In an opinion with significant implications for trade secret law, employee mobility, privacy, and Internet users broadly, the Ninth Circuit Court of Appeals on April 10 issued its decision in United States v. Nosal. Writing for the en banc court, Chief Judge Alex Kozinski addressed the proper scope of the federal Computer Fraud and Abuse Act's (CFAA's) prohibition against using a computer in a way that "exceeds authorized access." Building on its prior case law, the court held that while the CFAA forbids unauthorized access to information, it does not prohibit the misuse of information initially obtained through authorized access.
In Nosal, the defendant, David Nosal, a former employee of the Korn/Ferry International Corporation, directed current Korn/Ferry employees to use their authorized access to a company database in order to download confidential information and pass it on to him. Those acts were a violation of the company's written policy. The Ninth Circuit rejected the prosecution's argument that authorized access to a computer system for an unauthorized purpose violates the CFAA. The court expressed concern that such a reading would criminalize millions of Americans' day-to-day computer activities.
Please see full publication below for more information.