CouponCabin LLC v. Does 1 through 10
Filing
136
OPINION AND ORDER denying 118 Motion for Judgment on the Pleadings. Signed by Judge Theresa L Springmann on 1/10/17. (nal)
<![CDATA[
UNITED STATES DISTRICT COURT
NORTHERN DISTRICT OF INDIANA
COUPONCABIN LLC,
)
)
Plaintiff,
)
)
v.
)
)
SAVINGS.COM, INC., COX TARGET
)
MEDIA, INC., LINFIELD MEDIA, LLC, )
INTERNET BRANDS, INC., SAZZE, INC. )
d/b/a DEALSPLUS, and
)
Does 1 through 10,
)
)
Defendants.
)
CAUSE NO.: 2:14-CV-39-TLS
OPINION AND ORDER
This matter comes before the Court on Defendant Linfield Media, LLC’s Motion for
Judgment on the Pleadings [ECF No. 119], filed on October 13, 2016. For the reasons stated
below, the Court denies the Motion for Judgment on the Pleadings
BACKGROUND
Plaintiff CouponCabin LLC filed a Complaint [ECF No. 1] against Defendants Linfield
Media, LLC, Savings.Com, Inc., Cox Target Media, Inc., Internet Brands, Inc., d/b/a DealsPlus,
and Does 1 through 10 (collectively “the Defendants”) that was amended on November 2, 2015.
The Amended Complaint [ECF No. 28] alleged that the Defendants “scraped” the Plaintiff’s
websites, which means to “electronically copy, retrieve or otherwise acquire data and
information from the websites of others with little or no human interaction.” (Am. Compl. ¶ 4,
ECF No. 28.) This “scraping” allegedly violated the federal Computer Fraud and Abuse Act
(CFAA) and the Digital Millennium Copyright Act (DMCA) (Id. ¶¶ 56–67), and was also a
breach of contract, trespass, and interference with prospective business advantage (Id. ¶¶ 68–92).
The facts surrounding this dispute are laid out in greater detail in the Court’s Order [ECF No. 87]
of June 8, 2016.
The Defendants moved to dismiss the Amended Complaint, and on June 8, 2016, the
Court granted the Motion as to the DMCA claim but denied it as to all other claims. Thereafter,
Linfield Media filed a separate Motion for Judgment on the Pleadings. The Plaintiff filed its
Opposition [ECF No. 123] on October 27, 2016, and Linfield Media’s Reply [ECF No. 124] was
entered on November 7, 2016.
STANDARD OF REVIEW
A motion for judgment on the pleadings, pursuant to Federal Rule of Civil Procedure
12(c), permits a party to move for judgment after the complaint and answer have been filed by
the parties. When reviewing Rule 12(c) motions, a court must review the pleadings under the
same standard that applies when reviewing motions to dismiss for failure to state a claim under
Rule 12(b)(6). Pisciotta v. Old Nat’l Bancorp, 499 F.3d 629, 633 (7th Cir. 2007). When
reviewing a complaint attacked by a Rule 12(b)(6) motion, a court must accept all of the factual
allegations as true and draw all reasonable inferences in favor of the plaintiff. Erickson v.
Pardus, 551 U.S. 89, 93 (2007). The complaint need not contain detailed facts, but surviving a
Rule 12(b)(6) motion “requires more than labels and conclusions . . . . Factual allegations must
be enough to raise a right to relief above the speculative level.” Bell Atl. Corp. v. Twombly, 550
U.S. 544, 555 (2007). “A claim has facial plausibility when the pleaded factual content allows
the court to draw the reasonable inference that the defendant is liable for the misconduct
alleged.” Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009) (citing Twombly, 550 U.S. at 556).
2
ANALYSIS
The Court has jurisdiction over the CFAA claim pursuant to 28 U.S.C. § 1331 and
supplemental jurisdiction over the remaining state law claims pursuant to 28 U.S.C. § 1367. As
the Court recently ruled on a Motion to Dismiss filed by all Defendants, the present Motion is in
essence a request that the Court reconsider its past ruling as to just Linfield Media. In the
Motion, Linfield Media requests judgment on the pleadings on all the Plaintiff’s remaining
claims.
A.
