David Smith has written a useful article discussing the Benefits of Trade Secret Misappropriation Claims Under the Computer Fraud & Abuse Act (“Benefits“), and comparing these claims to those under the Uniform Trade Secrets Act (“UTSA”). The CFAA, 18 U.S.C. § 1030, is a federal statute outlawing “theft and destruction of data, hacking, use of viruses, theft of passwords and extortionate threats to damage computers.” SeeBenefits at 1. The CFAA now allows a civil right of action. See 18 U.S.C. § 1030(g). The author points to the following three benefits of a CFAA cause of action in a trade secrets dispute:
- Federal Question Jurisdiction: “The CFAA provides for federal question subject matter jurisdiction, which then allows a plaintiff to bring appropriate state law claims under the court’s supplemental jurisdiction.” Benefits at 1. Smith points to the benefits of nationwide service of process in trade secrets disputes. Id. He notes that this “benefit [nationwide service of process] cannot be downplayed because often in complex trade secret litigation the plaintiff resides in one state, the defendant resides in a different state, and both the evidence of trade secret theft and key witnesses are in different states around the country. Litigating this type of case in state court might require filing motions and proceedings in multiple jurisdictions throughout the country in order to depose key witnesses and obtain necessary evidence. Nationwide service of process avoids this entire situation and saves substantial amounts of time.” Id. (citing Liccardi, The Computer Fraud and Abuse Act: A Vehicle for Litigating Trade Secrets in Federal Court, 8 J. MARSHALL REV. INTELL. PROP. L. 155 (Fall 2008) at 13-14).
- No Need to Prove Secrets: Under the UTSA, a plaintiff must prove secrecy. “While this may not necessarily be a significant hurdle in most instances, there is no such requirement under the CFAA, where the plaintiff must simply prove that the stolen information resided on a “protected” computer. Id.
- No Need to Prove “Reasonable Steps” to Protect Secrecy: “There is no similar requirement under the CFAA.” Id. at 2. Under the CFAA, a plaintiff must prove only that the employee lacked or exceeded his authority when accessing such information. Id.