Tuesday, September 29, 2009

9th Circuit Clarifies Hacking Statute in Employment Context

An employee's use of a work computer “without authorization” for purposes of the Computer Fraud and Abuse Act [18 U.S.C. Section 1030(a)] depends on the employer's policies and definitions of acceptable use, not the employee's state of mind, the U.S. Court of Appeals for the Ninth Circuit held Sept. 15 (LVRC Holdings LLC v. Brekka, 9th Cir., No. 07-17116, 9/15/09) (opinion available at http://tinyurl.com/n362nz).

The court held: "Because Brekka was authorized to use LVRC’s computers while he was employed at LVRC, he did not access a computer “without authorization” in violation of § 1030(a)(2) or § 1030(a)(4) when he emailed documents to himself and to his wife prior to leaving LVRC. Nor did emailing the documents “exceed authorized access,” because Brekka was entitled to obtain the documents. Further, LVRC failed to establish the existence of a genuine issue of material fact as to whether Brekka accessed the LVRC website without authorization after he left the company."

Moral: Have good employee policies regarding email practices and authorizations!


Thursday, September 03, 2009

New Hyperwrap Case

Court holds that an online contract that uses a combination of three hyperlinks to reference an external contract and which is encountered pre-checkout is binding. See