From Casetext: Smarter Legal Research

Fidlar Technologies v. LPS Real Estate Data Solutions, Inc.

UNITED STATES DISTRICT COURT CENTRAL DISTRICT OF ILLINOIS ROCK ISLAND DIVISION
Mar 5, 2015
82 F. Supp. 3d 844 (C.D. Ill. 2015)

Opinion

Case No. 4:13–cv–4021–SLD–JEH

2015-03-5

Fidlar Technologies, Plaintiff, v. LPS Real Estate Data Solutions, Inc., Defendant. LPS Real Estate Data Solutions, Inc., Counter–Claimant, v. Fidlar Technologies, Counter–Defendant.

Danessa P. Watkins, Jason R. Williams, J. R. Williams Law LLC, Chicago, IL, for Plaintiff/Counter–Defendant. Christopher J. Murdoch, Chelsea Ashbrook McCarthy, Robert Tyler Pickrell, Holland & Knight LLP, Chicago, IL, Thomas E. Mixdorf, Derek R. Molter, Stephen Elliot Reynolds, Ice Miller LLP, Indianapolis, IN, for Defendant/Counter–Claimant.



Danessa P. Watkins, Jason R. Williams, J. R. Williams Law LLC, Chicago, IL, for Plaintiff/Counter–Defendant.Christopher J. Murdoch, Chelsea Ashbrook McCarthy, Robert Tyler Pickrell, Holland & Knight LLP, Chicago, IL, Thomas E. Mixdorf, Derek R. Molter, Stephen Elliot Reynolds, Ice Miller LLP, Indianapolis, IN, for Defendant/Counter–Claimant.

ORDER


SARA DARROW, UNITED STATES DISTRICT JUDGE

Fidlar Technologies (“Fidlar”) sued LPS Real Estate Data Solutions, Inc. (“LPS”) under the civil-suit provision of the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030(g), and under the civil-suit provision the Illinois Computer Crime Prevention Law (“CCPL”), 720 ILCS 5/17–51 (2011). Fidlar also alleged a common law trespass to chattels claim. Am. Compl. 11–14; ECF No. 31–1. LPS counter-claimed for various forms of tortious interference and sought declaratory and injunctive relief. Am. Counterclaim 13–30; ECF No. 19. The dispute between the parties rests on LPS's method of accessing real estate information that Fidlar helps counties digitize and make available online. Before the Court are LPS's Motion for Summary Judgment and Request for Oral Argument, ECF No. 77, and LPS's Alternative Motion for Partial Summary Judgment on Certain of Fidlar's Claims for Damages and Request for Oral Argument, ECF No. 79. For the following reasons, Fidlar's Motion for Summary Judgment is GRANTED. Because the Court grants this motion in its entirety, LPS's motion for partial summary judgment is MOOT.

BACKGROUND

Except where otherwise noted with a specific docket citation, the information in this section comes from the parties' statements of undisputed material facts.

Fidlar is a technology company that creates and licenses software to the county offices that maintain land records. Some of this software helps counties digitize their paper records by scanning images of the documents and indexing these images. Some of the software allows counties to make these records available over the internet. If counties wish to make the records available online, they can either host them on their own servers, or contract with Fidlar to host them on its servers. During the time period relevant to this case, the hosting of records using either method was accomplished using a group of software components, collectively called “Laredo,” created by Fidlar.

The parties sometimes use the term “Laredo” to refer only to the user interface created by Fidlar, which may be a reflection of how Fidlar referred to its products internally. See Noe 30(b)(6) Dep. 21–22, Mem. Supp. Mot. Summ. J. Ex. 13; ECF No. 78–13. The parties agree that the term refers to the group of software components.

Laredo consisted of a database which stored the index and image data gathered from paper land records; a “middle tier”; and a user interface contained in a client. The middle tier was an intermediary between database and client, responding to the client's requests with images and information from the database. These requests were generally transmitted to the middle tier from a remote client, via the internet. They came in the form of “SOAP calls.” SOAP (Simple Object Access Protocol) is a protocol for exchanging information. A SOAP call consists of a “header,” which contains information about the call, and a body, which contains the call itself. While SOAP calls can be encrypted at different levels, the calls used by the client to query the middle tier were not.

Fidlar has created and marketed several different pieces of client software over the years, some of which also have distinct software elements associated with them in the middle tier. These pieces of software include such programs as “Tapestry” and “Monarch.” While Tapestry existed during the time in question, it is undisputed that the conduct for which Fidlar is suing involved Laredo. See Noe 30(b)(6) Dep. 22–24.

Fidlar made the client available on its website for people interested in accessing county land records. By downloading the client, remote users could download and view on their own computers land record information that counties had digitized. Regardless of whether Fidlar or the counties hosted the land record information, that information remained the property of the counties who granted users access to the information, often via written agreement and sometimes for a fee. Fidlar was not a party to these agreements. The client did contain an End User License Agreement (“EULA”), written by Fidlar, that was packaged with the client software and was made available to users. In order to use the client, users had to accept the EULA's terms and conditions. See Fidlar Technologies Laredo End User License Agreement, Mem. Supp. Mot. Summ. J. Ex. 15, ECF No. 78–15.

LPS is a real estate data analytics company that gathers and sells information about real property. In pursuit of this mission, the company culls information from land records on a “vast scale.” Resp. Mot. Summ. J. 2, ECF No. 82. LPS currently has agreements to access public land title information with about 2,600 county recorders' offices nationwide. Around 2010, LPS undertook an expansion effort, forming agreements with more counties. Marroquin Dep. 21–22, ECF No. 78–3. 82 of these were counties that made their land documents available online using Fidlar's services. LPS entered into arrangements with each of these counties to access their land records. Some counties used written contracts; others had sign-up sheets or other less formal means of arranging for access. Where counties priced access differently based on the number of minutes of time logged searching land records, LPS paid the counties the fee required for the maximum amount of time possible, or “unlimited” time.

