SIGN UP NOW
Follow the NWC on Twitter!Follow the NWC on Facebook!

Fourth Circuit says employees can copy data the employer allows them to see

Posted on July 30, 2012 by Richard Renner

Last week, the U.S. Court of Appeals for the Fourth Circuit (in Richmond, Virginia) ruled that employers cannot use the Computer Fraud and Abuse Act (CFAA) to make claims against former employees who copied computer files before separating from employment.  This decision agrees with the Ninth Circuit and disagrees with the Seventh Circuit on the issue of CFAA's application to employees copying data their employer permitted them to see.  This issue is particularly important to whistleblowers who want to preserve evidence of misconduct contained in the employer's computer network.

The Fourth Circuit relied on the following statement of facts in reaching its decision:

In April 2010, Mike Miller resigned from his position as Project Director for WEC Carolina Energy Solutions, Inc. (WEC). Twenty days later, he made a presentation to a potential WEC customer on behalf of WEC's competitor, Arc Energy Services, Inc. (Arc). The customer ultimately chose to do business with Arc. WEC contends that before resigning, Miller, acting at Arc's direction, downloaded WEC's proprietary information and used it in making the presentation. Thus, it sued Miller, his assistant Emily Kelley, and Arc for, among other things, violating the Computer Fraud and Abuse Act (CFAA), 18 U.S.C. § 1030.

Enacted in 1984 and strengthened in 1986, the CFAA is primarily a criminal statute aimed at hackers. However, it also allows hacking victims to sue for damages and injunctions.  In 2006, the Seventh Circuit in Chicago held that an employee who erases data on a company laptop before returning it breached a "duty of loyalty" and terminated the agency relationship that was the source of the employee's authorization to access the computer. Int'l Airport Ctrs., LLC v. Citrin, 440 F.3d 418, 420-21 (7th Cir. 2006). The Ninth Circuit interprets "without authorization" and "exceeds authorized access" literally and narrowly. To violate the CFAA, an individual must access a computer or information on a computer without permission. See United States v. Nosal, 676 F.3d 854, 863 (9th Cir. 2012) (en banc); LVRC Holdings LLC v. Brekka, 581 F.3d 1127, 1134-35 (9th Cir. 2009). Now, the Fourth Circuit has joined the Ninth Circuit.

The Fourth Circuit stated, "we agree with the district court that although Miller and Kelley may have misappropriated information, they did not access a computer without authorization or exceed their authorized access. See 18 U.S.C. §§ 1030(a)(2)(C), (a)(4), (a)(5)(B)-(C)." This is true even assuming that they accessed the information to assist their new employer.

This is great news for whistleblowers who have access to the employer's computer data and want to use that access to document frauds, illegality, or dangers to the public safety or health. It can be helpful to whistleblowers who face "document dilemmas." However, employees in the Seventh Circuit (Illinois, Indiana, and Wisconsin) should be aware that they may be subject to liability for violating the employer's rules about access to information unless they can persuade the Seventh Circuit to change its mind, or win an appeal to the Supreme Court.

The case is WEC Carolina Energy Solutions, LLC v. Miller, No. 11-1201 (4th Cir. July 26, 2012).  Congratulations to the employees' attorneys, James William Bradford, Jr., and Brian S. McCoy, both of South Carolina.

Tags: , , , ,
  • Print
  • Comments
  • Trackbacks
  • Share Link

Whistleblower lawsuit questions attorney-client privilege

Posted on August 6, 2009 by Richard Renner

Bookmark and Share

Richard Convertino's Privacy Act lawsuit against the U.S. government is now addressing a question of whether a U.S. attorney can conceal his emails to his attorney sent over the government's computers. Convertino was one of America’s top federal prosecutors. The government selected him to conduct a high-profile terrorism trial in Detroit. He lost his job after blowing the whistle on incompetence in the Bush Administration’s “war on terror.” High ranking Justice Department officials then leaked confidential information in an attempt to discredit Mr. Convertino. The government officials with access to the confidential information all submitted affidavits saying they did not leak the information.  Now one of those officials, Assistant U.S. Attorney Jonathan Tukel, is trying to block Convertino's access to emails saved on government computers. The dispute highlights some common problems in whistleblower cases, and also suggests which U.S. government official most likely leaked Convertino's private information and then lied in a sworn affidavit to cover up the retaliation.  Today, the Detroit News reports on the dispute. 

 

 The Detroit News focuses on Tukel's claim that the emails stored on government computers are actually his personal emails to his attorney.  The article quotes Convertino's attorney, Stephen M. Kohn, as saying that Tukel waived any privilege when he chose to use official government computers to send his emails.  The issue is now pending on Tukel's motion to intervene in the case to allow him to assert his claim of privilege.

Whistleblowers often face attacks on their credibility and reputation.  Those intent on committing crimes or cutting corners on public safety usually will not stop when a whistleblower makes an initial report.  Instead, they will attack the whistleblower's credibility, or trash the whistleblower's reputation, to stop others from believing the whistleblower or from coming forward with additional information.  Here, the high-ranking Justice Department officials released a confidential complaint against Convertino to David Ashenfelter, a reporter for the Detroit Free Press.

I recall a similar dispute in which the government accessed my client's attorney-client emails without ever giving my client a chance to object.  The government, through lawyers of the Justice Department, later defended itself by arguing that "there is no right to privacy in government computers. United States v. Simons, 206 F.3d 392, 398-399 (4th Cir. 2000).

If Tukel is successful in his motion to intervene, he may then have to contend not only with the waiver issue, but also the crime-fraud exception.  Courts will not allow persons to use the attorney-client privilege to conceal crimes or frauds.  If Tukel's emails show that he released confidential government information without permission, or that he lied in his affidavit claiming that he was not the source, then his claim of privilege may be of no avail.
Tags: , , , ,
  • Print
  • Comments
  • Trackbacks
  • Share Link