On February 13, SunPower Corporation, a manufacturer of solar panels, sued five former employees, as well as its rival, SolarCity Corporation in federal court in San Francisco, California and sought a temporary restraining order against the defendants. SunPower asserted claims of unfair competition, trade secret misappropriation, and violations of the Computer Fraud and Abuse Act (“CFAA”), as well as a number of other claims, in its complaint.
In its complaint, SunPower alleges that five former employees copied thousands of electronic files containing confidential information on to external hard drives and USB devices. The individual defendant employees all signed non-disclosure and non-solicitation agreements with SunPower.
One of the individual defendants allegedly left SunPower in August 2011, and began working at SolarCity. In the days leading up to his departure, SunPower alleges the individual defendant used portable storage devices to steal proposals, contracts, quotes, deals and market analysis from SunPower. This data also included information about SunPower’s major customers, as well as the names of the employees responsible for the sales. SunPower alleges this former employee then used this information to recruit other SunPower employees to SolarCity. These employees included the other individual defendants, each of whom allegedly copied additional confidential information on to a personal USB device prior to leaving SunPower. One of the individual defendants also allegedly accessed his SunPower email immediately after leaving and forwarded several confidential documents to his personal email account. SunPower used forensic analysis to confirm the alleged theft of these files after the fact.
SunPower’s complaint alleges the stolen files were then transferred to computers or devices at SolarCity, which knowingly accepted them, and used the information to conduct business. In doing so, SunPower alleges SolarCity and its employees violated the CFAA and misappropriated trade secrets. Based on SolarCity’s actions, SunPower requested the judge grant a temporary restraining order, which would include allowing a forensic expert to copy data from the employees’ computers and computer media to preserve evidence of stolen information.
SunPower alleges the stolen information “will greatly damage [their] global sales by allowing SolarCity to predict SunPower’s every movement for years to come. . . it is highly likely defendants will conceal the stolen computer files unless this court grants this motion and allows SunPower to copy data from the former employees’ computers.”
The Ninth Circuit has previously addressed the issue of liability under the CFAA in cases where employees steal or remove electronic data in violation of employer computer use policies. In US v. Nosal (9th Cir. No. 10-10038), the court held that a former employee “exceeds authorized access” to data on an employer’s computer system when the employee takes actions on the computer which are prohibited by written policies and procedures concerning acceptable use. Under the policy articulated in Nosal, employees must strictly adhere to a company’s computer use restrictions in order to comply with the CFAA. However, the Ninth Circuit granted en banc review of the previous Ninth Circuit Nosal decision. Oral argument before the en banc panel was held in Decemberand a decision has yet to be released. Accordingly, it is unclear whether Sunpower will be able to maintain its CFAA claim.
As of February 17, it appears unlikely that the court will rule on Sunpower’s motion for temporary restraining order. The parties have filed a joint stipulation withdrawing the motion for a temporary restraining order without prejudice, and seem to think it is likely that an agreement can be reached. However, SunPower has reserved the right to refile for injunctive relief. We will continue to follow this case closely as it progresses.