WhatsApp Inc. et al v. NSO Group Technologies Limited et al
Filing
1
COMPLAINT against NSO Group Technologies Limited, Q Cyber Technologies Limited ( Filing fee $ 400, receipt number 0971-13834740.). Filed byFacebook Inc., WhatsApp Inc.. (Attachments: #1 Exhibit 1 through 11, #2 Civil Cover Sheet)(LeBlanc, Travis) (Filed on 10/29/2019)
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 1 of 15
1
2
3
4
5
6
7
8
9
COOLEY LLP
TRAVIS LEBLANC (251097) (tleblanc@cooley.com)
JOSEPH D. MORNIN (307766) (jmornin@cooley.com)
101 California Street, 5th floor
San Francisco, CA 94111-5800
Telephone: (415) 693-2000
Facsimile: (415) 693-2222
DANIEL J. GROOMS (D.C. Bar No. 219124) (pro hac vice forthcoming)
(dgrooms@cooley.com)
1299 Pennsylvania Avenue, NW, Suite 700
Washington, DC 20004-2400
Telephone: (202) 842-7800
Facsimile: (202) 842-7899
Attorneys for Plaintiffs
WHATSAPP INC. and FACEBOOK, INC.
10
UNITED STATES DISTRICT COURT
11
NORTHERN DISTRICT OF CALIFORNIA
12
13
14
15
WHATSAPP INC., a Delaware corporation,
and FACEBOOK, INC., a Delaware
corporation,
18
19
20
COMPLAINT
DEMAND FOR JURY TRIAL
Plaintiffs,
16
17
Case No.
v.
NSO GROUP TECHNOLOGIES LIMITED
and Q CYBER TECHNOLOGIES LIMITED,
Defendants.
21
22
23
24
25
26
27
28
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
1
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 2 of 15
1
Plaintiffs WhatsApp Inc. and Facebook, Inc. (collectively, “Plaintiffs”) allege the following
2
against Defendants NSO Group Technologies Ltd. (“NSO Group”) and Q Cyber Technologies Ltd.
3
(“Q Cyber”) (collectively, “Defendants”):
INTRODUCTION
4
5
1.
Between in and around April 2019 and May 2019, Defendants used WhatsApp servers,
6
located in the United States and elsewhere, to send malware to approximately 1,400 mobile phones
7
and devices (“Target Devices”). Defendants’ malware was designed to infect the Target Devices for
8
the purpose of conducting surveillance of specific WhatsApp users (“Target Users”). Unable to break
9
WhatsApp’s end-to-end encryption, Defendants developed their malware in order to access messages
10
and other communications after they were decrypted on Target Devices. Defendants’ actions were
11
not authorized by Plaintiffs and were in violation of WhatsApp’s Terms of Service. In May 2019,
12
Plaintiffs detected and stopped Defendants’ unauthorized access and abuse of the WhatsApp Service
13
and computers.
14
2.
Plaintiffs bring this action for injunctive relief and damages pursuant to the Computer
15
Fraud and Abuse Act, 18 U.S.C. § 1030, and the California Comprehensive Computer Data Access
16
and Fraud Act, California Penal Code § 502, and for breach of contract and trespass to chattels.
PARTIES
17
18
19
20
3.
Plaintiff WhatsApp Inc. (“WhatsApp”) is a Delaware corporation with its principal
place of business in Menlo Park, California.
4.
Plaintiff Facebook, Inc. (“Facebook”) is a Delaware corporation with its principal place
21
of business in Menlo Park, California. Facebook acts as WhatsApp’s service provider for security-
22
related issues.
23
5.
Defendant NSO Group was incorporated in Israel on January 25, 2010, as a limited
24
liability company. Ex. 1. NSO Group had a marketing and sales arm in the United States called
25
WestBridge Technologies, Inc. Ex. 2 and 3. Between 2014 and February 2019, NSO Group obtained
26
financing from a San Francisco–based private equity firm, which ultimately purchased a controlling
27
stake in NSO Group. Ex. 4. In and around February 2019, NSO Group was reacquired by its founders
28
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
2
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 3 of 15
1
and management. Id. NSO Group’s annual report filed on February 28, 2019, listed Defendant Q
2
Cyber as the only active director of NSO Group and its majority shareholder. Ex. 5.
3
6.
