Affirmed by unpublished PER CURIAM opinion.
Unpublished opinions are not binding precedent in this circuit,
PER CURIAM:
Lovelen Pyles appeals the district court’s orders denying her motion under Fed.R.Civ.P. 50 for judgment as a matter of law and granting attorney’s fees in favor of Tech Systems, Inc. (“TSI”). Pyles asserts that the district court erred in denying her motion as to violations of the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030 (2012); the Electronic Communications Privacy Act, 18 U.S.C. § 2701 (2012); and her breach of fiduciary duty. She also contends that the district court erred in instructing the jury on punitive damages and in granting TSI’s motion for attorney’s fees. We affirm.
I.
“We review de novo the legal conclusions upon which the district court’s denial
of judgment as a matter of law were premised.”
Belk, Inc. v. Meyer Corp., U.S.,
679 F.3d 146, 164 (4th Cir.2012). “If, viewing the facts in the light most favorable to the non-moving party, there is sufficient evidence for a reasonable jury to have found in [the non-moving party’s] favor, we are constrained to affirm the jury verdict.”
Lack v. Wal-Mart Stores, Inc.,
240 F.3d 255, 259 (4th Cir.2001).
A.
“Although the CFAA is primarily a criminal statute, it permits private parties to bring a cause of action to redress a violation of the
CFAA----” A.V. ex rel. Vanderhye v. iParadigms, LLC,
562 F.3d 630, 645 (4th Cir.2009). The civil suit may be brought in limited circumstances by “[a]ny person who suffers damage or loss” as a result of a CFAA violation. 18 U.S.C. § 1030(g). As relevant here, the violation must have caused “loss to 1 or more persons during any 1-year period ... aggregating at least $5,000 in value.” 18 U.S.C. § 1030(c)(4)(A)(i)(I), (g). A person violates the CFAA by “intentionally accessing] a computer without authorization or exceeding] authorized access, and thereby obtaining] ... information from any protected computer,” 18 U.S.C. § 1030(a)(2)(C), or “intentionally accessing] a protected computer without authorization, and as a result of such conduct, causing] damage and loss,” 18 U.S.C. § 1030(a)(5)(C).
This court narrowly interprets the terms “without authorization” and “exceeds authorized access.”
WEC Carolina Energy Sols., LLC v. Miller,
687 F.3d 199, 206 (4th Cir.2012). “[A]n employee ... accesses a computer ‘without authorization’ when [s]he gains admission to a computer without approval.”
Id.
at 204. “[A]n employee ‘exceeds authorized access’ when [s]he has approval to access a computer, but uses [her] access to obtain or alter information that falls outside the bounds of [her] approved access.”
Id.
“Notably, neither of these definitions extends to the improper
use
of information validly accessed.”
Id.
Pyles argues that the CFAA did not apply to her actions during her employment with TSI because she, as the human resources director, had full access to the computer information. Under the
WEC Carolina
framework, we disagree. Pyles accessed both the main computer network and financial servers without authorization or in excess of her authority. Additionally, upon termination of her employment, Pyles accessed her corporate email account and company-issued Blackberry without authorization. Moreover, TSI demonstrated damage that resulted in losses from Pyles’ actions. Thus, there was sufficient evidence for a reasonable jury to have found in TSI’s favor.
B.
A person violates the ECPA by: “(1) intentionally accessing] without authorization a facility through which an electronic communication service is provided; or (2) intentionally exceeding] an authorization to access that facility; and thereby obtaining], altering], or preventing] authorized access to a wire or electronic communication while it is in electronic storage in such system.” 18 U.S.C. § 2701(a).
Pyles limits her ECPA challenge to whether she acted “without authorization” or “exceed[ed] [her] authorization” in accessing TSI’s computer system.
Pyles
contends not only that TSI granted her permission to access the computer system, but also that her actions did not go outside the bounds of that permission. We disagree.
Authorization is a matter of permission and dependent on its scope, not on whether information validly accessed was properly used.
See WEC Carolina,
687 F.3d at 204. Here, although Pyles was permitted to use TSI’s email to carry out her duties as human resources manager, she was not authorized to access the server through which the email functioned in the manner she did here. Additionally, her authorization to access the Blackberry terminated with her employment. Thus, there was sufficient evidence for a reasonable jury to have found in TSI’s favor.
II.
In Virginia, to establish a breach of fiduciary duty, a plaintiff must show that (1) the defendant owed a fiduciary duty, (2) the defendant breached that duty, and (3) damages resulted from the breach.
