Cyberbullying. Employer social media password requests. Crowdfunding. Those were some of the hot tech topics that the Hawai‘i State Legislature grappled with this session.  (See my post on Internet related legislative proposals in the 2013 session).    The bills addressing those topics didn’t pass, however.  In fact, none of the bills listed in my chart of Internet Related Legislative Proposals survived.  The closest to passing, perhaps, were two bills prohibiting employer requests to employees to disclose their personal social media account information, but the bills got stuck in committee.

That’s not to say that the 2013 session was completely devoid of tech.  I’ve prepared a chart of all the bills related to electronic, digital, and information technology that the Hawai‘i State Legislature passed this session.  (Many thanks to the Legislative Reference Bureau for providing the summaries that are incorporated into the chart).  Governor Neil Abercrombie has already signed some of the bills into law.  Others are pending a decision from the Governor.  To summarize, the legislature this year addressed:

  • Adoption of the Uniform Electronic Legal Material Act
  • Portable electronics insurance
  • Clarification of relationship between Uniform Commercial Code Article 4A and Electronic Fund Transfer Act
  • Licensing requirements for telemedicine practitioners employed by the U.S. Department of Defense
  • Duties of the State Chief Information Officer
  • Electronic posting of reports of Department of Health inspection of state licensed care facilities
  • Availability of State open data
  • Approval of broadband related permits
  • Electronic prescriptions
  • Tax credits for film and digital media industry
  • Ban on use of mobile electronic devices while operating a motor vehicle

For summaries of all the bills that passed this session, read the full LRB report.  For even more information visit the Legislature’s website for the full text of bills, committee reports, and testimony.  I’ll update the chart after the Governor’s veto deadline has passed, so check back in a while.

 

Enhanced by Zemanta

A New York federal judge rules that misuse of computer information  gained through legal access does not violate the CFAAAdvanced Aerofoil Techs., AG v. Todaro, 2013 WL 410873 (S.D.N.Y. Jan. 30, 2013)

Judge Carter of the Southern District of New York joined a growing number of federal courts adopting a narrow interpretation of the Computer Fraud and Abuse Act (CFAA) that precludes liability for misappropriation under the Act.  Several high-level personnel in the plaintiff companies (AAT) defected to a competing company, apparently taking with them AAT’s confidential and proprietary technology.  AAT sued the ex-employees for, among other things, alleged violations of the CFAA.

An obstacle that AAT faced in pressing the CFAA claim was the fact that the ex-employees had “unfettered and unlimited access” to the information they took with them.  Liability under the CFAA requires that the defendant have “access[ed] a computer without authorization.”  Courts across the country are split on whether the CFAA is violated where a person legally accesses to a computer but misuses the information obtained with such access, such as what the former AAT employers allegedly did.

After noting that the Second Circuit has not decided the issue, and surveying decisions on both sides of the issue, including those written by his colleagues in the same district, Judge Carter answered the question in the negative.  A CFAA violation occurs when one accesses a computer without permission.  Judge Carter gave three reasons for his conclusion.  First, the ordinary meaning of the word “authorization” refers to the absence of permission.  Second, the legislative history of the CFAA indicates that the Act is directed primarily at access instead of misuse.  Third, a violation of the CFAA could lead to criminal liability, the statute should be read narrowly, and ambiguities should be resolved in favor of the defendant.  Because AAT had not revoked the defendants’ unlimited access to its system when they siphoned off the confidential and proprietary information, the court dismissed the CFAA claim.

LegalTXTS Note: I’ve blogged on this issue quite a bit.  That indicates increased use of the CFAA in data misappropriation cases, or the uneasiness courts have in stretching the CFAA beyond its origin as an anti-hacking statute–or both.  Here are my previous posts on similar cases.

Court Carves Back Oracle’s Computer Fraud and Abuse Act Claim Against Gray Market Reseller

CFAA: Recent Cases

One Is Not Like the Other: Access vs. Use Restrictions Under the CFAA

Don’t Just Because You Can