Louisiana District Court Extends Pro-Employer Interpretation of the Computer Fraud and Abuse Act’s “Authorized Access” Provisions to Impose Civil Liability on Former Employee

A worker’s authorized access of an employer’s computer system during the course of his employment, in which he acquired information that he later misused, gives rise to civil liability under the Computer Fraud and Abuse Act (CFFA), the U.S. District Court for the Eastern District of Louisiana held April 3 (Associated Pump & Supply Co., LLC v. Dupre).

Kevin Dupre worked as a salesman covering certain Louisiana parishes for Associated Pump & Supply Co. under a confidentiality and noncompetition agreement. Before terminating his employment, Dupre allegedly started a competing company and discussed employment with another competitor. Dupre also allegedly downloaded files containing confidential information and trade secrets and deleted files belonging to Associated Pump from his work computer. The employer filed suit against Dupre alleging a CFAA violation, amongst other claims. Dupre moved to dismiss the CFAA claim, contending that Dupre’s access was not “unauthorized” or “exceeding authorization.” A claim brought pursuant to the CFAA under 18 U.S.C. § 1030(a)(4) requires the plaintiff to prove the following elements: “(1) defendant has accessed a protected computer; (2) has done so without authorization or by exceeding such authorization as was granted; (3) has done so ‘knowingly’ and with ‘intent to defraud’; and (4) as a result has ‘further[ed] the intended fraud and obtain[ed] anything of value.”

To read this blog post click here