Earlier this year, Aon Risk Services Northeast Inc. (“Aon”) brought suit in the United States District Court for the Southern District of New York against Marsh USA Inc., Marsh & McLennan Companies, Inc. (together, “Marsh”), and three former employees. In its Amended Complaint, Aon asserted that the defendants transferred a “pre-packaged book of business” to Marsh, primarily by the former employees’ “illegal downloading of Aon proprietary trade secret information.” Aon asserted a claim under the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. §1030, against the three former employees, and asserted nine common law claims, including misappropriation of trade secrets, breach of contract and unfair competition, under New York state law against Marsh and the former employees.
The Court issued an Order granting an application by defendants to dismiss all of the state law claims, on the grounds that they are different from and substantially predominate over Aon’s lone federal claim under the CFAA. See Aon Risk Servs. Northeast, Inc. v. Kornblau, 10 Civ. 2244 (RMB), 2010 U.S. Dist. LEXIS 38140 (S.D.N.Y. Apr. 19, 2010). The state law claims were dismissed without prejudice to their renewal in an appropriate forum. On April 23, 2010, Aon re-filed its nine state law claims in the Supreme Court of the State of New York, New York County, Index No. 601058/10.
The three former employees have now moved to dismiss the only remaining claim, under the CFAA. In their brief, they argue that the CFAA claim is deficient because they did not exceed their authorized access to Aon’s computers. The former employees state that the CFAA prohibits unauthorized access to protected computers, not unauthorized use of those computers and the confidential information thereon. This issue -- the application of the CFAA to alleged employee computer abuse -- is the subject of numerous court decisions across the country, some of which interpret the CFAA’s “without authorization” language broadly, and some of which interpret it narrowly, as the former Aon employees urge.
The procedural history of the case so far shows that Aon’s pairing of the CFAA claim with its state law claims -- the gravamen of its Complaint -- has not worked out well. If the CFAA claim was included in order to secure federal jurisdiction over the dispute, it was unsuccessful; the Court’s Order dismissing the state law claims led Aon to commence a second action in state court. While the Court has yet to rule on the former employees’ motion to dismiss the CFAA claim, Aon’s CFAA claim may lack the requisite allegations to withstand the motion to dismiss. If so, Aon’s efforts to go on the offensive against the alleged unfair competitors will result in two setbacks straight out of the gate.