Defendant Q Cyber was incorporated in Israel on December 2, 2013, under the name
4
L.E.G.D. Company Ltd. Ex. 6 and 7. On May 29, 2016, L.E.G.D. Company Ltd. changed its name
5
to Q Cyber. Ex. 7. Until at least June 2019, NSO Group’s website stated that NSO Group was “a Q
6
Cyber Technologies company.” Ex. 8. Q Cyber’s annual report filed on June 17, 2019, listed OSY
7
Technologies S.A.R.L. as the only Q Cyber shareholder and active Director. Ex. 9
8
7.
At all times material to this action, each Defendant was the agent, partner, alter ego,
9
subsidiary, and/or coconspirator of and with the other Defendant, and the acts of each Defendant were
10
in the scope of that relationship. In doing the acts and failing to act as alleged in this Complaint, each
11
Defendant acted with the knowledge, permission, and consent of each other; and, each Defendant
12
aided and abetted each other.
JURISDICTION AND VENUE
13
14
15
16
8.
The Court has federal question jurisdiction over the federal causes of action alleged in
this Complaint pursuant to 28 U.S.C. § 1331.
9.
The Court has supplemental jurisdiction over the state law causes of action alleged in
17
this Complaint pursuant to 28 U.S.C. § 1367 because these claims arise out of the same nucleus of
18
operative fact as Plaintiffs’ federal claims.
19
10.
In addition, the Court has jurisdiction over all the causes of action alleged in this
20
Complaint pursuant to 28 U.S.C. § 1332 because complete diversity between the Plaintiffs and each
21
of the named Defendants exists, and because the amount in controversy exceeds $75,000.
22
11.
The Court has personal jurisdiction over Defendants because they obtained financing
23
from California and directed and targeted their actions at California and its residents, WhatsApp and
24
Facebook. The claims in this Complaint arise from Defendants’ actions, including their unlawful
25
access and use of WhatsApp computers, several of which are located in California.
26
12.
The Court also has personal jurisdiction over Defendants because Defendants agreed
27
to WhatsApp’s Terms of Service (“WhatsApp Terms”) by accessing and using WhatsApp. In relevant
28
part, the WhatsApp Terms required Defendants to submit to the personal jurisdiction of this Court.
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
3
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 4 of 15
1
2
3
4
13.
Venue is proper in this Judicial District pursuant to 28 U.S.C. § 1391(b), as the
threatened and actual harm to WhatsApp and Facebook occurred in this District.
14.
Pursuant to Civil L.R. 3-2(d), this case may be assigned to either the San Francisco or
Oakland division because WhatsApp and Facebook are located in San Mateo County.
FACTUAL ALLEGATIONS
5
6
A.
Background on Facebook
7
15.
Facebook is a social networking website and mobile application that enables its users
8
to create their own personal profiles and connect with each other on their personal computers and
9
mobile devices. As of June 2019, Facebook daily active users averaged 1.59 billion and monthly active
10
11
users averaged 2.41 billion.
16.
In October 2014, Facebook acquired WhatsApp. At all times relevant to this action,
12
Facebook has served as WhatsApp’s service provider, which entails providing both infrastructure and
13
security for WhatsApp.
14
B.
15
16
Background on WhatsApp
1.
17.
The WhatsApp Service
WhatsApp provides an encrypted communication service available on mobile devices
17
and desktop computers (the “WhatsApp Service”). Approximately 1.5 billion people in 180 countries
18
use the WhatsApp Service. Users must install the WhatsApp app to use the WhatsApp Service.
19
18.
Every type of communication (calls, video calls, chats, group chats, images, videos,
20
voice messages, and file transfers) on the WhatsApp Service is encrypted during its transmission
21
between users. This encryption protocol was designed to ensure that no one other than the intended
22
recipient could read any communication sent using the WhatsApp Service.
2.
23
24
25
26
19.
WhatsApp’s Terms of Service
Every WhatsApp user must create an account and agree and consent to WhatsApp’s
Terms (available at https://www.whatsapp.com/legal?eea=0#terms-of-service).
20.
The WhatsApp Terms stated that “You must use our Services according to our Terms
27
and policies” and that users agreed to “access and use [WhatsApp’s] Services only for legal,
28
authorized, and acceptable purposes.”
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
4
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 5 of 15
1
21.
The WhatsApp Terms prohibited using the WhatsApp services in ways that (a) “violate,
2
misappropriate, or infringe the rights of WhatsApp, our users, or others, including privacy;” (b) “are
3
illegal, intimidating, harassing, . . . or instigate or encourage conduct that would be illegal, or otherwise
4
inappropriate;” [or] . . . (e) “involve sending illegal or impermissible communications.”
5
22.
The WhatsApp Terms prohibited users from “exploiting [WhatsApp’s] Services in
6
impermissible or unauthorized manners, or in ways that burden, impair, or harm us, our Services,
7
systems, our users, or others.” The Terms also required users to agree not to: “(a) reverse engineer,
8
alter, modify, create derivative works from, decompile, or extract code from our Services; (b) send,
9
store, or transmit viruses or other harmful computer code through or onto our Services; (c) gain or
10
attempt to gain unauthorized access to our Services or systems; (d) interfere with or disrupt the safety,
11
security, or performance of our Services; [or] . . . (f) collect the information of or about our users in
12
any impermissible or unauthorized manner.”
13
14
23.
The WhatsApp Terms prohibited users not just from personally engaging in the conduct
listed above, but also from assisting others in doing so.
15
C.
Background on NSO Group and Pegasus
16
24.
Defendants manufactured, distributed, and operated surveillance technology or
17
“spyware” designed to intercept and extract information and communications from mobile phones and
18
devices. Defendants’ products included “Pegasus,” a type of spyware known as a remote access trojan.
19
Ex. 10 and 11. According to Defendants, Pegasus and its variants (collectively, “Pegasus”) were
20
designed to be remotely installed and enable the remote access and control of information—including
21
calls, messages, and location—on mobile devices using the Android, iOS, and BlackBerry operating
22
systems. Id.
23
25.
On information and belief, in order to enable Pegasus’ remote installation, Defendants
24
exploited vulnerabilities in operating systems and applications (e.g., CVE-2016-4657) and used other
25
malware delivery methods, like spearphishing messages containing links to malicious code. Id.
26
27
26.
According to media reports and NSO documents, Defendants claimed that Pegasus
could be surreptitiously installed on a victim’s phone without the victim taking any action, such as
28
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
5
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 6 of 15
1
clicking a link or opening a message (known as remote installation). 1 Id. Defendants promoted that
2
Pegasus’s remote installation feature facilitated infecting victims’ phones without using spearphishing
3
messages that could be detected and reported by the victims.
27.
4
According to NSO Group, Pegasus could “remotely and covertly extract valuable
5
intelligence from virtually any mobile device.” Id. Pegasus was designed, in part, to intercept
6
communications sent to and from a device, including communications over iMessage, Skype,
7
Telegram, WeChat, Facebook Messenger, WhatsApp, and others. Id. On information and belief,
8
Pegasus was modular malware, which meant that it could be customized for different purposes,
9
including to intercept communications, capture screenshots, and exfiltrate browser history and
10
contacts from the device. Id.
28.
11
Defendants used a network of computers to monitor and update the version of Pegasus
12
implanted on the victims’ phones. Id. These Defendant-controlled computers relayed malware,
13
commands, and data between a compromised phone, Defendants, and Defendants’ customers. This
14
network served as the nerve center through which Defendants supported and controlled their
15
customers’ operation and use of Pegasus. In some instances, Defendants limited the number of
16
concurrent devices that their customers could compromise with Pegasus to 25. Ex. 11.
29.
17
Defendants profited by licensing Pegasus and selling support services to their
18
customers, which included Pegasus installation, monitoring, and training. Ex. 10 and 11. Defendants
19
also offered technical support to customers using Pegasus to infect victims’ phones, including: (a)
20
technical support by email and phone; and (b) remote troubleshooting by Defendants’ engineers
21
through remote desktop software and a virtual private network. Id.
22
23
24
25
26
27
28
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
1
See Financial Times, “Israel’s NSO: the business of spying on your iPhone” (May 14, 2019),
available at https://www.ft.com/content/7f2f39b2-733e-11e9-bf5c-6eeb837566c5; Vice, “They Got
Everything” (September 20, 2018), available at https://www.vice.com/en_us/article/qvakb3/insidenso-group-spyware-demo.
6
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 7 of 15
1
D.
Defendants Agreed to the WhatsApp Terms
2
30.
Between January 2018 and May 2019, Defendants created and caused to be created
3
various WhatsApp accounts and agreed to the WhatsApp Terms. Defendants’ employees and agents
4
accepted and agreed to be bound by the Terms on behalf of Defendants.
31.
