Protecting Intellectual Property – The Computer Fraud and Abuse Act

By: Greg Johnson

For many companies, their intellectual property is their raison d’être.  Organizations spend thousands of dollars protecting themselves from computer hackers, external intrusions, computer viruses and so forth. Ironically, as often as not, the persons who are able to do the most harm to a company are its employees and departing employees.

Several years ago, the Ponemon Institute, a privacy management research firm, and Symantec, a computer security applications company, announced the results of a co-sponsored survey of 945 adults who were laid off, fired or lost jobs over the course of a year. Of these 945 individuals, 37% said they were asked to leave; 38% said they had found a new job; and, 21% moved on because they anticipated lay-offs. All of them had access to proprietary information such as customer data, contact lists, employee records, financial reports, confidential business documents, software tools or other intellectual property that belonged to their employer. According to the survey, 59% took company data with them when they left their jobs.  The surveyed persons indicated that the stolen information was used to get a new job, start their own business, or simply for revenge.  Notably, the survey revealed that part of the problem rests with companies themselves and their relaxed attitude towards internal security.

How should companies protect themselves from these unsavory realities?  Generally, organizations must implement and enforce well written employee agreements and policies that address their data. Further, given the Ninth Circuit holdings regarding the Computer Fraud and Abuse Act, companies must proactively manage their data, monitor files that are in motion, and ensure that their systems are secure from both internal and external attacks.  For more information on this important topic see link