In Van Buren v. United States, No. 19-783, 2021 WL 2229206 (U.S. June 3, 2021), the United States Supreme Court issued an opinion drastically limiting the application of the Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030 et seq.), holding that the “exceeds authorized access” clause of the Act applies only to those who obtain information from particular areas in the computer—such as files, folders, or databases—to which the individual is not authorized to access under any circumstances. However, the Supreme Court excluded application of the clause to individuals who misuse their access to obtain information otherwise available to them for an unauthorized purpose. The Court’s Van Buren decision resolves a long-standing circuit split over the meaning of this key phase of the CFAA, and simultaneously creates new challenges for employers seeking to hold liable employees who misuse company information to the employer’s detriment.
Continue Reading Supreme Court Resolves Circuit Split Over CFAA
cybersecurity
SEC Steps Up Cybersecurity Enforcement with $1 Million Fine Against Morgan Stanley
The Securities and Exchange Commission’s (“SEC”) recent $1 million settlement with Morgan Stanley Smith Barney LLC (“MSSB”) marked a turning point in the agency’s focus on cybersecurity issues, an area that the agency has proclaimed a top enforcement priority in recent years. The MSSB settlement addressed various cybersecurity deficiencies that led to the misappropriation of sensitive data for approximately 730,000 customer accounts.
Continue Reading SEC Steps Up Cybersecurity Enforcement with $1 Million Fine Against Morgan Stanley
Cybersecurity: Breaching The Boardroom
When the President of the United States calls something “one of the gravest national security dangers that the United States faces,” it seems worthwhile to pay attention. The President’s statement,…
Continue Reading Cybersecurity: Breaching The Boardroom