Yesterday the 9th Circuit (in a 2-1 decision) held that a criminal defendant "exceeded authorized access," as set forth in the Computer Fraud and Abuse Act, 18 U.S.C. 1030 et seq., when he or she "violates the employer's computer access restrictions--including use restrictions." Does that sound pretty broad to you? Sounds that way to me.
And it sounds that way to others, too. If you ever "Google" anything at work, I commend this blog post in The Volokh Conspiracy (a blog run by a group of (mostly) libertarian law professors) on this recent 9th Circuit decision (United States v. Nosal, No. 10-10038, (Apr. 28, 2011)). It has been my experience almost every civil action for trade secret misappropriation in the last ten years (and lots of other IP and employment cases) potentially implicate the CFAA one way or another, and this is yet another decision -- others are discussed in the opinion -- that shows just how broadly the criminal provisions of the Act can be read.