A Tennessee court recently considered what losses are actionable under the Computer Fraud and Abuse Act (CFAA), which provides a cause of action against anyone who obtains information from a protected computer by intentionally accessing the computer without authorization or exceeding authorized access. In the case, the defendant was a former employee who allegedly transferred trade secrets and other confidential information, including customer lists, confidential pricing formulas, and marketing strategies, to his personal computer for the purpose of forming a competing business. The court found the plaintiff did not allege a recoverable loss under the CFAA, following a line of cases that have held that lost revenue is only recoverable under the CFAA if incurred due to a “loss of service.”

Tip: To recover lost revenue under the CFAA, you need to be able to tie the damages to an interruption or loss of service.