Posted by Joseph Vance
Employers may have a new weapon to use against disgruntled employees who delete data on their computers before leaving the company. In a recent Seventh Circuit Court Appeals decision, International Airport Centers, LLC v. Citrin, 440 F.3d 418 (7th Cir. 2006), the court held that the employer could maintain a claim against a former employee under the Computer Fraud and Abuse Act, 18 U.S.C. sec. 1030 ("CFAA").
In that case, in the course of his employment, the defendant Citrin was issued a laptop to use to record data that he collected in the course of his work to identify potential acquisition targets. Citrin decided to quit and go into business for himself. However, before returning the laptop to his employer, Citrin deleted all of the data on the laptop and installed a secure-erasure program to ensure that the deleted files could not be recovered. The deleted files included not only the data he collected but also data that would have revealed to his employer improper conduct that Citrin had engaged in before he decided to quit.
The CFAA provides that whoever "knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer," violates the Act. Citrin argued that merely erasing a file from a computer is not a "transmission." The court, however, concluded that the loading of the secure-erasure program onto the computer (either as an Internet download or from a disk insertion) constituted a "transmission" under the Act.
