As used in this part, the term:
(1) "Authorized user" means, for a protected computer:
- (a) the protected computer's owner; or
- (b) an individual who has permission to access the protected computer under Section 63D-3-103.
(2)
- (a) "Computer" means an electronic, magnetic, optical, electrochemical, or other high-speed data processing device that performs logical, arithmetic, or storage functions.
- (b) "Computer" includes any data storage device, data storage facility, or communications facility that is directly related to or that operates in conjunction with the device described in Subsection (2)(a).
(3)
- (a) "Damage" means, for a protected computer's owner, the cost associated with an individual's unauthorized access to information stored on a protected computer.
(b) "Damage" includes:
- (i) the cost of repairing or restoring a protected computer;
- (ii) economic damages;
- (iii) consequential damages, including interruption of service; and
- (iv) profit by the individual from the unauthorized access to the protected computer.
(4) "Harm" means any impairment to the integrity, access, or availability of:
- (a) data;
- (b) a program;
- (c) a system; or
- (d) information.
(5) "Owner" means a person who:
- (a) owns or leases a protected computer; or
- (b) owns the information stored in a protected computer.
(6)
(a) "Protected computer" means a computer that:
- (i) is used in connection with the operation of a business, state government entity, or political subdivision; and
- (ii) requires a technological access barrier for an individual to access the computer.
- (b) "Protected computer" does not include a computer that an individual can access using a technological access barrier that does not, to a reasonable degree of security, effectively control access to the information stored in the computer.
- (7) "Technological access barrier" means a password, security code, token, key fob, access device, or other digital security measure.
- (8) "Traffic" means to sell, purchase, or deliver.
(9) "Unauthorized user" means an individual who, for a protected computer:
- (a) is not an authorized user of the protected computer; and
(b) accesses the protected computer by:
- (i) obtaining, without an authorized user's permission, the authorized user's technological access barrier; or
- (ii) circumventing, without the permission of the protected computer's owner, a technological access barrier on the protected computer.
Enacted by Chapter 209, 2016 General Session