes, has a Van Buren defense. The defense should preserve the Van Buren argument through pretrial motions to dismiss and motions for judgment of acquittal.

The intent to defraud element and proof considerations

The intent to defraud element under Section 1030(a)(4) requires proof that the defendant acted with the specific intent to deceive or cheat for the purpose of obtaining something of value. The element is a substantial mens rea hurdle that distinguishes Section 1030(a)(4) from simple unauthorized access offenses under other CFAA subsections. The government must prove the specific intent rather than mere reckless or negligent conduct.

The proof of intent to defraud typically depends on circumstantial evidence including the defendant deceptive conduct, the defendant statements about the purpose of the access, the use the defendant made of the obtained information, and the relationship between the alleged deception and the obtaining of value. Direct evidence of intent is rare, and the cases typically proceed on circumstantial proof that the fact-finder must evaluate.

The defense in Section 1030(a)(4) cases can challenge the intent element through multiple approaches. The defense can show that the defendant believed the access was authorized and that any obtained value was incidental rather than the purpose of the access. The defense can challenge the connection between the alleged access and the alleged value, showing that the value would have been obtained regardless of the access. The defense can also challenge the alleged deception, showing that any false statements were not material to the obtaining of value.

Sentencing considerations and the parallel fraud charges

The federal sentencing for Section 1030(a)(4) violations under USSG Section 2B1.1 considers the loss amount, the sophistication of the offense, the number of victims, and other specific characteristics. The loss amount drives the base offense level, with substantial enhancements for losses exceeding specific thresholds. The defense should engage in detailed analysis of the loss calculation because the loss directly determines the sentencing range.

The parallel fraud charges that frequently accompany Section 1030(a)(4) prosecutions include wire fraud under 18 U.S.C. Section 1343, mail fraud under Section 1341, bank fraud under Section 1344, and various identity theft charges. The fraud charges often have higher statutory maximums than Section 1030(a)(4) and can produce substantially higher sentencing exposure. The defense should evaluate the overall charging structure and should consider whether the CFAA charge or the fraud charges drive the sentencing analysis.

The plea negotiation in Section 1030(a)(4) cases should consider both the immediate sentencing exposure and the longer-term consequences including restitution obligations, supervised release terms, and collateral consequences for licensed professionals. The negotiated disposition often involves trade-offs among the various charged counts, with the defense seeking dispositions that minimize both the immediate sentence and the long-term consequences. The defense should pursue negotiated dispositions actively while preserving litigation options where the negotiation does not produce acceptable terms.

Frequently Asked Questions

What is "more than de minimis" use of the computer?
The phrase distinguishes simple computer use from significant value obtained. Authorized employees who use the computer to commit fraud against the employer would typically satisfy the value element through the fraud proceeds, not just computer use itself.
Can authorized employees be charged with CFAA fraud?
Yes, when they use authorized access to commit fraud. Pre-Van Buren cases supported broader application; post-Van Buren analysis focuses on whether access to specific information was authorized.
Does CFAA fraud require the victim to be the computer owner?
No. The victim of the fraud can be different from the computer owner. The "obtained anything of value" can come from any victim, not just the protected computer owner.
How does loss amount affect sentencing?
Loss amount is the primary Guidelines driver. Under §2B1.1, loss amount determines offense level. Substantial losses can produce significant sentence increases.
Part of a larger guide

Read the full Texas Computer Crimes Defense Guide

This article is one section of our comprehensive Texas Computer Crimes Defense Guide. The pillar guide covers recent developments, official resources, and the complete framework with deeper analysis.

Read the Pillar Guide →
⚖️
Texas Bar
Licensed
Bar Nos. 24043266 · 24043514
🏆
40+
Years Combined
Criminal Defense Experience
📞
Free
Consultation
Direct to Attorney
🔓
24/7
Jail Release
Available 7 Days a Week

Practical Checklist

  • Document everything early. Communications, records, and witness contact information lose value as time passes. Preserve them at the start of the case.
  • Identify all parallel proceedings. Criminal, administrative, civil, and regulatory tracks often run in parallel. A statement in one becomes evidence in another. Map the full picture before any disclosure.
  • Calendar every deadline. Filing deadlines, response deadlines, discovery deadlines, and hearing dates all have consequences. Missing a deadline can foreclose defenses that the facts otherwise support.
  • Build the mitigation package early. Witness letters, treatment records, employment verification, and character references take time to gather. Counsel should begin building the package at the first consultation, not as the hearing approaches.
  • Coordinate counsel across forums. Where the matter implicates multiple proceedings, having coordinated counsel (whether one firm or multiple firms in close communication) avoids the strategic errors that inconsistent representation creates.
  • Understand the public-record dimension. Many dispositions create searchable records that follow the licensee, defendant, or respondent for years. The decision to contest versus resolve must account for the public visibility of each path.

For a confidential evaluation of your matter, call L&L Law Group at (972) 370-5060 or email info@landllawgroup.com. Initial consultations are free.

Next Steps

If you are facing a situation described here, consult counsel promptly. Many issues in this area run on strict deadlines.

Reggie London & Njeri London

Co-Founding Partners · L&L Law Group, PLLC

Reggie London (Tex. Bar #24043514) and Njeri London (Tex. Bar #24043266) co-founded L&L Law Group in Frisco, Texas.

This guide was reviewed by Reggie London on May 30, 2026.

Cite this guide

Bluebook: Reggie London & Njeri London, CFAA Fraud §1030(a)(4), L&L Law Group (May 30, 2026), https://landllawgroup.com/insights/cfaa-fraud-1030-a-4/.

APA: London, R., & London, N. (2026, May 30). CFAA Fraud §1030(a)(4). L&L Law Group.