|
|
|
|
|
|
by matthewmarkus
1836 days ago
|
|
|
So, what about the Michael Thomas case? Does this verdict overturn his conviction? http://www.epspros.com/news-resources/news/2018/it-worker-lo... "Mr. Thomas challenged the verdict, arguing that his conduct was not illegal because his IT position provided him full access to the system and empowered him to 'damage' the system by deleting files or taking the system offline. Thus, any acts were not 'without authorization.' The Fifth Circuit rejected this argument, finding that the statute’s prohibition against exceeding authorized access applies to insiders who go beyond the permission granted them in order to cause damage." |
|
|
But then I looked into the case a bit closer and I start to think he has an argument for not being charged under the CFAA. As with many laws, intent matters, so it is possible that if his intent was to harm the business, there may well be charges that could be applied in that realm. And obviously he could be held civilly liable for damages, which is no different than any other employee who does something to damage their employer's equipment. Offline example - if I work at a construction company, and I wreck construction equipment because I wasn't happy my co-worker got fired, that isn't going to be a criminal offense, but the company will likely fire me and try to collect damages.
So I'm going to go back on my initial judgement and say that I think he may have grounds to get his conviction overturned and while he may be charged with other crimes, not sure it would come from the CFAA.
*disclaimer, not a lawyer