LPS does not attempt to acquire the rights to or sell images of land title documents; rather, it sells the aggregated data from these documents.

While Fidlar disputes LPS's purported contention that “unlimited” access gave LPS privileges that extended beyond time spent accessing the database, it does not dispute that the agreements with the counties permitted LPS to spend unlimited time accessing the database. Resp. Mot. Summ. J. 17–18.

LPS's preferred method of getting access to land records digitally, in non-Fidlar counties, was via file transfer protocol or some other means by which records could be grabbed en masse. For reasons that the parties dispute, but at the very least, to speed up the process of accessing and analyzing land records, LPS developed its own method of retrieving images through the middle tier in each of the Fidlar counties. To do this, LPS downloaded Fidlar's client, logged in using the identifying information given to it by a particular county, and searched for a land record. LPS then used a “traffic analyzer” to capture the SOAP calls that the Fidlar client sent to the middle tier. While the parties disagree about whether the process that LPS used to analyze the captured calls might be described as “trial and error,” it remains undisputed that by analyzing the content of the intercepted SOAP calls, LPS was eventually able to figure out what kind of information SOAP calls sent to the middle tier needed to contain so that the middle tier would respond with a particular land record. LPS then created its own client to generate SOAP calls, search the databases of the different counties, and download images of land documents. The parties sometimes refer to this process as “web harvesting.”

Fidlar disputes LPS's statement of its reasons for developing its own technique. Resp. Mot. Summ. J. 22–23. This dispute is addressed infra, pp. 851–54.

A traffic analyzer catches and makes viewable certain kinds of network traffic. This program is referred to in briefing and deposition materials sometimes as an “http analyzer” or “web sniffer.” The terms are interchangeable in this context.

This is technically inapposite to the practices employed by LPS, which did not occur via the World Wide Web.

Whether by accident, design, or indifference, the LPS client's SOAP calls lacked the data necessary for the middle tier to track usage minutes on LPS's account, or to determine whether LPS had used the functionality of the Laredo client that permitted users to print documents they had downloaded. Thus, although LPS was generating many calls and downloading many land records, Fidlar and the counties contracting with it saw LPS's account as not logging any minutes, and not having printed any land records. There is no evidence that this volume of requests or their content hindered the operation of Fidlar or county servers.

Fidlar argues that, because the SOAP calls that the LPS client generated did not permit the middle tier to track usage minutes or prints, LPS's statement that “Fidlar did not experience any service disruptions as a result of LPS's activity” is a disputed material fact. Resp. Mot. Summ. J. 32. However, Fidlar does not dispute that LPS's activities did not prevent the orderly mechanical operation of anyone's servers—that is, no computer or network was slowed or shut down by LPS's actions.

Eventually, Fidlar and the counties discovered LPS's improvised method of accessing the middle tier, and litigation followed. Fidlar filed suit on March 11, 2013. ECF No. 1. LPS moved to dismiss, ECF Nos. 6, 35, filed a counterclaim, ECF No. 8, and moved for a temporary restraining order and preliminary injunction, ECF No. 9, to stop Fidlar from communicating negative things about LPS to certain counties. On November 8, 2013, the Court issued an order, ECF No. 42, denying the motion to dismiss and the motion for temporary restraining order and preliminary injunction. LPS moved for summary judgment on December 1, 2014. After the close of discovery, there was some dispute between the parties about the admissibility of evidence, particularly with respect to the report and testimony of one of Fidlar's experts, Dr. Ouri Wolfson, ECF No. 76–7, which LPS argued, ECF No. 75, had been untimely disclosed. On December 14, Magistrate Judge Hawley ruled that Fidlar could use Dr. Wolfson solely as a rebuttal expert against LPS's expert. Dec. 17, 2014 Hr'g Tr. 19–25, ECF No. 86–1.

DISCUSSION

I. Legal Standard on a Motion for Summary Judgment

Summary judgment is the “put up or shut up moment in a lawsuit, when a party must show what evidence it has that would convince a trier of fact to accept its version of events.” Johnson v. Cambridge Indus., Inc., 325 F.3d 892, 901 (7th Cir.2003) (internal quotation marks omitted). A court should grant summary judgment “if the movant shows that there is no genuine dispute as to any material fact and the movant is entitled to judgment as a matter of law.” Fed. R. Civ. P. 56(a).

At the summary judgment stage the court's function is not to weigh the evidence and determine the truth of the matter but to determine whether there is a genuine issue for trial—that is, whether there is sufficient evidence favoring the non-moving party for a jury to return a verdict in its favor. Anderson v. Liberty Lobby, Inc., 477 U.S. 242, 249, 106 S.Ct. 2505, 91 L.Ed.2d 202 (1986); Patel v. Allstate Ins. Co., 105 F.3d 365, 370 (7th Cir.1997). The court must view the evidence in the light most favorable to the non-moving party and draw all reasonable inferences in that party's favor. McCann v. Iroquois Mem'l Hosp., 622 F.3d 745, 752 (7th Cir.2010) (citing Anderson, 477 U.S. at 255, 106 S.Ct. 2505).

