Employers looking to hold employees liable for misappropriation of trade secrets or violations of company computer policies under the Computer Fraud and Abuse Act may have to find another avenue for relief. At least that's what the U.S. Court of Appeals for the Ninth Circuit thinks.
In its highly anticipated opinion, United States of America v. David Nosal, the Ninth Circuit refused to reinstate criminal charges against a man who conspired with former colleagues to steal trade secrets from his former employer. The court held that the language of the CFAA is limited to violations of restrictions on access, not "misuse" -- in short, applying the CFAA to "hacking" only.
The Ninth Circuit decision creates a split in the circuits, which means that the issue may be resolved once and for all by the U.S. Supreme Court. (The Ninth Circuit hears appeals from federal courts in the states of Alaska, Arizona, California, Hawaii, Idaho, Montana, Nevada, Oregon, and Washington, and the territories of Guam and the Northern Mariana Islands.) U.S. Courts of Appeal in the Fifth (Louisiana, Mississippi, and Texas), Eighth (Arkansas, Iowa, Minnesota, Missouri, Nebraska, and the Dakotas), and Eleventh (Alabama, Florida, and Georgia) circuits have taken a contrary position, holding that employees who knowingly violate clear company computer restrictions agreements are thereby "exceeding authorized access." The Third Circuit (Delaware, New Jersey, Pennsylvania, and the Virgin Islands) has implicitly agreed with these other circuits.
Please see full publication below for more information.