Businesses of all types and sizes throughout the United States, Mexico and beyond bring their disputes to Gardere's litigation team and receive practical, responsive, boutique-style attention in return. Our clients have access to the firepower and value of a well-known and highly-regarded Firm's capabilities and interdisciplinary strengths.
Gardere has a national and international energy practice formed around our Energy Industry Team, which is a multidisciplinary group of approximately 60 attorneys with diverse backgrounds, experience and skills specific to the energy industry. Our team includes attorneys who have served as in-house counsel for major energy companies, providing a depth of insight into our clients' needs, issues and concerns. We understand and regularly practice in virtually every sector of the energy, and we represent a wide variety of industry participants from multinational corporations to individuals.
From our offices in the United States and Mexico, our International Practice helps clients operate in today’s global economy. We have more than 30 professionals operating as a boutique within an Am Law 200 law firm and are able to provide focused service with the resources of a large firm. We understand that clients who are engaged in the global marketplace need lawyers who can operate seamlessly across multiple jurisdictions. Our international experts are multi-lingual, are culturally fluent and intimately familiar with various legal systems across the world, especially those in Latin America. Whether you need help with commercial transactions, regulatory matters, customs and import regulations, immigration matters, M&A and joint ventures, international disputes, or international tax planning, Gardere’s international team is here to assist you.
We represent domestic and foreign private funds in all aspects of fund formation, fund operations, platform and add-on acquisitions, and portfolio company operations. Our team has a reputation for being the go-to-lawyers for private equity funds, hedge funds, venture capital funds and family offices. We are known for our vast deal experience, the efficient way we staff and manage our work, and the way we maintain our relationships. We get deals done with sophisticated, strategic, and practical advice tailored to the needs of our clients.
*Not admitted to practice law.
My Guest Blogger Nick Akerman learned about Cybercrime as a federal prosecutor where he prosecuted a wide array of white collar criminal matters, including bank frauds, bankruptcy frauds, stock frauds, complex financial frauds, environmental crimes and tax crimes. Nick was also an Assistant Special Watergate Prosecutor with the Watergate Special Prosecution Force under Archibald Cox and Leon Jaworski.
On January 2015, the Obama administration announced a series of proposals to strengthen the country's response to cyberattacks including, most notably, specific amendments to the federal computer crime statute, the Computer Fraud and Abuse Act (CFAA). These changes are not only significant to the cyber crime-fighting efforts of federal prosecutors, but also to private companies. This is because the CFAA allows companies victimized by violations of the statute to bring civil actions against the perpetrators. 18 U.S.C. 1030(g). The CFAA, among other things, makes it a crime when an individual "accesses" a computer "without authorization or exceeds authorized access" to steal data.
"Without authorization" typically relates to an outside hacker, whereas "exceeds authorized access" typically relates to a company insider, like any employee who has authority to access the company computer but exceeds that authorized access. There is a split among the circuit courts of appeals over whether employees who access company computers to steal data exceed their authorized access. The Fourth Circuit (following the Ninth Circuit), for example, in WEC Carolina Energy Solutions v. Miller, narrowly interpreted "exceeds authorized access" not to apply to employees who are "authorized to access a computer when his employer approves or sanctions his admission to that computer." In contrast, the Seventh Circuit in International Airport Ctrs. v. Citrinapplied the CFAA to an employee who accessed the company computer for the purpose of "further[ing] interests that are adverse to his employer," i.e. stealing company data to take to a competitor. The Fifth and Eleventh circuits follow this interpretation.
The administration's proposal would settle this split in the circuits in favor of applying the CFAA to employees by redefining "exceeds authorized access" to mean "to access a computer with authorization and to use such access to obtain or alter information in such computer (A) that the accesser is not entitled to obtain or alter; or (B) for a purpose that the accesser knows is not authorized by the computer owner." Thus, the proposed law would cover employees who steal data from company computers and would incentivize employers to institute written policies and employee agreements delineating precisely the scope of permissible authorization to the company computers.
From the standpoint of private employers, another significant change would be the addition of a requirement that "the value of the information obtained [by an insider employee accessing the computer] exceeds $5,000." This requirement would be in addition to the jurisdictional prerequisite for CFAA civil actions that require the plaintiff to allege and prove $5,000 in "loss," a term defined by the statute to include costs of "responding to any offense" and "consequential damages incurred because of interruption of service." The $5,000 minimum would not constrain criminal prosecutions directed at a computer "owned or operated by or on behalf of a government entity." Thus, a case like United States v. Teague, in which the defendant was criminally prosecuted for viewing (not copying or taking) President Barack Obama's record in the National Student Loan Data System, would still be a viable prosecution.
The value of the stolen data would not be a critical factor for private companies under the proposed amendments if the violation "was committed in furtherance of any felony violation of the laws of the United States or of any state." Thus, if an employee steals his employer's trade-secrets data in violation of the Economic Espionage Act, 18 U.S.C. 1831, there would be no burden on the employer to show that the value of the trade secrets exceeded $5,000. Because the Economic Espionage Act does not provide for a civil cause of action, this would be a significant expansion in federal law that would supplant the state trade-secrets laws.
Setting limits on insider data thefts to a minimum value of $5,000 and felony violations directly addresses the concerns expressed by the Ninth Circuit in United States v. Nosal that the CFAA could be interpreted "to criminalize any unauthorized use of information obtained from a computer." Also, the proposed changes in the law would address the additional concern of the Nosal court that the CFAA could "make criminals of large groups of people who would have little reason to suspect they are committing a federal crime." Thus, the Obama proposal adds the requirement of willfulness to the statute, defining it to mean "intentionally to undertake an act that the person knows to be wrongful."
With respect to trafficking in passwords, the proposed law would limit the crime to instances where the violator knew or had reason "to know that a protected computer would be accessed or damaged without authorization in a manner prohibited by this section [the CFAA] as the result of such trafficking." With an eye to changing technologies, the proposed statute also would expand on passwords to include "any other means of access" to a computer.
Finally, the proposed amendments would strengthen law enforcement by increasing penalties for CFAA violations, provide injunctive relief and forfeitures and make felony violations of the CFAA predicate acts for the Racketeer Influenced and Corrupt Organizations statute, 18 U.S.C. 1961. This proposed amendment to RICO is long overdue. RICO was enacted in 1970, years before the advent of the information age in which computers have become ubiquitous and the targets and instruments of criminals. Because RICO, like the CFAA, provides victims with a civil remedy, this proposed amendment would similarly enhance the ability of companies to fight cybercriminals.
The publications contained in this site do not constitute legal advice. Legal advice can only be given with knowledge of the client's specific facts. By putting these publications on our website we do not intend to create a lawyer-client relationship with the user. Materials may not reflect the most current legal developments, verdicts or settlements. This information should in no way be taken as an indication of future results.
You may use the wildcard symbol (*) as a root expander. A search for "anti*" will find not only "anti", but also "anti-trust", "antique", etc.
Entering two terms together in a search field will behave as though an "OR" is being used. For example, entering "Antique Motorcars" as a Client Name search will find results with either word in the Client Name.
AND and OR may be used in a search. Note: they must be capitalized, e.g., "Project AND Finance."
The + and - sign operators may be used. The + sign indicates that the term immediately following is required, while the - sign indicates to omit results that contain that term. E.g., "+real -estate" says results must have "real" but not "estate".
To perform an exact phrase search, surround your search phrase with quotation marks. For example, "Project Finance".
Searches are not case sensitive.