Alabama District Court: CFAA Does Not Apply to Employees

Bell Aerospace Services, Inc. v. US. Aero Services, Inc., 690 F.Supp.2d 1267 (M.D. Ala. 2010) recently followed the 9th Circuit’s decision in LVRC Holdings LLC v. Brekka, 581 F.3d 1127, 1133 (9th Cir. 2009). The case alleges a classic employee theft of competitively sensitive data from the company computers for use at a competing business. Bell Aerospace Services fired one of its officers who two months later founded a competing company, U.S. Aero Services, and then recruited seven Bell Aerospace Services employees to join him at the new company.

Another District Court Dismisses a CFAA Claim for Failure to Allege Jurisdictional Loss

ailure to allege proper “loss” under the Computer Fraud and Abuse Act (“CFAA”) continues to bedevil plaintiffs filing CFAA civil actions. The latest case decided this week, Devine v. Kapasi, 2010 WL 2293461 *4 (N.D. Ill. June 7, 2010), dismissed a CFAA claim on the ground that it did not allege that the Defendants’ actions “”caused … loss to 1 or more persons during any 1-year period … aggregating at least $5,000 in value.” § 1030(c)(4)(A)(i)(I).

New Washington Privacy Law Effective July 1, 2010

Washington is the third state to enact an encryption law and a payment card law.1 Massachusetts and Nevada enacted encryption laws and Minnesota and Nevada enacted payment card laws. Since this law takes effect July 1, 2010, any entity that could be subject to this law should begin assessing whether they are subject to and in compliance with this law.

Narrow Interpretation of CFAA’s Jurisdictional “Loss” Requirement

A district court in Illinois last week granted summary judgment to a defendant on a Computer Fraud and Abuse Act (“CFAA”) claim by narrowly interpreting the jurisdictional “loss” prerequisite under the CFAA to require a showing that the computer was “impaired” or “suffered an interruption of service.” Von Holdt v. A-1 Tool Corp., 2010 WL… Read More

How Do You Sue an Unknown Hacker?

The question was answered this week by a federal district court in Connecticut in the case of GWA, LLC v. Cox Communications, Inc. and John Doe, 2010 WL 1957864 (D.Conn. May 17, 2010). When the company computer is hacked, the only evidence that is usually available on the hacked computer to identify the hacker is… Read More

U.S. Companies Misrepresenting EU Data Protection Directive Safe Harbor Compliance Risk Federal Trade Commission Enforcement Action

U.S. companies that transfer personal data from the European Economic Area (i.e., the 27 Member States of the European Union (EU) and Iceland, Liechtenstein and Norway) (EEA) to the United States, and misrepresent that they have self-certified under the Safe Harbor framework, risk Federal Trade Commission (FTC) enforcement action under Section 5 of the Federal… Read More

Post navigation