Computer Hacking in Palm Beach County underscores the need for Businesses to find legal solutions to protect and prosecute sensitive computer data. According to news reports, one or more members of the St. Louis Cardinals may have hacked into the Houston Astros’ database. The alleged hack originated from a computer in Jupiter, Florida, which coincidently is where the St. Louis Cardinals hold Spring Training. Based on a report published in the St. Louis Post-Dispatch, the St. Louis Cardinals’ Director of Scouting may have accessed the Astros’ computer, allegedly to determine if any proprietary team information was stolen from the St. Louis Cardinals. The question about whether any sensitive team information was unlawfully taken from the Cardinals in the first place apparently arises from the fact that the General Manager of the Astros was once an employee of the Cardinals.
Although at this time the investigation into the baseball “hack” has not resulted in any charges against anyone, the circumstances surrounding the allegations certainly should sound the alarm for local businesses everywhere to protect confidential computer data and safeguard trade secrets. If you have questions or need assistance with protecting your business and its proprietary intellectual property, sensitive computer information, and trade secrets then you may need to call the experienced corporate legal technology lawyers at Boynton Law, P.A. for a free consultation.
In the arena of criminal law, there are two Florida statutes that particularly relate to this baseball computer hacking story. The first is in Chapter 815, Computer-Related Crimes, which supplements other criminal laws by specifically proscribing various acts of “computer abuse.” The second is in Chapter 812.081, Trade Secrets; theft, embezzelment; unlawful copying, which provides that a person who willfully, knowingly, and without authorization takes trade secret data is looking at, among other penalties, a third degree felony conviction. Under Florida law, conviction of a third degree felony is punishable by imprisonment for up to five years.
Trade secret data is considered intellectual property and Chapter 812, Florida Statutes, in its pertinent part reads:
“Trade secret” means the whole or any portion or phase of any formula, pattern, device, combination of devices, or compilation of information which is for use, or is used, in the operation of a business and which provides the business an advantage, or an opportunity to obtain an advantage, over those who do not know or use it. “Trade secret” includes any scientific, technical, or commercial information, including any design, process, procedure, list of suppliers, a list of customers, business code, or improvement thereof. Irrespective of novelty, invention, patentability, the state of the prior art, and the level of skill in the business, art, or field to which the subject matter pertains, a trade secret is considered to be:
2. Of value;
3. For use or in use by the business; and
4. Of advantage to the business, or providing an opportunity to obtain an advantage, over those who do not know or use it
when the owner thereof takes measures to prevent it from becoming available to persons other than those selected by the owner to have access thereto for limited purposes.
Federal Law also provides for criminal penalties for accessing protected data on computers. The Federal Computer Fraud Abuse Act, 18 US Code §1030, states it is a violation:
If a person knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period.
Although these laws may deter a person from committing the crime, a business trying to pursue available remedies under these criminal statutes faces certain limitations that must be overcome to get the right of recovery. For example, the Florida criminal statute requires a conviction before any civil action, such as an injunction, can be granted. This process may take a long time, limiting the options for businesses with time-sensitive information. Further, the Federal criminal statute requires actual damages to the computer data. In other words, if a person just takes a trade secret (from a business), there may be no physical damage to the data; without damage to the data, a Computer Fraud And Abuse Act claim usually will not succeed. Finally, the largest hurdle that a business must sometimes overcome before bringing a successful action involves the former employee – a person unauthorized to access the computer now, but who once had permission to use the data.
Florida Statute §688, the Florida Uniform Trade Secret Act, is another option for businesses to try and find redress. This law provides protection for misappropriated data; however “actual or threatened damages” must be proven for an injunction to be issued.
On October 1, 2014, the Governor of Florida signed into law the Florida Computer Abuse and Data Recovery Act (“CADRA”), Florida Statutes §668.801. CADRA establishes a cause of action for hacking or unauthorized use of computer data. The law provides in its pertinent part that:
If an individual obtains unauthorized information from a business computer; transmits a program, code, or command to a business computer without authorization; or traffics in any technological access barrier (e.g., password) through which access to a business computer may be obtained without authorization then the Business is entitled to actual damages, lost profits, economic damages, copies of the information, as well as possible injunctive and or equitable relief.
It is important to note that each of these laws requires the business to have a password protected computer nextwork in place before it may file a claim for damages (or other remedies) in the event its computer or proprietary data are hacked.
The experienced technology lawyers at Boynton Law, P.A. understand all of the moving parts in today’s complex computer oriented business environment. Our legal team is ready to assist you with safegarding your proprietary business data and discussing the remedies available under both criminal and civil laws, should your business ever be compromised and in need of redress.