Computer Fraud (CFAA)

Supreme Court Narrows Scope of the Computer Fraud and Abuse Act

The U.S. Supreme Court recently resolved a circuit split regarding the federal Computer Fraud and Abuse Act (CFAA), specifically weighing in on the “exceeds authorized access” provision of the statute.  The CFAA subjects to criminal liability anyone who “intentionally accesses a computer without authorization or exceeds authorized access.” READ MORE

Protecting IP in a COVID-19 Remote-Work-World

Even before the COVID-19 pandemic, many employers offered remote work options. Now employers all over the world are encouraging or requiring their employees to work remote from home. This means employees are accessing, maintaining, and sharing proprietary information outside of the office more frequently than ever before, thereby increasing the risk of employee and third-party IP theft. READ MORE

Constitutional Challenge to CFAA Survives Motion to Dismiss as D.C. Court Weighs in on Circuit Split

On March 30, 2018, in Sandvig v. Sessions, the U.S. District Court for the District of Columbia allowed one of several constitutional challenges to the Computer Fraud and Abuse Act to survive a motion to dismiss.  In doing so, the district court highlighted and analyzed the split between circuits in interpreting the “exceeds authorization” provision and joined the Second, Fourth, and Ninth Circuits in finding that exceeding authorization means exceeding authorized access and not merely authorized use. READ MORE

David Nosal Raises Unusual Fairness Argument in Yet Another Attempt to Avoid 366-Day Prison Sentence

Just over four years ago, in January 2014, a court sentenced former Korn/Ferry regional director David Nosal to one year and one day in prison for violations of the federal Computer Fraud and Abuse Act and the Espionage Act.  Nosal appealed the sentence, but his appeals ultimately failed: the U.S. Court of Appeals for the Ninth Circuit upheld Nosal’s sentence, and the U.S. Supreme Court denied review of the case.  Luckily for Nosal, his 2014 motion for release pending appeal was granted, so he has not served any time during the four years of appeals. READ MORE

Nosal Reply Brief Sets Stage for SCOTUS Cert Decision

The U.S. Supreme Court, which just began a new term on Monday with a full complement of nine justices, is expected to soon decide whether it will hear the appeal of David Nosal, the former Korn Ferry executive whose conviction under the Computer Fraud and Abuse Act was upheld in a controversial and closely-watched Ninth Circuit decision last year.  Nosal submitted his reply brief in support of certiorari on September 19, 2017, responding to the Department of Justice’s opposition submitted two weeks earlier.

READ MORE

PILLOW TALK: A Threat to Trade Secrets?

It turns out that, even in romantic relationships, some things are best kept secret.  On July 7, 2017, Teva Pharmaceuticals USA, Inc. filed a complaint in the Eastern District of Pennsylvania alleging that a former executive disclosed confidential information to a romantic partner who happens to be an executive of one of Teva’s direct competitors. READ MORE

(Alleged) Spammer Squares Off With (Alleged) Hacker, Highlighting Risk of Cyber Threats

What’s in a name?  Obviously a lot, as businesses in all industries invest significant time and money to protect their reputations.  But, in some sectors, the line between positive and pejorative can be quite thin.

Take email marketing and cybersecurity, for example:  What exactly distinguishes a successful high-volume email marketer from a spammer?  And how can we distinguish a well-intentioned security analyst exposing vulnerabilities from a nefarious hacker?  (Those familiar with techspeak will surely recall the familiar “white hat” and “black hat” dichotomy, but even that, as Wired has observed, is subject to gray areas of its own.) READ MORE

Password Sharing Is Not a Crime, Ninth Circuit Reassures in Denial of Nosal’s Request for Rehearing

Since the early days of this blog, we’ve been covering the ongoing legal battle involving ex-Korn Ferry recruiter David Nosal as it winds its way through the courts. The latest chapter in this saga came on December 8, 2016, when a Ninth Circuit panel clarified that the Computer Fraud and Abuse Act (CFAA) does not criminalize innocent password sharing, in a published opinion denying Nosal’s request for a rehearing en banc. READ MORE

Amendment to Federal Criminal Procedural Rule Could Impact Trade Secret Cases

Much attention, including here at Trade Secrets Watch, has been focused in recent weeks on the Defend Trade Secret Act (“DTSA”), which overwhelmingly passed both houses of Congress in April and was signed into law by President Obama on May 11th. The DTSA gives companies new tools for combatting alleged trade secret theft, including a direct path to federal court via the addition of a private right of action to the Economic Espionage Act (EEA) and the ability to apply for ex parte seizure orders to prevent propagation or dissemination of stolen trade secrets. READ MORE

Ninth Circuit Hears Oral Arguments in United States v. Nosal, Part II

On October 20, 2015, a three judge panel of the Ninth Circuit heard oral arguments in Round II of United States v. David Nosal.  Both sides generally stuck with arguments from their briefs, with Nosal’s counsel arguing that upholding Nosal’s  conviction under the Computer Fraud and Abuse Act (the “CFAA”) would lead to criminalization of relatively minor misappropriations of information, and the government arguing that the precedent would only apply in the employment context. READ MORE