MUFG Union Bank, NA v. Tyler et al
Filing
86
ORDER granting Defendants' 81 Motion to Dismiss. Plaintiff's CFAA claim against them will be dismissed in its entirety with prejudice. Signed by Judge Ricardo S Martinez. (SWT)
<![CDATA[
1
2
3
4
UNITED STATES DISTRICT COURT
WESTERN DISTRICT OF WASHINGTON
AT SEATTLE
5
6
7
8
MUFG UNION BANK, N.A., a national
association,
9
Plaintiff,
10
11
v.
AARON TYLER, an individual, et al.,
12
Defendants.
13
)
) CASE NO. C17-1766RSM
)
) ORDER GRANTING MOTION TO
) DISMISS
)
)
)
)
)
)
14
I.
15
INTRODUCTION
16
This matter comes before the Court on the individual Defendants’ Motion to Dismiss
17
Union Bank’s Amended CFAA Claim. Dkt. #81. Defendants argue that Plaintiff continues to
18
fail to state a claim for relief under the Computer Fraud and Abuse Act (“CFAA”) against the
19
20
individual Defendants. Id. Plaintiff responds that it has adequately pled facts to support its
21
amended CFAA claim. Dkt. #82. For the reasons set forth below, the Court disagrees with
22
Plaintiff and GRANTS Defendants’ motion to dismiss.
23
24
II.
BACKGROUND
The instant matter was filed in this Court on November 22, 2017. Dkt. #1. Plaintiff
25
26
MUFG Union Bank, N.A. (“Union Bank”) alleges that a group of its former employees resigned
27
en masse after planning for several months to take trade secrets, documents and confidential
28
information that they are now utilizing to take business from it and unfairly compete with it. Dkt.
ORDER
PAGE - 1
1
#79 at ¶ ¶ 8-22. Plaintiff further alleges that Defendant U.S. Bank knew of the individuals’
2
actions and encouraged them. Id. at ¶ ¶ 19-22. Based on these allegations, Union Bank initially
3
asserted six claims for relief against the Defendants: 1) breach of fiduciary duty of loyalty
4
(against all Defendants); 2) intentional interference with business relationships (against all
5
Defendants); 3) misappropriation of trade secrets under Washington’s UTSA, RCW 19.108.010,
6
7
et seq. (against all Defendants); 4) conversion (against all Defendants); 5) misappropriation of
8
trade secrets under the Defend Trade Secrets Act (“DFSA”), 18 U.S.C. § 1831, et seq. (against
9
all Defendants); and 6) violations of the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. §
10
1030, et seq. (against the individual Defendants). Dkt. #1 at ¶ ¶ 23-56.1 All Defendants then
11
moved to dismiss all claims. Dkts. #62 and #63.
12
13
On May 2, 2018, this Court granted in part Defendants’ motions. Dkt. #78. Specifically,
14
the Court dismissed with prejudice Plaintiff’s First, Second and Fourth Claims for Relief, allowed
15
Plaintiff’s Third and Fifth Claims for trade misappropriation under state and federal law to
16
proceed, and allowed Plaintiff leave to amend its CFAA claim only. Id. Plaintiff filed an
17
18
Amended Complaint on May 11, 2018. Dkt. #79. The instant motion followed.
III.
19
A. Legal Standard
20
21
22
DISCUSSION
In deciding a 12(b)(6) motion, this Court is limited to the allegations on the face of the
Complaint (including documents attached thereto), matters which are properly judicially
23
24
25
noticeable and other extrinsic documents when “the plaintiff’s claim depends on the contents of
a document, the defendant attaches the document to its motion to dismiss, and the parties do not
26
27
28
1
Plaintiff erroneously pleaded two “Fifth” Claims for Relief in its initial Complaint. Dkt. #1 at
¶ ¶ 45-56. For ease of reference, the Court has referred to the initial CFAA claim against the
individual Defendants as the sixth claim for relief.
ORDER
PAGE - 2
1
dispute the authenticity of the document, even though the plaintiff does not explicitly allege the
2
contents of that document in the complaint.” Knievel v. ESPN, 393 F.3d 1068, 1076 (9th Cir.
3
2005). The Court must construe the complaint in the light most favorable to the Plaintiff and
4
must accept all factual allegations as true. Cahill v. Liberty Mutual Ins. Co., 80 F.3d 336, 337-
5
38 (9th Cir. 1996). The Court must also accept as true all reasonable inferences to be drawn from
6
7
the material allegations in the Complaint. See Brown v. Elec. Arts, Inc., 724 F.3d 1235, 1247-48
8
(9th Cir. 2013); Pareto v. F.D.I.C., 139 F.3d 696, 699 (9th Cir. 1998). However, the Court is not
9
required to accept as true a “legal conclusion couched as a factual allegation.” Ashcroft v. Iqbal,
10
556 U.S. 662, 678 (2009) (quoting Bell Atl. Corp. v. Twombly, 550 U.S. 544, 555 (2007)).
11
B. Amended CFAA Claim Against Individual Defendants
12
13
The individual Defendants now move for the dismissal of Plaintiff’s amended CFAA
14
claim against them. The CFAA was enacted in 1984 to enhance the government’s ability to
15
prosecute computer crimes. LVRC Holdings LLC v. Brekka, 581 F.3d 1127, 1130 (9th Cir. 2009).
16
The Act was originally designed to target hackers who accessed computers to steal information
17
18
or to disrupt or destroy computer functionality, as well as criminals who possessed the capacity
19
to “access and control high technology processes vital to our everyday lives . . . .” Id. at 1130-
20
31. The CFAA prohibits a number of different computer crimes, the majority of which involve
21
accessing computers without authorization or in excess of authorization, and then taking
22
specified forbidden actions, ranging from obtaining information to damaging a computer or
23
24
25
computer data. Brekka, 581 F.3d at 1130-31 (citing 18 U.S.C. § 1030(a)(1)-(7) (2004).
In its Amended Complaint, Plaintiff alleges the following:
Employees knowingly, intentionally, and with the intent to defraud Union
Bank accessed Union Bank’s computer systems without authorization or
beyond the scope of any authorization Employees had in an effort to
download and transfer files containing Union Bank’s confidential and
26
27
28
ORDER
PAGE - 3
proprietary files, trade secrets, and other confidential information.
Employees transferred confidential and trade secret information, including
confidential and sensitive customer information, which they misappropriated
from Union Bank to dropbox.com and salesforce.com accounts under the
control of Employees. Specifically, Employees exceeded any authorization
they had to access customer information contained in Union Bank’s computer
systems by downloading, uploading, or otherwise taking and storing for later
use Union Bank’s customers’ information, including but not limited to Union
Bank’s customers’ email addresses. Employees were authorized to access
such information only while employed by Union Bank and only to further
Union Bank’s efforts to service its customers. Employees’ saving of that
information for their own use or use by a competitor exceeded the
authorization Union Bank gave to Employees to access customer
information.
1
2
3
4
5
6
7
8
9
10
Dkt. #79 at ¶ 38.
11
As the Court previously noted, Plaintiff does not specify the subsection of the statute
12
allegedly violated. See Dkt. #78 at ¶ 9. However, it appears that Plaintiff alleges a violation of
13
18 U.S.C. § 1030(a)(4), in that Plaintiff alleges the individual Defendants without authorization
14
or exceeding authorized access, and with the intent to defraud, intentionally accessed and
15
16
obtained information from a protected computer. Id. Through briefing, it appears that Plaintiff
17
is focusing on the “exceeds authorized access” language of that subsection. Dkt. #82. The
18
individual Defendants argue that the amended CFAA claim still fails to adequately allege that
19
they exceeded their authorization to access Union Bank’s computer system. Dkt. #81 at 3-5.
