Major League Baseball and the Computer Fraud and Abuse Act

Written by Katy Young

This morning, the New York Times ran an article about the St. Louis Cardinals organization allegedly hacking into the Houston Astros’ computer database containing proprietary player information. You can read the article here:

Ad Astra is particularly interested in this story for two reasons: we are big baseball fans (in fact my brother, Chuckie Fick, pitched for both the Cardinals and then the Astros!) and big fans of the federal Computer Fraud and Abuse Act (CFAA), which creates both a criminal and civil cause of action for unauthorized access of information stored on a computer.

The Houston Astros apparently maintain a computer database containing proprietary information about its players and prospects. The database is called Ground Control and it is the brainchild of former Cardinals bigwig turned Astros’ General Manager Jeff Luhnow. The St. Louis Cardinals are accused of accessing the Astros’ database using an old master list of passwords because they were concerned that Luhnow took the Cardinals’ proprietary player information when he left the Cardinals to go work for the Astros. The CFAA doesn’t care why you accessed another’s database without authority, nor does the CFAA care what you did with that information after you accessed it (that’s a trade secret problem)- but the CFAA does create a cause of action if someone accessed your data without authority, altered or deleted anything, and you incurred at least $5,000 in damages trying to remedy the problem. The New York Times article states that the FBI is already involved, but we here at Ad Astra are wondering if the Astros want to look into filing a civil complaint against the Cardinals under the CFAA!

Leave a Reply

Your email address will not be published. Required fields are marked *