Investigations and Enforcement

In Van Buren v. United States, No. 19-783, 2021 WL 2229206 (U.S. June 3, 2021), the United States Supreme Court issued an opinion drastically limiting the application of the Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030 et seq.), holding that the “exceeds authorized access” clause of the Act applies only to those who obtain information from particular areas in the computer—such as files, folders, or databases—to which the individual is not authorized to access under any circumstances. However, the Supreme Court excluded application of the clause to individuals who misuse their access to obtain information otherwise available to them for an unauthorized purpose. The Court’s Van Buren decision resolves a long-standing circuit split over the meaning of this key phase of the CFAA, and simultaneously creates new challenges for employers seeking to hold liable employees who misuse company information to the employer’s detriment.
Continue Reading Supreme Court Resolves Circuit Split Over CFAA

During a May 19, 2021 webcast at the Financial Industry Regulatory Authority’s (“FINRA”) annual conference, Amy Sochard, FINRA’s Vice President of Advertising Regulation, indicated that the organization will seek public feedback on gamification practices utilized by some stock trading platforms to attract investors with a view toward issuing new rules or guidance.  “Gamification” refers to the application of typical elements of game playing, such as point scoring, competition with others, and rules of play, by trading platforms, online retailers or vendors to encourage engagement with a product or service.
Continue Reading Game On: FINRA Hints at Upcoming Gamification Sweep

On May 31, 2005, the United States Supreme Court reversed Arthur Andersen’s 2002 conviction for evidence tampering. That vindication does not alter the core lesson of the Andersen prosecution: a document retention policy must be drafted and implemented carefully to serve its purpose of protecting a company against a charge of evidence tampering. Prudent companies should adopt document retention policies that halt document destruction in the face of government investigations, train employees about document retention policies routinely rather than in response to crisis situations, and exercise caution in email content.
Continue Reading Document Retention Policies Remain Crucial in Wake of Supreme Court’s Andersen Ruling