The article, titled “Supreme Court narrows Computer Fraud and Abuse Act,” provides in-depth analysis of the Court’s landmark decision, which narrowed the Computer Fraud and Abuse Act (“CFAA”) and resolved a significant circuit split. The article also discusses the ruling’s import and makes practical suggestions for employers that want to preserve the potential to bring a CFAA claim in, e.g., trade secret misappropriation cases.
According to the article, following Van Buren, it no longer matters for purposes of determining CFAA liability that a person obtained computer information for an unauthorized purpose (such as accessing an employer’s confidential information to use at his next employer). It only matters whether the access was authorized to begin with.
In particular, as the article states,
he Van Buren decision has effectively returned the CFAA to its intended form as an anti-hacking statute, targeting external and internal hackers and centering around a gates-up-or-down inquiry.
This holding holds particular significance for trade secrets owners (such as employers) in those circuits that had previously interpreted the statute broadly.
Following Van Buren, it is no longer relevant for purposes of CFAA liability that an employee obtains computer information for an unauthorized purpose. Employers must now show that, in obtaining the computer information, the employee accessed a computer, or an area of a computer (such as a file, folder or database), that was off-limits to him.
Accordingly, employers who are interested in potentially preserving the option of bringing a CFAA claim may want to consider establishing internal firewalls on their computer systems and technologically cordoning their employees from information that they do not need to know in order to perform their roles.
(Doing so is also helpful for purposes of establishing a trade secrets claim but, on the other hand, may be counter to a company’s culture and otherwise slow down workflow processes. The extent to which a company partitions between departments and employees is thus a decision that an employer should make in partnership with its trade secrets counsel.)
Moreover, following Van Buren, companies looking to prevent the scraping of their online data may need to look to other causes of action, including, inter alia, for breach of contract, copyright infringement, trade secrets misappropriation, and under the Digital Millennium Copyright Act.
In addition to creating internal technological barriers (to address threats posed by employees), those companies may want to limit the amount of information they make available to the public (by, e.g., taking down certain information or password-protecting certain pages).
Hannah Joseph is Senior Counsel at Beck Reed Riden LLP, where she focuses her practice on complex commercial litigation. Specializing in the areas of trade secrets law, restrictive covenants, employee mobility, and unfair competition, she regularly litigates issues concerning the use and enforceability of noncompetition, nonsolicitation, and nondisclosure agreements, and counsels both employers and employees regarding the same. She also counsels on the protection of trade secrets. Hannah has been named Super Lawyers’ Rising Star in Massachusetts consecutively since 2016 and has been recognized as a recommended attorney by The Legal 500 United States 2021.
Beck Reed Riden LLP is Boston’s innovative litigation boutique. Our lawyers have years of experience working with clients ranging from Fortune 500 companies to start-ups and individuals. We focus on business litigation and employment.
We are experienced litigators and counselors, helping our clients as business partners to resolve issues and develop strategies that best meet our clients’ legal and business needs – before, during, and after litigation. We’re ready to roll up our sleeves and help you. Read more about us, the types of matters we handle, and what we can do for you here.