In September 2019, the Ninth Circuit held that hiQ Labs, Inc.’s (“hiQ”) collection and use of information that LinkedIn users shared on their public profiles did not violate the Computer Fraud and Abuse Act (“CFAA”) because the data was publicly available and therefore did not fall within the scope of the CFAA. Following the Ninth Circuit’s order, the Supreme Court issued a decision in Van Buren v. United States, wherein the Supreme Court held, in a 6-3 ruling, that a former Georgia police officer did not “exceed authorized access” within the meaning of the CFAA by accessing a state law enforcement computer database containing license plate information to determine whether an individual was an undercover officer. The Supreme Court concluded that an individual “exceeds authorized access” when he accesses a computer with authorization but then obtains information located in particular areas of that computer—such as files, folders, or databases—that are off-limits to him.
Continue Reading Ninth Circuit Reaffirms that Data Scraping from Public Websites Does Not Violate the Computer Fraud and Abuse Act

In a long-awaited decision, the Supreme Court resolved a circuit split about whether an individual with access to a computer system violates the Computer Fraud and Abuse Act (“CFAA”) by accessing information for an improper purpose. By a 6-3 decision authored by Justice Barrett, the Court held that an individual does not “exceed authorized access” within the meaning of the CFAA by misusing access to obtain information that is otherwise available to that person. While the case heard by the high court was a criminal case involving a former law enforcement officer’s criminal conviction, the decision nonetheless has broad ramifications for trade secrets and restrictive covenant litigation, as CFAA claims were often brought against employees who misused access rights to misappropriate information. The CFAA is a criminal statute that also provides a civil remedy, and CFAA claims were commonly raised to acquire federal subject matter jurisdiction, especially prior to the enactment of the Defend Trade Secrets Act in 2016, which provided an independent private cause of action in federal court for trade secret misappropriation.
Continue Reading Supreme Court Resolves Circuit Split on Access Under Computer Fraud and Abuse Act

While it can be hard to remember in a world dominated by COVID-19 headlines, the wheels of justice have not stopped turning at the Supreme Court—even if Justices are now hearing argument remotely. On Monday, April 20, SCOTUS granted a petition for certiorari in a case that may finally provide clarity to a question that has troubled defense attorneys and trade secrets practitioners alike for many years: what does it mean to “exceed authorized access” under the Computer Fraud and Abuse Act?
Continue Reading CFAA Battle Heading to the Supreme Court

On Tuesday, October 10, 2017, the United States Supreme Court denied certiorari in Nosal v. United States, 16-1344. Nosal asked the Court to determine whether a person violates the Computer Fraud and Abuse Act’s prohibition of accessing a computer “without authorization” when using someone else’s credentials (with that other user’s permission) after the owner of the computer expressly revoked the first person’s own access rights. In denying certiorari, the Court effectively killed the petitioner’s legal challenge to his conviction in a long-running case that we have extensively covered here, here, here, here, here, here, and here (among other places). The denial of certiorari leaves further development of the scope of the CFAA in the hands of the lower courts.
Continue Reading Supreme Court Refuses to Hear Password-Sharing Case, Leaving Scope of Criminal Liability Under Computer Fraud and Abuse Act Unclear

In a recent ruling by the Supreme Court of Kentucky, Creech v. Brown (June 19, 2014), the court affirmed that in Kentucky, noncompetition agreements must be supported by adequate consideration in order to be enforceable. The circumstance addressed by the court involved an employee who was presented with a noncompetition and confidentiality agreement after working for the employer for
Continue Reading Rebecca Woods on Recent Kentucky Supreme Court Decision Holding that Non-Compete Failed for Lack of Consideration

While the Supreme Court has taken some heat in the past for seeming to misunderstand technology and how it impacts the normal person’s life, with Riley v. California the Court demonstrated not only an unexpected fluency with how mobile phone technology has evolved, but also with how it has caused our daily sphere of privacy expectations to evolve. Just like
Continue Reading John Tomaszewski Explains the Supreme Court’s Riley v. California Decision and What It Means for Consumer Privacy Going Forward

By Robert Milligan and Grace Chuchla

The Missouri Supreme Court recently issued a decision, Whelan Security Co. v. Kennebrew, et al., 2012 Mo. LEXIS 167, reaffirming Missouri as a pro non-compete jurisdiction for employers.

The Court’s decision makes clear that Missouri courts applying Missouri law will enforce non-competition and customer non-solicitation and employee non-solicitation agreements that are reasonable and
Continue Reading Missouri Supreme Court Reaffirms That Missouri Is A Pro Non-Compete Jurisdiction, Enforcing Non-Competition and Modified Non-Solicitation Agreements Against Non-Resident Former Security Company Employees

As previously reported on this blog, the Virginia Supreme Court recently issued an important new non-compete decision which impacts the enforceability of non-compete agreements in Virginia and serves as a reminder that employers may want to review their agreements with employees and update them as appropriate. Here is a Seyfarth One Minute Memo on this important new case.Continue Reading Virginia Employers Should Update Their Non-Compete Agreements In Light of New Virginia Supreme Court Ruling