Computer Fraud (CFAA)

Password Sharing Is Not a Crime, Ninth Circuit Reassures in Denial of Nosal’s Request for Rehearing

Since the early days of this blog, we’ve been covering the ongoing legal battle involving ex-Korn Ferry recruiter David Nosal as it winds its way through the courts. The latest chapter in this saga came on December 8, 2016, when a Ninth Circuit panel clarified that the Computer Fraud and Abuse Act (CFAA) does not criminalize innocent password sharing, in a published opinion denying Nosal’s request for a rehearing en banc. READ MORE

Amendment to Federal Criminal Procedural Rule Could Impact Trade Secret Cases

Much attention, including here at Trade Secrets Watch, has been focused in recent weeks on the Defend Trade Secret Act (“DTSA”), which overwhelmingly passed both houses of Congress in April and was signed into law by President Obama on May 11th. The DTSA gives companies new tools for combatting alleged trade secret theft, including a direct path to federal court via the addition of a private right of action to the Economic Espionage Act (EEA) and the ability to apply for ex parte seizure orders to prevent propagation or dissemination of stolen trade secrets. READ MORE

Think Before You Tack CFAA Claims on to Your Trade Secret Misappropriation Case

Before you include a Computer Fraud and Abuse Act (“CFAA”) claim in a trade secret case, consider carefully: was the data acquired through “unauthorized access” or was it just misused by the defendants? If it was properly accessed (but later misused), your CFAA claim, and the federal question jurisdiction that comes with it, is in jeopardy. In SunPower Corp. v. SunEdison, Inc., Judge Orrick of the Northern District of California recently dismissed the plaintiff’s CFAA claim because the plaintiff failed to allege that the data was accessed without authorization, only that it was later misused.  Because the CFAA claim provided the basis for federal jurisdiction, Judge Orrick indicated that he would dismiss the entire case and not exercise pendent jurisdiction over the remaining thirteen state claims if the CFAA claim could not be properly amended. READ MORE

Orrick Launches New Cybersecurity Blog

We’re excited to announce Orrick’s new sister blog, Trust Anchor!

Trust Anchor highlights current topics in cybersecurity and data privacy, such as recent cases, legislative and regulatory developments, emerging standards, risk management strategies, and insurance coverage.  It’s not just news.  Instead, it aims to review new developments and offer actionable privacy and cybersecurity intel and strategies. READ MORE

A Preview of the CFAA Arguments in United States v. Nosal, Part II: Could “Phishing” be a Factor?

Oral arguments for the next round in United States v. Nosal have been set for October 20, 2015 at the Ninth Circuit in San Francisco.  So we figured it may be a good time to review both sides’ arguments related to the Computer Fraud and Abuse Act. After doing so, it seems to us that one topic not given any consideration in the briefs, but that may play a role during oral argument is the phenomenon known as phishing schemes, and how such schemes might be compared and contrasted with the scheme alleged in this case. READ MORE

Hacking Your Rivals – Corporate Espionage in Major League Baseball

As we approach the dog days of summer, baseball season is again in full bloom. We previously discussed old-fashioned sign stealing in the context of teams trying to gain a competitive advantage during an actual game. But it appears these hijinks have evolved in today’s electronic world. As the New York Times first reported, the FBI and Department of Justice prosecutors are investigating front-office personnel for the St. Louis Cardinals, one of Major League Baseball’s most beloved franchises, for allegedly infiltrating the internal network of the Houston Astros. READ MORE

Five Minutes With … National Security and Cybercrime Professor Ahmed Ghappour

This marks the inaugural “Five Minutes With” feature that Trade Secrets Watch will run occasionally.  These will be question-and-answers with notable figures in the trade secrets world.

TSW got a chance to sit down with UC Hastings College of the Law professor and Liberty, Security & Technology Clinic founder Ahmed Ghappour.  He had a lot to say about trade secrets, cybersecurity, and encrypting “all the things.”
 
TSW:  Ahmed, TSW is dying to know what you’ve been up to lately in the world of economic espionage.  What’s the inside scoop? READ MORE

Remote Controlled: Keeping Trade Secrets Safe While Employees Work Remotely

One of the biggest challenges the cyber-security field faces today—aside from outright hacking—is the fact that employees’ data is increasingly portable. Data portability can be a major boon for employers. For instance, it may allow an employer to offer its employees the ability to work remotely (something that can improve employees’ work/life balance, or could be a reasonable accommodation for an employee’s disability).  However, data portability can also present major risks for an employer, particularly if an employee stands to profit from misuse of that information. READ MORE

White House Proposal: Beef Up Anti-Hacking Laws and Resolve a Circuit Split

President Obama wants to go where the Supreme Court refused to tread.  As part of his cybersecurity and privacy initiatives, which we discussed last week, the President would strengthen the federal anti-hacking provisions of the Computer Fraud and Abuse Act (CFAA), including an expansion of activity covered by the statutory phrase “exceeds authorized access.”  In so doing, the President would resolve a circuit split between the First, Fifth, Eighth, Seventh, and Eleventh Circuits, on the one hand, and the Ninth and Fourth Circuits, on the other.  His reason?  “No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families.” READ MORE

Obama Administration Announces Cybersecurity and Privacy Initiatives

On Monday, January 12, 2015, President Obama appeared at the Federal Trade Commission to announce the administration’s blitz of cyber security and privacy legislative and public policy initiatives, which will be discussed in greater detail in tonight’s State of the Union Address. The President’s proposals encompass a broad range of legislation, as well as collaborative efforts between the federal government and industry leaders. READ MORE