hiQ Labs, Inc. v. Linkedin Corporation
Filing
199
ORDER by Judge Edward M. Chen Deferring in Part and Denying in Part #182 Plaintiff's Motion to Dismiss and Strike Counterclaims. (emcsec, COURT STAFF) (Filed on 4/19/2021)
1
2
3
4
UNITED STATES DISTRICT COURT
5
NORTHERN DISTRICT OF CALIFORNIA
6
7
HIQ LABS, INC.,
Plaintiff,
8
v.
9
10
LINKEDIN CORPORATION,
Defendant.
11
United States District Court
Northern District of California
Case No. 17-cv-03301-EMC
ORDER DEFERRING IN PART AND
DENYING IN PART PLAINTIFF’S
MOTION TO DISMISS AND STRIKE
COUNTERCLAIMS
Docket No. 182
12
13
14
This case arises out of Plaintiff hiQ Labs, Inc.’s access to and use of public profiles of
15
Defendant LinkedIn Corp.’s users. hiQ initiated this lawsuit against LinkedIn, bringing claims
16
for, inter alia, declaratory relief, tortious interference, and unfair competition. In response,
17
LinkedIn has asserted counterclaims, including violation of the federal Computer Fraud and Abuse
18
Act, breach of contract, and misappropriation. Currently pending before the Court is hiQ’s motion
19
to dismiss the counterclaims. Having considered the parties’ briefs and accompanying
20
submissions, the Court hereby DEFERS in part and DENIES in part hiQ’s motion.
I.
21
22
FACTUAL & PROCEDURAL BACKGROUND
LinkedIn is a company that provides a social network for professionals. See Countercl. ¶
23
20. Members of LinkedIn “create individual profiles that serve as their professional profiles
24
online.” Countercl. ¶ 21. Today, the company has more than 700 million members worldwide.
25
See Countercl. ¶ 21.
26
27
28
LinkedIn gives its members numerous privacy protections and privacy choices. For
example:
•
“[I]f a member decides that he or she wants to delete his or her profile, LinkedIn
1
will permanently delete the account and all of the data that the member posted to
2
LinkedIn within 30 days.” Countercl. ¶ 56 (alleging that this “helps ensure that
3
members are the ones who have ultimate control over [their information]”).
4
•
Members can choose to have all or part of their profiles exempt from indexing by
5
well-known search engines such as Google, Bing, and Duck Duck Go. See
6
Countercl. ¶ 55.
7
•
When members update information in their profiles, they can choose whether to
8
broadcast that change on LinkedIn. See Countercl. ¶ 57 (alleging that, if a member
9
chooses the “Do Not Broadcast” setting, the “changes that the member makes to his
or her profile will be visible, but the fact that the member made a change will not
11
United States District Court
Northern District of California
10
be broadcast to his or her LinkedIn connections or to anyone else”); see also
12
Countercl. ¶ 58 (alleging that this feature was put in place “in response to feedback
13
from LinkedIn members who were hesitant to update their profiles for fear that
14
their co-workers or employers would suspect they were searching for a new job or
15
otherwise thinking of leaving their current jobs”).
16
“LinkedIn’s website and servers are not unconditionally open to the general public.”
17
Countercl. ¶ 25. “This is because LinkedIn’s servers are protected by sophisticated defenses . . .
18
that evaluate whether to grant each request made to LinkedIn’s servers.” Countercl. ¶ 25. These
19
defenses “currently block hundreds of millions of requests to access guest profiles per day from
20
bots and scrapers, which constitute the majority of the requests made to LinkedIn’s servers for
21
guest profiles.” Countercl. ¶ 25.
22
23
Examples of LinkedIn’s defenses include the following:
•
The Sentinel system. “Through Sentinel, LinkedIn maintains a list of IP addresses
24
that are not permitted to make calls on LinkedIn’s servers because they either have
25
in the past or are engaged in abuse.” Countercl. ¶ 27.
26
•
LinkedIn’s “robots.txt” file. The file “provides a set of instructions to any
27
automated technologies visiting the LinkedIn site, as well as an explicit warning
28
. . . [,] that the use of bots to access LinkedIn without express permission is strictly
2
1
prohibited.” Countercl. ¶ 33. The file “does permit some webcrawlers (e.g., search
2
engines such as Google or Bing) to crawl and index the site.” Countercl. ¶ 33; see
3
also Countercl. ¶ 55 (alleging that that LinkedIn’s “Privacy Policy expressly
4
informs members that search engines may index and display information in their
5
profiles” but “LinkedIn limits such indexing to well-known search engines, such as
6
Google, Bing and Duck Duck Go”; furthermore, “LinkedIn permits members to
7
choose the parties of their profiles that search engines index, or to opt out of this
8
feature entirely”).
