No Items in Cart 
Background of the Computer Fraud and Abuse Act and the Case
Generally, the CFAA prohibits two forms of “hacking”:- Firstly, any “outside” hacking, achieved by “access[ing] a computer without authorization”; and
- Secondly, any “inside” hacking, where an individual “exceeds authorized access” by accessing a computer “with authorization.” Accordingly, the individual would then obtain any information they are “not entitled so to obtain.”
Previous Circuit Court Decisions
Before the Supreme Court heard the case, circuit courts had contradictory interpretations of the Computer Fraud and Abuse Act. The First, Fifth, Seventh, and Eleventh Circuits all adopted a broad construction of the CFAA. Basically, those courts allowed claims to go forward when an individual misused information they were otherwise permitted to access. The Second, Fourth, and Ninth Circuits, conversely, ruled to limit claims to situations where an individual accessed usually blocked information. Accordingly, any misuse of information that they had authorized access to could not constitute a violation. Thus, the Supreme Court agreed to hear the case to settle the split in the circuit courts.Supreme Court Decision
Following arguments, the Supreme Court issued a 6-3 decision ruling against the United States. The ruling stated that an individual who uses an authorized computer to access permissible information does not violate the CFAA. Indeed, this includes situations when the individual uses the accessed data for a prohibited purpose. Should a person obtain information from an electronic source that they usually lack authorized access to, that would violate CFAA.Employer Takeaways
In conclusion, the Supreme Court decision places more responsibility on employers to protect crucial electronic information. For example, suppose employees have access to information and use that for personal gain. In that case, employers cannot sue under the CFAA. Employers can, however, claim violation of any contract that the employer might have created with workers involving digital-based information. Subsequently, employers should review policies to include safeguards to protect against actions like those in this case.Personnel Concepts is expanding our delivery of employment law news into the audio space. Listen to the Labor Law Report, the podcast dedicated to timely HR and employment law news, powered by Personnel Concepts, your compliance partner! If you’re looking for the latest in labor law, we’ve got the report. In the latest episode of the Labor Law Report, we start off with breaking news regarding the EEOC's latest guidance on mandatory COVID-19 vaccinations for employees. Additionally, we discuss the Tip Regulations Final Rule Issued under the Fair Labor Standards Act, the recent guidance published by the IRS to address the new COBRA continuation coverage requirements, the Wage and Hour Division's withdrawal of the Independent Contractor rule, and the updated CDC public health guidelines for vaccinated individuals. Don’t forget to stick around for our mandatory posting updates. Listen to the Labor Law Report below!
