MUFG Union Bank, NA v. Tyler et al, No. 2:2017cv01766 - Document 86 (W.D. Wash. 2018)

Court Description: ORDER granting Defendants' 81 Motion to Dismiss. Plaintiff's CFAA claim against them will be dismissed in its entirety with prejudice. Signed by Judge Ricardo S Martinez. (SWT)

Download PDF
MUFG Union Bank, NA v. Tyler et al Doc. 86 1 2 3 4 UNITED STATES DISTRICT COURT WESTERN DISTRICT OF WASHINGTON AT SEATTLE 5 6 8 MUFG UNION BANK, N.A., a national association, 9 Plaintiff, 7 10 11 v. AARON TYLER, an individual, et al., 12 Defendants. 13 ) ) CASE NO. C17-1766RSM ) ) ORDER GRANTING MOTION TO ) DISMISS ) ) ) ) ) ) 14 I. 15 INTRODUCTION 16 This matter comes before the Court on the individual Defendants’ Motion to Dismiss 17 Union Bank’s Amended CFAA Claim. Dkt. #81. Defendants argue that Plaintiff continues to 18 fail to state a claim for relief under the Computer Fraud and Abuse Act (“CFAA”) against the 19 20 individual Defendants. Id. Plaintiff responds that it has adequately pled facts to support its 21 amended CFAA claim. Dkt. #82. For the reasons set forth below, the Court disagrees with 22 Plaintiff and GRANTS Defendants’ motion to dismiss. II. 23 24 BACKGROUND The instant matter was filed in this Court on November 22, 2017. Dkt. #1. Plaintiff 25 26 MUFG Union Bank, N.A. (“Union Bank”) alleges that a group of its former employees resigned 27 en masse after planning for several months to take trade secrets, documents and confidential 28 information that they are now utilizing to take business from it and unfairly compete with it. Dkt. ORDER PAGE - 1 1 2 #79 at ¶ ¶ 8-22. Plaintiff further alleges that Defendant U.S. Bank knew of the individuals’ actions and encouraged them. Id. at ¶ ¶ 19-22. Based on these allegations, Union Bank initially 3 asserted six claims for relief against the Defendants: 1) breach of fiduciary duty of loyalty 4 (against all Defendants); 2) intentional interference with business relationships (against all 5 Defendants); 3) misappropriation of trade secrets under Washington’s UTSA, RCW 19.108.010, 6 7 et seq. (against all Defendants); 4) conversion (against all Defendants); 5) misappropriation of 8 trade secrets under the Defend Trade Secrets Act (“DFSA”), 18 U.S.C. § 1831, et seq. (against 9 all Defendants); and 6) violations of the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 10 1030, et seq. (against the individual Defendants). Dkt. #1 at ¶ ¶ 23-56.1 All Defendants then 11 12 moved to dismiss all claims. Dkts. #62 and #63. 13 On May 2, 2018, this Court granted in part Defendants’ motions. Dkt. #78. Specifically, 14 the Court dismissed with prejudice Plaintiff’s First, Second and Fourth Claims for Relief, allowed 15 Plaintiff’s Third and Fifth Claims for trade misappropriation under state and federal law to 16 proceed, and allowed Plaintiff leave to amend its CFAA claim only. Id. Plaintiff filed an 17 18 Amended Complaint on May 11, 2018. Dkt. #79. The instant motion followed. III. 19 A. Legal Standard 20 In deciding a 12(b)(6) motion, this Court is limited to the allegations on the face of the 21 22 DISCUSSION Complaint (including documents attached thereto), matters which are properly judicially 23 24 noticeable and other extrinsic documents when “the plaintiff’s claim depends on the contents of 25 a document, the defendant attaches the document to its motion to dismiss, and the parties do not 26 27 28 1 Plaintiff erroneously pleaded two “Fifth” Claims for Relief in its initial Complaint. Dkt. #1 at ¶ ¶ 45-56. For ease of reference, the Court has referred to the initial CFAA claim against the individual Defendants as the sixth claim for relief. ORDER PAGE - 2 1 2 dispute the authenticity of the document, even though the plaintiff does not explicitly allege the contents of that document in the complaint.” Knievel