CFAA Claim
The CFAA imposes both civil and criminal liability for the unauthorized access of
electronic data. 18 U.S.C. § 1030(a)(1)–(7). Of relevance here, an individual violates the CFAA
if he “intentionally accesses a computer without authorization or exceeds authorized access and
thereby obtains . . . information from any protected computer.” § 1030(a)(2); see Motorola, Inc.
v. Lemko Corp., 609 F. Supp. 2d 760, 766 (N.D. Ill. 2009) (“The elements of a section
1030(a)(2) violation . . . include (1) intentional access of a computer, (2) without or in excess of
authorization, (3) whereby the defendant obtains information from the protected computer.”).
The CFAA does not define “without authorization”; although it does define “exceeds authorized
access,” as “to access a computer with authorization and to use such access to obtain or alter
information in the computer that the accesser is not entitled so to obtain or alter.” 18 U.S.C.
§ 1030(e)(6).
Liability under § 1030(a)(2) is triggered by the unauthorized access of electronic data—
not by the unauthorized use of such data. Bittman v. Fox, 107 F. Supp. 3d 896, 900–01 (N.D. Ill.
2015) (“The statutory purpose of the CFAA is to punish trespassers and hackers.”);
CollegeSource, Inc. v. AcademyOne, Inc., No. 10-3542, 2012 WL 5269213, at *14 (E.D. Pa. Oct.
3
25, 2012) (“The CFAA protects against unauthorized access rather than unauthorized use.”);
Koch Indus., Inc. v. Does, No. 2:10CV1275, 2011 WL 1775765, at *8 (D. Utah May 9, 2011)
(noting that “[a] majority of courts have concluded” that claims of unauthorized use “lie outside
the scope of the CFAA”). Because the CFAA does not define “authorization,” the Court must
give the term its “‘ordinary and plain meaning.’” United States v. Patel, 778 F.3d 607, 613 (7th
Cir. 2015) (quoting Sanders v. Jackson, 209 F.3d 998, 1000 (7th Cir. 2000) (noting that “[w]e
frequently look to dictionaries to determine the plain meaning of words, and in particular we
look at how a phrase was defined at the time the statute was drafted and enacted.”)). The Oxford
English Dictionary defines “Authorization” as “[t]he action of authorizing a person or thing” or
“formal permission or approval.” Authorization, oed.com,
http://www.oed.com/view/Entry/13351 (last visited Jan. 5, 2017). As a verb, “authorize”
ordinarily means “to give official permission for or formal approval to (an action, undertaking,
etc.)” or “to approve, sanction.” Authorize, oed.com, http://www.oed.com/view/ Entry/13352
(last visited Jan. 5, 2017). Therefore, based on the ordinary and plain meaning of
“authorization,” to act “without authorization” is to act without formal permission or approval.
A review of case law shows that several district courts have adopted a similar
interpretation of “without authorization” when confronting nearly identical facts. For example, in
Craigslist Inc. v. 3Taps Inc., 964 F. Supp. 2d 1178 (N.D. Cal. 2013), a defendant accessed the
plaintiff’s public website even after the plaintiff sent cease-and-desist letters and blocked the
defendant’s IP addresses. Id. at 1180–81. In finding that the defendant acted “without
authorization” under the CFAA, the court explained that although the plaintiff “gave the world
permission (i.e., ‘authorization’) to access the public information on its public website . . . it
rescinded that permission for [the defendant]. Further access by [the defendant] after that
4
rescission was ‘without authorization.’” Id. at 1184; see also Facebook, Inc. v. Grunin, 77 F.
Supp. 3d 965, 973 (N.D. Cal. 2015) (finding that a defendant acted “without authorization”
under the CFAA when he continued to access Facebook’s site, even after Facebook
“implemented a complete access restriction by sending [the defendant] two cease-and-desist
letters and by taking technical measures to block his access.”); Sw. Airlines v. Farechase, 318 F.
Supp. 2d 435, 439–40 (N.D. Tex. 2004) (finding that a plaintiff plausibly alleged a CFAA claim
when Southwest “directly informed” the defendant that its scraping activity violated the Use
Agreement on Southwest’s website, which was “accessible from all pages on the website,” as
well as via “direct repeated warnings and requests to stop scraping.”) (internal quotation marks
and citation omitted); cf. QVC, Inc. v. Resultly, LLC, 159 F. Supp. 3d 576, 596–97 (E.D. Pa.
