The US Court of Appeals for the Second Circuit [official website] on Wednesday issued an opinion [text, PDF] holding that a former Goldman Sachs programmer did not violate a federal law prohibiting theft of trade secrets when he copied portions of the company's confidential source code. Sergey Aleynikov's conviction for violating two federal laws was overturned by the appeals court in February. In June 2009, Aleynikov uploaded 500,000 lines of confidential source code from Goldman's computer system on his last day at work. Later, he downloaded the code to his home computer and brought it to his new employer for their use. In its opinion, the court found that the transmission of intangible data does not constitute theft under the National Stolen Property Act (NSPA):
The NSPA does not criminalize the theft of intangible things. ... By uploading Goldman's proprietary source code to a computer server in Germany, Aleynikov stole purely intangible property embodied in a purely intangible format. There was no allegation that he physically seized anything tangible from Goldman. ... We decline to stretch or update statutory words of plain and ordinary meaning in order to better accommodate the digital age.Aleynikov was also acquitted under the Economic Espionage Act because the source code was not sufficiently related to the product produced by Goldman Sachs.
Lawmakers have struggled recently to pass laws that sufficiently balance intellectual property rights and rights of its citizens in a digital age. In January, the US House of Representatives agreed to postpone hearings on the Stop Online Piracy Act (SOPA) [text, PDF] after several major websites, consumer advocacy groups and the president voiced opposition to the bill. Earlier that month, the Spanish government approved a new law [JURIST report] that creates a government agency with the authority to force Internet service providers to block certain websites that are involved in pirating copyrighted material. The European Court of Justice (ECJ) ruled in November that Internet service providers cannot be required by law to monitor [JURIST report] their customers' activities as an attempt to combat illegal sharing of copyrighted material.