Cybersecurity » When Employees Take Information Without Permission

When Employees Take Information Without Permission

December 16, 2015


The circuits are split on the question of whether employers can use the Computer Fraud and Abuse Act (CFAA) to go after employees who “exceed authorized access” to get stored information. It’s a very fine distinction they are wrestling with, as explained in this post from Orrick, Herrington & Sutcliffe, but some courts – the Second Circuit Court of Appeals is the latest – have ruled that an employee who misuses information garnered without hacking cannot be targeted under the CFAA. This has important implications for employers and the degree to which they should rely on technical barriers, as opposed to policies, as a way of limiting access to sensitive company information.

Read full article at:

Get our free daily newsletter

Subscribe for the latest news and business legal developments.

Scroll to Top