LVRC Holdings, LLC (“LVRC”) sued its former employee, Christopher Brekka, and his consulting business, Employee Business Solutions, Inc. (“EBSN”), alleging that Brekka violated the Consumer Fraud and Abuse Act (“CFAA”) by accessing LVRC’s computer without authorization during and after Brekka was employed at LVRC. In affirming the lower court’s ruling in favor of Brekka, the Ninth Circuit found that Brekka was authorized to use LVRC’s computer while he was employed at LVRC. Therefore, Brekka did not violate the CFAA by emailing documents to himself or his wife on his personal computer before leaving LVRC. Additionally, Brekka did not exceed his authorized access because Brekka was permitted to obtain the documents that he emailed. Additionally, the court determined that there were insufficient material facts to establish that Brekka accessed LVRC’s computers without authorization after he left LVRC.
TIP: Companies should review their policies regarding use of company data and documents to confirm that such policies clearly detail employees’ authorized use of company data and technology.