Employment Law Alert : Gibbons P.C.: Labor Relations, Employment Contracts, Employee Benefits, & Wrongful Discharge Lawyers & Attorneys

NouvEON’s complaint alleged McClure and Smarter Systems committed computer trespass under North Carolina statute and violated North Carolina’s Unfair and Deceptive Trade Practices Act, and accused both defendants with civil conspiracy and unjust enrichment. The complaint also alleged that McClure violated the CFAA and committed conversion, and that Smarter Systems tortiously interfered with McClure’s contract and was vicariously liable.

The Court’s Decision

The North Carolina Federal District Court ruled that although the state claims substantially predominated over the federal claim, all allegations in the complaint concerned the “same core of operative facts.” Therefore, the Court, guided by the “principles of judicial economy, convenience, and fairness to litigants,” exercised its discretion to retain supplemental jurisdiction under 28 U.S.C. § 1367 over NouvEON’s state law claims.

The Takeaway

The Court’s decision presents employers who prefer to litigate trade secret, restrictive covenant and related state law claims against their former employees (and perhaps their new employers) in federal court a potential means of doing so (when diversity jurisdiction does not exist). By pleading a valid CFAA claim, employers can satisfy the federal question jurisdiction requirement for litigating in Federal Court.

For answers to questions regarding non-competition, trade secrets, and other related matters, as well as litigation and the protection of business information please feel free to contact an attorney in the Gibbons Employment & Labor Law Department.

Lindsay J. Jarusiewicz is an Associate in the Gibbons Employment & Labor Law Department.

The Court also dismissed Eagle’s claim under the Lanham Act, the federal statute relating to trademark protection which prohibits unfair competition in goods and services through use of a word, term, name, symbol or device (or a combination of them) that is likely to confuse, mislead or deceive regarding the affiliation, sponsorship or approval of such goods, services or commercial activities. A viable claim under the Lanham Act requires a showing of a legally protectible mark, the plaintiff owns the mark and the defendant’s use of the mark to identify goods and services is likely to cause confusion. The Court considered the Third Circuit’s Lapp factors -- a non-exhaustive list of factors used to determine whether the mark is likely to cause confusion -- and concluded that the use of the LinkedIn account by the incoming CEO is unlikely to confuse a viewer. The Court did so reasoning that the account was changed to reflect the name, photograph and information of the incoming CEO. Also, Edcomm made no attempt to portray the new CEO as the former one or to claim the outgoing CEO was affiliated with or endorsed by Edcomm.

Finally, the Court maintained jurisdiction over the plaintiff’s state law claims, noting that the trial date was only 2 weeks away and that it would be unfair to dismiss those claims at such a late date.

Conclusion

The law with regard to social media -- especially professional social media -- is constantly evolving. Efforts by an employer to assert protections over company sponsored or directed social media activity is likely to face challenges by employees asserting privacy and property rights. Employers should consider these and other related social media activities when preparing social media policies and enforcement measures. For answers to questions regarding social media issues, please feel free to contact any of the attorneys in the Gibbons Employment & Labor Law Department.

Mitchell Boyarsky is a Director in the Gibbons Employment & Labor Law Department.

The issue before the court was whether the employees “exceed[ed] authorized access” under the CFAA (assuming the allegations set forth against them were true). As noted in the opinion, some courts outside the Ninth Circuit have limited the CFAA’s protections in this context to “computer hackers, electronic trespassers and other ‘outsiders’” only, while others have found violations where employees with authorized access engaged in activities that harmed the employer and breached their duties of loyalty.

The court focused on the plain language of the statute in rendering its decision. By statute, in order to exceed authorized access, one must “access a computer with authorization and . . . use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.” The court concluded the word “so” in the definition would be meaningless unless it extended to actions by individuals beyond those which are indicated or suggested. As a result, the court ruled that employees with some authority to access an employer’s computer systems can nonetheless violate the CFAA if their access extends beyond the express authorization permitted by their employer.

The court explained that its ruling was consistent with LVRC Holdings LLC v. Brekka, 581 F.3d 1127 (9th Cir. 2009), where the court decided that an employee did not exceed authorized access because he had permission to access the employer’s system, regardless of the manner in which he used it. The court distinguished Brekka by highlighting that the employer’s policies in the case before it limited the manner in which the employees were authorized to access information on the employer’s system. To the contrary, the employee’s access in Brekka was “unfettered.”

Whether the Nosal decision will stand is yet to be decided. The Ninth Circuit heard argument en banc in the case on December 15, 2011.

Tolliver

In Tolliver, the defendant, a bank employee, allegedly accessed customer account information stored in the bank’s electronic systems. The individuals whose accounts were accessed subsequently became victims of a scheme involving fraudulent checks that were drawn against their accounts.

Bank employees, like the defendant, could access the customer account information using their employee numbers and passwords. Additionally, bank policy generally prohibited employees from accessing customer account information without a business purpose. It was undisputed that the customer accounts were accessed using the defendant’s employee number, and that the defendant had no business reason to access the information.

Without specifically referencing the bank’s policies regarding use of its electronic systems, the court held that the defendant violated the CFAA by intentionally exceeding her authorized access. It explained that although the bank permitted her to access customer information, she accessed the information without a business purposes, thereby exceeding her authorized access in violation the CFAA. 

                                                                           * * * * *                                                                           

The Ninth Circuit’s decision in Nosal underscores the importance of having comprehensive workplace policies in place that limit employee use of electronic systems. The court in Nosal decided that employees exceeded their authorized access in violation of the CFAA by using the employer’s systems in a manner contrary to detailed policies. The Third Circuit’s decision in Tolliver demonstrates that the absence of such policies may not be fatal to a CFAA claim based on an “exceeding authorized access” theory (albeit the case was an extreme one involving a bank fraud). Together, these decisions both emphasize the continued significance that the CFAA plays in protecting confidential and proprietary electronic information in the workplace.

In light of the continuous evolution of the law in this area, employers should review their electronic systems policies with employment counsel periodically to ensure that the policy language complies with current law and protects your business’s interests. To discuss your company’s policy needs, please contact any attorney in the Gibbons Employment & Labor Law Department.

James J. LaRocca is an Associate in the Gibbons Employment & Labor Law Department.