New South Equipment Mats, LLC v. Keener, 2013 WL 5946371 (S.D. Miss. Nov. 5, 2013)

Posted byShawn E. Tuma Leave a comment on New South Equipment Mats, LLC v. Keener, 2013 WL 5946371 (S.D. Miss. Nov. 5, 2013)

New South Equipment Mats, LLC v. Keener, 2013 WL 5946371 (S.D. Miss. Nov. 5, 2013)

When is “damage” an essential element of a Computer Fraud and Abuse Act violation?

“Damage” to a computer is an essential element to any Computer Fraud and Abuse Act claim made pursuant to 18 U.S.C. § 1030(a)(5):

(A) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;

(B) intentionally accesses a protected computer without authorization and as a result of such conduct, recklessly causes damage; or

(C) intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage and loss.

Recall, under the CFAA the terms “loss”, “damage” and “damages” are specifically defined terms that do not share meaning. A “loss” is not “damage” and “damage” is not “damages” nor are “damages” a “loss”. (see Loss and Damage Are Not Interchangeable Under CFAA–District Court Blows Right Past CFAA’s “Loss” Requirement in Sysco Corp. v. Katz)

These issues were the focal point of New South Equipment Mats, LLC v. Keener, 2013 WL 5946371 (S.D. Miss. Nov. 5, 2013). This was the standard employee leaving with alleged trade secrets, employer sues type of case. In this one, the employee took all of his Outlook Contacts and other client-related information to transfer to his new employer to use to compete against his former employer.

The plaintiff (former employer) sued for violations of § 1030(a)(5) but the claims were dismissed because, while the employee took copies of the data, he did not actually cause any damage to the plaintiff’s computer system in the process. He copied — not deleted — the information. The plaintiff alleged it had sustained damages and loss but not damage. Because of this, the court found there was no damage which was an essential element of the § 1030(a)(5) claims and dismissed the claims. As you can see, the distinction between loss, damage, and damages is pretty important, isn’t it? Have you read this post? → Loss and Damage Are Not Interchangeable Under CFAA–District Court Blows Right Past CFAA’s “Loss” Requirement in Sysco Corp. v. Katz

I would like to thank my friend Pierre Grosdidier for bringing this case to my attention and encouraging me to take a look at it!

Published by Shawn E. Tuma

Shawn Tuma is an attorney who is internationally recognized in cybersecurity, computer fraud and data privacy law, areas in which he has practiced for nearly two decades. He is a Partner at Spencer Fane, LLP where he regularly serves as outside cybersecurity and privacy counsel to a wide range of companies from small to midsized businesses to Fortune 100 enterprises. You can reach Shawn by telephone at 972.324.0317 or email him at stuma@spencerfane.com.

Leave a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from Business Cyber Risk

Subscribe now to keep reading and get access to the full archive.

Continue reading