9
•
LinkedIn’s “custom rules.” LinkedIn applies “over 200 custom rules . . . to
requests made to its servers to determine whether the requests is from a human or
11
United States District Court
Northern District of California
10
bot.” Countercl. ¶ 30. Some of the rules fall under LinkedIn’s Guest Request
12
Scoring System and Member Request Scoring System. The Guest Request Scoring
13
System “monitors and limits page requests made by users who are not logged into
14
LinkedIn. If unusual patterns or high levels of activity are detected, the user is
15
redirected to LinkedIn’s log-in page and is prevented from viewing additional
16
LinkedIn pages while not logged in.” Countercl. ¶ 32. “The Member Request
17
Scoring System monitors page requests made by LinkedIn members while logged
18
into their accounts. If high levels of activity are detected for certain types of
19
accounts, the member is logged out and may either be warned, restricted, or
20
challenged with a CAPTCHA in order to log back into LinkedIn.” Countercl. ¶ 31.
21
•
Password barrier. “Much of the information on LinkedIn’s website is behind a
22
password barrier. Periodically, LinkedIn will prevent ‘logged-out’ users from
23
viewing more than a certain number of pages before being asked to enter a user
24
name and password to see more.” Countercl. ¶ 34.
25
•
The FUSE system. “FUSE scans and imposes a limit on the activity that an
26
individual LinkedIn member may initiate on the site. This limit is intended to
27
prevent would-be data scrapers utilizing automated technologies from quickly
28
accessing a substantial volume of member profiles.” Countercl. ¶ 26.
3
In addition to the above defenses, LinkedIn’s User Agreement “prohibits accessing and
1
2
scraping of LinkedIn’s website through automated software and other technologies.” Countercl. ¶
3
36; see also Countercl. ¶ 49 (citing § 8.2 of the User Agreement). Members of LinkedIn are
4
subject to the User Agreement but so too are users and visitors of the LinkedIn website. See
5
Countercl. ¶ 37. For example, “[t]he relevant version of the User Agreement, effective October
6
23, 2014, states that ‘You agree that by clicking “Join Now[,]” “Join LinkedIn” “Sign Up” or
7
similar[] registering, accessing, or using our services . . . , you are entering into a legally binding
8
agreement (even if you are using our Services on behalf of a company).’” Countercl. ¶ 37.
Notwithstanding these measures, hiQ accesses and aggregates publicly available profiles
9
on LinkedIn and uses the data for the data analytic tools it sells.
11
United States District Court
Northern District of California
10
A.
12
hiQ’s First Amended Complaint (“FAC”)
In its FAC, hiQ asserts the following claims for relief:
13
(1) A declaratory judgment that hiQ has not violated and will not violate the Computer
14
Fraud and Abuse Act of 18 U.S.C. § 1030 by accessing LinkedIn public profiles.
15
(2) A declaratory judgment that hiQ has not violated and will not violate the Digital
16
Millennium Copyright Act, 17 U.S.C. § 1201, by accessing LinkedIn public
17
profiles.
18
19
20
21
(3) A declaratory judgment that hiQ has not committed and will not commit common
law trespass to chattels by accessing LinkedIn public profiles.
(4) A declaratory judgment that hiQ has not violated and will not violate California
Penal Code § 502(c) by accessing LinkedIn public profiles.
22
(5) Intentional interference with contract.
23
(6) Intentional interference with prospective economic advantage.
24
(7) Unfair competition in violation of California Business & Professions Code §
25
17200.
26
(8) Unlawful competition in violation of § 17200.
27
(9) Fraudulent competition in violation of § 17200.
28
4
1
B.
In its responsive counterclaims, LinkedIn pleads the following causes of action against
2
3
LinkedIn’s Counterclaims
hiQ:
4
(1) Violation of the Computer Fraud and Abuse Act, 18 U.S.C. § 1030.
5
(2) Violation of the California Comprehensive Computer Access and Fraud Act, Cal.
Pen. Code § 502 et seq.
6
7
(3) Breach of contract.
8
(4) Misappropriation.
9
(5) Trespass to chattels.
10
C.
Before LinkedIn filed its counterclaims in the instant case, this Court issued an order
11
United States District Court
Northern District of California
Prior Court Rulings
12
granting hiQ a preliminary injunction with respect to its claims for relief. See hiQ Labs, Inc. v.
13
LinkedIn Corp., 273 F. Supp. 3d 1099 (N.D. Cal. 2017) (hereafter hiQ I). LinkedIn appealed that
14
order; the Ninth Circuit affirmed. See hiQ Labs, Inc. v. LinkedIn Corp., 938 F.3d 985 (9th Cir.
15
2019) (hereinafter hiQ II). LinkedIn thereafter filed a petition for a writ of certiorari with the
16
Supreme Court. LinkedIn’s petition is still pending.
II.
17
18
19
A.