2016) (noting that, in determining whether the defendant acted “without authorization,” the
“relevant question is not whether [the defendant] was granted permission to access the
information on [website], but whether that authorization was ever rescinded or limited in a way
that would put [the defendant] on notice that it was not authorized to access information it was
otherwise entitled to access.”).
Guidance as to the meaning of “without authorization” is also found in CFAA cases
involving employer-employee relationships. Notably, in International Airport Centers, LLC v.
Citrin, 440 F.3d 418 (7th Cir. 2006), the Seventh Circuit found that an employee acted “without
authorization” to access his work computer the moment he engaged in misconduct and decided
to quit his job. Id. at 420. This was so even though there was an absence of any “hacking” or
other techniques aimed at penetrating a secure computer or network on the employee’s part. Id.;
cf. LVRC Holdings LLC v. Brekka, 581 F.3d 1127, 1133–34 (9th Cir. 2009) (“[A] person uses a
computer ‘without authorization’ . . . when the person has not received permission to use the
5
computer for any purpose (such as when a hacker accesses someone’s computer without any
permission), or when the employer has rescinded permission to access someone’s computer and
the defendant uses the computer anyway.”) Thus, given the ordinary and plain meaning of
“authorization,” coupled with the case law described above, the Court is persuaded that CFAA
liability may exist in certain situations where a party’s authorization to access electronic data—
including publicly accessible electronic data—has been affirmatively rescinded or revoked.
In its present Motion, Linfield Media focuses on the allegation in the Amended
Complaint that states, “CouponCabin has in the past contacted or communicated with each of the
Defendants, other than Linfield Media, LLC, to demand that they cease and desist their data
scraping.” (Am. Compl. ¶ 74 (emphasis added).) Even though the Plaintiff alleged that all the
Defendants knowingly and intentionally circumvented the Plaintiff’s security measures after it
blocked their access from certain cloud computing/internet service providers, Linfield Media
argues that this one allegation shows that it had no notice that its alleged activities were
unauthorized. Without notice from the Plaintiff, Linfield Media argues that it could not have
violated the CFAA because it could not have acted “without authorization.” (Mot. J. Pleadings 6,
ECF No. 119.)
Such an argument is unpersuasive. The Court must accept all factual allegations in a
complaint, not cherry pick among them. See Erickson, 551 U.S. at 93. Considering the
allegations as a whole, the Court’s reasoning regarding the CFAA claim remains the same as in
its Order of June 8, 2016. Even if the Plaintiff did not directly communicate to Linfield Media its
demand to cease and desist scraping-related activities, the Plaintiff alleged that it revoked all of
the Defendants’ access, including Linfield Media’s. Revocation of website access would have
been sufficient to give the Defendants constructive notice that they were without authorization to
6
act as they allegedly did. See Brekka, 581 F.3d at 1133; Resultly, LLC, 159 F. Supp. 3d at 596–
97. Accordingly, the Court denies Linfield Media’s Motion for Judgment on the Pleadings as it
relates to the CFAA claim.
B.
Trespass Claim
The above reasoning applies equally to the trespass claim. In Indiana, liability for
trespass1 occurs if either: (a) the trespasser dispossesses the possessor of the chattel; (b) the
trespasser impairs the chattel’s condition, quality, or value; (c) the trespasser deprives the
possessor’s use of the chattel for a substantial time; or (d) bodily harm is caused to the possessor
or a person or thing in which the possessor had a legally protected interest. Terrell v. Rowsey,
647 N.E.2d 662, 666 (Ind. Ct. App. 1995). The Plaintiff alleged that the Defendants
circumvented the Plaintiff’s security measures once it had blocked their access in order to engage
in data scraping-related activities. This is sufficient to allege a trespass claim, as it is immaterial
whether or not the Plaintiff directly communicated with Linfield Media about its alleged
trespassing. Accordingly, the Court denies Linfield Media’s Motion for Judgment on the
Pleadings as it relates to the trespass claim.
