Parties seeking to resort to state law as
an alternative to the CFAA or any other federal statute need to consider the available state
statutes in evaluating whether such an alternative legal path is available. Even with these
limitations, companies sometimes have to rely upon this patchwork quilt of different
non-computer??“related state laws to provide a level of protection similar to the intended
blanket of protection of federal law.
TIP If you think you may prosecute for some type of computer crime that
happened to your company, start documenting the time people have to spend
on the issue and other costs incurred in dealing with the attack. This lost paid
employee time and other costs may be relevant in the measure of damages or,
in the case of the CFAA or those states that require a showing of damages as part of a
trespass case, to the success of the case.
A case in Ohio illustrates how victims can quantify damages by keeping an accurate
count of the hours needed to investigate and recover from a computer-based attack. In
2003, an IT administrator was allowed to access certain files in a partnering company??™s
database.However, according to the case report, he accessed files thatwere beyond those
for which he was authorized and downloaded personal data located in the databases,
such as customer credit card numbers, usernames, and passwords.
Pages:
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118