Remedpar, Inc. v. Allparts Medical, LLC

The Cyber Blog IndiaCase Summary

Interpretation of "access without authorisation" and "exceeds authorised access" in the context of the Computer Fraud and Abuse Act

Remedpar, Inc. v. Allparts Medical, LLC
683 F.Supp.2d 605
In the United States District Court for the Middle District of Tennessee
Civil Action Number 3:09-cv-00807
Before Senior District Judge T.A. Wiseman, Jr.
Decided on January 04, 2010

Relevancy of the Case: Interpretation of “access without authorisation” and “exceeds authorised access” in the context of the Computer Fraud and Abuse Act

Statutes and Provisions Involved

  • The Federal Rules of Civil Procedure (Rule 12 (b)(6))
  • The Computer Fraud and Abuse Act, 18 U.S.C. § 1030
  • The Tennessee Uniform Trade Secrets Act, § 47-25-1701
  • The Tennessee Personal and Commercial Computer Act, § 39-14-601

Relevant Facts of the Case

  • The plaintiff is a Delaware-based corporation selling after-market diagnostic imaging equipment and related services. The defendant is a limited liability company engaged in the same business and is the direct competitor of the plaintiff.
  • The plaintiff uses a computer application called ROCS. It has explicitly developed this enterprise resource planning and customer relations management platform for its use.
  • When the plaintiff interviewed an employee of the defendant company, it found out that the defendants were using an early version of the application. Upon upgradation, this application acquired the same screen appearance as the plaintiff’s current version of the application.
  • The plaintiff has alleged that one of its former employees who continued to work remotely for them was also working with the defendant. This violated its protectable interests and caused injury through the use and disclosure of the application.

Prominent Arguments by the Counsels

  • The defendants’ counsel submitted that AllParts did not access the plaintiff’s computers. Moreover, the second defendant’s access was never without authorisation. Further, the plaintiff has failed to prove any loss or damage.

Opinion of the Bench

  • The plaintiff’s former employee, the second defendant, had access to the information in question. This was within the scope of his duties. The plaintiff’s argument that this access constituted a trespass is not correct.
  • No facts on record allege that the defendant exceeded the access granted by the plaintiff or he accessed data without authorisation.

Final Decision

  • The court dismissed the plaintiff’s claims under CFAA and entered the judgment in the defendant’s favour.

Srikari Ammanamanchi, an undergraduate student at the NALSAR University of Law, prepared this case summary during her internship with The Cyber Blog India in May/June 2022.