Our Workplace Privacy, E-Communication and Data Security Practice Group recently posted this article regarding the United States Supreme Court’s denial of certiorari in Nosal v. Unites States, 16-1344. This Blog previously posted articles about the Nosal case, which can be found here and here.
In the Nosal case, the individual defendant was criminally prosecuted under the Computer Fraud and Abuse Act (“CFAA”), for using his past assistant’s password to access his former employer’s computer system after the company had revoked his own access credentials. His conviction was affirmed by the Ninth U.S. Circuit Court of Appeals, and the petition for certiorari to the U.S. Supreme Court followed.
By declining to review the Ninth Circuit’s affirmance, the Supreme Court left in place a pronounced split in the Circuit Courts regarding the extent to which the CFAA applies in the employment context. While the First, Fifth and Eleventh Circuits generally hold a similar view as the Ninth Circuit, other courts have concluded that criminal prosecution under the CFAA was intended for the more limited purpose of targeting third party hackers.