Court Affirms IT Administrator’s Access Did Not Violate Regulations

August 22, 2024

White House Backs Harmonizing Cybersecurity Regulation

Should an IT administrator’s access and preservation of emails be prohibited when acquisition deals fall apart? Doug Austin of eDiscovery Today asks this question in his case brief of Abu v. Dickson. It explored whether IT access to email accounts directed by a defendant during litigation violated the Computer Fraud and Abuse Act (CFAA) or the Stored Communications Act (SCA).

The case arose after the defendant sold a company asset to the plaintiff, but relations soured, leading to efforts to unwind the deal. The IT administrator, John Massey, who managed the email accounts, was directed by the defendant to retrieve emails for litigation using his credentials as the Microsoft 365 tenant administrator. The plaintiff later accused the defendant of unauthorized access, violating CFAA and SCA.

The Court focused on whether Massey intentionally accessed the emails without authorization under CFAA. It was found that Massey, as the IT administrator authorized to manage the email system, did not violate the Act since his actions were within his established permissions. The Court also considered whether Massey exceeded his authorization, concluding that he did not intentionally exceed his authorized access under CFAA without explicit notice that his access was unauthorized.

Additionally, the Court dismissed the plaintiff’s argument that Massey should have known his role as IT administrator ended after a mass termination email was allegedly sent. The Court noted the argument was forfeited as it was not raised earlier and that continued correspondence between Massey and Moore about shutting down the accounts indicated that Massey’s role had not ended. Therefore, the Court affirmed the lower court’s ruling in favor of the defendants, finding no violation of CFAA or SCA.

Sign up for our weekly newsletters specifically curated to different practice areas: litigation, cybersecurity & data privacy, legal ops, and compliance.

Critical intelligence for general counsel

Stay on top of the latest news, solutions and best practices by reading Daily Updates from Today's General Counsel.

Daily Updates

Sign up for our free daily newsletter for the latest news and business legal developments.

Scroll to Top