Nick Ackerman of Dorsey & Whitney LLP has a nice write-up on a Maryland court decision that although it doesn’t deal with PII, does deal with whether an employee can be found guilty of “unauthorized access:”
A federal district court in Maryland held that an employee who stole proprietary data from his prior employer did not violate the Computer Fraud and Abuse Act (“CFAA”) because he was authorized to access the data and use the data on the job before he terminated his employment with his prior employer. Océ North America, Inc. v. MCS Services, Inc., 2010 WL 3703277 *3-*5 (D. Md. Sept. 16, 2010).
[…]
The court held that Océ’s former employee could not have accessed its computers without authorization when he stole the proprietary material because “it was part of his job to use . . . [Océ’s] computers and the software on the computers.”
Read more about the case and the court’s opinion on JDSupra.
Hat-tip, @LegalAlerts.