Trade Secret Law and the Computer Fraud and Abuse Act: Two Problems and Two Solutions

University of Illinois Journal of Law, Technology & Policy, Forthcoming

54 Pages Posted: 24 Apr 2009 Last revised: 28 Feb 2014

See all articles by Kyle Wesley Brenton

Kyle Wesley Brenton

University of Minnesota - Twin Cities - School of Law

Date Written: April 23, 2009


As businesses move their confidential information onto computers, sensitive data gains the protection not only of state trade secret law, but also potentially of federal computer misuse statutes. The interaction between those two bodies of law, however, is more problematic than any commentator has yet realized. The Computer Fraud and Abuse Act, 18 U.S.C. § 1030, is a federal criminal statute with a private right of action allowing those who suffer information theft via computer to maintain a civil action against the thief. More and more in recent years, however, employers whose faithless employees misappropriate purported trade secrets have used the CFAA as a basis for employee liability, as well as a way to bootstrap their claims into federal court.

Using the CFAA in this manner creates two problems. First, substantively, since a CFAA claim is much easier to prove than a traditional state-law trade secret misappropriation claim, plaintiffs will be more likely to plead the former. But because the CFAA lacks virtually all of the policy-based protections built into trade secret law, this upsets the delicate balance between employers and employees that trade secret law strikes. Second, jurisdictionally, using the CFAA to establish federal question jurisdiction, then bringing trade secret claims into federal court under supplemental jurisdiction, contravenes the intent of Congress in passing the CFAA and damages core notions of federalism and the relationship between federal and state law.

This Article proposes two solutions to the two problems that arise at the intersection of trade secret law and the Computer Fraud and Abuse Act. First, Congress should act to remove the CFAA’s substantive crime that most closely approximates trade secret misappropriation from the Act’s private right of action, thus removing the threat that the CFAA will disrupt the values underlying substantive trade secret law. Second, judges ruling on motions to dismiss CFAA claims should carefully examine the parties’ contentions and use the discretion granted in 28 U.S.C. § 1367(c) to dismiss state-law trade secret claims. Thus claims in which the CFAA is merely, in the words of one judge, “a federal tail” wagging “a state dog” can be returned where they belong: state court.

Keywords: trade secret, computer abuse, internet law, computer law, federal jurisdiction, computer jurisdiction

JEL Classification: K11, K12, K13, K29, K31, K41

Suggested Citation

Brenton, Kyle Wesley, Trade Secret Law and the Computer Fraud and Abuse Act: Two Problems and Two Solutions (April 23, 2009). University of Illinois Journal of Law, Technology & Policy, Forthcoming, Available at SSRN:

Kyle Wesley Brenton (Contact Author)

University of Minnesota - Twin Cities - School of Law ( email )

229 19th Avenue South
Minneapolis, MN 55455
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics