Although the Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030) is a federal statute that primarily protects against unauthorized computer access such as hacking, it can also impact employers in the realm of social media.  Originally enacted in 1984, CFAA makes it illegal to access knowingly or intentionally a “protected computer” without authorization or in excess of authorized access. Protected computers are defined broadly to include all computers that are used in or affect interstate commerce, and thus include most employer-owned computer systems.  Violations of CFAA may result in criminal penalties, and CFAA also permits individuals (and employers) to bring a civil action for damages or injunctive relief.  Employees rarely sue their employers under CFAA, but employers should nonetheless consider CFAA in formulating their social media policies and determining how they will regulate employee use of social media.