About the author: Whit Rayner is a partner in theJones Walker law firm’s Business & Commercial Litigation Practice Group in the Jackson office, and he is the leader of the Intellectual Property team. He is a contributor to Trade Secret Insider, which chronicles legal insights on trade secrets, non-competes, computer fraud and confidential data theft. This article was originally posted on tradesecretsinsider.com.
We frequently discuss the Computer Fraud and Abuse Act (“CFAA”), which prohibits obtaining information from protected computers through unauthorized access or access that exceeds such authorization. Violating the CFAA can have serious consequences, as the statute carries both criminal and civil penalties. But must a defendant obtain information through unauthorized access and exceed authorized access? Ordinarily not. Yet the U.S.Supreme Court will soon consider this question. On June 29, 2015, the Court agreed to hear a criminal defendant’s appeal, in which he argues that federal prosecutors were required to prove both elements for his CFAA conviction.
The Conviction. Michael Musacchio was the president of Exel Transportation Services (ETS), a transportation brokerage company, until he resigned in 2004. In 2005, Musacchio founded a competing company, Total Transportation Services (TTS), and then used independent agents to access ETS’s computer servers to obtain proprietary information. ETS’s new president began hearing rumors about a data breach and hired a forensic investigator, who uncovered what Musacchio was up to. ETS sued Musacchio, TTS, and others, and the parties ultimately settled the civil dispute for $10 million. But in 2010, the federal government indicted Musacchio for violating and conspiring to violate the CFAA the CFAA. The jury returned a guilty verdict, and Musacchio filed an appeal with the United States Court of Appeals for the Fifth Circuit.
The Conviction Affirmed. On appeal, Musacchio did not attack CFAA’s language, which is fairly clear: 18 U.S.C. § 1030(A)(2) prohibits one from obtaining information from a protected computer by accessing this computer without authorization or exceeding such authorization. Instead, Musacchio’s question was this. What happens when the trial court erroneously instructs the jury (without objection) that the underlying CFAA offense is defined as “to intentionally access a protected computer without authorization and exceed authorized access”? Ordinarily, “an instruction that increases the government’s burden and to which the government does not object becomes law of the case.” United States v. Jokel, 969 F.2d 132, 136 (5th Cir. 1992). However, under Fifth Circuit procedure, that rule does not apply where (1) “the jury instruction…is patently erroneous and (2) the issue is not misstated in the indictment.” United States v. Guevara, 408 F.3rd 252, 258 (5th Cir. 2005). On Musacchio’s appeal, the Fifth Circuit held that the indictment correctly set forth the standard and that the jury instruction was patently erroneous. Musacchio v United States, No. 13-11294, slip op. at 5 (5th Cir. Nov. 10, 2014).
Before The Supreme Court. The Supreme Court likely agreed to hear Musacchio’s appeal to resolve a circuit split. Unlike the Fifth and First Circuits, the Eight and Tenth Circuits require the government to meet any standard imposed by a jury instruction when the government fails to make an objection. Though the Supreme Court likely will not resolve differing interpretations of the CFAA itself—such as the conflicting views on what it means to “exceed authorized access”—the Court will consider an interesting question that highlights the importance of the CFAA in modern trade secret cases and will likely resolve the circuit split on whether an erroneous jury instruction can become the standard when an the government fails to object. Argument on this case is expected during the Supreme Court’s October term, and we will continue to monitor and report on any new developments in the case.