DISCUSSION
Legal Standard
Federal Rule of Civil Procedure 8(a)(2) requires a complaint to include “a short and plain
20
statement of the claim showing that the pleader is entitled to relief.” Fed. R. Civ. P. 8(a)(2). A
21
complaint that fails to meet this standard may be dismissed pursuant to Federal Rule of Civil
22
Procedure 12(b)(6). See Fed. R. Civ. P. 12(b)(6). To overcome a Rule 12(b)(6) motion to dismiss
23
after the Supreme Court’s decisions in Ashcroft v. Iqbal, 556 U.S. 662 (2009), and Bell Atlantic
24
Corp. v. Twombly, 550 U.S. 544 (2007), a plaintiff’s “factual allegations [in the complaint] ‘must .
25
. . suggest that the claim has at least a plausible chance of success.’” Levitt v. Yelp! Inc., 765 F.3d
26
1123, 1135 (9th Cir. 2014). The court “accept[s] factual allegations in the complaint as true and
27
construe[s] the pleadings in the light most favorable to the nonmoving party.” Manzarek v. St.
28
Paul Fire & Marine Ins. Co., 519 F.3d 1025, 1031 (9th Cir. 2008). But “allegations in a
5
1
complaint . . . may not simply recite the elements of a cause of action [and] must contain sufficient
2
allegations of underlying facts to give fair notice and to enable the opposing party to defend itself
3
effectively.” Levitt, 765 F.3d at 1135 (internal quotation marks omitted). “A claim has facial
4
plausibility when the plaintiff pleads factual content that allows the court to draw the reasonable
5
inference that the defendant is liable for the misconduct alleged.” Iqbal, 556 U.S. at 678. “The
6
plausibility standard is not akin to a probability requirement, but it asks for more than a sheer
7
possibility that a defendant has acted unlawfully.” Id. (internal quotation marks omitted).
In the instant case, hiQ has challenged under Rule 12(b)(6) each of LinkedIn’s five
8
9
counterclaims:
(1) Violation of the Computer Fraud and Abuse Act, 18 U.S.C. § 1030.
11
United States District Court
Northern District of California
10
(2) Violation of the California Comprehensive Computer Access and Fraud Act, Cal.
Pen. Code § 502 et seq.
12
13
(3) Breach of contract.
14
(4) Misappropriation.
15
(5) Trespass to chattels.
16
B.
Violation of the Computer Fraud and Abuse Act
The Computer Fraud and Abuse Act (“CFAA”) provides in relevant part: “Whoever . . .
17
18
intentionally accesses a computer without authorization or exceeds authorized access,[1] and
19
thereby obtains . . . information from any protected computer . . . shall be punished” by fine or
20
imprisonment.” 18 U.S.C. § 1030(a)(2)(C).
In its decision affirming the preliminary injunction in this case, the Ninth Circuit provided
21
22
guidance on its views of the CFAA. It determined, for example, that hiQ had raised a serious
23
question as to its contention that, “where access is open to the general public, the CFAA ‘without
24
authorization’ concept is inapplicable.” hiQ II, 938 F.3d at 1000.
Primarily relying on the Ninth Circuit’s decision, hiQ argues that the Court should dismiss
25
26
27
28
“[E]xceeds authorized access” under the CFAA “means to access a computer with authorization
and to use such access to obtain or alter information in the computer that the accesser is not
entitled so to obtain or alter.” 18 U.S.C. § 1030(e)(6).
6
1
1
LinkedIn’s CFAA counterclaim. At this juncture, however, the Court finds it prudent to defer
2
ruling on hiQ’s motion because LinkedIn has asked the Supreme Court to review the Ninth
3
Circuit’s decision. In addition, the Supreme Court currently has before it a case that will address a
4
related issue – i.e., when does a person exceed authorized access under the CFAA? – that may
5
well have an impact on the instant case. See United States v. Van Buren, 940 F.3d 1192 (11th Cir.
6
2019), certiorari granted by 140 S. Ct. 2667 (2020). These circumstances counsel against a ruling
7
on the CFAA counterclaim at this point in the proceedings. The Court will be in a better position
8
to address the counterclaim once the Supreme Court has issued its decision in Van Buren and/or
9
the instant case.
10
C.
Violation of the California Comprehensive Computer Access and Fraud Act, Cal. Pen.
United States District Court
Northern District of California
11
Code § 502 et seq.
12
LinkedIn has also asserted a counterclaim for violation of the California Comprehensive
13
Computer Access and Fraud Act. The relevant provision in the Act can be found in California
14
Penal Code § 502(c), which provides in relevant part as follows:
15
16
17
[A]ny person who commits any of the following acts is guilty of a
public offense:
(1)
Knowingly accesses and without permission alters, damages,
deletes, destroys, or otherwise uses any data, computer,
computer system, or computer network in order to either (A)
devise or execute any scheme or artifice to defraud, deceive,
or extort, or (B) wrongfully control or obtain money,
property, or data.
(2)
Knowingly accesses and without permission takes, copies, or
makes use of any data from a computer, computer system, or
computer network, or takes or copies any supporting
documentation, whether existing or residing internal or
external to a computer, computer system, or computer
network.
18
19
20
21
22
23
24
25
26
....
(7)
Knowingly and without permission accesses or causes to be
accessed any computer, computer system, or computer
network.
27
Cal. Pen. Code § 502(c). Section 502(c)(7) bears similarity to the CFAA, focusing on
28
unauthorized access. However, §§ 502(c)(1) and (2) are different from the CFAA (at least as
7
1
interpreted by the Ninth Circuit), focusing instead on unauthorized use. See also United States v.
2
Christensen, 828 F.3d 763, 789 (9th Cir. 2016) (noting that, “[i]n contrast to the CFAA, the
3
California statute does not require unauthorized access” but rather “knowing access[;] [w]hat
4
makes that access unlawful is that the person ‘without permission takes, copies, or makes use of’
5
data on the computer”); Power Ventures, 844 F.3d at 1069 (noting that, e.g., § 502(c)(2) is
6
different from the CFAA).
Although § 502 is not on all fours with the CFAA, the Court nevertheless finds it prudent
7
8
to defer ruling on the § 502 counterclaim as well. The Supreme Court’s decision in Van Buren
9
and/or the instant case may still affect the § 502 analysis – e.g., whether, as a matter of policy, the
use of public information should be deemed criminal conduct.
11
United States District Court
Northern District of California
10
D.
12
Breach of Contract
LinkedIn’s breach-of-contract counterclaim is predicated on the User Agreement which
13
“prohibits accessing LinkedIn’s website through automated means” and “prohibits scraping data
14
from LinkedIn’s website using automated means.” Countercl. ¶¶ 115-16. According to LinkedIn,
15
“hiQ’s conduct has damaged LinkedIn, and caused and continues to cause irreparable harm and
16
injury to LinkedIn.” Countercl. ¶ 125 (emphasis added).
17
In its motion, hiQ seeks to dismiss only part of the counterclaim. hiQ points out that, in its
18
order granting a preliminary injunction, this Court stated: “hiQ signed up as a LinkedIn user and is
19
thus bound by the User Agreement[,] [b]ut LinkedIn has since terminated hiQ’s user status.” hiQ
20
I, 273 F. Supp. at 1107 n.4. Similarly, the Ninth Circuit in affirming the preliminary injunction
21
order stated: “[h]iQ is no longer bound by the User Agreement, as LinkedIn has terminated hiQ’s
22
user status.” hiQ II, 983 F.3d at 991 n.5. Based on these statements, hiQ argues: “LinkedIn’s
23
claim that hiQ ‘continues to’ breach the User Agreement is precluded by the findings of this Court
24
and the Ninth Circuit,” and, “as LinkedIn cannot state a claim for any continuing or ongoing
25
breach of the User Agreement, LinkedIn’s claim of injunctive relief or for relief accrued past the
26
date of hiQ’s termination should be struck.” Mot. at 12 (emphasis added).
27
28
The problem with hiQ’s position is that, even if LinkedIn terminated hiQ as a LinkedIn
member subject to the User Agreement (a fact that LinkedIn disputes), that does not necessarily
8
1
mean that hiQ is not subject to the User Agreement. In its counterclaim, LinkedIn alleges that
2
“[a]ny future use of LinkedIn’s website by hiQ is subject to the terms of the User Agreement,”
3
Countercl. ¶ 126, because, “[b]y its terms, the User Agreement applies not only to LinkedIn
4
members, which hiQ was, but to anybody who uses LinkedIn’s website.” Countercl. ¶ 51
5
(emphasis added). According to LinkedIn, “[a]t all relevant times, LinkedIn . . . prominently
6
displayed a link to the User Agreement on LinkedIn’s homepage. Those who use LinkedIn’s
7
website with actual knowledge of the terms of the User Agreement are required to abide by those
8
terms if they choose to access LinkedIn’s website.” Countercl. ¶ 109. In support, LinkedIn cites
9
Nguyen v. Barnes & Noble Inc., 763 F.3d 1171 (9th Cir. 2014).
10
Nguyen is an arbitration-related case; nevertheless, it contains principles relevant to the
United States District Court
Northern District of California
11
instant case because the defendant there argued, inter alia, that the plaintiff was subject to an
12
arbitration provision based on Terms of Use posted as a hyperlink on the defendant’s website.
13
The Ninth Circuit noted that
14
[c]ontracts formed on the Internet come primarily in two flavors:
"clickwrap" (or "click-through") agreements, in which website users
are required to click on an "I agree" box after being presented with a
list of terms and conditions of use; and "browsewrap" agreements,
where a website's terms and conditions of use are generally posted
on the website via a hyperlink at the bottom of the screen. . . .
15
16
17
"Unlike a clickwrap agreement, a browsewrap agreement does not
require the user to manifest assent to the terms and conditions
expressly . . . [a] party instead gives his assent simply by using the
website." Indeed, "in a pure-form browsewrap agreement, 'the
website will contain a notice that – by merely using the services of,
obtaining information from, or initiating applications within the
website – the user is agreeing to and is bound by the site's terms of
service.'" Thus, "by visiting the website – something that the user
has already done – the user agrees to the Terms of Use not listed on
the site itself but available only by clicking a hyperlink." "The
defining feature of browsewrap agreements is that the user can
continue to use the website or its services without visiting the page
hosting the browsewrap agreement or even knowing that such a
webpage exists." "Because no affirmative action is required by the
website user to agree to the terms of a contract other than his or her
use of the website, the determination of the validity of the
browsewrap contract depends on whether the user has actual or
constructive knowledge of a website's terms and conditions."
18
19
20
21
22
23
24
25
26
27
28
Id. at 1175-76.
The Ninth Circuit continued by noting that “courts have consistently enforced browsewrap
9
1
agreements where the user had actual notice of the agreement”; in contrast, “where . . . there is no
2
evidence that the website user had actual knowledge of the agreement, the validity of the
3
browsewrap agreement turns on whether the website puts a reasonably prudent user on inquiry
4
notice of the terms of the contract.” Id. at 1176-77.
Thus, under Nguyen, LinkedIn has a basis for arguing that, if hiQ has actual notice of the
5
terms of the User Agreement (which contains, e.g., a prohibition against scraping), it can be
7
subject to those terms. Although currently hiQ is allowed access to the LinkedIn website and to
8
copy or use public profiles posted thereon under the preliminary injunction, this does not mean
9
that hiQ is entitled to a permanent injunction. Based on the counterclaim as pled, LinkedIn has a
10
basis for asserting that it is entitled to a permanent injunction – or at least a declaration – that hiQ
11
United States District Court
Northern District of California
6
is subject to the User Agreement in the future. Because whether hiQ can be bound to the User
12
Agreement raises a factual question, the counterclaim cannot be dismissed at this juncture.
13
E.
14
Misappropriation
The California Court of Appeal has explained that
15
[c]ommon law misappropriation is one of a number of doctrines
subsumed under the umbrella of unfair competition. It is normally
invoked in an effort to protect something of value not otherwise
covered by patent or copyright law, trade secret law, breach of
confidential relationship, or some other form of unfair competition.
The elements of a claim for misappropriation under California law
consist of the following: (a) the plaintiff invested substantial time,
skill or money in developing its property; (b) the defendant
appropriated and used the plaintiff's property at little or no cost to
the defendant; (c) the defendant's appropriation and use of the
plaintiff's property was without the authorization or consent of the
plaintiff; and (d) the plaintiff can establish that it has been injured by
the defendant's conduct.
16
17
18
19
20
21
22
United States Golf Ass'n v. Arroyo Software Corp., 69 Cal. App. 4th 607, 618 (1999) [hereinafter
23
USGA].
24
In its counterclaim, LinkedIn alleges that hiQ engaged in misappropriation because,
25
“without authorization, [it] wrongfully accessed LinkedIn’s website, computer systems and
26
servers, and obtained data from the LinkedIn site. The data that hiQ took included time-sensitive
27
updates to member profiles.” Countercl. ¶ 130. In response, hiQ makes two arguments: (1)
28
LinkedIn has no ownership interest in the data allegedly misappropriated (rather, that data belongs
10
1
to LinkedIn members) and (2) any misappropriation counterclaim here would be preempted by the
2
California Uniform Trade Secret Act (“CUTSA”).
3
1.
Property Rights
4
hiQ’s first argument is, in essence, that LinkedIn has no property rights at issue in the
instant case. hiQ is corrected that LinkedIn’s members, and not LinkedIn itself, owns the
6
information in their public profiles. However, that does not mean that LinkedIn has no property
7
rights. As LinkedIn points out, there may be “quasi-property” rights that are protected. For
8
example, one company can misappropriate “another’s commercial advantage” by misappropriating
9
the “‘expenditure of labor, skill, and money’ of another.” Am. Cyanamid Co. v. Am. Home
10
Assurance Co., 30 Cal. App. 4th 969, 976-77 (1994) (quoting International News Service v.
11
United States District Court
Northern District of California
5
Associated Press, 248 U.S. 215, 239 (1918) [hereinafter INS]).
12
As indicated above, California’s recognition of this kind of misappropriation is based on
13
INS which recognized a property interest in “hot news.” See id.; see also Sammons & Sons v.