Informatics Applications Grp., Inc. v. Shkolnikov,
836 F.Supp.2d 400, 424 (E.D.Va.2011). “[A]n employee ... owes a fiduciary duty of loyalty to [her] employer during [her] employment.”
Williams v. Dominion Tech. Partners, LLC,
265 Va. 280, 576 S.E.2d 752, 757 (2003). This duty “prohibits the employee from acting in a manner adverse to his employer’s interest.”
Hilb, Rogal & Hamilton Co. of Richmond v. DePew,
247 Va. 240, 440 S.E.2d 918, 921 (1994). Moreover, “termination does not automatically free a[n] ... employee from his or her fiduciary obligations” if the action was “founded on information gained during the relationship.”
Today Homes, Inc. v. Williams,
272 Va. 462, 634 S.E.2d 737
Free access — add to your briefcase to read the full text and ask questions with AI
Affirmed by unpublished PER CURIAM opinion.
Unpublished opinions are not binding precedent in this circuit,
PER CURIAM:
Lovelen Pyles appeals the district court’s orders denying her motion under Fed.R.Civ.P. 50 for judgment as a matter of law and granting attorney’s fees in favor of Tech Systems, Inc. (“TSI”). Pyles asserts that the district court erred in denying her motion as to violations of the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030 (2012); the Electronic Communications Privacy Act, 18 U.S.C. § 2701 (2012); and her breach of fiduciary duty. She also contends that the district court erred in instructing the jury on punitive damages and in granting TSI’s motion for attorney’s fees. We affirm.
I.
“We review de novo the legal conclusions upon which the district court’s denial
of judgment as a matter of law were premised.”
Belk, Inc. v. Meyer Corp., U.S.,
679 F.3d 146, 164 (4th Cir.2012). “If, viewing the facts in the light most favorable to the non-moving party, there is sufficient evidence for a reasonable jury to have found in [the non-moving party’s] favor, we are constrained to affirm the jury verdict.”
Lack v. Wal-Mart Stores, Inc.,
240 F.3d 255, 259 (4th Cir.2001).
A.
“Although the CFAA is primarily a criminal statute, it permits private parties to bring a cause of action to redress a violation of the
CFAA----” A.V. ex rel. Vanderhye v. iParadigms, LLC,
562 F.3d 630, 645 (4th Cir.2009). The civil suit may be brought in limited circumstances by “[a]ny person who suffers damage or loss” as a result of a CFAA violation. 18 U.S.C. § 1030(g). As relevant here, the violation must have caused “loss to 1 or more persons during any 1-year period ... aggregating at least $5,000 in value.” 18 U.S.C. § 1030(c)(4)(A)(i)(I), (g). A person violates the CFAA by “intentionally accessing] a computer without authorization or exceeding] authorized access, and thereby obtaining] ... information from any protected computer,” 18 U.S.C. § 1030(a)(2)(C), or “intentionally accessing] a protected computer without authorization, and as a result of such conduct, causing] damage and loss,” 18 U.S.C. § 1030(a)(5)(C).
This court narrowly interprets the terms “without authorization” and “exceeds authorized access.”
WEC Carolina Energy Sols., LLC v. Miller,
687 F.3d 199, 206 (4th Cir.2012). “[A]n employee ... accesses a computer ‘without authorization’ when [s]he gains admission to a computer without approval.”
Id.
at 204. “[A]n employee ‘exceeds authorized access’ when [s]he has approval to access a computer, but uses [her] access to obtain or alter information that falls outside the bounds of [her] approved access.”
Id.
“Notably, neither of these definitions extends to the improper
use
of information validly accessed.”
Id.
Pyles argues that the CFAA did not apply to her actions during her employment with TSI because she, as the human resources director, had full access to the computer information. Under the
WEC Carolina
framework, we disagree. Pyles accessed both the main computer network and financial servers without authorization or in excess of her authority. Additionally, upon termination of her employment, Pyles accessed her corporate email account and company-issued Blackberry without authorization. Moreover, TSI demonstrated damage that resulted in losses from Pyles’ actions. Thus, there was sufficient evidence for a reasonable jury to have found in TSI’s favor.
B.
A person violates the ECPA by: “(1) intentionally accessing] without authorization a facility through which an electronic communication service is provided; or (2) intentionally exceeding] an authorization to access that facility; and thereby obtaining], altering], or preventing] authorized access to a wire or electronic communication while it is in electronic storage in such system.” 18 U.S.C. § 2701(a).
