The court ruled that violating an employer's policy did not "exceed authorization" as defined by the CFAA and was not illegal under the act.
[3] Shortly before Lee v. PMSI, in its initial hearing on the case, the U.S. Ninth Circuit court of appeals ruled in United States v. Nosal that an employee violated the Computer Fraud and Abuse Act when he disobeyed an employer's Internet use restrictions.
This motion was denied and PMSI subsequently filed an amended complaint claiming Lee violated the Computer Fraud and Abuse Act.
[5] In May 2011 District Judge Merryday held that Lee's conduct did not exceed authorized access to her employer's computer in violation of the CFAA.
[6][7] He said that the CFAA was meant to target hackers who steal information or destroy functionality, not employees who use the internet instead of working.