Authenticom, Inc. v. CDK Global, LLC et al
Filing
199
Transmission of Notice of Appeal, Docketing Statement, Opinion and Order, Opinion, Preliminary Injunction and Docket Sheet to Seventh Circuit Court of Appeals re: 196 Notice of Appeal, (Attachments: # 1 Docketing Statement, # 2 Opinion and Order, #172, # 3 Opinion, #191, # 4 Preliminary Injunction, # 5 Docket Sheet) (lak)
<![CDATA[
IN THE UNITED STATES DISTRICT COURT
FOR THE WESTERN DISTRICT OF WISCONSIN
AUTHENTICOM, INC.,
v.
Plaintiff,
ORDER FOR
PRELIMINARY INJUNCTION
AGAINST REYNOLDS
CDK GLOBAL, LLC and
THE REYNOLDS AND REYNOLDS COMPANY,
17-cv-318-jdp
Defendants.
Based on the parties’ written submissions, documentary evidence, and the evidence
presented at an evidentiary hearing, the court concluded that Authenticom is entitled to a
preliminary injunction. Dkt. 172. As explained more fully in the court’s July 14, 2017
opinion and order, (1) Authenticom has made the requisite showing of likelihood of success
on the merits of its antitrust claims; (2) Authenticom will suffer irreparable harm if the court
did not grant preliminary relief; (3) the balance of hardships tips in Authenticom’s favor; and
(4) the public interest is not disserved by the entry of a preliminary injunction. Accordingly,
defendant the Reynolds and Reynolds Company is preliminarily enjoined as provided in this
order. Those enjoined include defendant the Reynolds and Reynolds Company and its
officers, employees, agents, attorneys, and all those acting in active concert or participation
with them, which the court will refer to collectively as Reynolds.
Reynolds is preliminarily enjoined as follows:
1. Reynolds must not prevent Authenticom from using dealer login credentials to
provide data integration services for dealers who, as of May 1, 2017, had
authorized Authenticom to provide data integration services. Reynolds must
establish and maintain login credentials for its DMS for Authenticom, subject to
the following conditions:
a. Authenticom may access only the parts of the Reynolds DMS that an
authorizing dealer itself is authorized to access.
b. Authenticom may access and extract only the data fields that the dealer
authorizes Authenticom to access and that are reasonably necessary for
Authenticom to provide the data integration services that the dealer
requests.
c. Authenticom’s access to the Reynolds DMS is limited to read-only data
exporting.
d. This order does not prevent Reynolds from blocking Authenticom’s access
to the Reynolds DMS that exceeds the access authorized in this order.
2. This order will be implemented through the following procedure:
a. Authenticom will request that each Reynolds dealer that intends to use
Authenticom for data integration services during the pendency of this
preliminary injunction sign a dealer authorization form. The dealer
authorization form will authorize Reynolds to issue a single user ID to
Authenticom for each dealer, created specifically for Authenticom to
provide data integration services to that dealer and, in turn, to the various
software vendors that provide services to that dealer.
b. The dealer authorization form must: be signed by an individual authorized
to bind the dealer and to authorize the release of dealer data; identify the
specific data fields within the DMS that the dealer authorizes Authenticom
2
to access; agree that the Authenticom-specific credentials will not be used
by or shared with any person or entity other than Authenticom; and
acknowledge that the dealer will not attempt to hold Reynolds responsible
for misuse of the Authenticom-specific credentials or the data acquired
with it. The dealer authorization form will also provide that the dealer
authorizes Reynolds to suspend security measures directed specifically to
blocking automated access for the Authenticom-specific credentials.
c. Reynolds must configure Authenticom’s login credentials within five
business days of receiving a dealer authorization form from Authenticom. If
the volume of requests for configuration of Authenticom’s credentials is
such that Reynolds cannot reasonably meet the five-business-day deadline,
Reynolds shall notify Authenticom and the parties shall work in good faith
to determine a reasonable schedule.
d. Authenticom may not disclose its Reynolds credentials to anyone other
than its employees who need to know them. Authenticom must adopt
security measures to protect all user credentials associated with the
Reynolds DMS. Such measures must include, but are not limited to, not
transmitting credentials by unencrypted email.
e. Once Reynolds issues a username and password to Authenticom for a given
dealer pursuant to this preliminary injunction, Authenticom will use only
that username and password in providing data integration services for that
dealer, and Reynolds may disable or block any other usernames or
passwords Authenticom has used or uses for that dealer.
3
f.
If a dealer receiving Authenticom’s data integration services pursuant to
this order elects to discontinue those services, Authenticom must promptly
notify Reynolds in writing. Reynolds may then immediately disable the
Authenticom-specific credentials for the terminated dealer.
g. For dealers that do not require more than one daily data refresh,
Authenticom must access the Reynolds DMS for bulk-data queries between
the hours of 10 p.m. and 6 a.m. (dealer local time).
h. When it provides a dealer authorization form to Reynolds, Authenticom
must identify whether that dealer requires more than one daily data
refresh. Authenticom must make all reasonable efforts to minimize the
number of queries executed for those dealers during business hours.
3. If Reynolds detects either (1) a material security breach on its DMS that it
believes, in good faith, is attributable to Authenticom’s access to the DMS, or
(2) the use of Authenticom’s credentials by someone other than Authenticom,
Reynolds may temporarily suspend the affected Authenticom-specific credentials.
In the event of such a suspension, Reynolds must immediately notify Authenticom
and promptly investigate the security event. If Reynolds does not restore or
replace the affected credentials within 48 hours, it must explain in writing to
Authenticom why it has not done so. This section does not limit Reynolds’s ability
to follow its standard security protocols if it experiences a security breach.
4. Reynolds may continue to perform normal or routine maintenance on its systems
or to continue to implement standard security protocols (other than protocols that
4
prohibit automated access by Authenticom, as provided here), such as routine
prompts for password changes.
5. Reynolds may comply with any request by any dealer to disable Authenticom’s
access to that dealer’s data.
6. Reynolds may not enforce those provisions in its contracts with dealers or vendors
that restrict, or have the effect of restricting, any dealer or vendor from obtaining
data integration services from Authenticom. Such provisions include, for example,
those that would require, or have the effect of requiring, a software vendor to
obtain integration services exclusively from Reynolds for all of that vendor’s
applications or all of that vendor’s dealer customers.
7. Reynolds may not retaliate against any dealer or vendor as result of its decision to
do business with Authenticom, such as by terminating or blocking a vendor from
the RCI program, or by imposing financial penalties, such as invoking liquidated
damages clauses.
8. Within 10 business days of entry of this order, Authenticom must provide security
in the amount of $1 million, in a form agreed to by the parties or approved by the
court. This single $1 million bond will serve as security for both injunction orders
issued in this case.
5
This order will take effect immediately and will remain in place until entry of final
judgment in this matter or until the court orders otherwise.
Entered July 28, 2017.
BY THE COURT:
/s/
________________________________________
JAMES D. PETERSON
District Judge
6
]]>
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?
