Category Archives: Recent Updates

On December 15, 2011, the 9th Circuit Court of Appeals heard argument en banc in U.S. v. Nosal, 642 F.3d 781 (9th Cir. 2011), reh’g en banc granted (Oct. 27, 2011). As expected, the oral argument focused on the meaning of unauthorized access under the Computer Fraud and Abuse Act. The issue is whether an employee can be prosecuted under the CFAA for accessing his employer’s computer in violation of rules established by the employer restricting access to the company computers. In Nosal, the 9th Circuit had clarified its earlier decision in LVRC Holdings LLC v. Brekka, 581 F.3d 1127, … [ Continue reading → ]

On October 27, 2011, the 9th Circuit Court of Appeals ordered that U.S. v. Nosal be reheard en banc by all of the Appeals Court judges and that the “three-judge panel opinion [in U.S. v. Nosal, 642 F.3d 781 (9th Cir. 2011)] shall not be cited as precedent by or to any court of the Ninth Circuit.” If the 9th Circuit should reverse its decision in Nosal, it is highly likely that this case will be headed for the U.S. Supreme Court. The 9th Circuit’s reversal of Nosal would create a conflict between the 9th Circuit and the 1st, 3rd, … [ Continue reading → ]

In California, Washington, Oregon, Alaska, Montana, Arizona, Nevada and Idaho – states covered by the 9th Circuit Court of Appeals — the answer as of yesterday is an emphatic “YES.” In U.S. v. Nosal, 2011 WL 1585600 (9th Cir. April 28, 2011) the court clarified its decision in LVRC Holdings LLC v. Brekka, 581 F.3d 1127, 1131 (9th Cir. 2009) which up until now was considered to be a bar to using the Computer Fraud and Abuse Act (“CFAA”), the federal computer crime statute, against employees who stole their employer’s computer data. This case places the 9th Circuit in sync … [ Continue reading → ]

Last week the Sixth Circuit Court of Appeals upheld the criminal conviction for the Computer Fraud and Abuse Act (“CFAA”) of an employee who stole confidential data from his employer’s computers. U.S. v. Batti, 2011 WL 111745 (6th Cir. Jan. 14, 2011). The issues on appeal were limited to whether the government had offered sufficient proof that the value of the data stolen exceeded $5,000 to qualify as a 5 year felony, 18 U.S.C. § 1030 (a)(2)(C)(c)(B)(iii), and whether the district court had abused its discretion in ordering restitution in the amount of $47,565. These limited issues precluded the Sixth … [ Continue reading → ]

A federal district court in Maryland held that an employee who allegedly stole proprietary data from his prior employer did not violate the Computer Fraud and Abuse Act (“CFAA”) because he was authorized to access the data and use the data on the job before he terminated his employment with his prior employer. Océ North America, Inc. v. MCS Services, Inc., 2010 WL 3703277 *3-*5 (D. Md. Sept. 16, 2010). Océ North America (Océ) “designs, manufactures, sells, and services high volume production printing systems . . .for commercial printing functions.” Id. at *1. The complaint alleged that a former Océ … [ Continue reading → ]

A New York federal Judge dismissed the Computer Fraud and Abuse Act (“CFAA”) count charging Sergey Aleynikov, a former computer programmer for Goldman Sachs & Co., with stealing the computer source code used in Goldman’s high-frequency trading system. U.S. v. Aleynikov, 2010 WL 3489383 *14-17 (S.D.N.Y. Sept. 3, 2010). The reasoning underlying this opinion underscores the need for the U.S. Supreme Court to resolve the conflict between the 9th Circuit and the 1st, 5th, 7th and 11th Circuits on the applicability of the CFAA to employees who steal data from their employers. As described by the court, ”Aleynikov was responsible … [ Continue reading → ]

Without referencing the conflicting positions between LVRC Holdings LLC v. Brekka, 581 F.3d 1127, 1130-31 (9th Cir. 2009) and Int’l Airport Centers LLC v. Citrin, 440 F.3d 418, 420 (7th Cir.2006) a Connecticut federal district court refused to dismiss Computer Fraud and Abuse claims brought by an employer against an ex-employee. In Monson v. The Whitby School, Inc., 2010 WL 3023873 (D. Conn. August 2, 2010) Dr. Michelle Monson, former head of the Whitby School, sued her prior employer, the Whitby School, for sex discrimination. The Whitby School counterclaimed against her for violations of the CFAA. The Whitby School alleged … [ Continue reading → ]

In American Family Mutual Insurance Co. v. Hollander, 2010 WL 2851639 *1 (N.D. Iowa, July 20, 2010) the court denied the defendant employee’s motion for summary judgment on the Computer Fraud and Abuse (“CFAA”) claim. The plaintiff claimed Hollander, “anticipating terminating his relationship with plaintiff, accessed and used plaintiff’s computer database to aid himself in competing with plaintiff.” Id. The court held “that a defendant may act “without authorization” or “exceed authorized access” even when he has permission to access the protected computer, but then uses that information in a manner inconsistent with the plaintiffs interests, where the defendant intended … [ Continue reading → ]

Last week a federal district court in California granted Cisco Systems, Inc. summary judgment on its Computer Fraud and Abuse Act (“CFAA”) claim against an ex-employee who “on multiple occasions and without authorization, . . . used a Cisco employee’s password to gain access to Cisco’s computer systems and download Cisco’s proprietary and copyrighted software.” Multiven, Inc. v. Cisco Systems, Inc., 2010 WL 2889262 *2 (July 20, 2010). This decision underscores the importance of instituting proper corporate computer policies as a predicate to using the CFAA as a tool to protect company data. Peter Alfred-Adekeye (“Adekeye”), the ex-employee, had founded … [ Continue reading → ]