The CFAA only applies to protected computers and intrusion into those computers. Watching network traffic or modifying network traffic in a MitM possition, without using found credentials doesn't seem to rise to the level of a computer intrusion. Of course, it's unlikely a protected computer is going to be connecting to a public WiFi AP in the first place..
> The only computers, in theory, covered by the CFAA are defined as "protected computers".
> In practice, any ordinary computer has come under the jurisdiction of the law, including cellphones, due to the interstate nature of most Internet communication.
