Ninth Circuit Gives a Narrow Interpretation of What Constitutes a Violation of the Computer Fraud and Abuse Act


On March 22, 2012, Patton Boggs LLP posted a client alert (available here) on the antihacking Computer Fraud and Abuse Act (CFAA), discussing that different federal courts were split on whether the CFAA imposes liability on employees who have permission to access computerized information but use the permitted access for an improper purpose. One of the cases discussed in that alert was United States v. Nosal, 642 F.3d 781 (9th Cir. 2011), a panel decision holding that employees who properly access information but then use the information contrary to the employer’s policies or against the employer’s interests “exceeds authorized access” and violates the CFAA.

The full Ninth Circuit agreed to rehear the case, and in an April 11 ruling, a majority held that the CFAA is limited to violations of restrictions on access to information, and not restrictions on its use. The majority gave a narrow interpretation to the statutory phrase “exceeds authorized access.” As a result of this decision, someone who is authorized to access only certain data or files but accesses other data or files would violate the CFAA. In his opinion for the Court, Chief Judge Kozinski gave an example of how a violation could occur: “For example, assume an employee is permitted to access only product information on the company’s computer but accesses customer data: He would ‘exceed[] authorized access’ if he looks at the customer lists.”

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Written by:

Published In:

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Squire Patton Boggs | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.