As used in this part, the term:(1) “Authorized user” means a director, officer, employee, third-party agent, contractor, or consultant of the owner, operator, or lessee of the protected computer or the owner of information stored in the protected computer if the director, officer, employee, third-party agent, contractor, or consultant is given express permission by the owner, operator, or lessee of the protected computer or by the owner of information stored in the protected computer to access the protected computer through a technological access barrier. Such permission, however, is terminated upon revocation by the owner, operator, or lessee of the protected computer or by the owner of information stored in the protected computer, or upon cessation of employment, affiliation, or agency with the owner, operator, or lessee of the protected computer or the owner of information stored in the protected computer.
(2) “Business” means any trade or business regardless of its for-profit or not-for-profit status.
(3) “Computer” means an electronic, magnetic, optical, electrochemical, or other high-speed data processing device that performs logical, arithmetic, or storage functions and includes any data storage facility, data storage device, or communications facility directly related to, or operating in conjunction with, the device.
(4) “Harm” means any impairment to the integrity, access, or availability of data, programs, systems, or information.
(5) “Loss” means any of the following:(a) Any reasonable cost incurred by the owner, operator, or lessee of a protected computer or the owner of stored information, including the reasonable cost of conducting a damage assessment for harm associated with the violation and the reasonable cost for remediation efforts, such as restoring the data, programs, systems, or information to the condition it was in before the violation.
(b) Economic damages.
(c) Lost profits.
(d) Consequential damages, including the interruption of service.
(e) Profits earned by a violator as a result of the violation.
(6) “Protected computer” means a computer that is used in connection with the operation of a business and stores information, programs, or code in connection with the operation of the business in which the stored information, programs, or code can be accessed only by employing a technological access barrier.
(7) “Technological access barrier” means a password, security code, token, key fob, access device, or similar measure.
(8) “Traffic” means to sell, purchase, or deliver.
(9) “Without authorization” means access to a protected computer by a person who:(a) Is not an authorized user;
(b) Has stolen a technological access barrier of an authorized user; or
(c) Circumvents a technological access barrier on a protected computer without the express or implied permission of the owner, operator, or lessee of the computer or the express or implied permission of the owner of information stored in the protected computer. The term does not include circumventing a technological measure that does not effectively control access to the protected computer or the information stored in the protected computer.