A case before the Supreme Court may imperil consumers’ ability to access and repair computers they own – including medical devices. The implications of the ruling could have major implications for patients, the healthcare supply chain, and others for years to come. Here’s why.
The case, Van Buren v. United States, tests the limits of the Federal Computer Fraud and Abuse Act and will likely address the statute’s definition of “computer,” and what constitutes “unauthorized access.” Back when the statute was written in 1986, few could predict that, one day, we’d be walking around with handheld computers, using agricultural tractors relying on satellite-guided computers, or much less that common medical devices – like electrosurgical scalpels or diagnostic cardiac devices – would be considered “computers” too.
Further, when Congress wrote its law, “unauthorized access” was intended to prevent hacking. The law was written soon after the Matthew Broderick movie, Spy Games, which spooked legislators and spurred action to prevent the hacking of government computers and prevent thermonuclear war. Over time, the law was amended, and interpretations of “unauthorized access” have expanded. Who then could have conceived that the now common, simple – and often necessary – act of having a third party repair our smart phones or reprocess our medical devices, could expose one to civil and criminal liability?
Decades later, computer use has exploded and all forms of potential “unauthorized access” take place daily given the web and interconnectedness of these devices. Most computers, whether used for personal or commercial use, can be seen getting equipped with Firewall (learn more on https://www.linode.com/docs/guides/introduction-to-firewalld-on-centos/ or similar webpages) and other such network options to prevent their data from being hacked into. What’s more, if the 11th Circuit Court’s position on the matter prevails, the CFAA’s provisions against exceeding authorized access “could extend to violations of the fine print” in terms of use or terms of agreement issued by manufacturers. AMDR does not believe the intent of the law included giving manufacturers a “back door” means to suppress competition. With the simple act of amending their terms of use or terms of service, any computer maker could make nearly any “unauthorized access” a federal crime. Did Congress intend to make the CFAA a “sweeping Internet-policing mandate?” Should it be a federal crime to have a third-party repair your smartphone? To access a friend’s Netflix account?
The reality is that many handheld surgical devices today are “computers.” They contain microchips and processors which, when connected to a larger generator or console, power and control these devices. But some medical device makers force obsolescence into these handheld devices, ensuring they stop working after a single use. Thus, under FDA’s careful oversight, medical device reprocessors must reset these chips, in addition to cleaning, testing, disinfecting or sterilizing them, to ensure reprocessed devices will work and be as safe and effective as the first time.
The alternative, throwing out these hospital assets, would unnecessarily drive up costs and add to medical waste. This, at a time when hospitals are desperate to lower costs to keep their doors open and battle COVID-19, would further reliance on an already taxed healthcare supply chain.
But now, at least one device company is claiming that such resetting of the chips, and/or use of AMDR members’ reprocessed versions of these devices, constitutes “unauthorized access,” creating both civil and criminal liabilities for reprocessors. Given this logic, by amending their terms of service, these device companies can employ federal statutes to criminalize reprocessing of hospital-owned medical devices or, perhaps, having one’s smartphone repaired by a third-party or, even potentially for accessing a friend’s Netflix account. While there are criminal defense lawyers available who could assist someone in this situation, the fact that it could happen is a cause for concern in of itself. This was not Congress’ intent when passing the CFAA. This monopolistic behavior threatens to severely undermine centuries of case law underscoring a consumer’s right to repair – and reprocess – their own devices. Indeed, whether they go to Replace Draining & Weak iWatch Battery with a professional or by themselves, this is a legal right that they, as owners of the device, should have.
It’s not every lawyer whose clients have issues go all the way up to the Supreme Court. I’ve now had the honor of twice filing amicus briefs to the Supreme Court to defend reprocessing. In Impression Products, Inc. vs. Lexmark International, Inc., the Supreme Court decided in our favor, protecting the consumer’s right to do with their own equipment what they want, without fear of excessive claw backs from the original manufacturers – that time with regard to patent matters. However, we might not have achieved a similar outcome without a reliable consumer rights attorney on our side. That is why it’s crucial to hire a lawyer after doing proper research and understanding what assistance they could offer.
And today, we are at it again. The outcome of this case is critical to the future of reprocessors, all aftermarket repair outfits and the consumers who rely on them. If not decided narrowly on the definition of “unauthorized access,” device manufacturers and other computer companies can misuse the courts to effectively stifle any competition.
Other amici filers joining AMDR in favor of the Petitioner, Van Buren, include the:

  • American Antitrust Institute
  • American Civil Liberties Union
  • Americans for Prosperity Foundation
  • Associated Press
  • Association of Medical Device Service Organizations
  • Buzzfeed
  • Committee for Justice
  • The Daily Beast
  • Dow Jones & Company
  • Engine Advocacy
  • Innovation Defense Foundation
  • Knight First Amendment Institute
  • Lincoln Network
  • National Association of Criminal Defense Lawyers
  • National Whistleblower Center
  • The New York Times
  • Public Knowledge
  • Reporters Committee for Freedom of the Press
  • United States Technology Policy Committee
  • The Washington Post

AMDR’s amicus brief is here. A link to the briefings is here and a case summary from National Law review is here.
Reprocessing is important, now more than ever. The COVID-19 pandemic has shined a light on wasteful hospital practices. Never again will healthcare personnel simply look at their medical device and supplies as easily replaceable commodities. Now every dollar and every device must be treated as an asset, a resource and an investment that should be maximized.
I’m proud of AMDR and its two decades of work defending the right of healthcare consumers to maximize the value of their medical device assets to lower costs, expand care, reduce dependence on the global supply chain, and reduce hazardous medical waste.