The movant in a summary judgment motion bears the initial burden of production– pointing the court to the materials in the record that “demonstrate the absence of a genuine issue of material fact” for trial. Celotex Corp. v. Catrett, 477 U.S. 317, 323, 106 S.Ct. 2548, 91 L.Ed.2d 265 (1986). Where the nonmovant bears the ultimate burden of persuasion on a particular issue, however the requirements on the movant are “not onerous,” and “may be discharged by showing—that is, point[ing] out to the district court—that there is an absence of evidence to support the nonmoving party's case.” Modrowski v. Pigatto, 712 F.3d 1166, 1168 (7th Cir.2013) (internal quotation marks omitted). Once the movant discharges her burden, the burden shifts to the nonmovant to “make a showing sufficient to establish the existence of an element essential to that party's case.” Celotex, 477 U.S. at 322, 106 S.Ct. 2548. To satisfy this burden, a nonmovant must “go beyond the pleadings ... to demonstrate that there is evidence upon which a jury could properly proceed to find a verdict in her favor.” Modrowski, 712 F.3d at 1169 (internal quotation marks omitted). “A plaintiff may not defeat the defendant's properly supported motion for summary judgment without offering any significant probative evidence tending to support the complaint.” Tri–Gen Inc. v. Int'l Union of Operating Engineers, Local 150, AFL–CIO, 433 F.3d 1024, 1038 (7th Cir.2006) (internal quotation marks omitted).

II. LPS's Motion for Summary Judgment

LPS moves for summary judgment on all three counts of Fidlar's Amended Complaint: Fidlar's CFAA claim, Am. Compl. 11–13, Mem. Supp. Mot. Summ. J. 27–40; Fidlar's CCPL claim, Am. Compl. 13–14, Mem. Supp. Mot. Summ. J. 40–44; and Fidlar's trespass to chattels claim, Am. Compl. 14, Mem. Supp. Mot. Summ. J. 44–45. The Court addresses each claim individually below.

A. Fidlar's Computer Fraud and Abuse Act Claim

1. Legal Framework

The CFAA, enacted in 1984, is “primarily a criminal statute designed to combat hacking.” WEC Carolina Energy Solutions LLC v. Miller, 687 F.3d 199, 201 (4th Cir.2012). However, it grants the right to maintain a civil action to “[a]ny person who suffers damage or loss by reason of a violation of this section.” 18 U.S.C. § 1030(g). Two provisions of the CFAA are relevant here. The first, § 1030(a)(4), applies to anyone who

knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1–year period[.]
18 U.S.C. § 1030(a)(4). The second, § 1030(a)(5)(A) applies to anyone who “knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionallycauses damage without authorization, to a protected computer.” 18 U.S.C. § 1030(a)(5)(A).

Relevant to these subsections are several definitions the statute supplies. A “computer” is “an electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions.” 18 U.S.C. § 1030(e)(1). A “protected computer” is any computer “which is used in or affecting interstate or foreign commerce or communication.” Id. § 1030(e)(2)(B). “Exceeds authorized access” means “to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.” Id. § 1030(e)(6). “Damage” is “any impairment to the integrity or availability of data, a program, a system, or information.” Id. § 1030(e)(8). “Loss” is “any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service.” Id. § 1030(e)(11).

2. Analysis

As a preliminary matter, the parties dispute what sections of the CFAA Fidlar may seek relief under at this phase of the proceedings.

In its Memorandum in Support of Motion for Summary Judgment, LPS states that Fidlar “specifically bases its CFAA claim on Section 1030(a)(5)(A),” Mem. Supp. Mot. Summ. J. 27, and cites to the Court's remark, in its Order denying dismissal, that “the specific section [of the statute] that Fidlar invokes (§ 1030(a)(5)(A)) requires damage to a protected computer,” Order Mot. Dismiss 14. In a footnote, LPS states that Fidlar in fact did mention a claim under § 1030(a)(4) in its briefing on the motion to dismiss, but did so in a footnote “[p]resumably to hedge its bets.” Mem. Supp. Mot. Summ. J. 27 n.20. LPS argues that there is, in any event, insufficient evidence in the record to support a claim under § 1030(a)(4).

In its Response, Fidlar counters that it originally made and seeks now to maintain a claim under § 1030(a)(4), because its Amended Complaint “broadly alleges a violation of 18 U.S.C. § 1030 without limiting its claim to a particular section of the CFAA,” Resp. Mot. Summ. J. 67. Fidlar offers to “hereby [clarify] for this Court that it is claiming a violation of both (a)(4) and (a)(5)(A) of the CFAA.” Id. Fidlar duly proceeds to argue that there is support in the record to sustain claims under both subsections.

A review of the Amended Complaint shows that Fidlar did broadly plead a violation of 18 U.S.C. § 1030, without naming any subsection. Am. Compl. 11. Furthermore, Fidlar also pleaded damages “in excess of $5,000 in the past calendar year,” id. at 12, as required to maintain a private action under § 1030(g), and was obviously seeking to invoke the statute's civil-suit provision. Subsection (g) provides a right of action to “[a]ny person who suffers damage or loss by reason of a violation of this section.” A violation of either § 1030(a)(4) or § 1030(a)(5)(A) would constitute “a violation of this section.” LPS has cited no authority that would suggest that Fidlar ought to be limited to § 1030(a)(5)(A) simply because Fidlar did not plead § 1030(a)(4) specifically, or raise it expressly at the motion to dismiss phase. The Court agrees with the Northern District of Illinois and with the Ninth Circuit that a party does not forfeit claims under various subsections of § 1030 simply by not pleading those subsections explicitly. MPC Containment Sys., Ltd. v. Moreland, No. 05 C 6973, 2008 WL 2875007, at *14 (N.D.Ill. July 23, 2008); Theofel v. Farey–Jones, 359 F.3d 1066, 1078 n. 5 (9th Cir.2004).

Technically, the $5,000 requirement is not enumerated by § 1030(g). Subsection (g) stipulates that, in addition to the criteria enumerated in any other section of the statute, in order for the private right of action to lie, the conduct in question must have violated one of subclauses I–V of subsection (c)(4)(A)(i). Subclause I is “loss to 1 or more persons during a 1–year period ... aggregating at least $5,000 in value.”