v. ESPN, 393 F.3d 1068, 1076 (9th Cir. 3 2005). The Court must construe the complaint in the light most favorable to the Plaintiff and 4 must accept all factual allegations as true. Cahill v. Liberty Mutual Ins. Co., 80 F.3d 336, 337- 5 38 (9th Cir. 1996). The Court must also accept as true all reasonable inferences to be drawn from 6 7 the material allegations in the Complaint. See Brown v. Elec. Arts, Inc., 724 F.3d 1235, 1247-48 8 (9th Cir. 2013); Pareto v. F.D.I.C., 139 F.3d 696, 699 (9th Cir. 1998). However, the Court is not 9 required to accept as true a “legal conclusion couched as a factual allegation.” Ashcroft v. Iqbal, 10 11 12 556 U.S. 662, 678 (2009) (quoting Bell Atl. Corp. v. Twombly, 550 U.S. 544, 555 (2007)). B. Amended CFAA Claim Against Individual Defendants 13 The individual Defendants now move for the dismissal of Plaintiff’s amended CFAA 14 claim against them. The CFAA was enacted in 1984 to enhance the government’s ability to 15 prosecute computer crimes. LVRC Holdings LLC v. Brekka, 581 F.3d 1127, 1130 (9th Cir. 2009). 16 The Act was originally designed to target hackers who accessed computers to steal information 17 18 or to disrupt or destroy computer functionality, as well as criminals who possessed the capacity 19 to “access and control high technology processes vital to our everyday lives . . . .” Id. at 1130- 20 31. The CFAA prohibits a number of different computer crimes, the majority of which involve 21 accessing computers without authorization or in excess of authorization, and then taking 22 specified forbidden actions, ranging from obtaining information to damaging a computer or 23 24 25 computer data. Brekka, 581 F.3d at 1130-31 (citing 18 U.S.C. § 1030(a)(1)-(7) (2004). In its Amended Complaint, Plaintiff alleges the following: Employees knowingly, intentionally, and with the intent to defraud Union Bank accessed Union Bank’s computer systems without authorization or beyond the scope of any authorization Employees had in an effort to download and transfer files containing Union Bank’s confidential and 26 27 28 ORDER PAGE - 3 proprietary files, trade secrets, and other confidential information. Employees transferred confidential and trade secret information, including confidential and sensitive customer information, which they misappropriated from Union Bank to and accounts under the control of Employees. Specifically, Employees exceeded any authorization they had to access customer information contained in Union Bank’s computer systems by downloading, uploading, or otherwise taking and storing for later use Union Bank’s customers’ information, including but not limited to Union Bank’s customers’ email addresses. Employees were authorized to access such information only while employed by Union Bank and only to further Union Bank’s efforts to service its customers. Employees’ saving of that information for their own use or use by a competitor exceeded the authorization Union Bank gave to Employees to access customer information. 1 2 3 4 5 6 7 8 9 10 Dkt. #79 at ¶ 38. 11 As the Court previously noted, Plaintiff does not specify the subsection of the statute 12 allegedly violated. See Dkt. #78 at ¶ 9. However, it appears that Plaintiff alleges a violation of 13 18 U.S.C. § 1030(a)(4), in that Plaintiff alleges the individual Defendants without authorization 14 15 or exceeding authorized access, and with the intent to defraud, intentionally accessed and 16 obtained information from a protected computer. Id. Through briefing, it appears that Plaintiff 17 is focusing on the “exceeds authorized access” language of that subsection. Dkt. #82. The 18 individual Defendants argue that the amended CFAA claim still fails to adequately allege that 19 they exceeded their authorization to access Union Bank’s computer system. Dkt. #81 at 3-5. 