Darryl Broussard formerly worked as a high-level officer at Teche Federal Bank, a small state-chartered bank in Louisiana. When Teche merged with the larger IberiaBank, Broussard and some of the lenders he supervised went to work at competitor JD Bank. IberiaBank sued Broussard for, among other things, violation of the Computer Fraud and Abuse Act (“CFAA”), based on the deletion of data from the bank’s servers. The trial court held that Broussard lacked permission to delete files from his H:drive, and that his actions caused $6,233.33 in damages, which the Court of Appeal affirmed.
“The evidence revealed that before the merger, Broussard signed an agreement forbidding him from harming IberiaBank systems or any stored information data by activities such as … damaging files. When deposed on whether he had asked for permission before he deleted whatever he deleted, Broussard responded, ‘I didn’t, because I didn’t see anything wrong with it, to be honest with you.’ At trial, Broussard asserted that Jason Freyou instructed him to delete data. This assertion created tension, if not contradiction, with his deposition testimony. Moreover, the trial court noted that Broussard did not inform anyone at IberiaBank that he had deleted documents from his H:drive. IberiaBank offered Ross Little’s testimony that he could not recall any Teche officer ever directing Broussard to delete data, and that he would have been in the critical meeting in which Freyou allegedly gave Broussard that instruction. Affording due deference to the trial court in its assessment of competing testimony, as we must, there was no clear error in the factual finding that Broussard lacked authorization.”
IberiaBank v. Broussard, 907 F.3d 826 (5th Cir. 2018).