Searching over 5,500,000 cases.

Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

CouponCabin LLC v., Inc.

United States District Court, N.D. Indiana

January 10, 2017




         This matter comes before the Court on Defendant Linfield Media, LLC's Motion for Judgment on the Pleadings [ECF No. 119], filed on October 13, 2016. For the reasons stated below, the Court denies the Motion for Judgment on the Pleadings


         Plaintiff CouponCabin LLC filed a Complaint [ECF No. 1] against Defendants Linfield Media, LLC, Savings.Com, Inc., Cox Target Media, Inc., Internet Brands, Inc., d/b/a DealsPlus, and Does 1 through 10 (collectively “the Defendants”) that was amended on November 2, 2015. The Amended Complaint [ECF No. 28] alleged that the Defendants “scraped” the Plaintiff's websites, which means to “electronically copy, retrieve or otherwise acquire data and information from the websites of others with little or no human interaction.” (Am. Compl. ¶ 4, ECF No. 28.) This “scraping” allegedly violated the federal Computer Fraud and Abuse Act (CFAA) and the Digital Millennium Copyright Act (DMCA) (Id. ¶¶ 56-67), and was also a breach of contract, trespass, and interference with prospective business advantage (Id. ¶¶ 68-92). The facts surrounding this dispute are laid out in greater detail in the Court's Order [ECF No. 87] of June 8, 2016.

         The Defendants moved to dismiss the Amended Complaint, and on June 8, 2016, the Court granted the Motion as to the DMCA claim but denied it as to all other claims. Thereafter, Linfield Media filed a separate Motion for Judgment on the Pleadings. The Plaintiff filed its Opposition [ECF No. 123] on October 27, 2016, and Linfield Media's Reply [ECF No. 124] was entered on November 7, 2016.


         A motion for judgment on the pleadings, pursuant to Federal Rule of Civil Procedure 12(c), permits a party to move for judgment after the complaint and answer have been filed by the parties. When reviewing Rule 12(c) motions, a court must review the pleadings under the same standard that applies when reviewing motions to dismiss for failure to state a claim under Rule 12(b)(6). Pisciotta v. Old Nat'l Bancorp, 499 F.3d 629, 633 (7th Cir. 2007). When reviewing a complaint attacked by a Rule 12(b)(6) motion, a court must accept all of the factual allegations as true and draw all reasonable inferences in favor of the plaintiff. Erickson v. Pardus, 551 U.S. 89, 93 (2007). The complaint need not contain detailed facts, but surviving a Rule 12(b)(6) motion “requires more than labels and conclusions . . . . Factual allegations must be enough to raise a right to relief above the speculative level.” Bell Atl. Corp. v. Twombly, 550 U.S. 544, 555 (2007). “A claim has facial plausibility when the pleaded factual content allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged.” Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009) (citing Twombly, 550 U.S. at 556).


         The Court has jurisdiction over the CFAA claim pursuant to 28 U.S.C. § 1331 and supplemental jurisdiction over the remaining state law claims pursuant to 28 U.S.C. § 1367. As the Court recently ruled on a Motion to Dismiss filed by all Defendants, the present Motion is in essence a request that the Court reconsider its past ruling as to just Linfield Media. In the Motion, Linfield Media requests judgment on the pleadings on all the Plaintiff's remaining claims.

         A. CFAA Claim

         The CFAA imposes both civil and criminal liability for the unauthorized access of electronic data. 18 U.S.C. § 1030(a)(1)-(7). Of relevance here, an individual violates the CFAA if he “intentionally accesses a computer without authorization or exceeds authorized access and thereby obtains . . . information from any protected computer.” § 1030(a)(2); see Motorola, Inc. v. Lemko Corp., 609 F.Supp.2d 760, 766 (N.D. Ill. 2009) (“The elements of a section 1030(a)(2) violation . . . include (1) intentional access of a computer, (2) without or in excess of authorization, (3) whereby the defendant obtains information from the protected computer.”). The CFAA does not define “without authorization”; although it does define “exceeds authorized access, ” as “to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.” 18 U.S.C. § 1030(e)(6).

