What is Your Company’s Policy on Employee’s Use of Computers (And Why Is It Important)

Recently, the Federal 9th Circuit Court of Appeals heard oral arguments on whether an employee can be prosecuted under the Computer Fraud and Abuse Act for the access of information from the employer’s computer for the employee’s own benefit. This involved a situation where an employee terminated his employment with his employer, which was an executive search firm. After he left his employment, he induced persons who were still employed by his former employer to access certain proprietary information from the company’s computers to help him start up a competing business.

Depending on the jurisdiction, this may be a state law breach of duty to the employer, but the question here is—is it also a violation of the federal statute on computer fraud? This federal law prohibits a person from knowingly accessing a protected computer either without authorization or exceeding their authorized access with an intent to defraud.

In the case before the 9th Circuit, the employer had permitted access to the company’s computers, but prohibited the misuse of any information obtained for non-business purposes. The court heard arguments about whether the section is meant to cover an employment situation and on what is considered authorized access.

While there is no definitive holding in this case yet, if the statute applies to an employee’s unauthorized access to a company computer who then uses the information in a manner that is detrimental to the employer, whether such statute will protect your company may depend on the extent of your written policy concerning the use of the computers by your employees. If the access by your employees is restricted in some manner such as it was in this case, it may allow that statute to give your company some protections. It is best to have a policy to cover this circumstance to give you the best protection.