Florida’s CADRA a Powerful New Data Protection
Florida businesses will soon have an important and powerful new legal cause of action to combat unauthorized access to protected computer systems or data by employees, former employees, directors, officers, and others. Florida's Computer Abuse and Data Recovery Act (CADRA) goes into effect on October 1, 2015.
CADRA is intended to be a national model for legislation providing a new civil remedy (and recovery of reasonable attorneys' fees) to business owners who suffer harm or loss as a result of unauthorized access to their business data or computer systems. To take advantage of CADRA's protections, businesses must protect their computers by installing certain “technological access barriers,” or TABs, defined in CADRA.
An individual violates CADRA when he or she “knowingly and with intent to cause harm or loss”: (1) obtains information from a TAB-protected computer without authorization and as a result causes harm or loss; (2) causes the transmission of a program, code, or command to a TAB-protected computer and as a result causes harm or loss; or (3) traffics in any TAB through which access to a protected computer might be gained without authorization.
Directors, officers, employees, and others are considered authorized users only when they have express permission of the business owner to access TAB-protected computers. This authorization ends when the relationship between the business and the individual ends - whether by termination of employment or by other means.
A business owner bringing suit under CADRA may recover money damages including: lost profits, economic damages, and the profits gained by the violator. Additionally, the owner is entitled to an injunction to prevent further violations and will recover the stolen information. Finally, the prevailing party in a CADRA action is entitled to recover reasonable attorney fees.
A full description of the law is available here.