Any business that has a computer with access to the Internet or that has an internal network used by employees should be aware of the laws addressing hacking, computer theft, cyber-trespassing, and other unauthorized access to computers and networks. If another person or entity, such as a competitor, has hacked into your computer network, or if your business has been accused of unauthorized access of a network, we have the experience and knowledge to help you navigate through the relatively new laws in this area.
Our experience is invaluable in responding quickly and decisively to hacking or unauthorized access events.
Most states have their own laws regarding hacking, which is also known as “unauthorized access” of computer systems. There is also a federal statute which prohibits hacking and unauthorized access. The federal Computer Fraud and Abuse Act (“CFAA”) is a criminal statute that also allows for private lawsuits upon violations. If someone has compromised the security of your system, or if you are accused of unauthorized access, you need to be aware of this law.
The CFAA deals not only with hackers but also with persons who have exceeded the scope of their authorized access. For example, consumers who share their passwords, competitors who use web “spiders” or other bots to gather information on your website, and current or former employees who copy files on your network that they were prohibited from accessing, all could be liable for exceeding the scope of their access under the CFAA.
The CFAA recognizes that a hacking incident or other cyber-attack can both damage your business directly as well as cause you to incur a significant amount of costs in responding to the hacking or unauthorized access. Kronenberger Rosenfeld has the experience to put you on the best footing possible in taking legal action under the CFAA or defending yourself from allegations of hacking. Furthermore, we can help you identify the real parties responsible for the wrongdoing, as often the hacking is done anonymously or by those who have attempted to cover their digital footprints. Using our in-house forensic analysis, select outside experts, and court-sanctioned discovery tools, we can help to identify the real parties behind the wrongdoing.
If someone has hacked or otherwise gained unauthorized access to your server and gained access to the personal information of your customers, there are some other important legal considerations for your business. Specifically, under the privacy protection laws of most states, businesses must notify consumers upon any breach of security where the hacker gains access to certain confidential or otherwise personally identifying information of the businesses’ customers. Importantly, states impose significant penalties on companies that do not comply with these laws. For more information on notification requirements, click here.
Our experience in handling unauthorized access cases is of great benefit to our clients, especially due to the highly technical nature of most unlawful access cases. We are also sensitive to our clients’ business concerns following an unauthorized access event, and we can act quickly with the courts or otherwise to address our clients business needs.
If someone has accessed your computer network without authorization, please call us to address how our firm can help you respond. You can call us at 415-955-1155, ext. 120, or you can submit your case through our online case submission form.
Represented a medical records imaging technology company in a lawsuit against an unknown person who hacked into the client’s network. Upon discovering that the hacker was a competitor, and that the competitor stole trade secrets and used them to compete with client, our firm amended the John Doe complaint to name the competitor as a defendant, leading to a complete win in the case and the criminal indictment of the defendant competitor.
Represented a top retailer of ink and toner products in lawsuit against former employee who gained unauthorized access to client’s server, took trade secrets and disclosed them to ex-employee’s new employer, which was a direct competitor of our client.
Represented the U.S. Chess Federation in a lawsuit involving unknown parties hacking into the email account of a member of the board of directors of our client and stealing information regarding the internal investigation of two other directors of the organization (Susan Polgar and Paul Truong). After multiple rounds of subpoenas, the firm discovered that the person responsible for the hacking was an employee of Susan Polgar, which led to the criminal indictment of such employee and an eventual resolution of the case.
Represented the true owner of a domain name against an anonymous party who had hacked into our client’s domain registry account and stolen a valuable domain name. Our firm prevailed and obtained a court order requiring the registrar to transfer the domain name back to our client.