What is a Federal Computer Crime? It depends where you are

Robinson+Cole Data Privacy + Security Insider
Contact
LinkedIn
Facebook
X
Send
Embed

When an employee has access to data for work, but the employee uses it for non-work purposes, is that a federal crime under the Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030)? The answer depends on where you are.

Ninth Circuit & Fourth Circuit: No, It’s Not a Crime

In late August, the Ninth Circuit Court of Appeals vacated convictions of two Los Angeles police department officers under the CFAA in U.S. v. Christensen, No. 08-50531, Slip Op. at 32 (9th Cir. Aug. 25, 2015). The officers had allegedly searched confidential police databases for use in an unauthorized private detective ring. The court ruled this was not a crime under the CFAA.

The court reasoned that CFAA, which it sees as an “anti-hacking statute,” is “limited to violates of restrictions on access to information, and not restrictions on use.” United States v. Christensen, No. 08-50531, Slip Op. at 32 (9th Cir. Aug. 25, 2015)(quoting U.S. v. Nosal, 676 F.3d 854, 864 (9th Cir. 2012) (en banc)). The court noted “Congress has created other statutes under which the government employee who abuses his database access privileges may be punished, but did not intend to expand the scope of [CFAA] the federal anti-hacking statute.” Slip Op. at 34-5.

The Fourth Circuit has taken a similar view of the CFAA. See WEC Carolina Energy Solutions v. Miller, 687 F.3d 199 (4th Cir. 2012).

Other Courts: Yes, It is a Crime

Other U.S. Courts of Appeals have applied a broader reading of the CFAA, arguably ruling that it applies to employee misuse of corporate information. See EF Cultural Travel BV v. Explorica, Inc., 274 3d 577 (1st Cir. 2001); U.S. v. John, 597 F.3d 263 (5th Cir. 2010); Int’l Airport Ctrs. LLC v. Citrin, 440 F.3d 418 (7th Cir. 2006); U.S. v. Rodriguez, 628 F.3d 1258 (11th Cir. 2010).

The Second Circuit: Considering the Issues

The Second Circuit continues to think about the issue. In United States v. Valle, 14-4396-CR, as we reported earlier, the court heard oral argument in May, but has not yet issued a decision. Most recently in September, the attorneys in Valle are arguing about what the Ninth Circuit’s ruling in Christensen means in dueling letters to the Court.

Depending on how the Second Circuit comes out, misuse of employer information may be a computer crime under the CFAA in New York, but not in California. We will keep you posted.

[View source.]

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Robinson+Cole Data Privacy + Security Insider | Attorney Advertising

Written by:

Robinson+Cole Data Privacy + Security Insider
Robinson+Cole Data Privacy + Security Insider
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Robinson+Cole Data Privacy + Security Insider on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide