Photo of Kayvan M. Ghaffari

On August 6, 2020, the U.S. International Trade Commission (“ITC”) released a public version of the Final Initial Determination (“ID”) in the Matter of Botulinum Toxin Products (Inv. No. 337-TA-1145), that, if upheld by the ITC Commission, might signal an expansive view of the ITC’s territorial jurisdiction and the scope of trade secret protection. The ITC’s jurisdiction in trade secret investigations is limited to matters that destroy or substantially injure a “domestic industry in the United States.” An interesting aspect of the ID is that it recommends banning importation of a Botox-competitor product (Jeuveau®) that was found to incorporate misappropriated trade secrets of a foreign Complainant whose domestic licensee and Co-Complainant have yet to make any sales of that product in the United States. The ID also found “domestic injury” based on the licensee’s industry, not the licensed trade secret’s industry. The Commission will issue a final decision in November.
Continue Reading ITC Administrative Law Judge Decision Implicates Scope of Trade Secret Protections

On April 20, 2020, the Supreme Court granted cert in Van Buren v. United States, to resolve an important circuit split over the meaning of “authorized access” under the Computer Fraud and Abuse Act (CFAA). This is the Court’s first foray into analyzing the precise contours of CFAA liability. Van Buren may have far-reaching implications for any individual or business operating in the digital domain, as the scope of civil and criminal liability under the CFAA can impact just about any sort of relationship involving access to computer systems, whether it be employer-employee relationships or third-party relationships.

The CFAA was enacted in 1986 as a first-of-its-kind statute designed to combat computer-related crimes, and has become an important and powerful tool for not only for the government but any business seeking to protect its intellectual property and computer systems. The CFAA imposes criminal liability on any person who “intentionally accesses a computer without authorization” or “exceeds authorized access” and, in doing so, obtains information from any protected computer. The CFAA also provides a civil cause of action for similar conduct. See 18 U.S.C. §§ 1030(a)(2), 1030(a)(4), 1030(a)(5)(B)-(C).
Continue Reading “Authorized Access”: The Supreme Court’s First Foray Into The Computer Fraud and Abuse Act

Companies and other organizations increasingly must face serious and complex threats to their business and infrastructure.  Whether the threat is trade secret theft, rogue insiders, cybercrime adversaries, aggressive competitors, or misconduct by business and supply chain partners, companies should remain constantly vigilant and defense ready. Adversaries, including especially cybercriminals operating exclusively in the digital domain, are often highly motivated, sophisticated, resourced, and innovative. The opaque, pervasive, and global nature of modern digital networked environments presents opportunities for criminals. The sophistication and relentless creativity of these bad actors pose significant challenges to companies and law enforcement agencies in being able to detect, assess, mitigate, attribute, and deter these threats. Because available tools and real-world practices to address these threats often outpace the law, companies are called upon to develop their own comprehensive approaches to investigate and remediate these forms of risk. In doing so, companies must be willing to assume a certain level of risk to effectively investigate and obtain sufficient insight to counter the problems.
Continue Reading Complex Threat Investigations: Tips for Investigating Trade Secret Misappropriation and Other Digital Crimes