Fidlar Technologies v. LPS Real Estate Data Solutions, Inc., 2013 WL 5973938 (C.D.Ill. 2013), a high-tech diversity suit, examines internet data “harvesting” and whether it gives rise to Computer Fraud and Abuse Act, 18 U.S.C. § 1030 (CFAA) and common law tort liability.
The plaintiff developed a computer program that allowed recorder of deeds’ offices from around the country to provide users with public access to real estate records for a fee. The defendant software company developed a data harvester program that bypassed plaintiff’s protective controls and then captured the real estate data without paying fees.
When plaintiff found out, it brought CFAA claims and state law trespass to chattels claims against the defendant. Defendant moved to dismiss plaintiff’s claims.
Held: Defendant’s motion to dismiss denied.
The CFAA provides a civil cause of action to a plaintiff injured by computer fraud or hacking. A CFAA “transmission claim” prohibits a defendant from knowingly transmitting a program (such as a data harvester) without authorization that causes damage to a protected computer. A CFAA plaintiff must show loss of at least $5,000 in any one-year period. 18 U.S.C. §§ 1030(a), (c).
The Court found that plaintiff sufficiently pled damage, loss and intent under Federal notice pleading rules. Plaintiff’s claim that defendant’s harvesting activity compromised plaintiff’s software satisfied the CFAA’s damage definition – since it alleged an impact to the “integrity” of the software. 18 U.S.C. 1030(e)(8)(CFAA damage definition).
Plaintiffs also adequately pled loss of at least $5,000 under the CFAA: plaintiff claimed it spent over $80,000 investigating the extent of defendant’s invasion of plaintiff’s software and in making software repairs and adjustments to prevent further service interruptions. ¶¶ 7-8; 18 U.S.C. 1030(e)(11)(loss definition).
Lastly, the Court found the plaintiff’s intentional conduct allegations – that defendant’s intentionally and without permission, used plaintiff’s software – were sufficient under FRCP 8’s “short plain statement” strictures. ¶ 6.
The Court also sustained (in part) the plaintiff’s trespass to chattel claims. Trespass to chattel – a sparingly used tort occasionally applied to cyberspace lawsuits – provides a remedy where a defendant intentionally interferes with the plaintiff’s personal property and causes harm to it. ¶ 9.
The plaintiff’s trespass to chattel claim based on its computer data wasn’t actionable since electronic public data isn’t physical or private property owned by the plaintiff.
But plaintiff did make out a trespass to chattels claim with respect to its computer servers. The servers were sufficiently tangible (or physical) to underlie a trespass to chattels claim. Plaintiff’s claim that defendant accessed the servers and impaired the servers’ quality, condition and value adequately met the Federal notice pleading standard. ¶¶ 10-11.
Defendant’s injunctive relief and tortious interference claims were rejected. The court found that plaintiff’s conduct was privileged under the “honest advice” privilege and the First Amendment Petition Clause.
The latter privilege applied since the counties with whom plaintiff dealt were all government agencies. Plaintiff’s statements to the counties concerning the defendant’s unauthorized data mining were protected “petitions” to those counties: plaintiff asked the counties to cut off defendant’s access to plaintiff’s software. ¶¶ 14-17.
– Computer Fraud plaintiffs can satisfy notice pleading standards by alleging plausible facts of intent, damage and loss exceeding $5,000;
– Trespass to chattels tort applies to physical computer hardware and servers but not to computer data;
– A business competitor has some latitude to make disparaging statements about a competitor where the statements are substantially true, opinions and not facts or are privileged.