I. INTRODUCTION
Plaintiff Ticketmaster LLC ("Ticketmaster") brings this action against Defendants Prestige Entertainment, Inc. ("Prestige"), Prestige Entertainment West, Inc. ("Prestige West"), Renaissance Ventures LLC ("Renaissance"), Nicholas Lombardi, and Steven K. Lichtman. (See generally Compl., ECF No. 1.) Ticketmaster alleges claims against Defendants for: (1) breach of contract; (2) copyright infringement in violation of
Defendants Prestige West, Renaissance, Lombardi, and Lichtman
II. FACTUAL BACKGROUND
Ticketmaster sells tickets for live entertainment events on behalf of its clients through its website, mobile app, and telephone call centers. (Compl. ¶ 18.) Demand often exceeds the supply of tickets available through Ticketmaster, which can result in intense competition among consumers to purchase tickets for events the moment they are available for sale. (Id. ¶ 19.) In order to make the ticket-buying process fair and equitable for its consumers, Ticketmaster employs various countermeasures. (Id. ¶ 20.) For instance, Ticketmaster limits the number of tickets that may be purchased in a single transaction and regulates the speed with which users may refresh purchase requests. (Id. ) Ticketmaster also utilizes various security measures like CAPTCHA to prevent and discourage the use of automated programs-called "bots"-that give an unfair advantage over other consumers in the ticket purchasing process. (Id. ¶ 21.)
*1170Users must agree to Ticketmaster's Terms of Use ("TOU") before they can view and use Ticketmaster's website and mobile app. (Id. ¶¶ 24-27; see also Compl., Ex. A.) The TOU grants users a "limited, conditional, no-cost, non-exclusive, non-transferable, non-sub-licensable license to view [Ticketmaster's] Site and its Content to purchase tickets as permitted by these Terms for non-commercial purposes only if" the user agrees not to conduct certain activities. (Compl. ¶ 30.) Those prohibited activities include:
• Modify, adapt, sub-license, translate, sell, reverse engineer, decompile, or disassemble any portion of the Site ...;
• Use any robot, spider, offline reader, site search/retrieval application or other manual or automatic device, tool, or process to retrieve, index, data mine or in any way reproduce or circumvent the navigational structure or presentation of the Content or the Site, including with respect to any CAPTCHA displayed on the Site ...;
• Use any automated software or computer system to search for, reserve, buy or otherwise obtain tickets ...;
• Take any action that imposes or may impose (in [Ticketmaster's] sole discretion) an unreasonable or disproportionately large load on our infrastructure;
• Access, reload or refresh transactional event or ticketing pages, or make any other request to transactional servers, more than once during any three-second interval;
• Request more than 1,000 pages of the Site in any 24-hour period, whether alone or with a group of individuals;
• Reproduce, modify, display, publicly perform, distribute or create derivative works of the Site or the Content;
• Reproduce or scan tickets in a format or medium different from that provided by the Site;
• Decode, decrypt, modify, or reverse engineer any tickets ...;
• Use the Site or the Content in an attempt to, or in conjunction with, any device, program or service designed to circumvent any technological measure that effectively controls access to ... the Site and/or Content ... for any purpose.
(Id. ) The TOU further states that non-compliance with the TOU "constitutes unauthorized reproduction, display, or creation of unauthorized derivative versions of the Site and Content, and infringes [Ticketmaster's] copyright, trademarks, patents and other rights in the Site and Content." (Id. ¶ 31.) Ticketmaster has registered copyrights in various aspects of its website and pending applications for copyrights in its mobile apps. (See
For the past two years, Defendants have been using bots and dummy accounts to navigate Ticketmaster's website and mobile app to purchase large quantities of tickets. (Id. ¶¶ 40-42.) Defendants used colocation facilities with high speed bandwidth, random number and letter generators, and other evasive methods in order to avoid detection by Ticketmaster. (Id. ¶¶ 43-44, 48, 51-54.) Through the use of bots, Defendants are able to purchase and reserve large amounts of tickets in a manner impossible for a human consumer to match. (Id. ¶¶ 45, 46.) Defendants would then reproduce and resell the tickets on third-party platforms, such as StubHub.com, for profit. (Id. ¶¶ 47, 49.) Ticketmaster *1171estimates that over the period from January 2015 to September 2016, Defendants made at least 313,528 orders using 9,047 different accounts. (Id. ¶ 55.)