C.
Breach of Contract Claim
The Plaintiff also asserts breach of contract, alleging that the Defendants violated its
Terms and Conditions, which appear on its website and prohibit the “systematic retrieval
(including by use or data mining, robots, or other extraction tools) of data or other content from
1
Most courts have treated a complaint that alleges a state law trespass claim in conjunction with a
CFAA violation as a trespass to chattels claim, not a trespass to land claim. E.g., Fidlar Techs. v. LPS
Real Estate Data Sols., 82 F. Supp. 3d 844, 859 (C.D. Ill. 2015); Cassetica Software, Inc. v. Comput. Scis.
Corp., No. 09 C 0003, 2009 WL 1703015, at *5 (N.D. Ill. June 18, 2009).
7
the [Plaintiff’s] website.” (Am. Compl. ¶ 5 (quoting Ex. A., Pl.’s Terms and Conditions).) Users
of the Plaintiff’s website “signify their acceptance of the [Plaintiff’s] Terms and Conditions by
virtue of their access and use of the Site.” (Id. at ¶ 28 (“The Terms and Conditions state that,
‘[b]y using the Site, you signify your agreement to these terms and conditions and [the
Plaintiff’s] Privacy Policy.’”).)
Under the familiar rule of Erie Railroad Co. v. Tompkins, 304 U.S. 64 (1938)—which is
applicable to state law claims that are brought through supplemental jurisdiction, Houben v.
Telular Corp., 309 F.3d 1028, 1032 (7th Cir. 2012)—a federal court sitting in diversity applies
the substantive law of the state in which it sits. “The law concerning contracts is well settled in
Indiana. An offer, acceptance, plus consideration make up the basis for a contract.” Dimizio v.
Romo, 756 N.E.2d 1018, 1022 (Ind. Ct. App. 2001). “A mutual assent or a meeting of the minds
on all essential elements or terms must exist in order to form a binding contract.” Homer v.
Burman, 743 N.E.2d 1144, 1146–47 (Ind. Ct. App. 2001) (“Assent to th[e] terms of a contract
may be expressed by acts which manifest acceptance.”) (internal quotation marks and citation
omitted). But as far as the Court can tell, Indiana courts have not weighed in on the validity of
so-called “browsewrap agreements,” which is the type of agreement at issue here. See Sgouros v.
TransUnion Corp, No. 14 C 1850, 2015 WL 507584, at *6 (N.D. Ill. Feb. 5, 2015) (noting that
browsewrap agreements “do not require users to sign a document or click an ‘accept’ or ‘I agree’
button, so users are considered to give assent simply by using the website.”) (internal quotation
marks and citation omitted).2
2
An alternative to a browsewrap agreement is a “clickwrap agreement,” which requires an
affirmative act on the part of the user to manifest assent—namely, the user’s clicking of a button
accompanying a statement instructing the user that their click constitutes acceptance to the terms at issue.
Sgouros, 2015 WL 507584, at *4.
8
However, several district courts in this Circuit have found browsewrap agreements to be
enforceable when a user has actual or constructive knowledge of the website’s terms and
conditions. See, e.g., id. at *6; Hussein v. Coinabul, LLC, No. 14 C 5735, 2014 WL 7261240, at
*2–3 (N.D. Ill. Dec. 19, 2014); Van Tassell v. United Mktg. Grp., LLC, 795 F. Supp. 2d 770,
790–91 (N.D. Ill. 2011); see also Nguyen v. Barnes & Noble, 763 F.3d 1171, 1176 (9th Cir.
2014). Thus, “[w]hen there is no evidence that users had actual knowledge of terms at issue, the
validity of a browsewrap contract hinges on whether a website provided reasonable notice of the
terms of the contract, i.e., whether users could have completed their purchases without ever
having notice that their purchases are bound by the terms.” Sgouros, 2015 WL 507584, at *6
(internal quotation marks and citation omitted).
Linfield Media argues that the Plaintiff has failed to allege the existence of an
enforceable browsewrap agreement; namely, by failing to show that the Defendant had actual or
constructive notice of the Terms and Conditions. In its June 8, 2016, Order the Court found that
After reviewing the Plaintiff’s website, as presented in the Defendants’ Exhibit
[ECF No. 66-1], the Court agrees that a user is not immediately confronted with
the Plaintiff’s Terms and Conditions; and therefore, a reasonable argument can be
made that the Terms and Conditions fail to provide constructive notice.
