The IT Law Wiki

Computer Fraud and Abuse Act[]

An access device is defined as:

any card, plate, code, account number, or other means of account access that can be used alone or in conjunction with another access device, to obtain money, goods, services or any other thing of value, or that can be used to initiate a transfer of funds.

The term "would cover credit cards, debit cards, account numbers, and combinations of these and other methods of obtaining money, goods and services,"[1] as well as "invoices, vouchers, sales drafts, and other manifestations of access devices used between merchants and credit card companies for payment for access device transactions. Thus, any such paper medium would itself be an ‘access device’ quite apart from any card, plate or similar device that may have been used in creating such a paper instrument.”[2] It is "broad enough to encompass future technological changes and the only limitation i.e. ‘(other than a transfer originated solely by paper instrument)’ excludes such activities as passing forged checks."[3]


  1. H.R. Rep. No. 894, 98th Cong., 2d Sess. 19 (1984), reprinted in U.S. Code Cong. & Admin. News 3182, 3705, quoted approvingly in United States v. Brady, 820 F. Supp. 1346, 1349 (D. Utah 1993).
  2. Id.
  3. Id.