In May 2015, Ticketmaster sent Lombardi, who is affiliated with Prestige, a cease-and-desist letter. (Id. ¶ 56; see also Compl., Ex. E.) Lombardi acknowledged receipt of the letter, but Defendants continued their enterprise. (Compl. ¶ 57.) Ticketmaster estimates that, for certain shows, Defendants bought between 30-40% of Ticketmaster's available inventory. (Id. )
Ticketmaster alleges that Defendants' conduct has deprived them of revenue and revenue opportunities. (Id. ¶ 67.) Defendants' use of bots have also required Ticketmaster to divert resources from servicing of other consumers and to continually escalate its anti-bot security measures, costing Ticketmaster thousands of dollars in damages. (Id. ¶¶ 70, 71.)
III. LEGAL STANDARD
A motion to dismiss under either Rule 12(c) or 12(b)(6) is proper where the plaintiff fails to allege a cognizable legal theory or where there is an absence of sufficient facts alleged under a cognizable legal theory. Bell Atl. Corp. v. Twombly ,
Generally, a court should freely give leave to amend a complaint that has been dismissed, even if not requested by the party. See Fed. R. Civ. P. 15(a) ; Lopez v. Smith ,
IV. DISCUSSION
A. Copyright Infringement
Defendants contend that Ticketmaster's copyright infringement claim should be dismissed because (1) Ticketmaster fails to identify registered or pending copyrights that were infringed and (2) Ticketmaster's theory of copyright infringement was rejected by the Ninth Circuit in MDY Industries, LLC v. Blizzard Entertainment, Inc. ,
1. Copyright Infringement Pleading Requirements
To establish copyright infringement, a plaintiff must allege: (1) ownership of a valid copyright; and (2) copying of the original elements of the work. L.A. Printex Indus., Inc. v. Aeropostale, Inc. ,
Ticketmaster alleges that it owns registered or pending copyrights in various aspects of its website and mobile apps. Cf. Cosmetic Ideas, Inc. v. IAC/InterActiveCorp ,
*1172These allegations are not sufficient to meet the second requirement to plead copyright infringement. In Perfect 10, Inc. v. Amazon, Inc. ,
Ticketmaster's cited cases do not advance its argument. The Ninth Circuit has recognized that loading "software into a computer constitutes the creation of a copy under the Copyright Act." MAI Systems Corp. v. Peak Computer, Inc. ,
A court must determine whether to grant leave to amend when dismiss a claim. Schreiber ,
2. Copyright Infringement and Terms of Use
A "copyright owner who grants a nonexclusive, limited license ordinarily waives the right to sue licensees for copyright infringement, and it may sue only for breach of contract." Sun Microsystems, Inc. v. Microsoft Corp. ,
Contractual terms that limit a license's scope are conditions, while all other license terms are covenants. See
*1173San Mateo Cmty. Coll. Dist. v. Half Moon Bay Ltd. P'ship ,
Ticketmaster contends that the following restrictions and protocols in the TOU are conditions:
• Copying from the Site or Apps for "non-commercial purposes";
• Copying fewer than 1,000 pages of the Site in any 24-hour period;
• Making fewer than 800 reserve requests on the Site in any 24-hour period;
• Copying transactional event or ticketing pages no more than once during any three-second interval;
• Reproducing tickets in the same format or medium as provided by the Site;
• Not modifying any portion of the Site to create derivative works;
• Not using any robot, spider, or other device, tool, or process to reproduce the Site or its Content, and thereby violate the reproduction limits of the license;
• Not using any automated software or computer system to obtain tickets or other items available on the Site for the same reasons;
• Not taking any action that may impose an unreasonably large load on Ticketmaster's computer infrastructure;
• Not decoding or reverse engineering any tickets or underlying algorithms or barcodes used on or in the production of tickets on the Site; and
• Not trying to circumvent any technological measure that effectively controls access to, or the rights in, the Site or Content.