14
Ladd-Fab, Inc., 138 Cal. App. 3d 306, 311 (1982) (noting that “INS expanded existing concepts of
15
unfair competition to include protection against appropriation of competitive advantage ‘acquired
16
by complainant as the result of organization and the expenditure of labor, skill, and money’ by a
17
defendant who thereby ‘is endeavoring to reap where it has not sown’”). In INS, the plaintiff and
18
the defendant were competitors in the gathering and distribution of news and its publication for
19
profit in newspapers throughout the United States.” INS, 248 U.S. at 229. The plaintiff filed suit
20
to stop the defendant from, inter alia, copying news from bulletin boards and early editions of the
21
plaintiff’s newspapers and selling it, “either bodily or after rewriting it, to defendant’s customers.”
22
Id. at 231.
23
The Supreme Court noted that, while “the news of current events may be regarded as
24
common property[,] [w]hat we are concerned with is the business of making it known to the
25
world.” Id. at 235. “The peculiar value of news is in the spreading of it while it is fresh.” Id. In
26
other words,
27
28
although we may and do assume that neither party has any
remaining property interest as against the public in uncopyrighted
news matter after the moment of its first publication, it by no means
11
1
2
3
4
5
6
follows that there is no remaining property interest in it as between
themselves. For, to both of them alike, news matter, however little
susceptible of ownership or dominion in the absolute sense, is stock
in trade, to be gathered at the cost of enterprise, organization, skill,
labor, and money, and to be distributed and sold to those who will
pay money for it, as for any other merchandise. Regarding the
news, therefore, as but the material out of which both parties are
seeking to make profits at the same time and in the same field, we
hardly can fail to recognize that for this purpose, and as between
them, it must be regarded as quasi property, irrespective of the rights
of either as against the public.
7
Id. at 236 (emphasis added). California courts have cited INS approvingly. See, e.g., Balboa Ins.
8
Co. v. Trans Glob. Equities, 218 Cal. App. 3d 1327, 1342 (1990) (“Common law misappropriation
9
presents a final legal theory under the broad unfair competition umbrella. The doctrine originated
10
United States District Court
Northern District of California
11
12
13
14
15
16
17
in the United States Supreme Court's decision of [INS].”).
hiQ suggests that, to the extent INS is recognized under California law, INS should be
narrowly construed and
limited to cases where: (i) a plaintiff generates or gathers
information at a cost; (ii) the information is time-sensitive; (iii) a
defendant's use of the information constitutes free-riding on the
plaintiff's efforts; (iv) the defendant is in direct competition with a
product or service offered by the plaintiffs; and (v) the ability of
other parties to free-ride on the efforts of the plaintiff or others
would so reduce the incentive to produce the product or service that
its existence or quality would be substantially threatened.
18
Nat’l Basketball Ass’n v. Motorola, Inc., 105 F.3d 841, 845 (2d Cir. 1997) [hereinafter “NBA”].
19
But hiQ has cited no California state court opinion adopting this narrow view. Rather, the
20
elements of a common law misappropriation claim under California law have been outlined above.
21
See Balboa, 218 Cal. App. 3d at 1342 (recognizing that common law misappropriation has its
22
roots in INS but not limiting the claim to the hot news context and stating that “[t]he cause of
23
action has three elements: (1) the plaintiff has invested substantial time and money in development
24
of its . . . property; (2) the defendant has appropriated the [property] at little or no cost; and (3) the
25
plaintiff has been injured by the defendant’s conduct”) (internal quotation marks omitted).
26
Although hiQ has cited Pollstar v. Gigmania, Ltd., 170 F. Supp. 2d 974, 979 (E.D. Cal. 2000),
27
where the district court applied the Second Circuit’s approach above, that case is not dispositive.
28
hiQ has cited no California case that imposes the NBA restrictions, even in a case involving “hot
12
1
2
news.”
If anything, California authority rejects, at least in part, the narrow interpretation. For
3
instance, in USGA, the state court expressly rejected the argument that an essential element of a
4
misappropriation claim was direct competition between the plaintiff and the defendant. See
5
USGA, 69 Cal. App. 4th at 618 (“Under the California law applicable here, . . . the essential
6
elements of a misappropriation claim simply do not include any such requirement of proof of
7
direct competition between the plaintiff and the defendant.”). Cf. Colo. Escrow & Title Servs.,
8
LLC v. Deinema, No. 2012CV387, 2015 Colo. Dist. LEXIS 1802, *34-36 (Colo. Dist. Ct. Jan. 23,
9
2015) (noting that Colorado law recognizes a misappropriation claim “where one either
wrongfully profits from another’s expenditure of labor, skill or money, or capitalizes wrongfully
11
United States District Court
Northern District of California
10
on the commercial values of another”; rejecting the argument that such a claim requires that the
12
plaintiff and defendant be competitors – it was enough that “ESI has profited from TCR's
13
accumulation and organization of public records”).
14
Finally, even if the Court were inclined to adopt a narrow view of INS, LinkedIn has still
15
met that standard (at least based on the allegations made by the parties). For example, regarding
16
direct competition, hiQ itself has charged LinkedIn with blocking hiQ’s access because LinkedIn
17
“wants to monetize [its] data itself with a competing product.” hiQ I, 273 F. Supp. 3d at 1117.
