United States v. Thomas

877 F.3d 591 (5th Cir. 2017)

Facts

D worked at ClickMotive. His job title included network administration; maintaining production websites; installing, maintaining, upgrading, and troubleshooting network servers; ensuring system security and data integrity; and performing backups. D had full access to the network operating system and had the authority to access any data and change any setting on the system. D was expected to perform his duties using his 'best efforts and judgment to produce maximum benefit' to ClickMotive. D's friend in the IT department was fired. D got very upset. D then 'tinkered' with the company's system. D deleted 625 files of backup history and deleted automated commands set to perform future backups. He issued a command to destroy the virtual machine that performed backups. He entered false contact information for various company employees where they would not receive any automatically-generated alerts indicating system problems. He set up auto-forwarding of executives' emails to an external personal email account he created during the weekend. He deleted an internal 'wiki,' that employees routinely used for troubleshooting computer problems. He trashed the ability to work remotely through a VPN. He set a time bomb that would cause the VPN to become inoperative when someone rebooted the system, a common and foreseeable maintenance function. He sabotaged email distribution so customer requests for support would go unnoticed. He tried to cover his tracks by using another employee's credentials. D then resigned. He caused $130k in damages. D told the FBI he was frustrated. D fled to Brazil and was eventually arrested 3 years later. D was charged with the violation of section 1030(a)(5)(A). Experts testified that none of the problems were attributable to a normal system malfunction. They stated that D's actions were not consistent with normal troubleshooting and maintenance or consistent with mistakes made by a novice. D's own Employment Agreement specified he was bound by policies that were reasonably necessary to protect ClickMotive's legitimate interests in its clients, customers, accounts, and work product. D was found guilty and appealed. D claims he was authorized to damage the computer as part of his routine IT duties.