(See Opp'n 7, ECF No. 25; see also Compl. ¶ 30.) Although Ticketmaster's TOU asserts that these terms are "conditions," whether a term is a condition depends on "the whole contract, its purpose, and the intention of the parties ..." JMR Constr. Corp. v. Envtl. Assessment & Remediation Mgmt., Inc. ,
In addition, some of the terms of Ticketmaster's TOU do not satisfy the second prong of MDY -whether the breach implicates an exclusive right of copyright. Use of bots or automatic software, for instance, does not implicate an exclusive right of copyright and cannot constitute the basis of copyright infringement. MDY ,
Accordingly, the Court GRANTS Defendants' Motion to Dismiss Plaintiff's claim for copyright infringement. Dismissal is without leave to amend to the extent that Plaintiff's copyright infringement claim is based on Defendants' use of bots, by exceeding the TOU limitations on the number of page refreshes or ticket requests, or by placing imposing a large load on Ticketmaster's servers.
B. Digital Millennium Copyright Act
The DMCA provides that: "[n]o person shall circumvent a technological measure that effectively controls access to a [copyrighted] work."
As stated above, Ticketmaster alleged that it has a copyright in various aspects of its website and mobile apps. (Compl. ¶ 28.) In order to access those copyrighted pages, Defendants must bypass security measures, including CAPTCHA and "splunk," unique identifiers for ticket purchasers used to determine if users are exceeding purchase limits. (Id. ¶¶ 21, 22.) According to Ticketmaster, Defendants circumvent these security measures by using bots or "CAPTCHA farm" laborers. (Id. ¶¶ 51-53, 103.) These allegations are sufficient to state a claim under the DMCA.
Defendants first argue that Ticketmaster's allegations are too vague to state a claim. However, there are no heightened pleading requirements for a DMCA circumvention claim. Ticketmaster only needs to allege facts that, accepted as true, "state a claim to relief that is plausible on its face." Iqbal ,
Defendants also argue that CAPTCHA and splunk are not "technological measures" as defined under the DMCA. This argument is unpersuasive. As Defendants acknowledge, a CAPTCHA prevents a user from proceeding further to gain access to copyrighted pages. CAPTCHA is therefore a "technological measure that effectively controls access to a [copyrighted] work."
C. Computer Fraud and Abuse Act
The CFAA prohibits computer trespass by those who are not authorized users or who exceed authorized use. Facebook, Inc. v. Power Ventures ,
"Congress enacted the CFAA in 1984 primarily to address the growing problem of computer hacking ..." United States v. Nosal ,
In Facebook, Inc. v. Power Ventures, Inc. ,
In this case, the issue is whether Defendants lacked authorization or exceeded their authorization when using Ticketmaster's website or mobile apps. Ticketmaster contends that Defendants lacked or exceeded their authorization by violating its TOU, even after it sent Defendants a cease-and-desist letter outlining the alleged violations. However, "[t]he mention of the terms of use in the cease and desist letter is not dispositive." Facebook ,
Ticketmaster has not shown that it rescinded permission from Defendants to use its website. In its cease-and-desist letter, Ticketmaster outlined Defendants' TOU violations, including Defendants' use of bots or automated software, imposing a large load on Ticketmaster's infrastructure, requesting more than 1,000 pages in a 24-hour period, making more than 800 ticket reservation requests in a 24-hour period, and circumventing CAPTCHA. (See Compl., Ex. E 3.) Ticketmaster then demanded that "[Lombardi], Prestige, and any other companies or individuals under [Lombardi's] direction or control cease and desist from any further violations of Ticketmaster's rights." (Id. at 4.) These demands admonish Defendants for violating the TOU, but do not actually revoke access authority. Cf. Facebook ,
Therefore, Ticketmaster must base its CFAA claim on the second prong-that Defendants exceeded their authorization to use its website. In the Ninth Circuit, "exceed authorization" claims require some showing that defendants are "inside hackers" who accessed unauthorized information or files. Nosal ,
Ticketmaster relies on United States v. Lowson , No. 10-114,
For these reasons, the Court GRANTS Defendants' Motion to Dismiss Ticketmaster's CFAA claim with leave to amend.
