Warren Terzian LLP

View Original

Want to bring a computer fraud claim? You're gonna need to allege that the person actually accessed your computers. (Duh.)

The Computer Fraud and Abuse Act protects your computers from unauthorized access. 

So what if you want to sue somebody for violating the Act?

You're going to need to allege facts showing that the person actually accessed your computer system. Obviously.

Down in San Diego, Physician's Surrogacy tested the line of how much facts you need to allege. And it found itself on the wrong side of it.

Physician’s Surrogacy sued competitor Elite Women Surrogacy for violating the CFAA without alleging any real facts on how the competitor accessed its computers. Instead it alleged, generally, that the defendants “accessed Plaintiff's protected computer” and that Physician's Surrogacy never gave them login access.

But this is federal court. And general allegations that a defendant accessed a computer aren't enough. They're conclusory—parroting the statute's language—and federal courts usually require allegations rooted in reality.

Like the defendant logged into the company database on January 5, 2016. Or the defendant forwarded an email from a company email account to her personal account around February 4, 2016.

Or whatever. The key is that there must be some allegation giving the court and the defendant fair notice of what this case is about. 

Physician Surrogacy's generic allegations didn't do that. They just parroted the statute—the defendants accessed its computers—without saying how, when, or where.

That's not enough. So the court dismissed the claim under the CFAA.