Loading...
 

State Analysis, Inc. v American Financial Services Assoc.

Citation: 2009 WL 855793

Facts:

Plaintiff State Analysis, Inc. d/b/a StateScape (“StateScape”) owns and operates a searchable, propriety database of local, state, and federal bills and regulations, and sells access to it on a subscription basis to its clients. Co-defendant American Financial Services Association (“AFSA”) is a business association whose members are financial services companies. AFSA was a client of StateScape from 1998 through 2008 and under the terms of AFSA’s contract with StateScape, businesses that were members of AFSA were provided with access to StateScape’s database and custom reports. Co-defendant Kimbell Sherman Ellis (“KSE”) is a government relations and public affairs firm located in Montpelier, Vermont. KSE was a customer of StateScape between March 1, 1999 and February 29, 2000; however, it is now a competitor of StateScape.

In December 2002, KSE offered to purchase StateScape’s database. StateScape refused to accept the offer and shortly thereafter fired its marketing director, co-defendant Leif Johnson. Johnson was bound by a one year non-disclosure, non-compete agreement. However, Johnson began working for KSE around July 2003. On October 23, 2008, AFSA told StateScape that it would not renew its contract with StateScape and that it was switching to KSE’s services.

StateScape began investigating AFSA’s activity logs. The investigation yield three findings: (1) there had been an unauthorized access from a VT-based IP address, (2) KSE reports posted on AFSA’s website were strikingly similar, and sometimes identical to StateScape’s customized reports, and (3) some of StateScape’s propriety database features had been incorporated into KSE’s database. Based on StateScape’s findings, StateScape instituted action against the co-defendants.

Procedural History:

The co-defendants are bringing a motion to dismiss 6 of the 11 claims alleged by plaintiff.

Issues:

1. Whether StateScape’s Computer Fraud and Abuse Act claim against AFSA and KSE withstands a motion to dismiss?
2. Whether StateScape’s Electronic Communications Privacy Act claim against AFSA and KSE withstands a motion to dismiss?
3. Whether StateScape’s Virginia Computer Crimes Act claim against AFSA and KSE withstands a motion to dismiss?
4. Whether StateScape’s Trespass claim against KSE withstands a motion to dismiss?
5. Whether StateScape’s claim against AFSA and KSE for misappropriating trade secrets withstands a motion to dismiss?
6. Whether StateScape’s breach of contract claim against Johnson withstands a motion to dismiss?

Holding(s):

1. StateScape’s Computer Fraud and Abuse Act claim against KSE withstands a motion to dismiss, but the claim against AFSA does not.
2. StateScape’s Electronic Communications Privacy Act claim against KSE withstands a motion to dismiss, but the claim against AFSA does not.
3. No. The Virginia Computer Crimes Act against AFSA and KSE does not survive a motion to dismiss because the VCCA was preempted by the Copyright Act.
4. Yes. The Trespass claim against KSE survives a motion to dismiss because KSE’s unauthorized access “diminished” the value of StateScape’s “possessory interest” in its paid subscription business.
5. No. StateScape’s misappropriation claim against AFSA and KSE does not survive a motion to dismiss because the password exchanged between AFSA and KSE does not have an independent economic value.
6. No. StateScape’s breach of contract claim against Johnson does not survive a motion to dismiss because the suit did not commence within the applicable statute of limitations.

Critical Analysis:

1. Any person is prohibited from intentionally accessing a computer without authorization or exceeding authorized access, and thereby obtaining information from any protected computer. 18 U.S.C. § 1030(a)(2). “Exceeds authorized access” is explicitly defined as accessing a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter. 18 U.S.C. § 1030(e)(6).
a. KSE accessed StateScape’s website using usernames and passwords that did not belong to it. Furthermore, KSE employed to former StateScape employees that were familiar with StateScape’s terms and conditions prohibiting non-paying users from accessing its database. Furthermore, StateScape’s database was password-protected, which constitutes a protected computer. Thus, the CFAA claim against KSE survives a motion to dismiss.
b. AFSA did not engage in an unauthorized access of StateScape’s database. Giving a password to a nonpaying customer does not constitute unauthorized access. Rather, giving a password to a nonpaying customer is an unauthorized misappropriation or use. Thus, the CFAA claim against AFSA does not withstand a motion to dismiss.
2. No person shall intentionally access without authorization a facility through which an electronic communication service is provided, or intentionally exceed an authorization to access that facility; and thereby obtain, alter, or prevent authorized access to a wire or electronic communication while it is in electronic storage. 18 U.S.C. § 2701. However, the ECPA does not prohibit conduct authorized (1) by the person or entity proving a wire or electronic communications service or (2) by a user of that service with respect to a communication of or intended for that user. 18 U.S.C. § 2701(c)(2).
a. AFSA was not entitled to pass information from StateScape’s database to KSE, but AFSA was entitled to see all of the information that it allegedly accessed. Thus, AFSA’s conduct falls within the first exception to 18 U.S.C. § 2701(c)(2).
b. KSE was not entitled to access information on StateScape’s database. Therefore, KSE violated the ECPA.
3. The elements of a violation of the Virginia Computer Crimes Act are that the defendant (1) uses a computer or computer network; (2) without authority; and (3) either obtains property or services by false pretenses, embezzles or commits larceny; or converts the property of another. Va.Code § 18.2-152.3. However, in Rosciszewski v. Arete Associates, Inc., the Fourth Circuit concluded that a state law claim is preempted by the Copyright Act if (1) the work at issue is “within the scope of the ‘subject matter of copyright’ as specified in 17 U.S.C. §§ 102, 103 and (2) the rights granted under state law are equivalent to any exclusive rights within the scope of federal copyright as set out in 17 U.S.C. § 106.” 1 F.3d 225, 229 (4th Cir. 1993). Here, the court determined that the VCCA was within the subject matter of copyright as specified by 17 U.S.C. §§ 102, 103 and granted StateScape the same rights already granted under 17 U.S.C. § 106. Thus, the Court concluded that the VCAA was preempted by the Copyright Act and dismissed the claim against AFSA and KSE.
4. A trespass to chattels occurs when one party intentionally uses or intermeddles with personal property in rightful possession of another without authorization, and if the chattel is impaired as to its condition, quality, or value. America Online, Inc. v. LCGM, Inc. 46 F.Supp.2d 444, 451-52 (E.D.Va. 1998). Furthermore, senders of bulk email commit a trespass to chattels when they cause contact with an entity’s computer network and the entity’s business goodwill and diminish the value of its possessory interest in its computer network. America Online, Inc. v. IMS, 24 F.Supp.2d 548, 550 (E.D.Va. 1998). Here, StateScape charges fees for its passwords. Because KSE accessed StateScape’s database without purchasing a password from StateScape, the value of StateScape’s possessory interest in its computer network is diminished. Accordingly, StateScape’s trespass to chattels claim against KSE is adequately pled to survive a motion to dismiss.
5. Under the Virginia Uniform Trade Secrets Act (“VUTSA”), a trade secret is defined as information, including but not limited to, a formula, pattern, compilation, program, device, method, technique, or process, that (a) derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means by, other persons who can obtain economic value from its disclosure or use, and (b) is the subject of efforts that are reasonable under the circumstances to maintain its secrecy. Va.Code. § 59.1-336. Although the passwords at issue clearly have economic value given that they are integral to accessing StateScape’s database, they have no independent economic value in the way a formula or a customer list might have. Thus, the password exchanged between AFSA and KSE is not entitled to protection under VUTSA and StateScape’s claim against AFSA and KSE is dismissed.
6. A breach of contract claim is time-barred if the suit is not brought within five years of the alleged breach. Va.Code § 8.01.246(2). Johnson began working for KSE no later than July 2003 and this suit was not filed until December 24, 2008. The period of time between the alleged breach of Johnson’s employment agreement and the time that suit was brought is a period of time that is longer than 5 years. Therefore, the breach of contract claim against Johnson is dismissed.



Contributors to this page: jgbunn .
Page last modified on Saturday 11 of April, 2009 16:10:22 GMT by jgbunn.
Portions © 2006-2019 by Michael Risch, Some Rights Reserved | Copyright Notice| Legal Disclaimer