United States v. Nosal, 930 F. Supp.2d 1051 (N.D. Ca. Mar. 12, 2013) (9th Cir)
This is another in the saga of Nosal cases, this time an Order Denying the Defendants’ Motion to Dismiss the charges against the defendant for aiding and abetting his co-conspirators. These charges were brought subsequent to the Nosal I and Nosal II cases and apply the developing body of law in resolving the issues before the court.
Nosal is a former high-level employee of Korn/Ferry International (KFI), an executive search firm with offices around the world. Nosal worked there from April 1996 until October 2004 when he resigned his employment and entered into a Separation and General Release Agreement and and Independent Contractor Agreement with KFI in which he agreed to continue performing services for KFI until October 15, 2005 and not to perform executive search or related services for any other entity during the term of this contract. The agreements also limited Nosal’s access to and use of confidential and proprietary information belonging to KFI. While still working as an independent contractor, Nosal began to set up his own rival search firm with the assistance of three others who continued to be employed by KFI for various lengths of time after Nosal resigned his employment and became an independent contractor in October 2004. One of those persons was J.F. who, while still working there, used her login credentials to login to the proprietary database and then turned it over to M.J., who no longer worked there, so he could peruse the database.
At issue for this motion was whether J.F.’s use of her password to login to KFI’s proprietary database and then turning it over to M.J. to download information was a violation of the Computer Fraud and Abuse Act by M.J. In denying the Motion to Dismiss, the court found a claim was adequately stated and made the following rulings:
- nowhere does the Ninth Circuit’s Nosal II opinion hold that the § 1030 (a)(4) requires the allegation that a defendant circumvented technological access barriers;
- to support charge that defendant used his former assistant’s password to access employer’s computer system, defendant was not required to have obtained his assistant’s password illegally or without her consent; and
- allegation assistant accessed the system and then handed computer terminal to defendant’s associate was sufficient to allege unauthorized access.
This Order provides excellent analysis of the distinctions between unauthorized access and unauthorized use as developed in the Brekka, Nosal I, and Nosal II opinions.