Computer Fraud and Abuse Act and Employment


In a case filed in Eastern District of North Carolina alleging a claim under the federal Computer Fraud and Abuse Act (CFAA), (Sageworks, Inc. v. Creatore) the district court found that the employee accessed information belonging to the employer without authorization and exceeded his authorized access to obtain information.

Cases under CFAA can be brought in federal or state court. An employer can sue employee when the employee accesses and uses information without authorization. This law is commonly being used to file a lawsuit against an employee when the employee takes employer information and goes to work for a competitor.

For help with employment law questions or other civil litigation issues, call Tracy Stroud, Attorney with Colombo Kitchin Attorneys in Greenville, NC, at 252-321-2020.

Employee Misappropriation or Disclosure of Sensitive Information and the North Carolina Computer Trespass Statute


Employees must have access to confidential and proprietary information in the workplace, most often in electronic format. The problem is when employees leave the employment, it is easy enough for them to misappropriate the electronic information to the detriment of the employer.

One potential cause of action against the employee is violation of the North Carolina Computer Trespass Statute (N.C. General Statute Section 14-458), which states “it shall be unlawful for any person to use a computer or computer network without authority and with the intent” to remove computer data or make an unauthorized copy of the data. Violation of the statute is a criminal offense ranging from a Class 3 Misdemeanor to a Class I Felony; however, a person may also bring a civil suit to recover damages and costs N.C.G.S. 14-458(c). “Without Authority” is defined in the statute as “exceeding right or permission.” Therefore, in the employment context, even if the employee had permission to access the information on the computer or the network, using it in a way detrimental to the employer, such as taking the information when departing, or using it to solicit the employer’s clients or to compete with the employer, is clearly defined as “without authority.”

A federal case from the Eastern District of North Carolina (Spirax Sarco, Inc. v. SSI Engineering, Inc.) has interpreted the North Carolina statute to apply to employees misappropriating information in employment situations because the employee took the information without authority.

Please call Tracy Stroud with questions about employment law or other civil litigation issues at 252-321-2020.