Law School Case Brief
United States v. Nosal - 844 F.3d 1024 (9th Cir. 2016)
The Computer Fraud and Abuse Act imposes criminal penalties on whoever knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value. 18 U.S.C.S. § 1030(a)(4).
Nosal was a high-level regional director at the global executive search firm Korn/Ferry International. Korn/Ferry's bread and butter was identifying and recommending potential candidates for corporate positions. In 2004, after being passed over for a promotion, Nosal announced his intention to leave Korn/Ferry. Negotiations ensued and Nosal agreed to stay on for an additional year as a contractor to finish a handful of open searches, subject to a blanket non-competition agreement. During this interim period, Nosal was very busy, secretly launching his own search firm along with other Korn/Ferry employees, including Christian, Jacobson and FH. The start-up company was missing Korn/Ferry's core asset: "Searcher," an internal database of information on over one million executives, including contact information, employment history, salaries, biographies and resumes, all compiled since 1995. Searcher was central to Korn/Ferry's work for clients. Searcher was hosted on the company's internal computer network and was considered confidential and for use only in Korn/Ferry business. Nosal and his compatriots downloaded information and source lists from Searcher in preparation to launch the new competitor. Before leaving Korn/Ferry, they used their own usernames and passwords, compiling proprietary Korn/Ferry data in violation of Korn/Ferry's computer use policy. In March 2005, Korn/Ferry received an email from an unidentified person advising that Nosal was conducting his own business in violation of his non-compete agreement. The company launched an investigation and, in July 2005, contacted government authorities.
Was Nosal's Computer Fraud and Abuse Act conviction proper?
The Court of Appeals for the Ninth Circuit held that Nosal's Computer Fraud and Abuse Act conviction was proper because a jury was properly told using a victim's employee's credentials to access computers was "without authorization," under 18 U.S.C.S. § 1030(a)(4), and he knew co-conspirators did this. His Economic Espionage Act conviction under 18 U.S.C.S. § 1832(a) was proper because a database that Nosal accessed was a trade secret despite its public information, he knew it was a trade secret and stealing it would harm the victim, and an instruction not requiring trade secret proof did not constructively amend the indictment. A restitution order erred because, while it did not have to match the sum used for U.S. Sentencing Guidelines Manual § 2B1.1(b), as 18 U.S.C.S. § 3663A(a)(1) mandated restitution despite other laws, a victim's attorneys' fee award was excessive, as too much arose from answering inquiries.
Access the full text case
Not a Lexis Advance subscriber? Try it out for free.
Be Sure You're Prepared for Class