Nevertheless, the Court is required to view the allegations in a light most
favorable to the Plaintiff, and accept as true all reasonable inferences to be drawn
from the allegations. Whirlpool, 67 F.3d at 608. The Court is therefore reluctant to
declare the browsewrap agreement’s unenforceability at this early stage of the
litigation—particularly in light of the Plaintiff’s allegations that the Defendants
“knowingly and intentionally circumvented [the Plaintiff’s] security measures in
order to continue their data scraping activities.” (Am. Compl. ¶ 40.)
(Opinion & Order 15–16, ECF No. 87.) Nevertheless, Linfield Media argues that the Plaintiff did
not allege that it ever directly communicated with Linfield Media to “demand that they cease and
desist their data scraping, misappropriation of Coupon Content or data from the [Plaintiff’s]
website.” (Am. Compl. ¶ 74.) However, it is reasonable to infer from the allegations that Linfield
9
Media had constructive notice as to the website’s Terms and Conditions given that it is a
business entity in direct competition with the Plaintiff. Based on the pleadings, whether Linfield
Media had sufficient notice of the Terms and Conditions is more appropriately answered at a
later point in the litigation.
D.
Tortious Interference with Prospective Business Advantage Claim
In Indiana, a claim for tortious interference with prospective business advantage requires:
(1) the existence of a valid relationship; (2) the defendant’s knowledge of the existence of the
relationship; (3) the defendant’s intentional interference with that relationship; (4) the absence of
justification; (5) damages; and (6) illegal conduct. Levee v. Beeching, 729 N.E.2d 215, 222 (Ind.
Ct. App. 2000). Linfield Media moves for judgment on the pleadings on the grounds that the
Plaintiff has alleged neither illegal conduct nor facts showing that it acted with intent to injure
the Plaintiff.
The first argument is moot because the Court has permitted the claims for violation of the
CFAA, trespass, and breach of contract to go forward, which means illegal conduct is alleged.
The second argument rephrases the fourth element based on Indiana case law. See Morgan Asset
Holding Corp. v. CoBank, 736 N.E.2d 1268, 1272 (Ind. Ct. App. 2000). The Indiana Supreme
Court enumerates certain factors for a court to consider as to the absence of justification,3 “but
the overriding question is whether the defendant’s conduct has been fair and reasonable under
the circumstances.” Guinn v. Applied Composites Eng’g, Inc., 994 N.E.2d 1256, 1267 (Ind. Ct.
3
The factors are (a) the nature of the defendant’s conduct; (b) the defendant’s motive; (c) the
interests of the plaintiff with which the defendant’s conduct interferes; (d) the interests sought to be
advanced by the defendant; (e) the social interests in protecting the freedom of action of the defendant
and the contractual interests of the plaintiff; (f) the proximity or remoteness of the defendant’s conduct to
the interference; and (g) the relations between the parties. Winkler v. V.G. Reed & Sons, 638 N.E.2d 1228,
1235 (Ind. 1994).
10
App. 2013) (quoting Allison v. Union Hosp. Inc., 883 N.E.2d 113, 118 (Ind. Ct. App. 2008).
When viewing the allegations in a light most favorable to the Plaintiff, and accepting as true all
reasonable inferences to be drawn from the allegations, there are sufficient allegations to infer
that Linfield Media’s conduct was not fair or reasonable. Whether or not Linfield Media sought
to improve its own business, doing so by allegedly violating federal and state laws would negate
any such justification. Based on these pleadings, whether Linfield Media was justified in
allegedly “scraping” the Plaintiff’s website is more appropriately answered at a later point in the
litigation.
CONCLUSION
For the foregoing reasons, the Court DENIES the Defendant’s Motion for Judgment on
the Pleadings.
SO ORDERED on January 10, 2017.
s/ Theresa L. Springmann
THERESA L. SPRINGMANN
UNITED STATES DISTRICT COURT
FORT WAYNE DIVISION
11
]]>
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?