6
7
At all times relevant to this Complaint, Defendants were bound by the WhatsApp
E.
5
Defendants Accessed and Used Plaintiffs’ Servers Without Authorization
Terms.
8
and Infected Target Users’ Devices With Malware
9
1.
10
32.
Overview
Defendants took a number of steps, using WhatsApp servers and the WhatsApp Service
11
without authorization, to send discrete malware components (“malicious code”) to Target Devices.
12
First, Defendants set up various computer infrastructure, including WhatsApp accounts and remote
13
servers, used to infect the Target Devices and conceal Defendants’ identity and involvement. Second,
14
Defendants used and caused to be used WhatsApp accounts to initiate calls through Plaintiffs’ servers
15
that were designed to secretly inject malicious code onto Target Devices. Third, Defendants caused
16
the malicious code to execute on some of the Target Devices, creating a connection between those
17
Target Devices and computers controlled by Defendants (the “remote servers”).
18
information and belief, Defendants caused Target Devices to download and install additional
19
malware—believed to be Pegasus or another remote access trojan developed by Defendants—from
20
the remote servers for the purpose of accessing data and communications on Target Devices.
2.
21
Defendants Set Up Computer Infrastructure Used to Infect the Target
Devices
22
23
Fourth, on
33.
Between approximately January 2018 and May 2019, Defendants created WhatsApp
24
accounts that they used and caused to be used to send malicious code to Target Devices in April and
25
May 2019. The accounts were created using telephone numbers registered in different counties,
26
including Cyprus, Israel, Brazil, Indonesia, Sweden, and the Netherlands.
27
28
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
34.
Beginning no later than 2019, Defendants leased and caused to be leased servers and
internet hosting services in different countries, including the United States, in order to connect the
7
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 8 of 15
1
Target Devices to a network of remote servers intended to distribute malware and relay commands to
2
the Target Devices. This network included proxy servers and relay servers (collectively, “malicious
3
servers”). The malicious servers were owned by Choopa, Quadranet, and Amazon Web Services
4
(“AWS”), among others. The IP address of one of the malicious servers was previously associated
5
with subdomains used by Defendants.
6
7
3.
35.
Defendants’ Unauthorized Access of Plaintiff’s Servers
On information and belief, Defendants reverse-engineered the WhatsApp app and
8
developed a program to enable them to emulate legitimate WhatsApp network traffic in order to
9
transmit malicious code—undetected—to Target Devices over WhatsApp servers.
Defendants’
10
program was sophisticated, and built to exploit specific components of WhatsApp network protocols
11
and code. Network protocols generally define rules that control communications between network
12
computers, including protocols for computers to identify and connect with other computers, as well as
13
formatting rules that specify how data is packaged and transmitted.
14
36.
In order to compromise the Target Devices, Defendants routed and caused to be routed
15
malicious code through Plaintiffs’ servers—including Signaling Servers and Relay Servers—
16
concealed within part of the normal network protocol. WhatsApp’s Signaling Servers facilitated the
17
initiation of calls between different devices using the WhatsApp Service. WhatsApp’s Relay Servers
18
facilitated certain data transmissions over the WhatsApp Service. Defendants were not authorized to
19
use Plaintiffs’ servers in this manner.
20
37.
Between approximately April and May 2019, Defendants used and caused to be used,
21
without authorization, WhatsApp Signaling Servers, in an effort to compromise Target Devices. To
22
avoid the technical restrictions built into WhatsApp Signaling Servers, Defendants formatted call
23
initiation messages containing malicious code to appear like a legitimate call and concealed the code
24
within call settings. Disguising the malicious code as call settings enabled Defendants to deliver it to
25
the Target Device and made the malicious code appear as if it originated from WhatsApp Signaling
26
Servers. Once Defendants’ calls were delivered to the Target Device, they injected the malicious code
27
into the memory of the Target Device—even when the Target User did not answer the call.
28
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
8
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 9 of 15
38.
1
For example, on May 9, 2019, Defendants used WhatsApp servers to route malicious
2
code, which masqueraded as a series of legitimate calls and call settings, to a Target Device using
3
telephone number (202) XXX-XXXX. On information and belief, the malicious code concealed
4
within the calls was then installed in the memory of the Target Device.
39.
