The Secure Times

An online forum of the ABA Section of Antitrust Law's Privacy and Information Security Committee

Authorized computer access by departing employee not CFAA violation

Leave a comment

A departing employee, who copied proprietary files while still having full access to his employer’s protected computer databases did not access information “without authorization” or otherwise "exceed authorized access" under the Computer Fraud and Abuse Act (CFAA). Diamond Power Int’l, Inc. v. Davidson, No. 1:04-cv-1708, 2007 U.S. Dist. LEXIS 73032 (N.D. Ga. Oct. 1, 2007). The court granted summary judgment to the defendant on the CFAA claims, but let stand other related trade secret and contract claims based upon the employee’s forwarding of confidential company information to his new employer. The court found that the employee could not be liable under the CFAA because there was no dispute that he was authorized to initially access the company computers and that his level of authorized access included permission to obtain the specific data in question. The court, in reaching its conclusion, recognized a split in the circuits as to the interpretation of this aspect of the CFAA. Nevertheless, the court rejected the plaintiff’s argument, based upon the Seventh Circuit opinion in International Airport Centers, L.L.C. v. Citrin, 440 F.3d 418 (7th Cir 2006), that an employee exceeds his authorized access when he obtains company information for an allegedly improper purpose.


Author: ABA Antitrust

Learn more about the ABA Section of Antitrust Law:

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s