Computer Fraud and Abuse Act Offers Employers Powerful Weapon in Cases Involving Employee Theft of Trade Secrets

WASHINGTON, July 13 /PRNewswire/ -- In the wake of the Great Recession, businesses face one of the most competitive environments in decades. The last thing they need is yet another challenge, but like it or not, that's just what they're getting – and it's coming from inside their own companies in the form of employee theft of files containing sensitive information. While such cases can be notoriously difficult to prosecute, the Computer Fraud and Abuse Act (CFAA) provides employers with a powerful weapon they can use to protect their interests, attorney Leslie Paul Machado, a partner in LeClairRyan, based in the firm's Washington, D.C. office, writes in an article entitled "Protecting Against Employee Theft," posted this week on HREOnline.com.

The number of trade secret cases being filed in U.S. courts has grown exponentially in recent years, and in more than 85% of cases, the alleged perpetrator is a company insider. Cases of employee data theft more than doubled between 2006 and 2008 alone, and the number of such incidents is almost certain to increase further, Machado writes in the HREOnline.com article, citing recent research published in the Gonzaga Law Review and a KPMG study. He points to Starwood Hotels & Resorts Worldwide Inc.'s suit against Hilton Hotels Corp. and two former Starwood executives as a dramatic example of the trend and an illustration of how high the stakes can run. The lawsuit charges that the departing executives took hundreds of thousands of files containing confidential and proprietary Starwood information and trade secrets, and that Hilton used the information to launch a new format to compete with Starwood's W hotel brand.

Machado acknowledges in the article that the best way to neutralize potential damage from trade secret theft by employees is to prevent it in the first place. "However," he notes, "given the interconnected nature of the modern business environment and the need for employees at all levels of an organization to have timely access to data, an ironclad prevention policy is a virtual pipedream." As such, employers should be aware of all means at their disposal to redress such transgressions when they occur and the former employee uses the information to start a competing business or help their new employer compete against their old one. These may include claims for breach of an employment agreement, tortious interference with ongoing and/or prospective opportunities, misappropriation of trade secrets, civil conspiracy, conversion or, in some cases, breach of fiduciary duty.

The CFAA is an additional powerful weapon former employers can use to bring suit against disloyal employees who access a computer "without authorization" and obtain something of value, Machado writes. One aspect of the CFAA that contributes to its potency is the inclusion of criminal penalties. This "significantly increases a defendant's exposure and thus may encourage an expeditious settlement on terms most favorable to the former employer" in cases where the employer has a viable claim, he suggests.

Employers should be aware that the CFAA is an area of law that is still evolving, he cautions. While a number of courts have endorsed employer claims under this law, other courts have rejected them in virtually identical cases. Generally, it comes down to a matter of interpretation, and the discrepancy between those interpretations ultimately will have to be resolved by the Supreme Court or Congress. In the meantime, there are several steps employers can take to put themselves in a stronger position and help tilt the odds in their favor, Machado advises.

First, employers should amend their employment manuals to assert that any authorization granted to an employee to access the company's networks, files or data automatically ceases when the employee leaves the company, he writes. Second, they should make clear in their employment handbooks, manuals and employment agreements that any authorization to access company data is granted only in furtherance of the employer's business purposes. Third, employers must remain vigilant to retrieve laptop computers from employees immediately after an employee gives notice. They should also immediately change passwords and close remote access upon learning of an employee's intention to leave the company.

About LeClairRyan

Founded in 1988, LeClairRyan provides business counsel and client representation in corporate law and high-stakes litigation. With offices in California, Connecticut, Massachusetts, Michigan, New Jersey, New York, Pennsylvania, Virginia and Washington, D.C., the firm has approximately 300 attorneys representing a wide variety of clients throughout the nation. For more information about LeClairRyan, visit www.leclairryan.com.

SOURCE LeClairRyan

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

440k+
Newsrooms &
Influencers

9k+
Digital Media
Outlets

270k+
Journalists
Opted In

GET STARTED