Computer Fraud and Abuse Act - Modern Distribution Management

Log In

Search

Computer Fraud and Abuse Act

Author
Date

every statute, the CFAA has some limits. For example, under the UTSA an injured business may recover attorney’s fees and exemplary (e.g., punitive) damages, but any award of those damages is in the discretion of the court hearing the case.


Also, the CFAA requires that the business have suffered at least $5,000 in damages. At first blush, this damage requirement may seem hard to prove when the departing employee has only copied confidential business information and not caused any computer damage.


Case law makes clear though that the costs to repair invaded computers, costs to respond to an invasion and to determine the scope of an injury and/or to prevent future injury (whether the cost of a consultant or work by an in-house IT employee) count toward the $5,000 damage floor.


The value of lost business information can also be used to shore up damages. For example, in one recent case, Four Seasons Hotels proved that downloaded hotel customer information had a value of over $2 million, in addition to nearly $30,000 in expenses to investigate and remedy the defendant’s unauthorized access.


Frederic Mendelsohn is a partner with the law firm of Burke, Warren, MacKay & Serritella, P.C., in Chicago, www.burkelaw.com. For 12 years he was general manager of the Electronic Distribution Show, and is intimately familiar with the electronic distribution industry. He may be reached at 312-840-7004 or fmendelsohn@burkelaw.com.


Departing employees can steal a business’ trade secrets to compete against their former employers. Taking trade secrets has become easier, as data can be downloaded in a handful of keystrokes. The Computer Fraud and Abuse Act can help protect you against electronic theft.


We are often consulted about how to protect confidential business information and what to do when that information is compromised.


I’ve addressed the topic in many columns, addressing the recruitment of distributor personnel and explaining the inevitable disclosure doctrine that allows courts to enjoin the inevitable disclosure of confidential business or trade secret information when an employee with such information joins a competitor.


Classically, a shrewd departing employee will take a business’ trade secrets, and seek to compete against her former employer. In the past, the departing employee might sneak into the office after hours, copy or leave with boxes of documents containing customer lists, pricing information, proprietary designs, vendor profiles, schematics and other proprietary business data.


Now, the same data can be downloaded in a handful of keystrokes, without even getting into the office. Sometimes patent, copyright and/or a state, federal or common law trade or service mark can protect proprietary information or products. If not, a business often has to look to the law of trade secrets or restrictive covenants.” The former is typically confidential business information that has value in the hands of a competitor; and the latter is often a non-compete or non-disclosure agreement that an employer seeks to enforce in court.


In the past, an injured business (without patent, copyright or other rights) would seek to obtain an injunction from the courts, by enforcing a non-compete or non-disclosure agreement and/or asserting that the stolen information is a “trade secret” under the Uniform Trade Secrets Act (UTSA), which has been adopted in almost every state.


Doing so is not always easy, however, as the law imposes strict requirements to convince a court to enjoin commercial activity and prove the existence of true “trade secrets.” Recent statutory amendments and court rulings, however, make the federal Computer Fraud and Abuse Act (CFAA) a powerful weapon in stopping trade secret theft, and soften some of the evidentiary challenges to establishing a UTSA violation.


Like the UTSA, the CFAA allows an employer whose confidential information has been taken to obtain injunctive relief and damages. Like the UTSA, a claim under the CFAA can be brought in state court, but the CFAA gives business an entr’e into federal court, where different dynamics can affect the likelihood of success in enjoining this type of anti-competitive conduct.


All that is really required for federal jurisdiction is use of a “protected computer,” which is nothing more than one connected to the Internet. Unlike the UTSA, the CFAA has several relaxed elements of proof. For example, while confidential information must be proved to be a legally protected trade secret under the UTSA, it need only be shown to be information that “resided” on a protected computer under the CFAA.


Similarly, while the UTSA requires proof of reasonable steps to protect claimed trade secrets (a factual issue in almost every trade secret case), the CFAA has no such requirement ‘ proof of unauthorized access to the protected computer is sufficient (a much easier burden).


Likewise, under the UTSA, the departing employee must be shown to have “misappropriated” confidential information, where under the CFAA, liability attaches when the information is “accessed.”


In short, while no federal statutory claim is a slam-dunk to prove, the CFAA can be used, independently and/or in conjunction with UTSA (plus other claims), to stop departing employees who clandestinely take a business’ confidential information.


Like

Share this article

About the Author
Picture of Frederic Mendelsohn

Frederic Mendelsohn

Recommended Reading
Leave a Reply

Leave a Comment

Log In

Read the latest articles and see your reports.

Log In

Popular Now

MDM Directories

Sign Up for the MDM Update Newsletter

The MDM update newsletter is your best source for news and trends in the wholesale distribution industry.

Sign Up

2

articles left

Want more Premium content from MDM?

Subscribe today and get:

  • New issues twice each month
  • Unlimited access to mdm.com, including 10+ years of archived data
  • Current trends analysis, market data and economic updates
  • Discounts on select store products and events
Subscribe

Log in

Subscribe to continue reading

MDM Premium Subscribers get:

  • Unlimited access to MDM.com
  • 1 year digital subscription, with new issues twice a month
  • Trends analysis, market data and quarterly economic updates
  • Deals on select store products and events
Subscribe

Log in

1

article
left

You have one free article remaining

Subscribe to MDM Premium to get unlimited access. Your subscription includes:

  • Two new issues a month
  • Access to 10+ years of archived data on mdm.com
  • Quarterly economic updates, trends analysis and market data
  • Store and event discounts
Subscribe

Log in

To continue reading, you must be an MDM Premium subscriber.

Join other distribution executives who use MDM Premium to optimize their business. Our insights and analysis help you enter the right new markets, turbocharge your sales and marketing efforts, identify business partners that help you scale, and stay ahead of your competitors.

Subscribe

Log in

Back to MDM.com

Register for full access

By providing your email, you agree to receive announcements from us and our partners for our newsletter, events, surveys, and partner resources per MDM Terms & Conditions. You can withdraw consent at any time.

Learn More about Custom Reports

Request a Market Prospector Demo

  • This field is for validation purposes and should be left unchanged.

Get the MDM Update Newsletter

Wholesale distribution news and trends delivered right to your inbox.

Sign-up for our free newsletter and get:

  • Up-to-date news in a quick-to-read format
  • Free access to webcasts, podcasts and live events
  • Exclusive whitepapers, research and reports
  • And more!