Exam (elaborations) C841___Task1_Parts_A___B.docx (2021

Introduction In this paper, I will discuss the TechFite case study. We will discuss the Computer Fraud and Abuse Act and the Electronic Communications Privacy Act and certain aspects of this case study that violated these Acts. Next we discuss a few laws/ regulations/ legal cases that show that legal action is justified in this case study. Then we will discuss two instances in which due case C841 Task 1 3 was lacking. Next, we will describe how the TechFite case study show example of TechFite employs breaking the rules of SOX Act. After that, we will show detailed activity that warrants criminal action, and who was complicit and who was just a victim. We will then explain how existing cyber security policies and procedures failed to prevent the criminal activity. Lastly, we will show claims for negligence, who was complicit and who was a victim, and how current policies and procedures failed to prevent the negligence. A. Application of Law A1. CFAA & ECPA The Computer Fraud and Abuse Act (CFAA), was originally enacted in 1986 by the US Congress (Freeman, 2017). It has since been amended many times. This act criminalizes actions like knowingly accessing a computer without authorization and accessing a computer with the intent to obtain anything with the value of over $5,000 within a year (Freeman, 2017). This act was broken when employees like Sarah Miller for the Business Intelligence Unit used dummy admin accounts to access restricted information from the legal, HR, and finance departments. This is a violation of the CFAA. The CFAA was also broken when fake companies were used to move money into TechFite’s accounts. Based off the information in the case study, Carl Jaspers sold proprietary information from at least two companies after having signed an NDA. The Electronic Communications Privacy Act (ECPA) was also enacted in 1986 by the US Congress (Epic, N.D.). This act helps people have a right to their privacy from other individuals and the government, except in certain situations. This act criminalizes actions like intercepting electronic communications (Epic N.D). This is the section of the act that was broken by employees at TechFite. The Metasploit tool was found to be used by Business Intelligence staff. They penetrated into other companies’ networks without permission. This is a violation of the ECPA. A2. Three Laws/ regulations/ legal cases that justify legal action The first case that justifies legal action is case that happened at Intel in 2008. Biswamohan Pani was sentenced to three years in jail for stealing trade secrets from Intel to take to his new job at AMD (FBI, 2012). Pani illegally downloaded trade secrets from Intel on his last few weeks at work, and lied to them about where he would work next. Once Intel learned he was going to their competitor they started looking at his activity and noticed the large amount of files that were downloaded (FBI, 2012). This case shows that the actions of Carl Jasper were criminal. We signed an NDA with companies and then stole their proprietary information and trade secrets to sell them to their competitors. Carl Jasper knowingly and illegally took property that did not belong to him. In the TechFite case study, Carl Jasper also violated the Economic Espionage Act. The Economic Espionage Act of 1996 makes the theft of trade secrets a federal crime (LaMance, 2018). The act specifically makes the transmission of company trade secrets illegal if authorization is not obtained from the owner (LaMance, 2018). Carl Jasper knowingly and illegally sold trade secrets of Orange Leaf Software LLC without their authorization. This was in direct violation of the Economic Espionage Act. C841 Task 1 4 Another case study that shows the criminal actions of Carl Jaspers is Jawbone Vs. Fitbit. Six current and former employees were charged with stealing confidential intellectual property from Jawbone. All six Fitbit employees were former Jawbone employees (Moon, 2018). Fitbit was cleared from using the intellectual property, but the six employees were all charged. These six employees were all found to have confidential intellectual property of Jawbone on their computers (Moon, 2018). While Carl Jasper had legally obtained the information via the questionnaire, he was not allowed to distribute it of sell it without permission. After companies like Orange Leaf Software decided not to use TechFite their trade secret showed up in their competitors software. Based off the payments and tracking of activity, Carl Jaspers illegally sold or gave away this confidential intellectual property.