The Ninth Circuit’s Employee "Password Sharing" Decision Applying the Computer Fraud and Abuse Act
Demetri Economou is an associate in the Labor & Employment, Data Privacy, and Cybersecurity practice groups of Kane Russell Coleman & Logan PC, Houston, Texas.
On July 5, 2016, the Ninth Circuit Court of Appeals issued an important decision for employers under the Computer Fraud and Abuse Act ("CFAA"), 18 U.S.C. § 1030, in United States v. Nosal, Nos. 14-10037, 14-10275, 2016 U.S. App. LEXIS 21868 (9th Cir. Dec. 8, 2016) ("Nosal II"). While Nosal II was a criminal case initiated by the U.S. government against a former private-sector employee, the 2-1 decision may be applicable in the civil context in view of the CFAA’s dual civil-criminal application.1
This article includes a brief primer on the CFAA, its application, and its penalties, as well as a review of the Nosal II case and its implications.