Monday, January 12, 2009

Georgia Court Dismisses Computer Fraud Claim for Failure to Allege "Damages" (Andritz v. Southern Maintenance Contractor)

In 1996, Congress dramatically extended the reach of the Computer Fraud and Abuse Act by extending jurisdiction over any fraud claim involving a "protected computer", that is, one used in interstate commerce. The result has been a de facto federalization of trade secrets and unfair competition cases, whereby companies file suit against defecting employees in federal court for computer fraud, trade secrets and, often times, breach of a non-competition covenant. Because pre-departure activity frequently involves an employee's use of a computer - normally to access business information - CFAA claims are part and parcel of unfair competition cases these days.

Over the past several years, court decisions have begun to emerge out of federal district and circuit courts interpreting the reach of the CFAA. Many of those decisions involve the application of the statute's jurisdictional requirement that an aggrieved plaintiff show "damage" or "loss." Under the CFAA, "damage" has a specific meaning: "any impairment to the integrity or availability of data, a program, a system, or information that causes loss aggregating at least $5,000 in value during any 1-year period..." The "loss" component is even more narrow; it basically means damage assessment and data restoration costs. It also includes lost revenue from service interruption.

In a recent Georgia federal district court case, the court addressed an (a)(4) claim, known in legal circles as a claim for "unauthorized access with intent to defraud." The court held that neither "loss" nor "damage" can be interpreted to mean "lost revenue caused by the misappropration of proprietary information and intellectual property from an employer's computer." The Eleventh Circuit apparently has not opined on the issue, and the court granted the defendants' motion to dismiss under Rule 12(b)(6) for failure to state a CFAA claim.

This issue has a somewhat tortured history in federal court. Illinois cases out of the Northern District of Illinois yield conflicting results on whether impairment of data in the form of trade secrets theft is qualitatively the same as deleting or destroying that data. Other courts, including a district court within the Eleventh Circuit, hold that misappropration of such data constitutes legal impairment under the CFAA. The parameters of this statute continue to develop, often times with confusing results.


Court: United States District Court for the Middle District of Georgia
Opinion Date: 1/07/09
Cite: Andritz, Inc. v. Southern Maintenance Contractor, LLC, 626 F. Supp. 2d 1264 (M.D. Ga. 2009)
Favors: Employee
Law: Federal

No comments:

Post a Comment