Litigation: The ambiguous CFAA

The courts have yet to offer clear and uniform guidance as to the boundaries between activities that are permissible and those that are not

Soon after Matthew Broderick starred in the 1983 movie “WarGames,” Congress passed the precursor to what is known today as the Computer Fraud and Abuse Act (CFAA). When initially passed, this ominous-sounding statute was designed to criminally punish individuals who misused computer technology to obtain national security secrets or personal financial records or hacked into government computers (à la Broderick’s character). Today, this statute has been amended to protect against fraud and related activities in connection with access devices and computers, and to provide civil remedies. Put another way, the CFAA is to computers what trespassing and burglary are to real property.

The CFAA sprouts up fairly often in trade secrets cases. This likely stems from several roots. First, the CFAA provides easy access to federal court. Second, as companies often store their confidential data on computers, the CFAA extends liability without having to actually prove that the data or information misappropriated is confidential or is protected as a trade secret. Finally, the CFAA provides for injunctive relief. One challenge, however, to asserting a CFAA claim is the absence of any uniform interpretation of the statute by the various circuits. Until the Supreme Court steps in, the viability of a statutory claim in a particular circumstance can depend on the locale where the case is to be filed.

Contributing Author

author image

Steven P. Blonder

Steven P. Blonder is a principal in the Litigation and Dispute Resolution practice group at Chicago-based Much Shelist. His practice is primarily focused in the...

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.