Violate Your Employer’s Computer Policy and Go to Jail?

Posted on June 6, 2011 by

A federal appellate court upheld an indictment of several employees under the Computer Fraud and Abuse Act for passing their employer’s computer files to a former coworker starting a competing business.  The employees argued they were authorized to access the files but the court held that unauthorized sharing could be criminally prosecuted.  

The Ninth Circuit Court of Appeals in United States v. Nosal (.pdf) rejected the argument that the statute was aimed at computer hackers rather than employees who breach contractual confidentiality agreements.  It explained that

Although we are mindful of the concerns raised by defense counsel regarding the criminalization of violations of an employer’s computer use policy, we are persuaded that the specific intent and causation requirements of § 1030(a)(4) sufficiently protect against criminal prosecution those employees whose only violation of employer policy is the use of a company computer for personal — but innocuous— reasons.

The court described the employer’s efforts to protect confidential information, including controlling electronic and physical access to its databases and servers and the “clear and conspicuous restrictions” in its computer use policy.  It distinguished a previous case where an employee with “unfettered access to the company computer” had not violated the Act by forwarding his employer’s business documents to his personal email account during negotiations to purchase an ownership interest in the company.

The court indicated that it may not go as far as the Seventh Circuit did in a civil case, International Airport Centers, LLC v. Citrin (.pdf), which the Ninth Circuit panel interpreted as ruling that “an employee accesses a computer ‘without authorization’ the moment the employee uses a computer or information on a computer in a manner adverse to the employer’s interest.”   At least in criminal cases, the Ninth Circuit seems to require employers to notify employees of access restrictions– even those that may seem obvious – to find that unauthorized access violated the Act.

Previously on Post or Perish – Court:  Email Spying Violated Wiretap Act

This entry was posted in Employment, Intellectual Property, Privacy and tagged , , , . Bookmark the permalink.

2 Responses to Violate Your Employer’s Computer Policy and Go to Jail?

  1. Pingback: Cyber-stalking Suit Against Toyota to Proceed | Post or Perish ®

  2. Wiz2o says:
    February 24, 2012 at 6:50 am

    Exciting article and one which should be much widely renowned active in my aspect. Your even of crew is peachy and the lucidity of activity is excellent.

    Mr. George Marchelos

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s