In my latest post on my blog Proofs and Protocols, I teamed up with my colleague, Variant Investment Partner Cooper Kunz, to dissect the Computer Fraud and Abuse Act (CFAA) and browser extensions (e.g., Chrome Extensions). Here’s a thread with the TLDR 👇

Deputy GC @variant | casts are not legal advice | I am not your lawyer

The CFAA is a federal statute originally passed to prevent hacking.  Facebook, X, and LinkedIn have utilized the CFAA heavily in recent years to go after scraping services they view as a threat to their business models that rely on locking data within their platforms

If you’re a Web3 company building a browser extension and find this interesting, please reach out; would love to hear what you’re working on

Read the full post:

https://paragraph.xyz/@proofs-and-protocols/browser-extensions,-the-cfaa-and-user-control-5

We review case law in the 9th Circuit and devise a “user control” theory to understand the CFAA.  Under this theory, we conclude that if a browser extension does not control the user’s account with the platform (e.g., it does not have the user’s login credentials), a CFAA claim brought by the platform against that provider is unlikely to survive