Category Archives: Articles

By Jamie M. Nafziger, partner Dorsey & Whitney Yesterday, ICANN approved the launch of its new generic top level domain name (gTLD) plan.  It will accept applications for new gTLDs from January 12, 2012, to April 12, 2012.  Under ICANN’s plan, anyone can apply to own and manage a gTLD, the part after the dot.  However, the expense for doing so is expected to exceed $500,000 over the first eighteen to twenty-four months, with significant yearly expenses thereafter. This move follows years of ICANN wrangling with brand owners and governments over opposition to the plan.  It is expected that the … [ Continue reading → ]

By Nick Akerman and Melissa Krasnow. Melissa Krasnow is a corporate partner in the Minneapolis office of Dorsey & Whitney LLP who also is a Certified Information Privacy Professional and a member of the International Association of Privacy Professionals Publication Advisory Board. What does a company do if it is faced with a possible or actual breach of customer, employee or shareholder personal data? California enacted the first state data breach notification law in 2003, obligating companies to notify individuals whose personal data had been compromised in a data breach. Since then, 45 more states have followed California’s lead in … [ Continue reading → ]

There are few reported cases that reflect the problems that can result from computer investigations being inexpertly performed. U.S. v. Koo, 2011 WL 777965 (D. Or. March 1, 2011), decided this month by an Oregon federal district court, illustrates what can go wrong when a novice directs a computer investigation. The underlying facts of the case are not atypical. Lawrence Hoffman, the owner of a manufacturer and distributor of after-market auto parts known as the Hoffman Group, discovered on eBay that JES Suppliers, LLC was offering to sell one of his products. A corporate records check revealed that JES Suppliers … [ Continue reading → ]

If anyone deserves a longer sentence, it is a sex offender who victimizes minors. But no one would ever have anticipated that a sex offender would receive extra prison time for using a basic cell phone in the furtherance of his crime. Last week the Eight Circuit Court of Appeals upheld the enhanced sentence of the defendant Neil Kramer who pleaded guilty to transporting a female minor in interstate commerce with the intent to engage in criminal sexual activity, Title 18, U.S.C. § 2423(a). Kramer’s prison sentence was increased by an extra 2 1/3 years because he had used his … [ Continue reading → ]

In Liberty Media Holdings, LLC. v. Does 1-59, 2011 WL 292128 *3 (S.D.Cal. Jan. 25, 2011) unknown individuals hacked into Liberty Media Holdings’ web servers and obtained “certain motion pictures” that it “reproduced and distributed . . . onto their local hard drives and other storage devices.” Not knowing the identity of these hackers Liberty Media Holdings filed a “John Doe” lawsuit alleging violations of three federal statutes: the Electronic Stored Communications Privacy Act, 18 U.S. C. §§ 2701 and 2702, violations of the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. §1030 and copyright infringement in violation of 17 … [ Continue reading → ]

On January 26, 2011, the federal district court in the Northern District of California granted Facebook a default judgment against Philip Porembski and PP Web Services LLC for obtaining “login credentials for at least 116,000 Facebook accounts without authorization” and for sending “more than 7.2 million spam messages to Facebook users.” Facebook, Inc. v. Fisher, 2011 WL 250395 *1 (N.D.Cal. Jan. 26, 2011) This case is a textbook example of how a company can use self help and available federal law to protect itself and its customers. Not only did Facebook bring a halt to the spam that was plaguing … [ Continue reading → ]

Two recent district court opinions add to the caselaw providing judicial guidance on how employers might update their corporate computer policies to be able to sue ex-employees for stealing company data based on the Computer Fraud and Abuse Act (“CFAA”), the federal computer crime statute. Title 18, U.S.C. §1030. This is a particularly significant problem when employees leave their current jobs to join competitors and attempt to gain an unfair advantage by stealing data from the company computers prior to their departure. 4 of the 7 sections of the CFAA that are the basis for a civil cause of action … [ Continue reading → ]

Court in ticket resale case says ‘yes,’ if it results in unauthorized access, an essential element of the crime. The U.S. Department of Justice has brought a Computer Fraud and Abuse Act (CFAA) prosecution in New Jersey against the owners and operators of Wiseguy Tickets Inc., an online ticket seller for concerts and sports events. A critical element in proving most violations of the CFAA, the federal computer crime statute, is that the defendant’s access to the computer (interpreted broadly to include a Web site) that is the object of the criminal activity was “without authorization or exceeds authorized access.” … [ Continue reading → ]

I recently reported that the federal court in Tennessee refused to overturn the Computer Fraud and Abuse Act conviction of David Kernel, the 22 year-old college student who had hacked into the Yahoo! email account of then Vice Presidential candidate Sarah Palin. Kernel had been convicted after a jury trial last April. Today the Judge sentenced Kernel to a year and a day and recommended to the Bureau of Prisons that he serve his time in a halfway house. Given that then Governor Palin had released to the world all of the information that Kernel used to identify the password … [ Continue reading → ]

While the federal Computer Fraud and Abuse Act (“CFAA”) permits seven causes of action to be brought by individuals or companies who have been victims of violations of the statute, practitioners lose sight of the fact that the CFAA is at its core a criminal statute. Nyack Hospital v. Moran, 2010 WL 4118355 (S.D.N.Y. June 1, 2010) neatly illustrates the importance of being able to prove the criminal elements of the statute in order to obtain a civil remedy – damages or injunctive relief. The defendant, Kevin Moran, had been employed by Nyack Hospital as its Manager of Organizational Development. … [ Continue reading → ]