Last August, we reported on a Ninth Circuit case in which a former employee was convicted of a crime under the Computer Fraud and Abuse Act (“CFAA”) for accessing and downloading information from his former company’s database “without authorization.”  The former employee has now asked that the U.S. Supreme review the Ninth Circuit’s decision.

The question presented to the high Court is, “Whether a person who obtains an account holder’s permission to access a computer nevertheless ‘accesses a computer without authorization’ in violation of the CFAA when he acts without permission from the computer’s owner.”

According to the petition, the Ninth Circuit decision is at odds with other circuit court opinions that look to the computer owner’s “intentions, expectations, and contractual or agency relationships to determine whether access to a computer is authorized.”

The petition argues that the appellate court’s ruling “exposes a broad range of innocuous, day-to-day activity to criminal prosecution” such as an assistant who logs into an executive’s email account or a spouse who logs on to her husband’s email account. However, as the Ninth Circuit majority stated, “[t]his case is not about password sharing” and noted that the case “bears little resemblance to asking a spouse to log in to an email account to print a boarding pass.” The key issue according to the appellate court is whether the access is without authorization. It would seem that an argument comparing a secretary’s access to access by a former employee is hardly compelling. Still, as noted in our earlier post, companies should at a minimum include in their policies and agreements prohibitions on current employees providing their passwords to former employees or even unauthorized current employees.

A full copy of the former employee’s petition can be found here.

We will continue to monitor this case as it develops.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Jeffrey M. Schlossberg Jeffrey M. Schlossberg

Jeffrey M. Schlossberg is a Principal in the Long Island, New York, Office of Jackson Lewis P.C. Mr. Schlossberg has devoted his entire career to the employment law field. He is a Certified Information Privacy Professional (CIPP/US) with the International Association of Privacy…

Jeffrey M. Schlossberg is a Principal in the Long Island, New York, Office of Jackson Lewis P.C. Mr. Schlossberg has devoted his entire career to the employment law field. He is a Certified Information Privacy Professional (CIPP/US) with the International Association of Privacy Professionals and is an editor of the firm’s EPL Risk Mitigation Blog.

Mr. Schlossberg has extensive experience in handling all aspects of the employer-employee relationship. Areas of concentration include: employment discrimination prevention and litigation; workplace harassment policy development and compliance; social media and information privacy in the workplace; family and medical leave; disability matters; wage and hour investigations and litigation; non-competition agreements; and corporate mergers and acquisitions.

Mr. Schlossberg has defended against claims such as sexual harassment, age, race, national origin and disability discrimination for public and private companies in industries such as media, technology, airline, aircraft components, restaurants, supermarkets, securities, medical, manufacturing, cosmetics, food processing, software, clothing, vitamins and nutritional products, and many other employers of varying size throughout the metropolitan area and across the country.

Mr. Schlossberg lectures frequently about various topics to trade and professional associations, such as the Hauppauge Industrial Association. Mr. Schlossberg is also an active member of the Nassau County Bar Association and is a Past Chair of the Nassau County Bar Association Labor & Employment Law Committee.

Mr. Schlossberg is an appointed member of the Employment Law Panel of arbitrators for National Arbitration and Mediation.