Although the Court and LPS treated Fidlar's claim as restricted to § 1030(a)(5)(A) at the motion to dismiss phase, none of Fidlar's possible claims were thereby foreclosed—the motion to dismiss, apparently only as to claims under § 1030(a)(5)(A), was denied, and Fidlar's other claims under § 1030 have survived up to this point. Fidlar may argue, in opposition to the Motion for Summary Judgment, as many viable theories of liability under § 1030 as it can sustain, and it has clarified for the Court that in its view, there are two: one arising under § 1030(a)(4) and one under § 1030(a)(5)(A).

a. Fidlar's 18 U.S.C. 1030 § (a)(4) Claim

In order to maintain a claim under 18 U.S.C. § 1030(a)(4), Fidlar must show that LPS acted knowingly and with intent to defraud, accessed a protected computer without authorization or exceeding authorized access, furthered the intended fraud by means of this conduct, and obtained anything of value (unless that value was less than $5,000 in a one-year period). 18 U.S.C. § 1030(a)(4). The Court addresses only the intent to defraud here because, as explained below, there is no evidence in the record upon which a jury could find for Fidlar on this element.

The Seventh Circuit has determined that to act with intent to defraud means to act “willfully and with specific intent to deceive or cheat, usually for the purpose of getting financial gain for one's self or causing financial loss to another.” United States v. Henningsen, 387 F.3d 585, 590–91 (7th Cir.2004) (quoting United States v. Moede, 48 F.3d 238, 241 (7th Cir.1995)). The act of fraud allegedly intended here is the digital copying of land records belonging to the counties in such a way as to evade logging detectable time during access, and to evade the print fee some counties charged. Resp. Mot. Summ. J. 68

The Amended Complaint claims that LPS “had been accessing Fidlar's software and electronically capturing documents from its client counties without its knowledge.” It specifically alleges that LPS has “knowingly and with intent to defraud obtained possession and control of document images in the amounts listed in the chart below.” Am. Compl. 12. The “chart below” contains columns listing “fee per page” and “number of documents captured.” Id. Fidlar does not suggest other fraudulent acts LPS might have specifically intended in creating and using its own client.

As a moving party who will not bear the burden of proof at trial, LPS needs to show “that there is an absence of evidence to support the nonmoving party's case.” Modrowski, 712 F.3d at 1168. Here, this means an absence of evidence that LPS acted knowingly and with intent to defraud by downloading land records without paying print fees it would otherwise incur. In order to make this showing, LPS points out that its behavior—using its custom client in all Fidlar counties, not just those where it might evade a print fee by doing so—is inconsistent with an intent to use the client to avoid paying print fees. Mem. Supp. Mot. Summ. J. 27 n. 20. If the aim of the client was to defraud counties that charged print fees, why use the client in counties where doing so would save it no money because printing was already free? Further, LPS claims that it never formed the intent to cheat or defraud the counties because it honestly believed its method of accessing land record images was permitted by the terms of its contracts with the counties, where in each case it paid for the maximum allowable number of minutes of access. Id.

LPS points to sufficient evidence in the record to support these contentions. It cites the deposition of Erick Marroquin, a former Senior Vice President at LPS and Rule 30(b)(6) witness, which reads in relevant part:

THE WITNESS: In my opinion, we paid, yes. We paid for access to the information we received.

BY MR. WILLIAMS:

Q. Based on monthly minutes, correct?

A. We paid for unlimited access to information within the solution, yes.

Q. When you say “information,” do you mean data?

A. I mean images.

Q. You mean that you were entitled to download images from the Laredo program without incurring a print charge; is that correct?

A. Yes.
Marroquin 30(b)(6) Dep. 185:6–17, ECF No. 78–3. LPS also points to the deposition of Scott Moore, Fidlar's Vice President of Sales and Marketing, who indicated that Fidlar did not share in any of fees that counties might charge for printing documents, Moore 30(b)(6) Dep. 73:8–10, ECF No. 78–2. While the latter record materials appear to bear only on Fidlar's stake in print fees, the former clearly indicates that, from LPS's perspective, paying for unlimited minutes entitled the company to download the images without printing them and thus without paying the fee that Fidlar alleges was fraudulently evaded.

Illuminating Marroquin's testimony is one of the paragraphs of LPS's amended counterclaim, the answer to which LPS cites in its motion for summary judgment as to Fidlar's § 1030(a)(4) claim. The paragraph reads:

LPS has no interest in printing paper-based copies of the public records. Rather, it seeks only to review the records and collect specific pieces of information and data from each. Printing the records, however, is a source of revenue for the Counties, and Laredo was marketed to the counties on this basis. Accordingly, the Laredo software disables some standard functions on the user's computers, such as the “print screen” button. Laredo also blocks the “copy and paste,” functions, and inhibits third party software that can save screen shots.
Fidlar's Answer to LPS's Am. Counterclaim ¶ 16. This paragraph explains the essential nature of LPS's intentions toward the land record files that it first downloaded and viewed in Fidlar's client, and then in its own. According to LPS, physical printing was never its goal. Rather, LPS sought to copy and collect certain data from land records, which it could have done by using Fidlar's client, manually transcribing the information displayed from the downloaded images if needed, or copying them via another piece of software. See May 17, 2013 Evid Hr'g Tr. 47; ECF No. 82–21. However, Fidlar's client was designed to make it difficult for users to copy or extract data quickly from the land record images it displayed by blocking the computer's normal copying functionalities. See May 17, 2013 Evid Hr'g Tr 124. LPS's witnesses testified that the company developed its own client solely as a way of massively speeding its data-collecting activities and circumventing the “features,” or hobbles, that Fidlar deliberately engineered into its software to hinder copying and to encourage users to print documents physically, “a source of revenue to the counties.” Fidlar's Answer to LPS's Am. Counterclaim ¶ 16. As Marroquin put it, “No part of [LPS's search practice] was to avoid a print fee.” Marroquin Dep. 122, ECF No. 82–14.