18
Also, to the extent information must be time sensitive, LinkedIn has alleged that “[t]he data that
19
hiQ took included time-sensitive updates to member profiles.” Countercl. ¶ 130. Finally, there
20
are questions of fact as to whether hiQ is a free rider with respect to LinkedIn and whether hiQ’s
21
use of LinkedIn’s data reduces LinkedIn’s incentive to invest in its infrastructure.
22
2.
CUTSA Preemption
23
hiQ argues that, even if LinkedIn has a property interest to support a misappropriation
24
counterclaim, the counterclaim must still be dismissed based on CUTSA preemption. This
25
contention lacks merit. As LinkedIn points out, the misappropriation counterclaim is not
26
preempted because the whole point of such a claim is to protect a property right “not otherwise
27
covered by patent or copyright law, trade secret law, breach of confidential relationship, or some
28
other form of unfair competition.” USGA, 69 Cal. App. 4th at 618 (emphasis added).
13
hiQ points out that, under certain circumstances, there can be CUTSA preemption even
1
2
where the property right at issue does not constitute a trade secret per se. For instance, in Lifeline
3
Food Co. v. Gilman Cheese Corp., No. 5:15-cv-00034-PSG, 2015 U.S. Dist. LEXIS 64155 (N.D.
4
Cal. May 15, 2015), the district court noted that the “CUTSA may supersede ‘claims based on the
5
misappropriation of information that does not satisfy the definition of trade secret under CUTSA’
6
when ‘the basis of the alleged property right is in essence that the information is not . . . generally
7
known to the public,’ because then ‘the claim is sufficiently close to a trade secret claim that it
8
should be superseded.’” Id. at *3. However, in the instant case, LinkedIn is not making any claim
9
that the public profiles are confidential or not generally known to the public. Rather, the property
right it is claiming is based on the labor, skill, money, etc. that it put into developing the
11
United States District Court
Northern District of California
10
professional networking system. There is thus no basis for CUTSA preemption.
12
F.
Trespass to Chattels
“Under California law, trespass to chattels ‘lies where an intentional interference with the
13
14
possession of personal property has proximately caused injury.’” Intel Corp. v. Hamidi, 30 Cal.
15
4th 1342, 1350-51 (2003). The owner of the property may recover actual damages suffered by
16
reason of the impairment of the property or the loss of its use.2 See id. at 1351. Injunctive relief is
17
also possible where there is threatened injury. See id. at 1352 (asking whether the defendant’s
18
actions “cause or threatened to cause damage to Intel’s computer system, or injury to it rights in
19
that personal property”).
In its motion, hiQ argues that the trespass claim should be dismissed because LinkedIn has
20
21
failed to adequately allege injury. In response, LinkedIn contends that it has adequately alleged
22
existing injury as well as threatened future injury.
Regarding existing injury, LinkedIn contends that a small amount of harm can support
23
24
trespass to chattels. See Opp’n at 24. In support, it cites Thrifty-Tel, Inc. v. Bezenek, 46 Cal. App.
25
26
27
28
In Intel, the California Supreme Court rejected the plaintiff’s argument that its damages included
the time its staff spent time attempting to block the defendant’s email messages. “‘[I]t is circular
to premise the damage element of a tort solely upon the steps taken to prevent the damage. Injury
can only be established by the completed tort’s consequences, not by the cost of the steps taken to
avoid the injury and prevent the tort; otherwise, we can create injury for every supposed tort.’”
Intel, 30 Cal. 4th at 1359.
14
2
1
4th 1559 (1996). In Thrifty-Tel, the plaintiff was a company that provided long-distance telephone
2
services. “Subscribers' telephones are programmed with a confidential access code and a six-digit
3
authorization code that directs calls into Thrifty-Tel's computerized switching network. An
4
unauthorized user who knows both an access and an authorization code can make long-distance
5
calls without being charged for them.” Id. at 1563. During a three-day period, the defendants’
6
children “gained entry into Thrifty-Tel’s system with [a confidential] code [that a friend knew]
7
and conducted manual random searches for a six-digit authorization code. They made
8
approximately 90 calls, consuming roughly 24 minutes of telephone time during the first 2 days.”
9
Id. at 1564. The following day, they made “72 manual attempts to identify an authorization code
over an almost 16-minute period.” Id. The state appellate court found that the plaintiff had a valid
11
United States District Court
Northern District of California
10
trespass claim and remanded to the trial court to determine damages. See id. at 1570, 1572
12
(holding that “the superior court erred in awarding contract or tort damages based on [a] tariff
13
instead of requiring plaintiff to prove actual damages”).
