A federal district court in Mississippi refused to dismiss the Computer Fraud and Abuse Act claims against an individual who, during the term of his employment downloaded confidential information for a new employer. While employed by the plaintiff, the defendant had secretly negotiated an employment agreement with a new company but, before announcing his resignation he accessed the plaintiff’s computers and downloaded a substantial amount of its sensitive confidential business information. The District Court found this could be an unauthorized access under the Computer Fraud and Abuse Act: “Several courts have recognized however, that ‘once an employee is working for himself or another, his authority to access the computer ends, even if he or she is still employed at the present employer.'” Unified Brands, Inc. v. Teders, 868 F. Supp.2d 572 (S.D. Miss. 2012) (quoting Continental Group, Inc. v. KW Prop. Mgmt., LLC, 622 F. Supp.2d 1357, 1372 (S.D. Fla. 2009)).
What I find interesting about this case is that it seems to rely on the rationale of the Agency Theory that is followed by the Seventh Circuit as opposed to the Intended Use Theory that is followed by the Fifth Circuit (which includes Mississippi) and the Eleventh Circuit (which includes Florida). Cases following the Agency Theory are becoming a rarity these days (see Citrin Lives!). For a more detailed explanation of the three primary theories of access you can read more HERE. What will be interesting is to see what path the parties take should there be a motion for summary judgment in the future.
-Shawn E. Tuma