Technology & Employment Issues

Employee Computer HackingOn June 3, 2021, the U.S. Supreme Court issued a ruling that significantly limits the “exceeds authorized access” clause of the Federal anti-hacking statute called the Computer Fraud and Abuse Act of 1986 (CFAA). Here is a copy of the opinion (Van Buren v U.S.)

Why the CFAA Opinion Matters:

Without proper planning, this ruling

Data mining LinkedIn profilesA Federal Judge recently blocked LinkedIn from restricting another company from using data from LinkedIn’s website. The suit involves Linkedin and hiQ Labs, Inc. The suit also has significant ramifications for job-seekers and employers. See LinkedIn Profiles Used to Alert Employers Which Employees are Job-Hunting.

hiQ Labs Business Depends Upon Access to LinkedIn Profiles

hiQ

Data BreachA former employee’s accessing a Google Drive he set up for his employer may result in a violation of the federal Computer Fraud and Abuse Act (CFAA). This case also serves as a reminder to carefully evaluate how your company uses any third-party services like Dropbox, Google Drive, etc.

Computer Fraud and Abuse Act Background

While it is far from settled, the trend under the Federal Computer Fraud and Abuse Act continues towards narrowing the application of the CFAA in the context of the employer/employee relationship.

Specifically, a federal district court in Colorado concluded that the federal computer fraud statute was not violated by departing employees and contractors who, during

email, nlrb, employer email, employer email policiesCompanies will need to revise their employee email policies following a ruling from the National Labor Relations Board (NLRB) (Purple Communications on December 11, 2014).

Specifically, in a 3-2 decision (three Democrats, two Republicans) held that Section 7 of the National Labor Relations Act allows,

… employee use of e-mail for statutorily protected

Trade Secret MisappropriationUber and Lyft are both internet and mobile application based technology companies offering a peer-to-peer ridesharing platform. Or for less tech-speak, they are involved in what is generally described as the “sharing economy.” However, a recent lawsuit makes clear that sharing has its limits.

Specifically, Lyft is suing a former executive (Lyft v Uber (PDF)), Travis VanderZanden, for breaching his confidentiality agreement and fiduciary duty and after he jumped ship to join Lyft’s chief rival, Uber. According to the complaint filed in the lawsuit, the former executive copied vast amounts of confidential information on his way out the door. Uber has denied that Mr. VanderZanden has “shared” any of this information with Uber. 

These claims and allegations are by no means extraordinary. But they do provide a perfect roadmap for both employers and employees to follow when it comes ending one employment relationship in order to join a competitor. But instead of taking an all-out road trip to address all of those issues, two points stand-out.

How to Get Guarantee Your Former Employer Will Sue You

As to the firs issue, a little background for what not to do if you are an employee about to join a competitor: Lyft’s lawsuit alleges that VanderZanden informed the company’s founders of his plans to resign on August 12 and agreed to meet with the founders on August 15. But VanderZanden cancelled that meeting and suggested they speak after the weekend.

According to the complaint, it was a busy weekend for Mr. VanderZanden. Lyft alleges that he backed up a number of emails and confidential documents to his personal home computer and mobile phone before handing his company computer back. These actions were discovered after Lyft conducted a forensics analysis of VanderZanden’s company-issued laptop. The analysis further revealed that months prior to the departure, Mr. VanderZanden synchronized his personal Dropbox account with his Lyft laptop, copying a “significant number of Lyft’s most sensitive documents” in the process.

So the first issue for both employers and employees is really two sides of the same coin. From an employee’s perspective, assume your digital fingerprints will point to every piece of digital information you touched, e.g., every file, every email, every document, etc. And if those fingerprints suggest you took you former employer’s information to your new employer, be prepared to be sued.

And because these digital fingerprints provide valuable insight, employers need to have a plan in place to preserve this likely treasure trove of digital evidence. This is because the absence of such evidence may eliminate an expensive Don Quixote-like endeavor against the former employee. There is nothing worse than spending A+ resources on a C- employee or situation.

Conversely, the presence of such evidence will be needed to convince a judge that injunctive relief is appropriate and to otherwise support claims against the former employee. As part of your company’s plan, you’ll need to address how to preserve, analyze, and use the digital evidence.

Play a Strong Hand; Bluffing in Litigation Can Be Costly
Continue Reading An Uber Example of Getting Caught with Your Hand In Your Employer’s Cookie Jar

Computer Crime HandcuffsOne of the more noteworthy employer/employee trade-secret misappropriation and Computer Fraud and Abuse Act  (CFAA) cases came to an end earlier this week. Specifically, Mr. David Nosal wa sentenced on January 8, 2014 to one year and one day in prison. He was convicted for misappropriating his former employer’s trade secrets and improperly accessing the

Risk, Reduce, Avoid.jpgWith Christmas quickly approaching, employers should expect that their employees will be enjoying new technology devices entering the new year. And this means employers should expect new employment law compliance issues and technology risks for their companies. 

Bring Your Own Devices and Employment Law Compliance Issues

Employee owned devices create a minefield for employers when