D. California's Computer Data Access and Fraud Act
The CDAFA is California's state-law analogue to the CFAA. Under the CDAFA, "any person who commits any of the following acts is guilty of a public offense ... knowingly and without permission uses or causes to be used computer services ..."
Oracle USA, Inc. v. Rimini St., Inc. ,
Here, as explained above, Ticketmaster never withdrew authorization to use its website. Ticketmaster's cease-and-desist *1177letter only expressed its disapproval of the method by which Defendants accessed the website. This is insufficient to state a claim under the CDAFA. For these reasons, the Court GRANTS Defendants' Motion to Dismiss Ticketmaster's CDAFA claim with leave to amend.
E. Breach of Contract
Defendants argue that Ticketmaster's breach of contract claim should be dismissed because it fails to adequately plead damages. Specifically, Defendants argue that Ticketmaster's liquidated damages provision is unenforceable and Ticketmaster does not adequately allege compensatory damages.
1. Liquidated Damages
California law applies a two-part test to determine whether liquidated damages provisions are valid: (1) fixing the amount of actual damages must be impracticable or extremely difficult; and (2) the amount selected must "represent a reasonable endeavor by the parties to estimate a fair compensation for the loss sustained." Util. Consumers' Action Network, Inc. v. AT & T Broadband of S. Cal. ,
Here, the damages associated with Defendants' alleged activity include costs that can be readily fixed, as well as costs that are difficult to determine. Infrastructure costs, such as additional security measures and monitoring costs, are easily calculable. But Ticketmaster also alleged costs associated with loss of consumer goodwill and deterrence. (Compl. ¶¶ 65, 71.) These costs are impracticable or extremely difficult to fix. Therefore, Ticketmaster has satisfied the first element.
The second element is similarly satisfied. Ticketmaster's liquidated damages provision sets liquidated damages at $0.25 per page request or reserve request made in excess of 1,000 pages or 800 reserve requests per 24-hour period. The high threshold before the liquidated damages provision applies suggests that there is no improper motive or purpose behind the provision.
*11782. Compensatory Damages
As explained above, Ticketmaster has alleged that it suffered damages in the form of infrastructure costs, loss of consumer goodwill, and costs associated with deterrence. These costs are sufficient to allege compensatory damages. See Rent-a-Center, Inc. v. Canyon Television & Appliance Rental, Inc. ,
Defendants contend that Ticketmaster's compensatory damages are speculative because Ticketmaster profits off of Defendants' activity. (See Mot. 28.) According to Defendants, Ticketmaster only cancels orders when it is clear that those tickets can be resold. Otherwise, Ticketmaster simply pockets the proceeds of Defendants' purchases. (Id. ) Defendants' theory, however, is itself speculative. On a motion to dismiss, the Court can only consider the facts alleged in Ticketmaster's Complaint. See Iqbal ,
F. Fraud
Defendants contend that Ticketmaster failed to satisfy the requirements of Federal Rule of Civil Procedure 9(b) and plead the elements of promissory fraud.
Where the plaintiff's claim sounds in fraud, the complaint must comply with Federal Rule of Civil Procedure 9(b)'s heightened pleading standard. Mendiondo v. Centinela Hosp. Med. Ctr. ,
In California, promissory fraud consists of the following elements: (1) a promise without any intention of performing it; (2) intent to deceive or intent to induce the party to whom it was made to enter into the transaction; (3) reasonable reliance by the party to whom it was made; (4) the party making the promise did not perform; and (6) the party to whom the promise was made was injured. Regus v. Schartkoff ,
Ticketmaster alleges that every time Defendants created an account, they assented to the TOU with the intent to breach the TOU by using bots and automated software to purchase large quantities of tickets. (See Compl. ¶¶ 113-23.) Ticketmaster also alleges that it relied on these representations and sold Defendants tickets, resulting in damage to its reputation, loss of advertising revenue, and increased infrastructure costs. (Id. ¶¶ 8, 23, 65, 67, 70, 71.) These allegations satisfy Rule 9(b) and California's pleading requirements for promissory fraud.
