Bell Aerospace Services, Inc. v. U.S. Aero Services, Inc.

Rugved MahamuniCase Summary

Interpretation of "without authorisation" and "exceeds authorisation" under CFAA

Bell Aerospace Services, Inc. v. U.S. Aero Services, Inc.
690 F.Supp.2d 1267
In the United States District Court for the Middle District of Alabama
Civil Action 1:09cv141-MHT
Before District Judge M.H. Thompson
Decided on March 05, 2010

Relevancy of the Case: Interpretation of “without authorisation” and “exceeds authorisation” under CFAA

Statutes and Provisions Involved

  • The Computer Fraud and Abuse Act, 18 U.S.C. § 1030
  • The Alabama Trade Secrets Act, 1975 (Ala. Code §§ 8-27 to -6)

Relevant Facts of the Case

  • The plaintiff is in the business of providing helicopter maintenance services to government and non-government organisations in Ozark, Alabama. In June 2008, the company fired its President, Vice President, and General Manager.
  • The first defendant provides similar services to that of the plaintiff. Its staff consists of 20 full-time employees. Seven U.S. Aero employees are former employees of the plaintiff. The events surrounding the departure of these employees are at the heart of this case.
  • While working with the plaintiff, they had individualised access to the plaintiff’s computer server and the overall network.
  • Bell Aerospace’s former Vice President, Wilson, contacted four current employees for employment with the first defendant. In turn, one of them reached out to two other employees. When these six employees resigned, one more employee learned about the new company and immediately resigned from the plaintiff’s company. Bell Aerospace did not have any non-compete agreements with Wilson and other former employees; however, confidentiality agreements were in place.
  • Other Bell Aerospace employees reported that hard copies of the company’s production materials, including a package of drawings, were missing. As a result, the company hired a cyber forensics expert to determine if the former employees had taken any data.

Prominent Arguments by the Counsels

  • The plaintiff’s counsel claimed that the defendants violated the CFAA by accessing its computers without authorisation or in excess of their authority. When an employee breaches her fiduciary duty of loyalty to an employer, such an employee acts without authorisation. The counsel placed reliance on the case of International Airport Centres LLC v. Jacob Citrin.

Opinion of the Bench

  • The court did not agree with the Seventh Circuit’s broad interpretation in the Citrin case. The reasoning given by the Seventh Circuit ignores the plain language of the statute. However, it relied on the LVRC Holdings LLC v. Brekka case to explain the difference between without authorisation and exceeds authorisation.
  • The plaintiff’s former employees had valid permission to utilise its computers during their employment. They acted with authorisation when they accessed the computers until they resigned and were escorted from the facility.
  • The plaintiff did not establish that it maintained trade secrets, as defined in the ATSA, and those secrets are at issue in this case. As such, its ATSA claim must fail.

Final Decision

  • The court granted summary judgment in favour of the defendants, except for the plaintiff’s conversion and breach of contract claims.