There exists a great deal of confusion throughout the record about whether it was permissible for LPS to “download” images from the county databases. Witnesses with technical knowledge of the software at issue seem particularly puzzled by this line of questioning. See, e.g., May 17, 2013 Evid Hr'g Tr. 125, ECF No. 82–21. This is understandable, given that the common meaning of “download”—“an act of moving or copying a file, program, etc., from a usually larger computer system to another computer or device”—encompasses any transfer of information from server to client, whether conducted by Fidlar's client or another program. “Download,” Merriam–Webster.com, http://www.merriam-webster.com/dictionary/download (visited Feb. 11, 2015). Thus, any authorized viewing of the images involved “downloading” them. The real issue seems to be whether LPS was authorized to save downloaded land records to storage media in a readable and transferable format after the data had been downloaded. These are technological nuances that neither party addresses in briefing.

By pointing to evidence in the record supporting the inference that it had no fraudulent intent, and by citing to depositions asserting its non-fraudulent intent, LPS has met its initial burden of production, and preliminarily “demonstrate[d] the absence of a genuine issue of material fact” for trial. Celotex, 477 U.S. at 323, 106 S.Ct. 2548. It now lies with Fidlar to “demonstrate that there is evidence upon which a jury could properly proceed to find a verdict in [its] favor” on the element of intent to defraud. Modrowski, 712 F.3d at 1169 (internal quotation marks omitted).

In support of its position, Fidlar first tries to contend that “[w]hether LPS acted with an intent to defraud by replacing the Laredo Client with its own client is a material fact under section (a)(4) that remains in dispute.” Resp. Mot. Summ. J. 68. Fidlar is mistaken. The intent to defraud is not a material fact, but rather an element of the offense upon which Fidlar bears the ultimate burden of proof. Fidlar must now point to material facts to “make a showing sufficient to establish the existence” of that element. Celotex, 477 U.S. at 322, 106 S.Ct. 2548.

To make this showing, Fidlar first observes that there is evidence suggesting “LPS knew that its web-harvester allowed it to search county databases and download images of documents without its usage being tracked.” Resp. Mot. Summ. J. 68. There certainly is evidence to support this contention; Fidlar cites to several invoices it generated on behalf of the counties and sent to LPS showing extensive usage time and in some cases a few print fees, followed by a total disappearance of usage time and print fees after a certain point in 2012. Miller, AR Invoices, ECF No. 82–24; St. Joseph, IN invoices, ECF No. 82–25; Vandenburgh, IN Invoices, ECF No. 82–26; Delaware, IN Invoices, ECF No. 82–27; Eau Claire, WI Invoices, ECF No. 82–28; Rock, WI Invoices, ECF No. 82–29. However, while these materials show that LPS was on notice that its activities had caused it to stop logging minutes with Fidlar and the counties, they do nothing to support the inference that LPS acted with intent to defraud. Indeed, the receipt of the invoices would just as surely have shown LPS that the counties could tell it had suddenly stopped logging minutes or incurring print fees, while still paying access fees. The fact that LPS took no steps to resume apparent usage or assuage any concern the counties might have had further supports the inference that it did not intend to gain unauthorized access to images and defraud the counties. While Fidlar asserts that LPS failed to respond with clarity to certain counties' inquiries, Fidlar's argument to this effect is marred by citations to the record that consist merely of the word “[CITE].” Resp. Mot. Summ. J. 68. Fidlar has thus failed to point to facts in the record that support that contention. And in any event, even if the contention was supported, it would do nothing to make it more likely that LPS intended to defraud the counties, for the same reason that continuing to pay access fees for apparent non-use is not probative of intent to defraud.

While some of these documents, like the Miller, AR invoices, do show the sudden disappearance of usage minutes, others do not. See, e.g., Eau Claire, WI Invoices.

Fidlar next suggests that LPS's payment for “unlimited” minutes in some counties is irrelevant, because depositions of some county officials indicate that the counties' interpretation of the contracts with LPS differed from LPS's on the question of what exactly LPS had bought by paying for “unlimited minutes.” Resp. Mot. Summ. J. 69. Specifically, Fidlar suggests that some counties thought their agreements with LPS required LPS to use Fidlar's client. Id. However, LPS's payment for the maximum amount of time available in each county, coupled with its statements that it believed this entitled it to access files in the way that it did, is relevant in that it is probative of a lack of intent to defraud.

Fidlar points to no other material in the record suggesting that it could carry its burden of proof at trial. While intent to defraud can be proven by circumstantial evidence, Moede, 48 F.3d at 241, Fidlar has pointed to no evidence in the record, circumstantial or otherwise, that LPS had the intent to defraud any of the counties or Fidlar itself. Summary judgment is proper against Fidlar's claim under 18 U.S.C. § 1030(a)(4) because Fidlar cannot present a sufficient showing to establish the existence of fraudulent intent.

b. Fidlar's 18 U.S.C. § 1030(a)(5)(A) Claim

In order to maintain a claim under § 1030(a)(5)(A), Fidlar must show that LPS knowingly caused the transmission of a program, information, code, or command, and that as a result of that conduct LPS intentionally caused damage to a protected computer without authorization. 18 U.S.C. § 1030(a)(5)(A). The Court addresses only whether LPS intentionally caused damage to a protected computer because there is no evidence in the record upon which a jury could find for Fidlar on this element.

