It’s Easier for Employers to Sue for Data Theft

Two new developments this past year have made it easier for employers to sue employees in federal court for stealing data from company computers. The most recent is the U.S. Court of Appeals for the Ninth Circuit’s July decision in U.S. v. Nosal interpreting what it means to access a company computer “without authorization” under the Computer Fraud and Abuse Act (CFAA), the federal computer criminal statute. 18 U.S.C. 1030. The other development is the May amendment to the Economic Espionage Act (EEA), the federal criminal trade secrets act, permitting companies to file a federal civil action against individuals who steal the company’s competitively sensitive data. 18 U.S.C. 1831, et. seq.

Ransomeware: To Pay or Not to Pay

Ransomware. It’s a data security buzzword that has caught on among civilians and businesses. And it’s real. It threatens system security and costs victims plenty. But what is ransomware? Why is it more of a threat than typical cyber viruses and infections? What do you do to keep yourself immune from ransomware? If affected, what are your options?

‘Cannibal Cop’ Decision Restrains Employers

In December, a divided panel of the U.S. Court of Appeals for the Second Circuit in U.S. v. Valle interpreted the Computer Fraud and Abuse Act to exclude employees who access their employer’s computers. The upshot is that if you are an employee in the Second Circuit and steal data from your employer to commit identity theft or to provide it to a competitor, you cannot be prosecuted by the Department of Justice or sued by your employer under the CFAA.

The Conflicting Rulings on Employee Data Theft

In all jurisdictions the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. 1030, the federal computer crime statute, applies to former employees who steal data from the company computer, but in two federal circuits it does not apply when the theft occurs during employment. The difference in jurisdictions is significant to employers because the CFAA provides a civil remedy for damages and injunctive relief for a company that “suffers damage or loss” by reason of a violation of the CFAA. 18 U.S.C. 1030(g).
Last year the U.S. Court of Appeals for the Ninth Circuit in U.S. v. Nosal, 676 F.3d 854 (9th Cir. 2012), disagreed with certain of its sister circuits and narrowly interpret-ed what it means to access the company computer “without authorization,” effec-tively eliminating a company’s ability in that jurisdiction to use the CFAA against current employees. This column will review the conflicting interpretations of the CFAA that distinguishes between current and former employees and the strategies and options companies can employ to navigate this conflict.

Unauthorized Access of President Obama’s Student Loan Data Ends in Computer Fraud Conviction

The Eight Circuit Court of Appeals upheld the criminal conviction of Sandra Teague for accessing President Obama’s data in the National Student Loan Data System during her employment at a government contractor for the Department of Education. U.S. v, Teague, 646 F.3d 1119 (8th Cir. 2011). She was indicted and convicted by a jury for… Read More

Will News Corp. Executives and Reporters Be Charged with Criminal Violations of the Computer Fraud and Abuse Act?

The New York Times recently reported that the UK telephone hacking scandal could result in News Corp. and its executives being charged in the United States with criminal violations of the Foreign Corrupt Practices Act, Title 15, U.S.C. § 78m, the Electronic Communications Privacy Act, 18 U.S.C. § 2511, and the Telephone Records and Privacy… Read More

9th Circuit Clarifies Brekka: Employees Can Be Criminally Prosecuted for Violating Their Employer’s Computer Policies

In California, Washington, Oregon, Alaska, Montana, Arizona, Nevada and Idaho – states covered by the 9th Circuit Court of Appeals — the answer as of yesterday is an emphatic “YES.” In U.S. v. Nosal, 2011 WL 1585600 (9th Cir. April 28, 2011) the court clarified its decision in LVRC Holdings LLC v. Brekka, 581 F.3d… Read More

Post navigation