140 F. Supp. 3d 938
N.D. Cal.2014Background
- NovelPoster sues Javitch Canfield Group and its owners under CFAA, Wiretap Act, CDAFA, and CIPA, plus related claims, alleging unauthorized access and control of NovelPoster’s accounts during and after a disputed business relationship.
- NovelPoster operates online and relies on third‑party providers (PayPal, Stripe, Google, Etsy, Mailchimp, etc.) and uses admin and personal email accounts for contract formation and customer relations.
- Defendants allegedly accessed and changed passwords to NovelPoster’s email accounts without authorization, continued access after purported termination, and misrepresented authority in subsequent dealings.
- The contract terms allegedly gave defendants control over most operations but left questions about the scope of authorization to access various accounts, especially personal email accounts.
- NovelPoster asserts damages exceeding $5,000 with ongoing losses and seeks damages, injunctive relief, and other remedies.
- Procedural posture: defendants move for judgment on the pleadings under Rule 12(c); the court heard argument and grants the motion as to the First through Fourth Causes of Action, with leave to amend limited to those four actions.
Issues
| Issue | Plaintiff's Argument | Defendant's Argument | Held |
|---|---|---|---|
| Whether defendants exceeded authorization under CFAA | NovelPoster alleges authorization was limited; password changes post‑agreement show exceeding access | Defendants had broad take‑over rights; no unauthorized access | Factual dispute; not clearly authorized on pleadings |
| Whether NovelPoster adequately pleads CFAA loss/damage | Loss includes costs to restore data and lost opportunities | Loss conclusory; no concrete impairment or quantifiable loss pled | CFAA loss inadequately pled; grant on this ground |
| Whether CFAA claims require circumvention of a technological barrier | Circumvention not essential; unauthorized access suffices | Nosal framework requires circumvention of barriers | Issue of fact; court declines to resolve at pleading stage, but still grants on other grounds |
| Whether CDAFA claim fails for lack of damage/loss | CDAFA damages mirror CFAA damages; consent issues same | No adequately pled damage or loss under §502(e)(1) | CDAFA claim is defeated for lack of adequately pled damage/loss |
| Whether Wiretap Act/CIPA claims survive | Emails were intercepted without authorization during transmission | Read/viewing of stored emails after delivery not interception; no device/use of interception | No interception during transmission; claims fail |
Key Cases Cited
- United States v. Nosal, 676 F.3d 854 (9th Cir. 2012) (CFAA focuses on unauthorized access to information, not mere misuse; authorization scope matters)
- LVRC Holdings LLC v. Brekka, 581 F.3d 1127 (9th Cir. 2009) (Exceeding authorized access violates CFAA; access with permission but for improper purpose may still violate)
- Konop v. Hawaii Airlines, Inc., 302 F.3d 868 (9th Cir. 2002) (Interception under Wiretap Act requires acquisition during transmission, not stored communications)
- Theofel v. Farey-Jones, 359 F.3d 1066 (9th Cir. 2004) (Civil remedy extends to those harmed by unauthorized access; scope of interception and damages discussed)