It is undisputed that the computers in question here are (1) the Fidlar servers running the middle tier that LPS accessed, and (2) potentially any servers owned by the counties running the middle tier. See Noe 30(b)(6) Dep. 25:15–19. Damage is broadly defined under the CFAA as “any impairment to the integrity or availability of data, a program, a system, or information.” § 1030(e)(8). However, access to or disclosure of information on remote servers is generally not understood in the Seventh Circuit as “damage” within the meaning of the statute. Landmark Credit Union v. Doberstein, 746 F.Supp.2d 990, 993 (E.D.Wis.2010) (“[S]eemingly every court in this circuit that has interpreted the meaning of the word ‘damage’ in the CFAA has held that ‘damage’ does not encompass harm from the mere disclosure of information” (internal quotation marks omitted) (collecting cases)). This reflects the aim of the CFAA's drafters to punish those who access computers with the intention of deleting, destroying, or otherwiserendering unusable the information they find. See Int'l Airport Ctrs., L.L.C. v. Citrin, 440 F.3d 418, 420 (7th Cir.2006) (explaining that statute was aimed at “attacks by disgruntled programmers who decide to trash the employer's data system on the way out”). As the Motorola court picturesquely put it, “[t]he plain language of the statutory definition refers to situations in which data is lost or impaired because it was erased or because (for example) a defendant smashed a hard drive with a hammer.” Motorola, 609 F.Supp.2d at 769.

The damage alleged here is the use of LPS's client in such a way as to avoid minutes being logged or prints accounted for. Resp. Mot. Summ. J. 76. LPS argues that it did not cause any damage, and points to the absence of any evidence in the record that data on servers was altered, service was disrupted, viruses were transmitted, or computers crashed. Mem. Supp. Summ. J. 39. Further, LPS argues there is no evidence that in generating its own deficient SOAP calls, it deleted or destroyed any server data tracking its access; it merely generated SOAP calls that did not contain information Fidlar's servers needed to generate this information. Id. These observations are sufficient to discharge LPS's burden as a movant for summary judgment who does not bear the ultimate burden of proof.

Fidlar suggests, too, that the very act of copying or transferring information from viewed images was damage. “The SOAP calls omitted by LPS just happened to be the method by which Laredo would identify how much time LPS spent using Laredo and what documents LPS was copying without being charged.” Resp. Mot. Summ. J. 76. However, Fidlar nowhere suggests that LPS would have been “charged” for any form of non-print copying (transcription, screen capturing, etc.). The claim in the above-cited portion of Fidlar's motion seems more suggestive of a wish than a fact about what users of its client were charged for doing. See pp. 858–59, infra.

In response, Fidlar does not point to any other information in the record supporting its contention that LPS caused damage; rather, it argues that because LPS's client did not log minutes or provide print data, it “prevented Laredo from functioning as a revenue generation mechanism for the counties.” Resp. Mot. Summ. J. 76. Thus, Fidlar does not argue that there exist disputed issues of material fact or other record material supporting the claim that damage was done to a protected computer, but rather attempts to assert that the behavior all parties agree occurred, as a matter of law, qualifies as “damage” within the meaning of § 1030(a)(5)(A). However, it does not.

Matters might be different if Fidlar pointed to any evidence that LPS had printed land records after preventing the tracking of any printing. However, Fidlar points to no such evidence.

The harm that Fidlar alleges is far more akin to the theft of trade secrets than it is to the disruption or destruction of information. The damage Fidlar points to, essentially, is that LPS may have evaded some of the fees it might otherwise have been liable for (ignoring the fact that LPS always paid the monthly access fees). This is not damage within the meaning of the statute; it is not damage or loss to information or the means by which information is kept. It is a far cry from a defendant “smash[ing] a hard drive with a hammer.” Motorola, 609 F.Supp.2d at 769. And Fidlar's claim that in accessing the middle tier with a client of its own devising, LPS compromised the “completeness or usability” of the “Laredo system,” Resp. Mot. Summ. J. 76, is almost metaphysical in its abstraction. To even make sense, the claim requires the Court to construe database, middle tier, and client all as one “system” within the meaning of § 1030(e)(8), whose “integrity” could be compromised merely by another piece of software not part of the “system” communicating with the software in the “system” in a way usually only performed by another piece of “system” software. (It is perhaps with this construal in mind that Fidlar argues that the three elements are all part of the “Laredo system.” See Resp. Mot. Summ. J. 13–14, 19–20, 34–35.)

Such an interpretation does not comport, however, with the way that courts have consistently understood the term “system” in CFAA litigation, as a discrete program or database running on a computer or group of computers owned and operated by a single entity. See Citrin, 440 F.3d at 420 (discussing different types of damage including “attacks by disgruntled programmers who decide to trash the employer's data system on the way out” (emphasis added)); Farmers Ins. Exch. v. Auto Club Grp., 823 F.Supp.2d 847, 852 (N.D.Ill.2011) (“[M]ere copying of electronic information from a computer system is not enough to satisfy the CFAA's damage requirement.” (emphasis added)); George S. May Int'l Co. v. Hostetler, No. 04 C 1606, 2004 WL 1197395, at *4 (N.D.Ill. May 28, 2004) (“We see no principled reason ... why infringement of copyrighted material taken from a protected computer system would not qualify as impairment of the integrity of the copyrighted information.” (emphasis added)). If followed, Fidlar's proposed understanding of “system” for purposes of CFAA damage would mean that damage results and liability may follow anytime a software developer's program, designed to communicate with another of its programs, is communicated with by other software in a way unexpected by the developer. This is an absurd result.

Neither the bare act of accessing the middle tier without using Fidlar's client, nor the generation of SOAP calls that failed to contain usage and print information, are “damage” under § 1030(a)(5)(A). LPS is entitled to judgment on the § 1030(a)(5)(A) claim as a matter of law.

