A significant opinion concerning computer security was one of those the United States Supreme Court (“SCOTUS”) issued during its end-of-term flurry this year. Employers and others who permit computer access to sensitive information for business or other defined purposes may want to take note. Spoiler alert: the opinion undercuts use of the Computer Fraud and Abuse Act of 1986 (“CFAA”), 18 U.S.C. §1030 et seq., to obtain federal jurisdiction in employer-employee disputes. (As a practical matter, the Defend Trade Secrets Act of 2016 had already filled the gap for many ...
A California legislator recently introduced two bills in Congress which, if passed, could have profound effects for companies seeking to pursue claims relating to trade secrets and confidential information - one bill would create a new private right of action under federal law for trade secret theft, while the other bill would appear to limit plaintiffs' abilities to pursue existing remedies for computer fraud and abuse.
An action pending in federal court in New York demonstrates that the Computer Fraud and Abuse Act ("CFAA") should not simply be added to an employer's complaint against its former employees and a competitor, primarily alleging common law claims sounding in misappropriation of trade secrets and unfair competition, in connection with the alleged poaching of the employer's clients. In a recent decision, the Court dismissed the state law claims, finding that they formed the real body of the case, and retained jurisdiction over the CFAA claim. The CFAA claim is now the subject of defendants' motion to dismiss, on the grounds that the former employees had authorized access to the computer systems of the employer, and therefore the statutory prerequisites to state a claim were not met.
This week, in LVRC Holdings LLC v. Brekka, the Ninth Circuit Court of Appeals issued a published opinion rejecting an employer's argument that its former employee violated the Computer Fraud and Abuse Act when he emailed company client lists and financial data to himself for personal use.
Employers looking to protect their intellectual property and proprietary information, and wondering whether they can punish the departing employees that ignore demands to return laptops and other transportable electronic devices that hold such data, may now have a newly invigorated weapon at their disposal -- the Computer Fraud and Abuse Act.