         Liability under § 1030(a)(2) is triggered by the unauthorized access of electronic data- not by the unauthorized use of such data. Bittman v. Fox, 107 F.Supp.3d 896, 900-01 (N.D. Ill. 2015) (“The statutory purpose of the CFAA is to punish trespassers and hackers.”); CollegeSource, Inc. v. AcademyOne, Inc., No. 10-3542, 2012 WL 5269213, at *14 (E.D. Pa. Oct. 25, 2012) (“The CFAA protects against unauthorized access rather than unauthorized use.”); Koch Indus., Inc. v. Does, No. 2:10CV1275, 2011 WL 1775765, at *8 (D. Utah May 9, 2011) (noting that “[a] majority of courts have concluded” that claims of unauthorized use “lie outside the scope of the CFAA”). Because the CFAA does not define “authorization, ” the Court must give the term its “‘ordinary and plain meaning.'” United States v. Patel, 778 F.3d 607, 613 (7th Cir. 2015) (quoting Sanders v. Jackson, 209 F.3d 998, 1000 (7th Cir. 2000) (noting that “[w]e frequently look to dictionaries to determine the plain meaning of words, and in particular we look at how a phrase was defined at the time the statute was drafted and enacted.”)). The Oxford English Dictionary defines “Authorization” as “[t]he action of authorizing a person or thing” or “formal permission or approval.” Authorization,, (last visited Jan. 5, 2017). As a verb, “authorize” ordinarily means “to give official permission for or formal approval to (an action, undertaking, etc.)” or “to approve, sanction.” Authorize,, Entry/13352 (last visited Jan. 5, 2017). Therefore, based on the ordinary and plain meaning of “authorization, ” to act “without authorization” is to act without formal permission or approval.

         A review of case law shows that several district courts have adopted a similar interpretation of “without authorization” when confronting nearly identical facts. For example, in Craigslist Inc. v. 3Taps Inc., 964 F.Supp.2d 1178 (N.D. Cal. 2013), a defendant accessed the plaintiff's public website even after the plaintiff sent cease-and-desist letters and blocked the defendant's IP addresses. Id. at 1180-81. In finding that the defendant acted “without authorization” under the CFAA, the court explained that although the plaintiff “gave the world permission (i.e., ‘authorization') to access the public information on its public website . . . it rescinded that permission for [the defendant]. Further access by [the defendant] after that rescission was ‘without authorization.'” Id. at 1184; see also Facebook, Inc. v. Grunin, 77 F.Supp.3d 965, 973 (N.D. Cal. 2015) (finding that a defendant acted “without authorization” under the CFAA when he continued to access Facebook's site, even after Facebook “implemented a complete access restriction by sending [the defendant] two cease-and-desist letters and by taking technical measures to block his access.”); Sw. Airlines v. Farechase, 318 F.Supp.2d 435, 439-40 (N.D. Tex. 2004) (finding that a plaintiff plausibly alleged a CFAA claim when Southwest “directly informed” the defendant that its scraping activity violated the Use Agreement on Southwest's website, which was “accessible from all pages on the website, ” as well as via “direct repeated warnings and requests to stop scraping.”) (internal quotation marks and citation omitted); cf. QVC, Inc. v. Resultly, LLC, 159 F.Supp.3d 576, 596-97 (E.D. Pa. 2016) (noting that, in determining whether the defendant acted “without authorization, ” the “relevant question is not whether [the defendant] was granted permission to access the information on [website], but whether that authorization was ever rescinded or limited in a way that would put [the defendant] on notice that it was not authorized to access information it was otherwise entitled to access.”).

         Guidance as to the meaning of “without authorization” is also found in CFAA cases involving employer-employee relationships. Notably, in International Airport Centers, LLC v. Citrin, 440 F.3d 418 (7th Cir. 2006), the Seventh Circuit found that an employee acted “without authorization” to access his work computer the moment he engaged in misconduct and decided to quit his job. Id. at 420. This was so even though there was an absence of any “hacking” or other techniques aimed at penetrating a secure computer or network on the employee's part. Id.; cf. LVRC Holdings LLC v. Brekka, 581 F.3d 1127, 1133-34 (9th Cir. 2009) (“[A] person uses a computer ‘without authorization' . . . when the person has not received permission to use the computer for any purpose (such as when a hacker accesses someone's computer without any permission), or when the employer has rescinded permission to access someone's computer and the defendant uses the computer anyway.”) Thus, given the ordinary and plain meaning of ...

Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.