B. Fidlar's Illinois Computer Crime Prevention Law Claim

1. Legal Framework

The Computer Crime Prevention Law, like the CFAA, is primarily a criminal statute with a civil-suit provision. Subsection (c) of the statute states, “Whoever suffers loss by reason of a violation of subdivision (a)(4) of this Section may, in a civil action against the violator, obtain appropriate relief.” Subdivision (a)(4) in turn provides, in relevant part:

(a) A person commits computer tampering when he or she knowingly and without the authorization of a computer's owner or in excess of the authority granted to him or her:

....

(4) Inserts or attempts to insert a program into a computer or computer program knowing or having reason to know that such program contains information or commands that will or may:

(A) damage or destroy that computer, or any other computer subsequently accessing or being accessed by that computer;

(B) alter, delete, or remove a computer program or data from that computer, or any other computer program or data in a computer subsequently accessing or being accessed by that computer; or

(C) cause loss to the users of that computer or the users of a computer which accesses or which is accessed by such program[.]
720 ILCS 5/17–51(a)(4). Relevantly, the term “program” under the CCPL is to be very broadly construed as “a series of coded instructions or statements in a form acceptable to a computer which causes the computer to process data and supply the results of the data processing.” 720 ILCS 5/17–0.5.

2. Analysis

Because Fidlar cannot show that there is a genuine issue for trial as to (a)(4)—whether LPS inserted a program knowing or having reason to know that the program would cause one of the enumerated effects—the Court does not address the other required elements of computer tampering.

LPS makes two arguments as to why it did not insert a computer program into Fidlar's servers knowing that it would cause enumerated damages. First, it claims that the SOAP calls were not a “program” within the meaning of the statute. “Rather than inserting a program, LPS simply used its own client to communicate with Fidlar's servers.” Mem. Supp. Summ. J. 41. To support this assertion, LPS points to the absence of record evidence that LPS “inserted” any software between Fidlar's client and its servers, performed an “SQL insertion,” inserted a virus into any Fidlar computer, or created a program that was installed or executed on a Fidlar computer. Id. at 42. Second, LPS claims that it did not know or have reason to know that its use of its own client would be harmful within the meaning of section (a)(4). To support this assertion, LPS points to the deposition of Bob Noe, a Fidlar employee who testified that because of the way LPS reverse-engineered Fidlar's product, LPS would have no idea how information was processed in the database or middle tier. Noe 30(b)(6) Dep. 129:16–130:14, ECF No. 78–13. LPS also highlights the deposition of its witness John McCabe, who indicated that LPS had no belief or reason to believe that its client would harm Fidlar or its servers. McCabe 30(b)(6) Dep. 38:21, 60:11–61:6, 67:1–17, 68:18–24, 88:17–24, 121:18–21, ECF No. 78–18.

Neither party defines an “SQL insertion,” but each refers to it as the sort of thing that LPS's client is not or does not do. LPS's expert witness describes an “SQL injection” as a procedure in which data entered by a user into a response field maliciously tricks the program that reads the data into executing functions that the user was not supposed to be able to elicit. Conway Report 11–12, ECF No. 76–3. In any case, such insertions or injections appear not to be relevant to these proceedings.

While it comports with common sense to contend that merely communicating with Fidlar's servers was not “inserting a program,” the meaning of “program” under the CCPL is so broad that LPS has not met its burden of production with respect to the program-status of the SOAP calls. That is, LPS has not pointed to record material suggesting that the SOAP calls were not “a series of coded instructions or statements in a form acceptable to a computer,” 720 ILCS 5/17–0.5, or pointed to an absence of evidence in the record that they were. Nor has it pointed to an absence of evidence in the record that sending the calls to the middle tier and allowing them to be processed there was “inserting” them. However, LPS has met its burden to identify evidence in the record, in the form of witness testimony, that LPS did not know or have reason to know that the SOAP calls it generated would: cause damage; alter, delete, or remove a computer program or data; or cause loss within the meaning of the CCPL. Noe 30(b)(6) Dep. 129:16– 130:14; McCabe 30(b)(6) Dep. 38:21, 60:11–61:6, 67:1–17, 68:18–24, 88:17–24, 121:18–21. Therefore, Fidlar must show that there is a genuine issue for trial on this point.

In support of its claim, Fidlar rests on subsection (a)(4)(C) and tries to show that, in operating its own client, LPS knew that it was inserting a program that “contains information or commands” that would “cause loss to the users of [the] computer [into which a program was inserted] or the users of a computer which accesses or which is accessed by such program.” 720 ILCS 5/17–51(a)(4). To this end, Fidlar once more observes that LPS was on notice that its client did not log minutes or return print statistics, and that thus, “LPS knew [the program] would cause loss to the counties.” Resp. Mot. Summ. J. 77. Fidlar generally refers to its Response to LPS's Alternative Motion for Summary Judgment, ECF No. 83, in arguing that it lost customers, subscription revenue, and business reputation and goodwill as a consequence of LPS's use of its client. Id. at 78.

However, in the same way that Fidlar's purported evidence of intent to defraud under the CFAA was inapposite, this information misses the mark and is not relevant to whether LPS knew or had reason to know that its SOAP calls would cause loss to Fidlar or the counties. Whatever interpretation of “loss” one applies to the word as used in the CCPA (a statute for which there is not a wealth of judicial interpretation), Fidlar does nothing to show that LPS knew or should have known that any loss—from lost printing revenues to cancellation of some of Fidlar's contracts—would result from the use of its client.

