The Computer Fraud and Abuse Act: An Uncertain Path for Bringing Trade Secrets Litigation in Federal Court

As part of its sweeping Comprehensive Crime Control Act of 1984, Congress enacted a criminal statute prohibiting the “unauthorized access” of information contained in federal government computers and computers employed by certain federally-related financial institutions. The law is codified at 18 U.S.C. § 1030. The Act was intended to punish hackers who tap into computers to disrupt or destroy computer functionality and persons who hack into specified computers to steal the information stored therein.

As the various methods of computer fraud grew, the Act was amended. In 1986 it became known as the Computer Fraud and Abuse Act (“CFAA”). In 1994, Congress added a private civil right of action under the CFAA (18 U.S.C. § 1030(g)), seemingly allowing federal claims for stealing trade secrets stored on a protected computer. The Act now provides that it is unlawful if a person (1) “intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains . . . information from any protected computer [§ 1030(a)(2)(C)]; (2) knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value . . . [in excess of $5,000 in one year] [§ 1030(a)(4)]; or (3) intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damages or loss. [§ 1030(a)(5)(iii)].” A “protected computer” is defined as one “used in or affecting interstate or foreign commerce” [§ 1030(e)(2)(B)]. That definition is usually broad enough to cover any computer used in trade secret theft.

Please see full article below for more information.

LOADING PDF: If there are any problems, click here to download the file.