The Computer Fraud and Abuse Act (CFAA) has generated controversy over whether it can be used to go after people who violate a website’s terms of service or an employer’s policies. A recent decision by the U.S. District Court for the Eastern District of Louisiana has added fuel to the fire, in a way that benefits employers. In Associated Pump & Supply Co., LLC v. Kevin Dupre, the court held that an employee’s alleged violation of his confidentiality contract by accessing and then using company files for his own purposes may give rise to a CFAA violation. Other courts have held that such misuse of company information does not violate the CFAA if the employee had the right to access the network when he downloaded the information. The split seems unlikely to be resolved absent an amendment of the statute by Congress or Supreme Court intercession. In the meantime, the court’s decision in Associated Pump underscores the importance of carefully drafting company policies to delineate the scope of employees’ authorized access to company networks and information.