Smith says updating both laws will help provide greater legal certainty related to cloud computing.
While lawmakers, industry, public interest groups and others debate how to update ECPA, there has been little discussion of also updating the CFAA. In an interview following his speech to the Gov 2.0 Expo this week, Smith noted one area that an update of CFAA could address is the ability of cloud service providers to sue those who may attack data stored by an indivdual in the cloud operated by a third party.
During a Senate Judiciary hearing late last year on legal issues related to cyber attacks, at least one witness also cited the need to update the CFAA.
“This includes the right of private response to computer penetrations, such as cyber counterattacks, by our government or private individuals or companies in retaliation for cyber intrusions.”
http://techdailydose.nationaljournal.com/2010/05/microsoft-official-calls-for-u.php