Trade Secrets Archives - Castaybert Law, NYC

June 6, 2022

The Department of Justice (DOJ) has recently updated its prosecutorial policy under the Computer Fraud and Abuse Act (CFAA). Enacted in 1984 and repeatedly amended since, the CFAA has produced a circuit split concerning the law’s reach, leading to recent attempts by the judiciary to restrict the open-ended language of the statute.

Definitions

The CFAA provides that a person who “intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains… information from any protected computer” has violated the law. 18 U.S.C. § 1030(a)(2)(C).

Exceeding authorized access is defined by the statute as accessing “a computer with authorization and to use such access to obtain or alter information in the computer that the accessor is not entitled so to obtain or alter.” 18 U.S.C. § 1030(e)(6).

Recent Jurisprudence

The DOJ’s new policy reflects both changing jurisprudence and changing technological and business practices.

Heeding the decisions by the Ninth Circuit in hiQ Labs, Inc. v. LinkedIn Corp., 17-16783 (9^th Cir. 2019), and the Supreme Court ruling in Van Buren v. United States 19-783, 593 U.S. (June 3, 2021), the new DOJ policy will limit the scope of its investigations into CFAA violations relating to “web scraping” and departing employees accessing sensitive information.

In the hiQ case, the Ninth Circuit ruled that hiQ did not violate the CFAA by “scraping” large quantities of publicly available LinkedIn member profile data to create a competing product. LinkedIn argued that hiQ’s continued scraping practice constituted a violation of the CFAA. The Ninth Circuit ruled in hiQ’s favor, and did so again in April 2022.
In the Van Buren case, the Supreme Court sided against the government’s argument that a person authorized to access a protected computer system “exceeds” authorization by doing so with improper motives.

Policy shift

The DOJ has enumerated new conditions under which it will prosecute cases under the CFAA, defining what kinds of actions fall under the statute’s language.

The DOJ now says it will charge defendants for accessing “without authorization” in cases where the defendant was “not authorized to access the protected computer under any circumstances” and did so knowingly.

It defines “exceeding authorized access” as cases where:

a defendant knowingly accesses information from which they are “unconditionally prohibited” in a protected computer that has clear “computational” divisions of its contents.

In either case, DOJ says it will also weigh whether prosecution “would serve the Department’s goals for CFAA enforcement,” which it defines through several criteria, including:

the scale of the crime and harm committed, whether the crime impacts broad national or economic interests
the deterrent value of an investigation, if any other jurisdiction is likely to hold a defendant accountable if DOJ declines to prosecute
whether “the defendant’s conduct consisted of… good-faith security research.”

To read more about the DOJ’s new CFAA enforcement policy, click here for Jeffrey Neuberger’s detailed post in Proskauer’s New Media and Technology Law Blog.

To read the Department of Justice’s press release as well as its stated policy, click here and here.

To read how Castaybert PLLC can assist in employment disputes raising unauthorized access issues under the CFAA and in protecting trade secrets and company confidential information, click here.

June 7, 2021-The Supreme Court recently weighed in on a circuit split regarding the interpretation of the Computer Fraud and Abuse Act’s (CFAA) “exceeds unauthorized access” clause. This clause is often used to litigate against employees who access proprietary data for an improper purpose. The Case, Van Buren v. United States centered around a former police officer’s criminal conviction under the CFAA for accessing a police license plate database, which he had authorization to access, to do a search for money violating department policy. Ultimately, the Court held that the CFAA “does not cover those who, like Van Buren, have improper motives for obtaining information that is otherwise available to them.” The Court also noted that a broader interpretation of “exceeds authorized access” would allow criminal penalties for a vast amount of “commonplace computer activity”. Proskauer Rose LLP’s Jeffrey Neuburger and Jonathan Mollod break down both the Supreme Court’s decision, and potential future implications of the Court’s interpretation of the CFAA provision.

Find full article here.

Find full decision here.

Learn how CASTAYBERT PLLC can assist you with Trade Secret Law here.

Can a plaintiff recover trade secrets damages from a defendant for the costs the defendant avoided by misappropriating plaintiff’s trade secrets?

Apparently not, according to the New York Court of Appeals. In E.J. Brooks Co. v. Cambridge Security Seals, 2018 WL 2048724 (N.Y. May 3, 2018), the New York Court of Appeals announced that a plaintiff seeking compensatory damages for unfair competition may only recover what the plaintiff would have earned if not for the defendant’s wrongs—not the amount that defendant saved, received, or earned through its wrongful actions. Id. at *4. The Court also held that plaintiff’s asserting unjust enrichment claims are not permitted to recover compensatory damages from defendants for their avoided costs.

The majority’s decision invoked a vehement dissent in which Judge Rowan Wilson, joined by Judges Rivera and Fahey, expressed concerns about the majority’s “unnecessarily narrow interpretation of damages,” its conflation of damages at law and in equity, and its incoherence with existing New York Unfair Competition Law.

E.J. Brooks significantly limits the scope of compensatory damages recoverable by plaintiffs in trade secret and unfair competition actions in New York. Rather than permitting plaintiffs to recover for competitive advantages conferred on defendants found guilty of engaging in unfair competition, the Court capped plaintiff’s damages at the amount of actual loses incurred. As noted by the dissent, this has the potential to incentivize economic espionage and discourage innovation, making the decision highly questionable as a matter of policy.

For a more detailed analysis of the case, see Muhammad U. Faridi and A. Robert Quirk’s New York Law Journal Article, “Unfair Competition, Trade Secrets Damages Limited to Plaintiff’s Losses Under NY Law,” published June 25, 2018.

To read the full E.J. Brooks opinion visit the New York Court of Appeals’ website here.

To learn about how Castaybert PLLC can assist with trade secret matters, please click here.