5
Between April and May 2019, Defendants also used and caused to be used WhatsApp’s
6
Relay Servers without authorization to send encrypted data packets designed to activate the malicious
7
code injected into the memory of the Target Devices. When successfully executed, the malicious code
8
caused the Target Device to send a request to one of the malicious servers controlled by Defendants.
40.
9
On information and belief, the malicious servers connected the Target Devices to
10
remote servers hosting Defendants’ malware. The malicious code on the Target Devices then
11
downloaded and installed Defendants’ malware from those servers.
41.
12
On information and belief, after it was installed, Defendants’ malware was designed to
13
give Defendants and their customers access to information and data stored on the Target Devices,
14
including their communications.
42.
15
Between approximately April 29, 2019, and May 10, 2019, Defendants caused their
16
malicious code to be transmitted over WhatsApp servers in an effort to infect approximately 1,400
17
Target Devices. The Target Users included attorneys, journalists, human rights activists, political
18
dissidents, diplomats, and other senior foreign government officials.
43.
19
The Target Users had WhatsApp numbers with country codes from several countries,
20
including the Kingdom of Bahrain, the United Arab Emirates, and Mexico. According to public
21
reporting, Defendants’ clients include, but are not limited to, government agencies in the Kingdom of
22
Bahrain, the United Arab Emirates, and Mexico as well as private entities. 2
23
24
25
26
27
28
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
2
See Fast Company, “Israeli cyberweapon targeted the widow of a slain Mexican journalist” (March
20, 2019), available at https://www.fastcompany.com/90322618/nso-group-pegasus-cyberweapontargeted-the-widow-of-a-slain-mexican-journalist; New York Times, “Hacking a Prince, and Emir and
a
Journalist
to
Impress
a
Client”
(August
31,
2018),
available
at
https://www.nytimes.com/2018/08/31/world/middleeast/hacking-united-arab-emirates-nsogroup.html; The Guardian, “Israeli firm linked to WhatsApp spyware attack faces lawsuit” (May 18,
2019), available at https://www.theguardian.com/world/2019/may/18/israeli-firm-nso-group-linkedto-whatsapp-spyware-attack-faces-lawsuit.
9
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 10 of 15
1
44.
On or about May 13, 2019, Facebook publicly announced that it had investigated and
2
identified a vulnerability involving the WhatsApp Service (CVE-2019-3568).
3
Facebook closed the vulnerability, contacted law enforcement, and advised users to update the
4
WhatsApp app.
5
45.
WhatsApp and
Defendants subsequently complained that WhatsApp had closed the vulnerability.
6
Specifically, NSO Employee 1 stated, “You just closed our biggest remote for cellular . . . It’s on the
7
news all over the world.”
8
F.
Facebook
9
10
11
Defendants’ Unlawful Acts Have Caused Damage and Loss to WhatsApp and
46.
Defendants’ actions and omissions interfered with the WhatsApp Service and burdened
Plaintiffs’ computer network.
12
47.
Defendants’ actions injured Plaintiffs’ reputation, public trust, and goodwill.
13
48.
Defendants have caused Plaintiffs damages in excess of $75,000 and in an amount to
14
be proven at trial.
15
FIRST CAUSE OF ACTION
16
(Computer Fraud and Abuse Act, 18 U.S.C. § 1030)
17
49.
Plaintiffs reallege and incorporate by reference all preceding paragraphs.
18
50.
At various times between April 29, 2019, and May 10, 2019, Defendants accessed,
19
used, or caused to be accessed or used Plaintiffs’ Signaling Servers and Relay Servers without
20
authorization in an effort to compromise approximately 1,400 Target Devices.
21
22
23
51.
Plaintiffs’ Signaling Servers and Relay Servers and the Target Devices were
“computers” as defined by 18 U.S.C. § 1030(e)(1).
52.
Plaintiffs’ Signaling Servers and Relay Servers and the Target Devices were “protected
24
computers” as defined by 18 U.S.C. § 1030(e)(2)(B) because they are “used in or affecting interstate
25
or foreign commerce or communication.”
26
53.
Defendants violated 18 U.S.C. § 1030(a)(2) because they intentionally accessed and
27
caused to be accessed (a) Plaintiffs’ computers, and (b) Target Devices, without authorization and, on
28
information and belief, obtained data from the Target Devices.
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
10
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 11 of 15
1
54.
