Computer Fraud and Abuse Act
Corporate espionage and misappropriation of trade secrets have greatly increased due to the internet age. Increasingly, proprietary and sensitive data is stored in the cloud or within password protected email accounts. Companies are now often targeted by hackers, former employees and competitors looking to profit from gaining access to trade secrets. The Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. section 1030, provides a powerful legal tool to combat unauthorized access to corporate computer networks, servers and email accounts.
We routinely represent businesses in Computer Fraud and Abuse Act civil lawsuits. Often these lawsuits include additional claims for misappropriation of trade secrets and violations of the Stored Communications Act. If your business has been put at risk from unauthorized third party access to your computer network, we are able to provide experienced litigation representation in order to protect intellectual property and proprietary data.Computer Fraud and Abuse Act Civil Litigation Claims
The CFAA is a federal statute enacted by Congress to reduce incidents of hacking into the computer networks of the federal government, financial institutions and computers used in interstate commerce. It is this last prong that has greatly expanded the Act’s application as virtually any computer in the internet age is used in interstate commerce. We have extensive experience representing plaintiffs in CFAA lawsuits. Typically, our clients are businesses that have had individual computers, servers or email networks hacked by competitors or former employees.
The CFAA provides both criminal and civil penalties. Law enforcement may not elect to bring criminal charges, however, businesses are able to maintain a civil lawsuit independent of any prosecutorial decision. In order to maintain a CFAA claim, a plaintiff must allege that the defendant knowingly accessed a computer without authorization. With respect to non-governmental computers, this access must cause at least $5,000 in damage or be performed with an intent to defraud and result in the obtaining of something of value (trade secrets would be an example).
If your company is victimized by unauthorized access to its computer network, it is important to act quickly. Our law firm is experienced in filing CFAA lawsuits and obtaining preliminary injunctions that require the defendant to immediately return any trade secrets that have been misappropriated. A failure or inability to act promptly may negatively impact future sales and revenues
In cases where the identity of the defendant is not known, we know how to obtain evidence proving the identity of the wrongdoers. Part of our focus includes working with computer forensic experts to provide the court with evidence of the unauthorized access. This is often crucial in obtaining prompt injunctive relief, leveraging a case for settlement and, if necessary, proving up the maximum amount of damages for award at trial.Defending Computer Fraud and Abuse Act Cases
As Computer Fraud and Abuse Act lawyers, we know the law from both sides. Plaintiffs often overreach in bringing CFAA lawsuits in order to intimidate competitors and former employees. In such cases, we have represented defendants in Computer Fraud and Abuse Act litigation. We understand the most effective defenses and use these defenses in order to get CFAA cases dismissed on summary judgment.
Plaintiffs must prove that the access to computers and networks was unauthorized. The Ninth Circuit recently limited the application of the CFAA in the case of U.S. v. Nosal. In Nosal, the defendant was a former Korn/Ferry employee who left to start a competing business. Nosal was alleged to have persuaded remaining Korn/Ferry employees to provide him with trade secrets obtained from Korn/Ferry servers and computers. Korn/Ferry permitted employees to access this information as long as it was for Korn/Ferry business. The Ninth Circuit dismissed the case against Nosal finding that the unauthorized access element is limited only to restrictions on access and not the ultimate wrongful use. In the Nosal case, the employees were authorized to access the information despite its eventual wrongful use.