As originally discussed on this blog back in February, a lawsuit brought by Advanced Micro Devices (AMD) against former employees accused of taking AMD trade secrets with them to competitor Nvidia has been ongoing and a recent opinion in the case highlights the uncertainty surrounding the Computer Fraud and Abuse Act (CFAA).
A recent opinion issued by Judge Timothy S. Hillman narrowly interpreted the CFAA in this case. Judge Hillman declined a broad interpretation of the CFAA and held that AMD’s allegations in its complaint are insufficient to sustain a CFAA claim.
The relevant portion of the CFAA provides that it is a violation of the CFAA to:
Knowingly and with intent to defraud, [access] a protected computer without authorization or [exceed] authorized access, and by means of such conduct [further]the intended fraud and [obtain] anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period.
There exists a circuit split on the interpretation of this clause. As Judge Hillman noted, the 1st Circuit has not clearly articulated its position on the issue. The broad interpretation defines access in terms of agency or use. That is, whenever an employee breaches a duty of loyalty or a contractual obligation and acquires an interest adverse to their employer, then all subsequent access exceeds the scope of authorized access. Proponents of the narrower interpretation argue that the intent of the CFAA was to deter computer hacking and not to supplement common law trade secret misappropriation remedies and therefore fraudulent means must be used to obtain the information initially.
Judge Hillman utilized a narrow interpretation of the CFAA and held that AMD had not pleaded sufficient facts to maintain a cause of action under the CFAA. AMD had pleaded that the defendants used their authorized access to computer systems to download and retain confidential AMD information which they retained when they left to go work at Nvida. The complaint, while alleging the defendants had the intent to defraud AMD, provided no facts which support the allegation that the defendants obtained the information through fraudulent or deceptive methods.
Judge Hillman did not outright dismiss the claim given the truncated evidentiary record and has allowed AMD the opportunity to plead specific details indicating that some or all of the defendants used fraudulent or deceptive means to obtain the confidential information and that they intentionally defeated or circumvented technologically implemented restrictions to obtain the confidential information. If other judges in the 1st Circuit follow Judge Hillman’s approach, plaintiffs will need to ensure that they plead with sufficient detail that the defendants obtained the information through a fraudulent or deceptive method as opposed to simply obtaining the information through permissible access.