From the mere fact that the counties made money from Fidlar's product—obvious to LPS, presumably, since LPS paid the counties for access—it does not follow that LPS knew or should have known that it was depriving the counties of money, or even that it did deprive them of money. As described above, it was never LPS's aim to print documents, the process which by which Fidlar claims the counties were deprived of money; it was LPS's aim to copy and aggregate certain data from the land records it downloaded, which its client provided a means of doing. See McCabe 30(b)(6) Dep. 40:16–41:16. LPS could have done this by slower means than the one it eventually developed, including one that did not involve bypassing the intentionally restrictive Fidlar client interface (copying by hand, for instance).

The contention that LPS deprived counties of money rests on the assumption, unstated but everywhere present in Fidlar's briefing, that any act of copying the digital land records entitled the counties to a fee. Fidlar may wish this were so; indeed, Fidlar may have marketed its products to counties by endorsing just this kind of sweeping commodification of public land records. Be that as it may, Fidlar points to no information in the record that could give rise to the inference the LPS knew or should have known that this was the case, or that it was the case with respect to any individual contract. The evidence provided by Fidlar merely suggests that some counties charged a print fee, and that LPS never made a practice of printing and incurring the fee and never sought to. LPS's use of its own client to aggregate data from the documents does not suggest that it would have, or was contractually obligated to, print any of the associated documents and pay the counties for that printing.

Fidlar points to no evidence in the record that LPS knew or should have known that its use of its client caused the counties “loss” under the CFAA. Additionally, Fidlar has pointed to no evidence that suggests LPS knew or should have known that Fidlar would suffer loss of goodwill with counties, lost customers, or lost subscription revenue. Because Fidlar has not shown that there is a genuine issue for trial under the CCPL, summary judgment for Fidlar on the CCPL claim is appropriate.

C. Fidlar's Trespass to Chattels Claim

Trespass to chattels is, as the Court explained in its order denying LPS's Motion to Dismiss, “an oft-forgotten common law tort usually familiar only to first-year law students, [which] provides redress for unauthorized use of or intermeddling with another's physical property.” Order Mot. Dismiss 19. As the Court explained in that Order at length, and will not repeat here, trespass to chattels is experiencing a strange afterlife as a cause of action for unauthorized intermeddling with another's computer or network. Id. at 20–21. However, the requirement that the trespass involve an act of “direct physical interference” remains. Antonelli v. Sherrow, No. 02 C 8714, 2005 WL 2338813, at *10 (N.D.Ill. Sept. 21, 2005) aff'd, 246 Fed.Appx. 381 (7th Cir.2007). In allowing this claim to proceed past the motion to dismiss phase, the Court found unpersuasive all of Fidlar's arguments about data theft and interference with computer programs. Order Mot. Dismiss 21. The trespass to chattels count remained because Fidlar had plausibly alleged a “threat” to the continued operation of its servers caused by LPS's actions. Id. The claim proceeded on that possible threat alone.

The Court noted at the time that Fidlar's allegations on this score were not “dripping with detail,” id. and indeed, no details at all about such interference appear to have surfaced in discovery. LPS observes that there is no evidence of any interference with the operation of Fidlar's servers at all. Mem. Supp. Mot. Summ. J. 44–45; Noe 30(b)(6) Dep. 109:20–22, 110:13, 110:16–21; Moore 30(b)(6) Dep. 206:13–16; Watkins 30(b)(6) Dep. 64:14–65:5. Given that the operating condition of Fidlar's servers was the only issue that remained, LPS has carried its burden. In response, Fidlar only argues that LPS's web harvester commands “physically touched Fidlar's computers,” Resp. Mot. Summ. J. 79, and that the SOAP calls sent by LPS “did cause a substantial interference with Fidlar's computer network,” id. But the only “substantial interference” Fidlar identifies is, once again, the attenuated form of loss it maintains it has suffered, which is not the same thing as a threat to the proper functioning of Fidlar's servers. Since Fidlar points to no information in the record beyond its conclusory assertion that its computer network was interfered with and its computer physically “touched,” it has not shown the existence of anything in the record that a jury could rely upon to find for it on the trespass to chattels claim. Summary judgment against Fidlar is warranted on this count.

CONCLUSION

Accordingly, LPS's Motion for Summary Judgment, ECF No. 77, is GRANTED and summary judgment is granted as to all counts of Fidlar's Amended Complaint, ECF No. 31–1. Because the motion is granted in its entirety, LPS's Alternative Motion for Partial Summary Judgment on Certain of Fidlar's Claims for Damages, ECF No. 79, is MOOT. Because other claims remain in this matter—namely, LPS's claims for equitable relief, tortious interference with contract, and tortious interference with business expectancy—entry of judgment is not appropriate at this time.


Summaries of

Fidlar Technologies v. LPS Real Estate Data Solutions, Inc.

UNITED STATES DISTRICT COURT CENTRAL DISTRICT OF ILLINOIS ROCK ISLAND DIVISION
Mar 5, 2015
82 F. Supp. 3d 844 (C.D. Ill. 2015)
Case details for

Fidlar Technologies v. LPS Real Estate Data Solutions, Inc.

Case Details

Full title:FIDLAR TECHNOLOGIES, Plaintiff, v. LPS REAL ESTATE DATA SOLUTIONS, INC.…

Court:UNITED STATES DISTRICT COURT CENTRAL DISTRICT OF ILLINOIS ROCK ISLAND DIVISION

Date published: Mar 5, 2015

Citations

82 F. Supp. 3d 844 (C.D. Ill. 2015)

Citing Cases

Trover v. Oglesby

A trespass to chattels is a tort that redresses the unauthorized use of or intermeddling with physical…

McMasters v. Hendrickson USA, LLC

Additionally, while there is no caselaw on the point in Kentucky, at least one jurisdiction has determined…