Defendants violated 18 U.S.C. § 1030(a)(4) because they knowingly and with intent to
2
defraud accessed and caused to be accessed (a) Plaintiffs’ protected computers and (b) Target Devices
3
without authorization, and by means of such conduct furthered the intended fraud and obtained
4
something of value. Defendants’ fraud included falsely agreeing to the WhatsApp Terms, sending
5
unauthorized commands to Plaintiffs’ computers and concealing the commands as legitimate network
6
traffic, in order to gain access of the Target Devices without the Target Users’ knowledge or consent.
7
As a result of the fraud, Defendants obtained money, customers, remote access and control of the
8
Target Devices, data from the Target Devices, and unauthorized use of the WhatsApp service, the
9
value of which exceeds $5,000.
10
11
12
13
14
55.
Defendants violated 18 U.S.C. § 1030(b) by conspiring and attempting to commit the
violations alleged in the preceding paragraphs.
56.
Defendants’ conduct caused a loss to Plaintiffs and the Target Users in excess of $5,000
during a one-year period.
57.
Defendants’ actions caused Plaintiffs to incur a loss as defined in 18 U.S.C.
15
§ 1030(e)(11), including the expenditure of resources to investigate and remediate Defendants’ fraud
16
and unauthorized access. Plaintiffs are entitled to be compensated for losses and damages, and any
17
other amount to be proven at trial.
18
SECOND CAUSE OF ACTION
19
(California Comprehensive Computer Data Access and Fraud Act,
California Penal Code § 502)
20
21
58.
Plaintiffs reallege and incorporate by reference all of the preceding paragraphs.
22
59.
Defendants knowingly accessed and without permission altered and used Plaintiffs’
23
data, computer, computer system, and computer network in order to (a) devise and execute a scheme
24
and artifice to defraud and deceive, and (b) wrongfully control and obtain money, property, and data
25
in violation of California Penal Code § 502(c)(1).
26
60.
Defendants knowingly and without permission used and caused to be used WhatsApp
27
Signaling Servers and Relay Servers, including servers located in California, in violation of California
28
Penal Code § 502(c)(3).
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
11
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 12 of 15
1
61.
Defendants knowingly and without permission provided and assisted in providing a
2
means of accessing Plaintiffs’ computers, computer systems, and computer networks, including those
3
located in California, in violation of California Penal Code § 502(c)(6).
4
62.
Defendants knowingly and without permission accessed and caused to be accessed
5
Plaintiffs’ computers, computer systems, and computer networks, including those located in
6
California, in violation of California Penal Code § 502(c)(7).
7
8
9
63.
Defendants knowingly introduced a computer contaminant into Plaintiffs’ computers,
computer systems, and computer networks in violation of California Penal Code § 502(c)(8).
64.
Defendants’ actions caused Plaintiffs to incur losses and damages, including, among
10
other things, the expenditure of resources to investigate and remediate Defendants’ conduct, damage
11
to Plaintiffs’ reputation, and damage to the relationships and goodwill between Plaintiffs and their
12
users and potential users. Plaintiffs have been damaged in an amount to be proven at trial.
13
65.
Because Plaintiffs suffered damages and a loss as a result of Defendants’ actions and
14
continue to suffer damages as result of Defendants’ actions, Plaintiffs are entitled to compensatory
15
damages, attorneys’ fees, and any other amount of damages to be proven at trial, as well as injunctive
16
relief under California Penal Code §§ 502(e)(1) and (2).
17
66.
Because Defendants willfully violated California Penal Code § 502, and there is clear
18
and convincing evidence that Defendants acted with malice and oppression and committed “fraud” as
19
defined by section 3294 of the Civil Code, Plaintiffs are entitled to punitive and exemplary damages
20
under California Penal Code § 502(e)(4).
21
THIRD CAUSE OF ACTION
22
(Breach of Contract)
23
67.
Plaintiffs reallege and incorporate by reference all preceding paragraphs.
24
68.
Access to and use of WhatsApp is governed by the WhatsApp’s Terms and related
25
26
27
WhatsApp policies.
69.
Defendants agreed to and became bound by the WhatsApp’s Terms when they used
WhatsApp and the WhatsApp Service.
28
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
12
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 13 of 15
1
2
3
4
5
70.
WhatsApp and Facebook have performed all conditions, covenants, and promises
required of it in accordance with the WhatsApp’s Terms.
71.
Defendants’ violations of the WhatsApp’s Terms have directly and proximately caused
and continue to cause harm and injury to WhatsApp.
72.