20 21 22 Plaintiff asserts that the individual Defendants exceeded their authorized access, thereby violating the CFAA, “by accessing websites they were not allowed to access, including 23 Salesforce and Dropbox.” Dkt. #82 at 1. However, that is not what Plaintiff actually alleges. 24 Rather, Plaintiff alleges that Defendants “exceeded any authorization they had to access customer 25 information contained in Union Bank’s computer systems by downloading, uploading, or 26 27 otherwise taking and storing for later use Union Bank’s customers’ information” on Dropbox 28 and Salesforce. Dkt. #79 at ¶ 38. As Defendants note, this is simply another way of alleging ORDER PAGE - 4 1 2 misappropriation, which the Ninth Circuit, as well as this Court, has already held cannot sustain a CFAA claim. United States v. Nosal, 676 F.3d 854, 864 (9th Cir. 2012); LVRC Holdings LLC 3 v. Brekka, 581 F.3d 1127, 1130 (9th Cir. 2009). “Under the CFAA, the activity that must be 4 authorized is the ‘access,’ not the use to which the information is later put.” National City Bank, 5 N.A. v. Republic Mortg. Home Loans, LLC, No. C09-1550RSL, 2010 WL 959925, at *3 (W.D. 6 7 Wash. Mar. 12, 2010). “When an employer grants an employee access to a computer or to certain 8 records on a computer system, access continues to be authorized until rescinded by the employer, 9 even if the employee has become disloyal and is acting contrary to the employer’s interest.” Id. 10 (emphasis added). Here, Plaintiff has not alleged in its amended claim, that the individual 11 12 Defendants accessed information that was not within the scope of their authorization. Instead, 13 Plaintiff focuses on “accessing” third-party websites. “A CFAA violation occurs only when an 14 employee accesses information that was not within the scope of his or her authorization.” Id. 15 Accordingly, for the reasons discussed by the individual Defendants in their motion, the Court 16 finds that Plaintiff has failed to adequately plead a claim that the individual Defendants exceeded 17 18 19 their authorized access, and the Court will dismiss the amended CFAA claim. C. Leave to Amend 20 Ordinarily, leave to amend a complaint should be freely given following an order of 21 dismissal, “unless it is absolutely clear that the deficiencies of the complaint could not be cured 22 by amendment.” Noll v. Carlson, 809 F.2d 1446, 1448 (9th Cir. 1987); see also DeSoto v. Yellow 23 24 Freight Sys., Inc., 957 F.2d 655, 658 (9th Cir. 1992) (“A district court does not err in denying 25 leave to amend where the amendment would be futile.” (citing Reddy v. Litton Indus., Inc., 912 26 F.2d 291, 296 (9th Cir. 1990)). With respect to Plaintiff’s amended CFAA claim, the Court 27 concludes that granting leave to amend that claim again would be futile. The Court can conceive 28 ORDER PAGE - 5 1 2 of no possible cure for the deficiencies in Plaintiff’s Amended Complaint as to that claim, particularly given the invalidity of Plaintiff’s arguments as discussed above, and the fact that 3 Plaintiff has had the opportunity to amend the claim already but has not been able to cure the 4 identified deficiencies. Accordingly, leave to amend the CFAA claim will not be granted. 5 IV. CONCLUSION 6 7 Having reviewed the individual Defendants’ motion, the opposition thereto and reply in 8 support thereof, along with the remainder of the record, the Court hereby finds and ORDERS 9 that the individual Defendants’ Motion to Dismiss (Dkt. #81) is GRANTED, and Plaintiff’s 10 11 12 CFAA claim against them will be dismissed in its entirety with prejudice. DATED this 29 day of June, 2018. A 13 14 RICARDO S. MARTINEZ CHIEF UNITED STATES DISTRICT JUDGE 15 16 17 18 19 20 21 22 23 24 25 26 27 28 ORDER PAGE - 6
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.