Case Summary
**Case Summary: United States v. David Nosal**
**Docket Number:** 7839909
**Court:** United States Court of Appeals for the Ninth Circuit
**Date:** 2011
**Background:**
David Nosal, a former employee of Korn/Ferry International, was charged under the Computer Fraud and Abuse Act (CFAA). After leaving the company, Nosal allegedly used the credentials of a current employee to access the company’s database and download sensitive information, including trade secrets and proprietary data, which he intended to use to start a competing business.
**Legal Issue:**
The primary legal issue in this case was whether Nosal’s actions constituted a violation of the CFAA, particularly in regard to whether he had “exceeded the authorized access” under the Act by using another employee’s credentials to access company data after he had terminated his employment.
**Court’s Decision:**
The Ninth Circuit Court of Appeals ultimately ruled that Nosal did not violate the CFAA because he did not access information that was “off-limits” to him prior to his termination. The court emphasized that the CFAA was intended to combat unauthorized access and that Nosal was not accessing any areas of the company’s system that he had not been permitted to access while employed.
**Significance:**
This case is significant as it addresses the interpretation of “exceeding authorized access” under the CFAA, clarifying the boundaries of what constitutes unauthorized access in the context of an employee misusing a coworker's login credentials. It reflects ongoing legal debates about the scope of the CFAA and how it applies in cases involving former employees and trade secrets.
**Conclusion:**
The Ninth Circuit's ruling in United States v. David Nosal established important legal precedent regarding employee access to personal and corporate information after termination of employment, particularly under the Computer Fraud and Abuse Act. This case is often cited in discussions regarding computer access rights and privacy in the workplace.