Pyles limits her ECPA challenge to whether she acted “without authorization” or “exceed[ed] [her] authorization” in accessing TSI’s computer system.
Pyles
contends not only that TSI granted her permission to access the computer system, but also that her actions did not go outside the bounds of that permission. We disagree.
Authorization is a matter of permission and dependent on its scope, not on whether information validly accessed was properly used.
See WEC Carolina,
687 F.3d at 204. Here, although Pyles was permitted to use TSI’s email to carry out her duties as human resources manager, she was not authorized to access the server through which the email functioned in the manner she did here. Additionally, her authorization to access the Blackberry terminated with her employment. Thus, there was sufficient evidence for a reasonable jury to have found in TSI’s favor.
II.
In Virginia, to establish a breach of fiduciary duty, a plaintiff must show that (1) the defendant owed a fiduciary duty, (2) the defendant breached that duty, and (3) damages resulted from the breach.
Informatics Applications Grp., Inc. v. Shkolnikov,
836 F.Supp.2d 400, 424 (E.D.Va.2011). “[A]n employee ... owes a fiduciary duty of loyalty to [her] employer during [her] employment.”
Williams v. Dominion Tech. Partners, LLC,
265 Va. 280, 576 S.E.2d 752, 757 (2003). This duty “prohibits the employee from acting in a manner adverse to his employer’s interest.”
Hilb, Rogal & Hamilton Co. of Richmond v. DePew,
247 Va. 240, 440 S.E.2d 918, 921 (1994). Moreover, “termination does not automatically free a[n] ... employee from his or her fiduciary obligations” if the action was “founded on information gained during the relationship.”
Today Homes, Inc. v. Williams,
272 Va. 462, 634 S.E.2d 737, 744 (2006) (internal quotation marks omitted).
Pyles concedes that she owed TSI a fiduciary duty under Virginia law. She asserts that the district court improperly denied her motion to strike the breach-of-fiduciary-duty claim because, she argues, the information she revealed was not the kind that would give an advantage to a competing business. Nevertheless, the record reveals that she breached her duty by acting in bad faith with confidential information and by disregarding TSI’s interests in accessing the email server, resulting in damages to TSI. Accordingly, the district court properly rejected this claim.
HI.
Finally, Pyles challenges the district court’s jury instructions allowing for punitive damages and its award of attorney’s fees in TSI’s favor. It is a “settled rule” that we will not consider issues raised for the first time on appeal absent “fundamental error or a denial of fundamental justice.”
In re Under Seal,
749 F.3d 276, 285 (4th Cir.2014) (internal quotation marks omitted). “Fundamental error is more limited than the plain error standard that [this Court] applies] in criminal cases.”
Id.
(internal quotation marks omitted). Thus, this court has used the plain error standard “as something of an intermediate step in a civil case.”
Id.
at 286. “[W]hen a party in a civil case fails to meet the plain-error standard, we can say with confidence that [s]he has not established fundamental error.”
Id.
To establish plain error, Pyles must show that: (1) there was an error, (2) the error was plain, and (3) the error affected her substantial rights.
United States v. Robinson,
627 F.3d 941, 954 (4th Cir.2010). Even if Pyles makes this showing, “we retain discretion to deny relief; plain errors should only be corrected where not doing so would result in a miscarriage of
justice or would otherwise seriously affect the fairness, integrity or public reputation of judicial proceedings.”
Id.
(alterations, citation, and internal quotation marks omitted).
We have refused to undertake plain error review, however, where a party “failed to make its most essential argument anywhere in its briefs .,: it never contended that the district court
fundamentally or even plainly erred.” In re Under Seal,
749 F.3d at 292;
see Makdessi v. Fields,
789 F.3d 126, 132 (4th Cir.2015) (refusing plain error review where appellant failed to assert that elements of such review were satisfied). Failing to argue either, Pyles has abandoned these claims. Moreover, Pyles’ jurisdictional argument is meritless because the court properly exercised subject-matter jurisdiction over her federal and state-law claims pursuant to 28 U.S.C. § 1331 (2012) (federal question), and 28 U.S.C. § 1367(a) (2012) (supplemental jurisdiction).
Accordingly, we affirm the district court’s orders. We dispense with oral argument because the facts and legal contentions are adequately presented in the materials before this court and argument would not aid the decisional process.
AFFIRMED.