20
21
Plaintiff asserts that the individual Defendants exceeded their authorized access, thereby
22
violating the CFAA, “by accessing websites they were not allowed to access, including
23
Salesforce and Dropbox.” Dkt. #82 at 1. However, that is not what Plaintiff actually alleges.
24
Rather, Plaintiff alleges that Defendants “exceeded any authorization they had to access customer
25
information contained in Union Bank’s computer systems by downloading, uploading, or
26
27
28
otherwise taking and storing for later use Union Bank’s customers’ information” on Dropbox
and Salesforce. Dkt. #79 at ¶ 38. As Defendants note, this is simply another way of alleging
ORDER
PAGE - 4
1
misappropriation, which the Ninth Circuit, as well as this Court, has already held cannot sustain
2
a CFAA claim. United States v. Nosal, 676 F.3d 854, 864 (9th Cir. 2012); LVRC Holdings LLC
3
v. Brekka, 581 F.3d 1127, 1130 (9th Cir. 2009). “Under the CFAA, the activity that must be
4
authorized is the ‘access,’ not the use to which the information is later put.” National City Bank,
5
N.A. v. Republic Mortg. Home Loans, LLC, No. C09-1550RSL, 2010 WL 959925, at *3 (W.D.
6
7
Wash. Mar. 12, 2010). “When an employer grants an employee access to a computer or to certain
8
records on a computer system, access continues to be authorized until rescinded by the employer,
9
even if the employee has become disloyal and is acting contrary to the employer’s interest.” Id.
10
(emphasis added). Here, Plaintiff has not alleged in its amended claim, that the individual
11
Defendants accessed information that was not within the scope of their authorization. Instead,
12
13
Plaintiff focuses on “accessing” third-party websites. “A CFAA violation occurs only when an
14
employee accesses information that was not within the scope of his or her authorization.” Id.
15
Accordingly, for the reasons discussed by the individual Defendants in their motion, the Court
16
finds that Plaintiff has failed to adequately plead a claim that the individual Defendants exceeded
17
18
19
their authorized access, and the Court will dismiss the amended CFAA claim.
C. Leave to Amend
20
Ordinarily, leave to amend a complaint should be freely given following an order of
21
dismissal, “unless it is absolutely clear that the deficiencies of the complaint could not be cured
22
by amendment.” Noll v. Carlson, 809 F.2d 1446, 1448 (9th Cir. 1987); see also DeSoto v. Yellow
23
24
Freight Sys., Inc., 957 F.2d 655, 658 (9th Cir. 1992) (“A district court does not err in denying
25
leave to amend where the amendment would be futile.” (citing Reddy v. Litton Indus., Inc., 912
26
F.2d 291, 296 (9th Cir. 1990)). With respect to Plaintiff’s amended CFAA claim, the Court
27
concludes that granting leave to amend that claim again would be futile. The Court can conceive
28
ORDER
PAGE - 5
1
of no possible cure for the deficiencies in Plaintiff’s Amended Complaint as to that claim,
2
particularly given the invalidity of Plaintiff’s arguments as discussed above, and the fact that
3
Plaintiff has had the opportunity to amend the claim already but has not been able to cure the
4
identified deficiencies. Accordingly, leave to amend the CFAA claim will not be granted.
5
IV.
CONCLUSION
6
7
Having reviewed the individual Defendants’ motion, the opposition thereto and reply in
8
support thereof, along with the remainder of the record, the Court hereby finds and ORDERS
9
that the individual Defendants’ Motion to Dismiss (Dkt. #81) is GRANTED, and Plaintiff’s
10
CFAA claim against them will be dismissed in its entirety with prejudice.
11
DATED this 29 day of June, 2018.
12
A
13
14
RICARDO S. MARTINEZ
CHIEF UNITED STATES DISTRICT JUDGE
15
16
17
18
19
20
21
22
23
24
25
26
27
28
ORDER
PAGE - 6
]]>
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?
