Industrialist’s Computer Fraud Case Won’t Stick

     (CN) – Dresser-Rand cannot sue its former managers under the Computer Fraud and Abuse Act for transferring files to their new company days before they resigned, a federal judge ruled.
     A $2 billion industrial and power plant equipment manufacturer based in Houston, Texas, and Paris, France, Dresser-Rand sued its former managers G. Curtis Jones and Jeffrey King after they left to start Global Power Specialist Inc., a Lantana, Fla.-based gas turbine repairer. Albert Wadsworth IV, their partner in that venture, was also named as a defendant in Dresser-Rand’s action.
     The federal complaint, filed in the Eastern District of Pennsylvania, alleges that the three men incorporated Global Power just a few weeks before Jones and King resigned from Dresser-Rand in February 2010.
     Before flying the coop in the preceding months, the pair downloaded thousands of Dresser-Rand files to external hard drives and flash drives, according to the complaint.
     Though Jones and King claim that their supervisors told them to back up the data on their Dresser-Rand laptops, and that they did not know how to select which files to back up, the company’s computer expert found that the downloads were not made in a “backing up” manner.
     Dresser-Rand said Jones and King emailed its business information to Wadsworth. In a Feb. 25, 2010, email to Wadsworth, King wrote: “I shit-canned everything on my computer since I have to turn it in tomorrow.”
     The managers then transferred the swiped documents onto Global Power’s computers, according to the complaint, and Wadsworth edited some of the files.
     Dresser-Rand’s Mid-Atlantic regional director of services, Glenn “Chip” Jones, testified, however, that he had “no reason to believe that [Jones and King] accessed information other than what they had authorized access to do through their Dresser-Rand user name and password.”
     The complaint asserts conspiracy and misappropriation of trade secrets, as well as violations of the Computer Fraud and Abuse Act (CFAA) and other claims.
     Shortly after the defendants moved for summary judgment on the CFAA claims only on Nov. 9, 2010, the court suspended the case pending conclusion of a related criminal investigation.
     Dresser-Rand notified the court on April 16, 2013, that the investigation had ended and that the authorities would not pursue charges against the defendants.
     U.S. District Judge Anita Brody granted the defendant summary judgment last week, holding that Wadsworth did not access or damage Dresser-Rand computers, as required by the CFAA.
     “Dresser-Rand provides no legal basis in the CFAA or otherwise to justify imputing liability from the individuals who access a computer without authorization to others who may eventually benefit from their actions,” Brody wrote. “Therefore Wadsworth cannot be held liable for a CFAA claim under these theories and I will grant defendant’s partial motion for summary judgment as to Wadsworth.”
     Dresser-Rand’s computer “use” policies cannot alter Jones’ and King’s authorized employee “access” to files, the judgment states.
     “If Jones and King were authorized to access their work laptops and to download files from them, they cannot be liable under the CFAA even if they subsequently misused those documents to compete against Dresser-Rand,” Brody wrote.
     Without download restrictions, it is “irrelevant” to look at the intent behind Jones and King’s downloads, the judge found.
     “Because Jones and King had authorization to access their work computers, they did not hack into them when they downloaded the files,” the ruling states. “Their alleged misuse of the files may have remedies under other laws, but not under the CFAA.”

%d bloggers like this: