The BNA publication, Electronic Commerce & Law Report, recently quoted our own Carolyn Sieve, discussing the Brekka decision. The Electronic Commerce & Law Report article, "Brekka Case Shows Need for Comprehensive Strategy to Shield Data from Insider Misuse," discussed how the Ninth Circuit recently joined a trend disfavoring Computer Fraud and Abuse Act (CFAA) claims brought by companies against disloyal employees. In LVRC Holdings LLC v. Brekka, the court resolved disagreement among federal district courts within the circuit about how the CFAA’s "authorization" standard applies to cases involving data theft by disloyal employees.
According to the article, the court explained that employers may be able to pursue claims under the CFAA, but only if employees violate clearly defined limits on access to company networks in the course of stealing proprietary information. Carolyn commented that the message from Brekka is that employers should not rely solely on potential CFAA claims to protect their proprietary information. She also noted, "The Brekka decision places more responsibility on the employer’s shoulders to provide notice to employees as to what is ‘authorized access.’" Carolyn recommended that employers determine what information they want to protect, implement security protocols to safeguard that information, and combine those efforts with systemic employee education regarding confidential and data use policies.
A full copy of the article is available here. It is reproduced with permission from Electronic Commerce & Law Report, 14 ECLR 1381 (Sept. 20, 2009). Copyright 2009 by The Bureau of National Affairs, Inc. (800-372-1033) http://www.bna.com