| Issue: |
You have an employment contract with an employee whose job includes identifying potential properties that your company may want to acquire. You have given him a laptop computer to keep files on all the properties he inspects. The employee decides to quit and go into competing business for himself, which is a violation of the employment contract. Before he returns the laptop to you, he deletes all the files on it, including files about potential acquisition properties as well as information that shows he was engaging in improper activities under the contract. He does this by loading a secure-erasure program that overwrites all the files and prevents their recovery, leaving your company with no access to what had been company information.
Your organization sues him for breaching his contractual obligations and misappropriating business opportunities and assets, including confidential work information from the computer files that give him a competitive advantage. You also claim he violated the federal Computer Fraud and Abuse Act. Can you make your claims stick?
|
 |
|
Answer: |
Yes. Under similar facts, an employer was able to use the Computer Fraud and Abuse Act as one of its claims against an employee who breached an employment agreement and destroyed company data. That law applies to someone who knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage, without authorization, to a protected computer.
Whether the employee used a CD or disk or downloaded a file from the Internet didn’t really matter, said the Federal Court of Appeals for the Seventh Circuit. Either way the conduct was the kind that Congress intended to cover when enacting the law, whether attacks from virus and worm writers that come from “outside” the organization, or those that come mainly from inside the organization, like disgruntled employees who want to trash the employer’s systems.
Also, the court pointed out that the employee’s authorization to access his laptop ended when, after he had already engaged in misconduct and decided to break his employment contract, he chose to destroy files that were the property of the employer or were incriminating. As such, his computer activity was not “authorized.” In fact, the only basis on which he was authorized to access the laptop was his employment relationship. When he chose to end that relationship, his authority to access the computer ended as well.
Accordingly, the court found that the employer properly asserted claims under the Computer Fraud and Abuse Act as a part of its lawsuit against its former employee.
Source: International Airport Centers, LLC v. Citrin, 2006 US App Lexis 5772, (CA-7, March 8, 2006).
|
