Last month, a federal appeals court issued a ruling permitting an employer in Connecticut to pursue a claim against a former employee who allegedly misappropriated the employer's confidential information from outside the state. The ruling may have important repercussions in trade secret cases where an employee is accused of engaging in wrongdoing that involves an employer's computer servers. In reversing the lower federal court in Connecticut, the United States Court of Appeals for the Second Circuit held that, consistent with due process, Connecticut's long-arm statute grants personal jurisdiction over a foreign defendant who remotely accesses computer servers physically located in Connecticut. In reviving the lawsuit, the Second Circuit generally addressed the ability of employers residing in one state to pursue claims against employees who allegedly have misappropriated corporate confidential information while residing and working outside the state (and even in another country).

In MacDermid, Inc. v. Deiter, a Connecticut-based employer brought a lawsuit against a former employee in Connecticut under that state's law, despite the fact that the defendant employee was located in, and acting from, Canada when she allegedly misappropriated the company's confidential information. The defendant lived in Canada and worked for a Canadian subsidiary of MacDermid until April 2011, when MacDermid terminated her employment for reasons unrelated to the alleged misappropriation. As a condition of her employment, Deiter had signed a document acknowledging that MacDermid stored proprietary information on computer servers maintained in Connecticut. She also had agreed to protect and properly use her employer's confidential information, and that she was not authorized to transfer such information to a personal email account. In a pattern familiar to many employers, MacDermid alleged that Deiter, using her home computer, misappropriated trade secrets from the company by forwarding confidential data files from her work email account to her personal email account. Deiter moved to dismiss the lawsuit for lack of personal jurisdiction. The district court dismissed the case, and MacDermid appealed.

The Second Circuit disagreed with the lower court's conclusion that it lacked personal jurisdiction over Deiter because her actions were limited to emailing information "from one computer in Canada to another computer in Canada." While it is true, the court noted, that Deiter interacted only with computers in Canada, in doing so she accessed her employer's information only by accessing its computer servers located in Connecticut. The court found that Deiter's physical location was immaterial because "[t]he statute requires only that the computer network, not the user, be located in Connecticut." Moreover, Connecticut's long-arm statute "was enacted as part of a statutory scheme intended to prohibit unauthorized persons from using computers or networks" with the intent of committing computer or data malfeasance. The court noted that extending the Connecticut long-arm statute to a non-resident who committed any of the alleged wrongful acts while present in Connecticut "would not have been necessary because that person would have already been subject to jurisdiction" under the state's existing statute conferring jurisdiction.

As noted in the decision, most Internet users are unaware of the location of the servers through which they send their emails. Because she signed the above-referenced agreement, however, Deiter knew that her employer's servers were in Connecticut, and thus, the Second Circuit found that she purposefully availed herself of the privilege of conducting activities within Connecticut. Deiter did so, the court said, because when she sent emails using MacDermid's computer systems, "she was aware 'of the centralization and housing of the companies' email system and the storage of confidential, proprietary information and trade secrets'" in Connecticut, and "used that email system and its Connecticut servers in retrieving and emailing confidential files." Finding that personal jurisdiction was reasonable under the due process clause, the court further noted that "efficiency and social policies against computer-based theft are generally best served by adjudication in the state from which computer files have been misappropriated."

In recent years, U.S. courts have seen increasing numbers of civil and criminal cases filed against employees alleged to have misappropriated confidential corporate information by downloading or otherwise improperly accessing such information from computer servers. Although MacDermid is based on a Connecticut jurisdictional statute that is somewhat unique with respect to its scope, the Second Circuit (which has jurisdiction over Connecticut, New York, and Vermont) clearly states that policies against computer-based misappropriation generally are best served by adjudication in the jurisdiction where the information was stored. Accordingly, U.S. companies and other federal courts now may look to MacDermid to support extending personal jurisdiction over a defendant alleged to have misappropriated trade secrets from an out-of-state location. While jurisdiction is distinct from issues such as choice of substantive law and the extraterritorial effect of state statutes, MacDermid is poised to be influential across the country on the question of personal jurisdiction in such cases.

MacDermid also highlights the importance of an employer having clear and comprehensive documents addressing the protection of confidential information. In MacDermid, the employee signed an agreement advising her as to the location of her employer's servers, and agreed not to send information to her personal email accounts. In general, such provisions are rare, but an employer may wish to include them. In addition, a forum selection clause may have eliminated the need for such a jurisdictional fight in the first instance.

Wilson Sonsini Goodrich & Rosati is actively following developments around the country with respect to all aspects of trade secret law. The firm is available to assist companies, newly formed businesses, and investors with counseling and litigation regarding these issues. For more information, please contact Fred Alvarez, Ulrico Rosales, Marina Tsatalis, Laura Merritt, Charles Tait Graves, or another member of the firm's employment and trade secrets litigation practice.