International Airport Centers, L.L.C. v. Citrin
Citation | 440 F.3d 418 |
Decision Date | 08 March 2006 |
Docket Number | No. 05-1522.,05-1522. |
Parties | INTERNATIONAL AIRPORT CENTERS, L.L.C., et al., Plaintiffs-Appellants, v. Jacob CITRIN, Defendant-Appellee. |
Court | United States Courts of Appeals. United States Court of Appeals (7th Circuit) |
Don H. Reuben, Kane, Carbonara & Mendoza, Chicago, IL, for Plaintiffs-Appellants.
Ronald L. Marmer (argued), Jenner & Block, Chicago, IL, for Defendant-Appellee.
Before POSNER, WILLIAMS, and SYKES, Circuit Judges.
This appeal from the dismissal of the plaintiffs' suit for failure to state a claim mainly requires us to interpret the word "transmission" in a key provision of the Computer Fraud and Abuse Act, 18 U.S.C. § 1030. The complaint alleges the following facts, which for purposes of deciding the appeal we must take as true. The defendant, Citrin, was employed by the plaintiffs—affiliated companies engaged in the real estate business that we'll treat as one to simplify the opinion, and call "IAC"—to identify properties that IAC might want to acquire, and to assist in any ensuing acquisition. IAC lent Citrin a laptop to use to record data that he collected in the course of his work in identifying potential acquisition targets.
Citrin decided to quit IAC and go into business for himself, in breach of his employment contract. Before returning the laptop to IAC, he deleted all the data in it—not only the data that he had collected but also data that would have revealed to IAC improper conduct in which he had engaged before he decided to quit. Ordinarily, pressing the "delete" key on a computer (or using a mouse click to delete) does not affect the data sought to be deleted; it merely removes the index entry and pointers to the data file so that the file appears no longer to be there, and the space allocated to that file is made available for future write commands. Such "deleted" files are easily recoverable. But Citrin loaded into the laptop a secure-erasure program, designed, by writing over the deleted files, to prevent their recovery. Thomas J. Fitzgerald, "Deleted But Not Gone: Programs Help Protect Confidential Data by Making Disks and Drives Unreadable," New York Times (national ed.), Nov. 3, 2005, p. C9. IAC had no copies of the files that Citrin erased.
The provision of the Computer Fraud and Abuse Act on which IAC relies provides that whoever "knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer [a defined term that includes the laptop that Citrin used]," violates the Act. 18 U.S.C. § 1030(a)(5)(A)(i). Citrin argues that merely erasing a file from a computer is not a "transmission." Pressing a delete or erase key in fact transmits a command, but it might be stretching the statute too far (especially since it provides criminal as well as civil sanctions for its violation) to consider any typing on a computer keyboard to be a form of "transmission" just because it transmits a command to the computer.
There is more here, however: the transmission of the secure-erasure program to the computer. We do not know whether the program was downloaded from the Internet or copied from a floppy disk (or the equivalent of a floppy disk, such as a CD) inserted into a disk drive that was either inside the computer or attached to it by a wire. Oddly, the complaint doesn't say; maybe IAC doesn't know—maybe all it knows is that when it got the computer back, the files in it had been erased. But we don't see what difference the precise mode of transmission can make. In either the Internet download or the disk insertion, a program intended to cause damage (not to the physical computer, of course, but to its files—but "damage" includes "any impairment to the integrity or availability of data, a program, a system, or information," 18 U.S.C. § 1030(e)(8)) is transmitted to the computer electronically. The only difference, so far as the mechanics of transmission are concerned, is that the disk is inserted manually before the program on it is transmitted electronically to the computer. The difference vanishes if the disk drive into which the disk is inserted is an external drive, connected to the computer by a wire, just as the computer is connected to the Internet by a telephone cable or a broadband cable or wirelessly.
There is the following contextual difference between the two modes of transmission, however: transmission via disk requires that the malefactor have physical access to the computer. By using the Internet, Citrin might have erased the laptop's files from afar by transmitting a virus. Such long-distance attacks can be more difficult to detect and thus to deter or punish than ones that can have been made only by someone with physical access, usually an employee. The inside attack, however, while easier to detect may also be easier to accomplish. Congress was concerned with both types of attack: attacks by virus and worm writers, on the one hand, which come mainly from the outside, and attacks by disgruntled programmers who decide to trash the employer's data system on the way out (or threaten to do so in order to extort payments), on the other. If the statute is to reach the disgruntled programmer, which Congress intended by providing that...
To continue reading
Request your trial-
Van Buren v. United States
...United States v. Rodriguez , 628 F.3d 1258 (CA11 2010) ; United States v. John , 597 F.3d 263 (CA5 2010) ; International Airport Centers, L.L.C. v. Citrin , 440 F.3d 418 (CA7 2006) ; EF Cultural Travel BV v. Explorica, Inc. , 274 F.3d 577 (CA1 2001).3 See, e.g. , 7 U.S.C. § 171(8) (authoriz......
