Time and time again, this blog has outlined the ongoing debate in the courts over whether the federal Computer Fraud & Abuse Act (“CFAA”) applies in the context of departing employees. Namely, federal courts differ over whether the CFAA applies when an employee is accused of misappropriating his or her employer’s confidential information or trade secrets by means of the employer’s computer, to which the employee had authorized access as a result of his or her employment. A recent opinion by the United States Court of Appeals for the Eleventh Circuit may be seen by some as adding to debate.

In United States v. Roberto Rodriguez, the 11th Circuit took on the question of whether an employee “exceeds authorized access” under the CFAA by accessing information on a computer in a manner contrary to an employer’s policies. Rodriguez is a former employee of the Social Security Administration (“SSA”). The SSA established a policy that prohibits employees from obtaining information from its databases without a business reason. The SSA notified employees of this policy through training sessions, notices published in the office, and banners that appear on computer screens daily. Employees were also required to sign forms annually acknowledging the policy.