When Defendants agreed to and became bound by the WhatsApp Terms, both Plaintiffs
6
and Defendants knew or could have reasonably foreseen that the harm and injury to Plaintiffs was
7
likely to occur in the ordinary course of events as a result of Defendants’ breach.
8
73.
Defendants’ actions caused Plaintiffs to incur losses and other economic damages,
9
including, among other things, the expenditure of resources to investigate and remediate Defendants’
10
conduct, damage to Plaintiffs’ reputation, and damage to the relationships and goodwill between
11
Plaintiffs and their users and potential users. Plaintiffs have been damaged in an amount to be proven
12
at trial, and in excess of $75,000.
13
FOURTH CAUSE OF ACTION
14
(Trespass to Chattels)
15
74.
Plaintiffs reallege and incorporate by reference all of the preceding paragraphs.
16
75.
At all times mentioned in this Complaint, Plaintiffs had legal title to and actual
17
18
possession of their computer systems.
76.
Defendants intentionally and without authorization interfered with Plaintiffs’
19
possessory interest in their computer systems, including by accessing and using Plaintiffs’ servers to
20
transmit malicious code for the purpose of unlawfully compromising Target Users’ devices, all
21
without authorization from Plaintiffs and Target Users.
22
23
24
77.
Defendants’ access to Plaintiffs’ computer systems exceeded the scope of the
conditional access that Plaintiffs grant to legitimate users of the WhatsApp Service.
78.
Defendants’ actions caused Plaintiffs to incur losses and other economic damages,
25
including, among other things, the expenditure of resources to investigate and remediate Defendants’
26
conduct, damage to Plaintiffs’ reputation, and damage to the relationships and goodwill between
27
Plaintiffs and their users and potential users. Plaintiffs have been damaged in an amount to be proven
28
at trial, and in excess of $75,000.
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
13
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 14 of 15
REQUEST FOR RELIEF
1
2
WHEREFORE, Plaintiffs request judgment against Defendants as follows:
3
1.
That the Court enter judgment against Defendants that Defendants have:
4
a. Violated the Computer Fraud and Abuse Act, in violation of 18 U.S.C. § 1030;
5
b. Violated the California Comprehensive Computer Data Access and Fraud Act, in
violation California Penal Code § 502;
6
7
c. Breached their contracts with WhatsApp in violation of California law;
8
d. Wrongfully trespassed on Plaintiffs’ property in violation of California law.
2.
9
That the Court enter a permanent injunction enjoining and restraining Defendants and
10
their agents, servants, employees, successors, and assigns, and all other persons acting in concert with
11
or conspiracy with any of them or who are affiliated with Defendants from:
a. Accessing or attempting to access WhatsApp’s and Facebook’s service, platform,
12
and computer systems;
13
14
b. Creating or maintaining any WhatsApp or Facebook account;
15
c. Engaging in any activity that disrupts, diminishes the quality of, interferes with the
16
performance of, or impairs the functionality of Plaintiffs’ service, platform, and
17
computer systems; and
d. Engaging in any activity, or facilitating others to do the same, that violates
18
WhatsApp’s or Facebook’s Terms;
19
3.
20
That WhatsApp and Facebook be awarded damages, including, but not limited to,
21
compensatory, statutory, and punitive damages, as permitted by law and in such amounts to be proven
22
at trial.
4.
23
24
attorneys’ fees.
5.
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
That the Court grant all such other and further relief as the Court may deem just and
by law.
27
28
That WhatsApp and Facebook be awarded pre- and post-judgment interest as allowed
6.
25
26
That WhatsApp and Facebook be awarded their reasonable costs, including reasonable
proper.
14
COMPLAINT
Case 3:19-cv-07123 Document 1 Filed 10/29/19 Page 15 of 15
1
PLAINTIFFS RESPECTFULLY DEMAND A JURY TRIAL.
2
3
4
Dated: October 29, 2019
Respectively submitted,
COOLEY LLP
5
6
7
8
9
10
11
12
/s/ Travis LeBlanc
Travis LeBlanc
Daniel J. Grooms
Joseph D. Mornin
Attorneys for Plaintiffs
WHATSAPP INC. and FACEBOOK, INC.
Platform Enforcement and Litigation
Facebook, Inc.
Jessica Romero
Tyler Smith
Michael Chmelar
Bridget Freeman
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
COOLEY LLP
ATTO RNEY S AT LAW
SAN FRA NCI S CO
15
COMPLAINT
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?