Legal Question in Technology Law in California

Unauthorized Access to Computer Server/Data

We have recently had a partner leave our business. In the days following his voluntary departure, he has accessed our internet server and disabled the website. He has also modified files/directories on the server so we can no longer access our email. What course of action can we take to press charges against this person for trespassing on a computer he has no right to access and for sabotaging our website?


Asked on 11/25/03, 5:14 pm

1 Answer from Attorneys

Bryan Whipple Bryan R. R. Whipple, Attorney at Law

Re: Unauthorized Access to Computer Server/Data

The things you need to be concerned with fall into roughly three categories. The first is the area identified in your question, i.e. pinning down the legal theories under which this individual can be brought to justice through civil and criminal actions: what crimes were committed and/or what tort causes of action can be brought.

The second area is collecting and preserving evidence. It can be very hard to document cybercrime, particularly to the "beyond a reasonable doubt" standard used in criminal cases. You will need good evidence as to what happened, who did it, the the extent of the monetary harm caused.

The third area of concern is how you will collect damages, if any are awarded. Included in this area is finding out the extent, if any, that your business insurance covers you, but for most of your recovery you will probably have to look to the tortfeasor's ability to respond in damages, or pay criminal restitution.

So, to the first area. The most obvious criminal offense is described in California Penal Code section 502, "Unauthorized access to computers, computer systems and computer data." Locate a copy of this statute on-line or at a law library and see if the description fits (I think it does) and the punishment is appropriate. Then make a police report and try to get the local DA interested. Stress that you have strong evidence if in fact you do. The decision to prosecute or not (and for what crimes) is always up to the DA, but the victim's evidence and willingness to "press charges" is a big factor in the DA's decision to file criminal charges. Federal laws, such as the Computer Fraud and Abuse Act, 18 USC 1030, probably also apply, giving an option for federal prosecution.

Civil causes of action which have been upheld for hacking in that causes disruption include trespass to chattels, fraud, and, depending upon the facts, several others. See Thrifty-Tel, Inc. v. Bezenek (1996) 46 Cal.App.4th 1559; Intel Corp. v. Hamidi (2003) 30 Cal.4th 1342.

I cannot give you much advice about how to collect and preserve evidence; just do it ASAP while the electronic and other evidence is preserved and accessible. Always keep in mind proof of damages as well as proof of whodunit.

Finally, keep in mind whether and how you can collect any damages or restitution ordered.

Read more
Answered on 11/25/03, 8:51 pm


Related Questions & Answers

More Computer & Technology Law questions and answers in California