306 F. Supp. 3d 1164
C.D. Cal.2018Background
- Ticketmaster sued Prestige entities and individuals alleging bots and dummy accounts bought large volumes of tickets via its website/app, then resold them, causing lost revenue and increased security costs.
- Users must accept Ticketmaster’s Terms of Use (TOU) and Code of Conduct, which prohibit bots, excessive page requests/refreshes, reproducing/modifying site content, and circumventing CAPTCHAs; TOU labels many provisions as conditions.
- Ticketmaster alleges registered/pending copyrights in site pages and apps and that defendants circumvented CAPTCHA and other controls (using bots, colocation, CAPTCHA farms) to access/purchase tickets.
- Ticketmaster sent a cease-and-desist to Lombardi in May 2015; defendants continued activity. Complaint alleges hundreds of thousands of orders across thousands of accounts.
- Defendants moved to dismiss multiple claims: copyright infringement, DMCA, CFAA, California CDAFA, breach of contract, fraud, and state-law claims. The court resolved which claims survive at pleading stage and which are dismissed (some with leave to amend).
Issues
| Issue | Plaintiff's Argument | Defendant's Argument | Held |
|---|---|---|---|
| Copyright infringement | TOU violations and automated copying of pages amount to unauthorized copying of Ticketmaster’s protected works | Viewing/loading pages merely creates automatic cache copies; TOU breaches are contractual, not copyright, and MDY limits such claims | Dismissed as copyright infringement; TOU breaches not conditions implicating exclusive rights; dismissal without leave to amend for claims based on bots/TOU violations |
| DMCA (§1201) circumvention | Defendants circumvented technological access controls (CAPTCHA, splunk) using bots/CAPTCHA farms | Controls are not "technological measures" or allegations are too vague | Denied motion to dismiss DMCA claim; allegations that bots/CAPTCHA farms avoided access controls are plausible |
| CFAA (unauthorized access/exceeds authorization) | TOU violations and cease-and-desist show lack of authorization or exceeded authorization | TOU violations alone cannot ground CFAA; no alleged revocation of access or access to unauthorized files | CFAA claim dismissed with leave to amend; Ticketmaster failed to allege rescission of access or unauthorized information access |
| California CDAFA | CDAFA prohibits unauthorized use of computer services; TOU-prohibited methods constitute unauthorized use | Similar to CFAA defense; taking data via prohibited method is insufficient if taking itself is permitted | CDAFA claim dismissed with leave to amend; Oracle decision controls that method-based violations alone are insufficient |
| Breach of contract & liquidated damages | TOU’s liquidated damages and asserted infrastructure/goodwill losses are recoverable | Liquidated amount unreasonable; compensatory damages speculative | Breach claim survives; court finds liquidated-damages clause plausibly enforceable and alleged compensatory damages adequate |
| Fraud (promissory fraud) | Defendants formed accounts agreeing to TOU with intent to breach (promissory fraud); Ticketmaster reasonably relied and was harmed | Rule 9(b) not satisfied; intent not pleaded adequately | Fraud claim survives; court finds allegations satisfy Rule 9(b) and promissory fraud elements |
| Personal jurisdiction over foreign defendants (state-law claims) | Foreign defendants bought tickets from LA-based Ticketmaster; conduct purposefully directed to forum | Defendants contest jurisdiction | Court finds specific personal jurisdiction adequate and retains supplemental jurisdiction over state-law claims |
Key Cases Cited
- MDY Indus., LLC v. Blizzard Entm’t, 629 F.3d 928 (9th Cir.) (scope-of-license rule: license breaches constitute infringement only when they exceed license scope and implicate exclusive rights)
- Perfect 10, Inc. v. Amazon, Inc., 508 F.3d 1146 (9th Cir.) (automatic caching/copying by users often constitutes transformative, minimal-impact copying)
- Sun Microsystems, Inc. v. Microsoft Corp., 188 F.3d 1115 (9th Cir.) (licensor granting limited license generally waives infringement claim unless use exceeds license scope)
- MAI Sys. Corp. v. Peak Computer, Inc., 991 F.2d 511 (9th Cir.) (loading software into RAM can create a copy for copyright purposes)
- Facebook, Inc. v. Power Ventures, Inc., 844 F.3d 1058 (9th Cir.) (CFAA liability requires lack of authorization or explicit revocation; mere TOU violation insufficient)
- United States v. Nosal, 676 F.3d 854 (9th Cir.) (narrow reading of "exceeds authorized access" under CFAA; distinguishes use restrictions from access restrictions)
- Oracle USA, Inc. v. Rimini St., Inc., 879 F.3d 948 (9th Cir.) (CDAFA: prohibited download method alone does not make otherwise-permitted taking unlawful)
- Ashcroft v. Iqbal, 556 U.S. 662 (U.S.) (federal pleading standard: complaint must state a plausible claim)