-
JBCHoldings N.Y., LLC v. Pakter, 12 Civ. 7555(PAE).
...authorized access” when he accessed information for a non-business reason in violation of employer policy); Int'l. Airport Ctrs., L.L.C. v. Citrin, 440 F.3d 418, 420 (7th Cir.2006) (based on principles of agency, employee's authorization to use employer's laptop ended once he violated duty ......
-
Sandvig v. Sessions
...F.3d 263, 271 (5th Cir. 2010) ; United States v. Rodriguez, 628 F.3d 1258, 1263 (11th Cir. 2010) ; see also Int'l Airport Centers, LLC v. Citrin, 440 F.3d 418, 420–21 (7th Cir. 2006) (holding that an employee who deleted his employer's files in violation of his employment contract had termi......
-
U.S. v. Aleynikov
...access a computer and information obtainable from that access in furtherance of or to perpetrate a crime"); Int'l Airport Ctrs., LLC v. Citrin, 440 F.3d 418, 420-21 (7th Cir.2006) (defendant's "breach of his duty of loyalty terminated his agency relationship ... and with it his authority to......
-
'Don't Go There:' Second Circuit Makes It Harder To Bring Claims Against Former Employees Who Take Company Information Without Permissions
...broad construction but arrived at that conclusion by relying upon agency principles. International Airport Centers, LLC v. Citrin, 440 F.3d 418, 420-21 (7th Cir. 2006). Specifically, it explained that when an employee acts in a manner adverse to the interests of his employer, the agency rel......
-
Latest Hope For U.S. Supreme Court To Weigh In On Circuit Split Over Scope Of The Computer Fraud And Abuse Act Dashed
...v. John, 597 F.3d 263 (5th Cir. 2010); United States v. Rodriguez, 628 F.3d 1258 (11th Cir. 2010); Int'l Airport Ctrs., LLC v. Citrin, 440 F.3d 418, 420-21 (7th Cir. 2006); EF Cultural Travel BV v. Explorica, Inc., 274 F.3d 577, 578-79 (1st Cir. 2001). The more narrow approach, articulated ......
-
'Don't Go There': Second Circuit Makes It Harder To Bring Claims Against Former Employees Who Take Company Information Without Permission
...broad construction but arrived at that conclusion by relying upon agency principles. International Airport Centers, LLC v. Citrin, 440 F.3d 418, 420-21 (7th Cir. 2006). Specifically, it explained that when an employee acts in a manner adverse to the interests of his employer, the agency rel......
-
'Don't Go There': Second Circuit Makes It Harder To Bring Claims Against Former Employees Who Take Company Information Without Permission
...broad construction but arrived at that conclusion by relying upon agency principles. International Airport Centers, LLC v. Citrin, 440 F.3d 418, 420-21 (7th Cir. 2006). Specifically, it explained that when an employee acts in a manner adverse to the interests of his employer, the agency rel......
-
Lengthening Shadows: Biotechnology and Patent Eligibility
...Explorica, Inc., 274 F.3d 577 (1st Cir. 2001); United States v. John, 597 F.3d 263 (5th Cir. 2010); Int’l Airport Ctrs., L.L.C. v. Citrin, 440 F.3d 418 (7th Cir. 2006); United States v. Rodriguez, 628 F.3d 1258 (11th Cir. 2010). But see Advanced Micro Devices, Inc. v. Feldstein, 951 F. Supp......
-
COMPUTER CRIMES
...exceeded authorized access by viewing the personal records of his ex-wife and other acquaintances), Int’l Airport Ctrs., L.C.C. v. Citrin, 440 F.3d 418, 419–20 (7th Cir. 2006) (finding a user exceeded authorized access when he permanently deleted company files from his work laptop after b......
-
CRIMINAL TRESPASS AND COMPUTER CRIME.
...508, 526 (2d Cir. 2015) (finding the statute to be ambiguous and applying the rule of lenity), with Int'l Airport Ctrs., L.L.C. v. Citrin, 440 F.3d 418, 420-21 (7th Cir. 2006) (applying state duty of loyalty law for employees and agency (29.) See infra Part II.C. (30.) 18 U.S.C. [section] 1......
-
INTELLECTUAL PROPERTY CRIMES
...v. Rodriguez, 628 F.3d 1258 (11th Cir. 2010); United States v. John, 597 F.3d 263 (5th Cir. 2010); Int’l Airport Ctrs., LLC v. Citrin, 440 F.3d 418 (7th Cir. 2006); Advanced Micro Devices, Inc. v. Feldstein, 951 F. Supp. 2d 212, 218 (D. Mass. 2013) (“Proponents of a broader interpretation p......