Showing 5 posts in CFAA.

Implementing a Policy Review to Ensure You Are Protected Under The Computer Fraud and Abuse Act, Part 2: How to Conduct Your Policy Review

In Part 1 of this series, we discussed the Computer Fraud and Abuse Act (“CFAA”) and situations that are readily prohibited by the CFAA, such as when current or former employees gain access to an employer's databases or files to harm the employer or damage its business contacts. We also discussed how a policy review could be beneficial for your workplace. In Part 2, we will discuss how to conduct your policy review and questions you should consider throughout the review in more detail here. More ›

Implementing a Policy Review to Ensure You Are Protected Under The Computer Fraud and Abuse Act, Part 1: Why You Should Conduct a Policy Review

Ambrose McCall will be presenting "The Computer Fraud and Abuse Act: Navigating the New Normal of Workplace Technology and Cybersecurity" on Thursday, October 12, 2017, at the 22nd Annual Labor & Employment Seminar. This year's Seminar will be held at the Hilton Chicago-Northbrook in Northbrook, Illinois. Please visit our website for more details. More ›

Seventh Circuit Clarifies how to mtet Injury Requirement of the Computer Fraud and Abuse Act

Employers who encounter the option of pursuing a current or former employee or independent contractor under the Computer Fraud and Abuse Act have at times passed on this option due to the specific injury requirement imposed by the Act. Fortunately, the Seventh Circuit of the U.S. Court of Appeals has recently provided guidance on how to satisfy the injury requirement imposed by the Act so as to avoid the entry of an adverse summary judgment that bars the pursuit of a claim under the Computer Fraud and Abuse Act ("CFAA"). More ›

Ninth Circuit: Employees do not Violate the CFFA when Violating Computer use Restrictions

The Ninth Circuit Court of Appeals recently issued an opinion concerning employee violations of the Computer Fraud and Abuse Act. More ›

Ninth Circuit Allows Employees to be Prosecuted Under Computer Fraud and Abuse Act for Breach of Employer’s Network Policy

After leaving the company, a former executive search firm employee persuaded former co-workers to provide him with certain information from the company’s databases as it pertained to various candidates and employers, in order to help him set up a competing company. The employer had a computer-use policy that placed clear and conspicuous restrictions on the employees’ access to the system and to the information contained in the system. Specifically, the company had taken considerable steps to protect and ensure the privacy of its confidential data, including assigning unique login credentials to employees, controlling access to the computer systems, and requiring employees to execute confidentiality agreements pertaining to these databases and information. The government indicted the former employee and the two current employees for violations of the Computer Fraud and Abuse Act (CFAA) for knowingly accessing a protected computer without authorization or exceeding authorized access with the intent to defraud. The former employee and current employees argued that they had been authorized to access and use the database and the information, and thus did not violate the CFAA. The U.S. Court of Appeals for the Ninth Circuit held that the employees had violated the criminal statute by accessing the database, obtaining information from that database, and using it in a way that violated the employer’s restrictions. The court found that the employer took considerable measures to protect its information and that the employees knew (by virtue of these written protective measures) that they were not authorized to access the database and information in order to defraud the employer. This ruling demonstrates the importance of having computer-use and electronic-communications policies. Such rules are critical so that employers can protect their trade secrets and confidential information by making employees aware of what access is “authorized” versus “unauthorized.”

Subscribe via Email