The U.S. Court of Appeals for the Ninth Circuit held, in U.S. v. Nosal, that former employees could be found guilty under the Computer Fraud and Abuse Act (CFAA) for accessing a company’s confidential database, even though a current, authorized employee had willingly facilitated the access by providing her credentials to the former employees. This is the Ninth Circuit’s second decision involving the application of the CFAA to defendant David Nosal. The court found that since the company had revoked the former employees’ access rights, and only the company (not the current employee) owned the database and had the authority to grant access rights, the former employees’ access through these means was “without authorization” under the CFAA.