It often said that the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030, is an access crime — meaning that it is designed to punish the wrongful access of a device. A recent case out of the Northern District of Texas highlights this point. Read the rest of this entry »
Posts Tagged ‘access’
The USA v. Apple battle is one of the hottest issues currently being debated in cybersecurity, privacy, law enforcement, and perhaps even, water coolers in offices around the country. What the debate is lacking in substantive, factually-based, well-reasoned analysis, it certainly makes up for in passion and strong opinions. If you are not convinced, spend a few minutes reading the #AppleVsFBI Twitter Feed. Read the rest of this entry »
TAKEAWAYS: If your company intends to limit its employees access to certain information on the company network, (1) make sure appropriate technological restrictions are in place and are working; and (2) make sure there are appropriate policies or other documentation in place to show the employees subjectively knew it was off limits.
When an employer intends to keep a network folder restricted from employees, but fails to (1) objectively communicate this intention or (2) secure the folder from general access, an employee who accesses the folder and takes data from it does not violate the Computer Fraud and Abuse Act (CFAA), even if he does so for an improper purpose.
A party who accesses a computer pursuant to a court order authorizing him to seize and access the computer will not be found in violation of the Computer Fraud and Abuse Act if such order is later overturned.
“An essential element of a CFAA claim under 10 U.S.C. § 1030 is that the [defendant] accesses a computer ‘without authorization or exceeds authorized access.’ Hunn v. Dan Wilson Homes, Inc., 789 F.3d 573, 583-84 (5th Cir. 2015) (holding that ‘because [the defendant] did not exceed authorized access, he did not violate the Computer Fraud and Abuse Act’). Here, the state-court turnover orders authorized Shor to access the computers. Even though those orders were ultimately overturned, because Shor had authorization at the time pursuant to a court order to access the computers, Black does not state a claim under the CFAA. See id. (discussing CFAA claim, reasoning that the defendant accessed the computer while still employed at the plaintiff’s company). Land and Bay Gauging, L.L.C. v. Shor, 2015 WL 4978993 (5th Cir. Aug. 21, 2015).
See earlier post.