Defendants argue that Ticketmaster failed to adequately plead intent because *1179Ticketmaster does not allege when it entered into a contract with Defendants. (Mot. 32.) This argument is unavailing. Ticketmaster alleged that Defendants had the requisite intent to defraud every time Defendants created an account. For these reasons, the Court DENIES Defendants' Motion to Dismiss Ticketmaster's fraud claims.
G. State Law Claims
Defendants contend that Ticketmaster's remaining state law claims should be dismissed for lack of subject matter jurisdiction and personal jurisdiction as to Renaissance, Lombardi, and Lichtman (collectively, "Foreign Defendants"). (Mot. 33-34.)
Defendants do not contest that Ticketmaster's state law claims arise out of the same case or controversy as its federal claims. Because Ticketmaster has stated a claim under the DMCA and its CFAA claim is capable of amendment, the Court will exercise supplemental jurisdiction over the state law claims pursuant to
A federal court may exercise personal jurisdiction over a defendant if he or she has "minimum contacts" with the relevant forum and if the exercise of jurisdiction does not offend "traditional notions of fair play and substantial justice." Int'l Shoe Co. v. Washington ,
(1) The non-resident defendant must purposefully direct his activities or consummate some transaction with the forum or resident thereof; or perform some act by which he purposefully avails himself of the privilege of conducting activities in the forum, thereby invoking the benefits and protections of its laws;
(2) the claim must be one which arises out of or relates to the defendant's forum-related activities; and
(3) the exercise of jurisdiction must comport with fair play and substantial justice, i.e. it must be reasonable.
Schwarzenegger v. Fred Martin Motor Co. ,
The Foreign Defendants have purposefully availed themselves of this forum by buying large amounts of tickets through Ticketmaster, which is headquartered in Los Angeles. (Compl. ¶ 10.) The Foreign Defendants' ticket purchases also form the basis of Ticketmaster's claims. Ticketmaster has sufficiently alleged that this Court has specific personal jurisdiction over the Foreign Defendants. Accordingly, the Court DENIES Defendants' Motion to Dismiss Ticketmaster's state law claims for lack of jurisdiction.
V. CONCLUSION
For the reasons discussed above, the Court GRANTS IN PART and DENIES IN PART Defendants' Motion to Dismiss. (ECF No. 24.) Dismissal is with leave to amend, except as to Ticketmaster's second claim for copyright infringement to the extent it relies on Defendants' TOU violations described in this Order. Should Ticketmaster wish to file an amended complaint, it must do so within twenty-one days of the date of this Order. Ticketmaster must also lodge with the Court, and serve on Defendants, a redlined copy of the amended pleading so that the Court can decipher the amendments to its complaint.
IT IS SO ORDERED.
Notes
There is no evidence on the docket that Defendant Prestige has been served with this lawsuit, and Prestige does not join in this Motion.
All factual references are allegations taken from Plaintiff's Complaint and accepted as true for purposes of this Motion. See Ashcroft v. Iqbal ,
Because Ticketmaster's CFAA claim is dismissed and is capable of amendment, the Court declines to address Defendants' remaining arguments.
Ticketmaster also argues that circumventing technical barriers, like CAPTCHA, constitutes improper use. (See Opp'n 21 (citing In re Facebook Privacy Litig. ,
Defendants point out that in 2007, Ticketmaster set its liquidated damages rate to $10 per page request in excess of 1,000 per 24-hour period. (See Mot. 27 (citing Ticketmaster, LLC v. RMG Techs., Inc. ,