Does the Computer Fraud and Abuse Act cover lost LinkedIn business opportunities?

October 10, 2012
By Eric B. Meyer on October 10, 2012 7:00 AM | | Comments

powered by Fotopedia

In the beginning of the year, I wrote here about a federal-court decision, which recognized that LinkedIn connections are not company trade secrets. Earlier this month, that same court, in the same case, was asked to decide whether hijacking an employee's LinkedIn account may violate the Computer Fraud and Abuse Act (CFAA).

In Eagle v. Morgan, the plaintiff, Dr. Eagle, claimed that her former employer had locked her out of her LinkedIn account for 22 weeks. Thus she was "unable to receive 'invitations to connect, business opportunities and ongoing communications with clients, potential clients and other business and personal contacts.'"

Sounds fairly vague to me. Besides, they have this thing called the telephone...

Anyway, the Court put the kibosh on Dr. Eagle's CFAA claim. It recognized that the CFAA permits a plaintiff to recover for loss related to the impairment or damage to a computer or computer system. However, a "loss" does not extend to potential business opportunities, especially speculative ones -- like the kind that may develop from connecting on LinkedIn.

How could all of this have been avoided? By better defining at the outset -- during the employment relationship -- whether Dr. Eagle's LinkedIn account belonged to Dr. Eagle or the company. With respect to issues involving ownership of social media accounts, I'll repeat three tips from a post earlier this year:

  1. Start with a written social-media-specific agreement. This document should clearly set out the rights and expectations of the company and its employee. Also, include social-media language in your other broader-based non-disclosure agreements.
  2. The company should create/register the account. This will indicate that the company has some ownership stake in the account. (Easy, folks. I'm not suggesting that companies should set up personal employee social-media accounts for them -- only those accounts in which the company seeks to maintain an ownership interest). Also, be sure to consider the terms of use that any social-media company has in place for end users.
  3. Change the password when employees leave. Make sure that you know the account password at all times and immediately change it when employees leave your company. That will reduce the risk that your former employee will act first and lock you out.