14
But Thrifty-Tel is distinguishable from the instant case in that, there, an actual entry into
15
the plaintiff’s system was made, thus making the case more akin to a traditional computer hacking
16
or “breaking and entering” claim whereas, here, there has been an alleged burden on LinkedIn’s
17
servers and/or infrastructure. Thus, more on point than Thrifty-Tel is the California Supreme
18
Court opinion in Intel which noted that, “[s]hort of dispossession, personal injury, or physical
19
damage . . . , intermeddling is actionable only if the chattel is impaired as to its condition, quality,
20
or value or . . . the possessor is deprived of the use of the chattel for a substantial time” – i.e., “for
21
a time so substantial that it is possible to estimate the loss caused thereby.” Intel, 30 Cal. 4th at
22
1357 (internal quotation marks omitted; adding that “‘[a] mere momentary or theoretical
23
deprivation of use is not sufficient unless there is a dispossession’”). This statement from Intel
24
suggests that, at least as to impaired use, the quantum of harm cannot be negligible.
25
26
27
28
That being said, LinkedIn fairly argues that there is a question of fact as to what extent
hiQ’s actions burdened LinkedIn’s servers/infrastructure. LinkedIn has alleged:
•
“[S]craping traffic has grown substantially over the past few years.” Countercl. ¶
82.
15
1
•
“LinkedIn . . . receives many millions of unauthorized requests of its servers from
2
bots every day. The volume . . . reached 95 million requests per day by the outset
3
of the parties’ dispute, and has further increased dramatically during this litigation.”
4
Countercl. ¶ 82.
5
•
“[T]aken in the aggregate, automated scrapers place a substantial burden on
6
LinkedIn’s infrastructure – reaching at present into hundreds of millions of blocked
7
access requests per day.” Countercl. ¶ 83. “[T]he significant volume of automated
8
scraping activity forces LinkedIn to invest more in capital and operational
9
resources than it otherwise would if it were able to prevent these access requests
from ever happening. Scraping operations force LinkedIn to alter its priorities for
11
United States District Court
Northern District of California
10
use of its computing resources and impair the efficiency of such resources.”
12
Countercl. ¶ 83.
13
•
prior to May 23, 2017 [the date of the cease-and-desist letter].” Countercl. ¶ 68.
14
15
“On information and belief, hiQ’s bots made millions of calls to LinkedIn’s servers
•
“The full extent of hiQ’s illicit scraping is not currently known to LinkedIn, as hiQ
16
has gone to substantial lengths to hide its methods from public view.” Countercl. ¶
17
64.
18
19
In short, the requests generated by hiQ’s bots burden LinkedIn’s servers.
As to future injury, LinkedIn has also alleged enough to support a request for injunctive
20
relief. Regarding injunctive relief, the California Supreme Court took note in Intel of two district
21
court decisions finding that unauthorized robotic data collection from a company’s publicly
22
accessible website was a trespass on the company’s computer system in part because of “the
23
deleterious impact this activity could have, especially if replicated by other searchers, on the
24
functioning of a Web site’s computer equipment.” Intel, 30 Cal. 4th at 1354. Tracking Intel,
25
LinkedIn makes the following allegations in support of its counterclaim for trespass to chattels: (1)
26
“LinkedIn owns, possesses, and/or has the right to possess the servers and infrastructure used to
27
run its business”; (2) “hiQ intentionally interfered with LinkedIn’s use and possession” of such;
28
and (3) “hiQ’s conduct, if expanded and/or replicated unchecked by others, will cause harm to
16
1
LinkedIn in the form of impaired condition, quality and value of its servers, infrastructure and
2
services.” Countercl. ¶¶ 136-37, 139; see also Countercl. ¶ 84 (“It is only because of LinkedIn’s
3
ongoing protection efforts as well as its willingness to spend increasing amounts to maintain a
4
high service level that it has been able to prevent a degradation in the quality of its services.”);
5
Countercl. ¶ 85 (“LinkedIn will be forced into making the choice of investing more in its
6
infrastructure to ensure the availability of its website, or succumbing to the burden of bot-based
7
scraping.”).
III.
8
9
CONCLUSION
For the foregoing reasons, the Court denies hiQ’s motion to dismiss the counterclaims for
breach of contract, misappropriation, and trespass to chattels. The Court defers ruling on the
11
United States District Court
Northern District of California
10
motion to dismiss the counterclaims for violation of the CFAA and California Penal Code § 502.
12
For administrative purposes only, the Court terminates hiQ’s motion to dismiss, even
13
though the CFAA and § 502 counterclaims have not yet been addressed. To be clear, this
14
termination does not bar hiQ from renewing its motion to dismiss the CFAA and § 502
15
counterclaims once the Supreme Court issues its decision in Van Buren and/or this case.
16
17
IT IS SO ORDERED.
18
19
Dated: April 19, 2021
20
21
22
______________________________________
EDWARD M. CHEN
United States District Judge
23
24
25
26
27
28
17
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?