Header graphic for print
Trading Secrets A Law Blog on Trade Secrets, Non-Competes, and Computer Fraud

Arizona Federal Court Issues Significant Computer Fraud and Abuse Act and Trade Secret Preemption Decision

Posted in Computer Fraud, Computer Fraud and Abuse Act, Data Theft, Trade Secrets

According to a recent Arizona federal court decision, (a) an employee who had the right to access his employer’s confidential emails did not violate the federal Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030, by downloading 300 such documents to his personal computer and sharing them with a recently terminated employee; (b) an employer may pursue either a misappropriation claim under the Arizona Uniform Trade Secrets Act (AUTSA), or statutorily pre-empted causes of action based on the same facts; and (c) a rule to show cause is appropriate where the defendants violated a 48-hour deadline to return the employer’s confidential documents. Food Services of Amer. Inc. v. Carrington, No. CV-12-00175-PHX-GMS (D. Ariz., Nov. 8, 2012).

Because of the holding in U.S. v. Nosal, 676 F.3d 854, 863-64 (9th Cir. 2012), the Carrington case defendants cannot be sued in the Arizona federal court for a CFAA violation (of course, both individuals may be liable for non-CFAA causes of action). Nosal, which is binding on that court, held that an employee who was authorized to access the employer’s computerized records did not violate the CFAA by downloading and distributing them to unauthorized persons. Some other circuit courts of appeal decisions conflict with Nosal. See, e.g., several cases cited there — including International Airport Centers, L.L.C. v. Citrin, 440 F.3d 418, 420-21 (7th Cir. 2006) (breach of duty of loyalty terminates authorization to access employer’s computer data and, therefore, violates CFAA) — and criticized.

The AUTSA pre-empts all claims based on the same facts as the misappropriation cause of action (regardless of whether what was misappropriated was a trade secret or merely confidential information). However, according to the court in Carrington without citation of authority, pre-emption means that the employer must choose whether to sue for an AUTSA violation or for pre-empted claims. This holding is puzzling. Several cases hold that causes of action pre-empted by a uniform trade secrets act are abrogated. See, e.g., CDC Restoration & Constr. v. Tradesmen Contractors, LLC, 274 P.3d 317 (Utah App. 2012) (the “preemption provision [in a UTSA] has generally been interpreted to abolish all free-standing alternative causes of action for theft or misuse of confidential, proprietary or otherwise secret information”).

In response to their ex-employer’s motion for entry of a rule to show cause why the defendants should not be held in contempt for late production of the employer’s documents, the defendants asserted that they had located and produced the documents only a few months after expiration of the deadline for doing so. They professed to having committed a “relatively minor technical infraction” as a result of “a misunderstanding between counsel and defendants.” The court was unforgiving because the “defendants’ response fails entirely to comprehend the serious nature of violating a court order.” That ruling contains a loud and clear message concerning the potential adverse consequences to a party for failing to produce misappropriated confidential documents as ordered by a court, no matter how abbreviated the time allowed for doing so.

In sum, the Carrington decision should send shivers down the spine of a former employee who misappropriated his employer’s proprietary information. In some circuits the former employee may escape CFAA liability for misdeeds occurring before termination, but regardless he may be hit with an expensive lawsuit and a monetary judgment.