Better Holdco, Inc. v. Beeline Loans, Inc.
| Decision Date | 26 July 2021 |
| Docket Number | 20-CV-8686 (JPC) |
| Parties | BETTER HOLDCO, INC., Plaintiff, v. BEELINE LOANS, INC., Defendant. |
| Court | U.S. District Court — Southern District of New York |
Plaintiff Better Holdco, Inc. (“Better”) sued one of its competitors, Defendant Beeline Loans, Inc. (“Beeline”), alleging that Beeline misappropriated Better's confidential information and trade secrets. The allegations concern the actions of a former Better employee that Beeline hired. Among the claims brought by Better is one under the Consumer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030, in connection with that individual's alleged accessing of Better's Facebook Ad Manager Account after he left the company. Beeline now moves to dismiss that claim. For the reasons that follow, Beeline's motion is granted, and Better's claim under the CFAA is dismissed with prejudice for its failure to sufficiently allege “loss” under the statute.
Better and Beeline are competitors in the home mortgage industry space. Dkt. 35 (“Amended Compl.”) ¶¶ 1, 20, 32. Better, which was founded in 2014, is larger and more well-established. Id. ¶¶ 1, 20-22. In October 2018, Better hired non-party Jack Abramowitz. Id. ¶ 23. As a condition of his employment, Abramowitz promised to protect Better's confidential information. Id. ¶¶ 24-28. He also promised that for a year after the end of his employment with Better, he would not “use Company trade secret information to attempt to call on, solicit or take away any clients or prospects of the Company except on behalf of the Company.” Id. ¶ 29. Finally, he promised to participate in an exit interview in the event his employment was terminated. Id. ¶ 30.
Beeline was formed in September 2018. Id. ¶ 32. In early 2020, while he was working at Better, Abramowitz met with several Beeline executives to discuss a job opportunity. Id. ¶ 36. Better alleges that during these meetings, Beeline asked Abramowitz to share Better's confidential and proprietary information. Id. ¶ 37.
On June 15, 2020, Beeline offered Abramowitz the role of Director, Strategy & Corporate Development. Id. ¶ 40. On June 18 and 19, 2020, Abramowitz sent several of Better's highly confidential documents from his Better email address to his personal email address. Id. ¶ 41. On June 19, 2020, Abramowitz accepted the position at Beeline and informed Better he was quitting and would be seeking work at a venture capital fund. Id. ¶¶ 42-43. Abramowitz declined to participate in an exit interview and refused to reaffirm his contractual obligations to Better. Id. ¶ 44. He also retained several of Better's documents without Better's consent. Id. ¶ 45.
Abramowitz started working at Beeline on or about July 8, 2020. Id. ¶ 60. Better alleges that once Abramowitz began this employment, he provided Better's confidential and proprietary information to Beeline, id. ¶¶ 46, 52-59, and loaded confidential documents to Beeline's Google Drive, id. ¶¶ 47, 50. Then, and particularly relevant to the instant motion, during an August 2020 videoconference with Beeline's Vice President of Marketing, Jay Stockwell, Abramowitz logged onto Facebook and accessed Better's Facebook Ad Manager Account (the “Account”). Id. ¶ 51. Abramowitz and Stockwell reviewed, took screenshots of, and downloaded Better's advertising data from the Account, including information about Better's online advertising strategies. Id. This information was then loaded to Beeline's Google Drive. Id.
After Better discovered that Abramowitz had begun working at Beeline, Better's outside counsel reached out to Abramowitz and then to Beeline regarding the appropriateness of Abramowitz's involvement at Beeline. See id. ¶¶ 60-75. Beeline eventually terminated Abramowitz's employment on September 8, 2020. See id. ¶ 72. It was only after his termination from Beeline that Abramowitz finally agreed to sit for an exit interview with Better, at which he admitted to sharing Better's confidential and proprietary information. Id. ¶¶ 73-74.
Upon learning that Abramowitz had accessed the Account after he was no longer employed by Better, “Better expended substantial time and resources to investigate and address the intrusion.” Id. ¶ 75. Better's in-house counsel “conferred with Better's business personnel, who investigated access to the account and reviewed change logs, the Ad Data that was improperly downloaded, and the screenshots Abramowitz had taken of the Facebook Ad Manager Account.” Id.
Better initially filed suit on October 19, 2020, at which point it also sought emergency relief. Dkts. 1-10. Better and Beeline, however, stipulated to a preliminary injunction pursuant to which Beeline would not use or disclose any of Better's confidential information or trade secrets provided by Abramowitz. Dkts. 18, 20. Better's initial Complaint alleged five counts: (I) misappropriation of confidential information, (II) misappropriation of trade secrets in violation of the Defend Trade Secrets Act, 18 U.S.C. § 1836, (III) tortious interference with contract, (IV) aiding and abetting breach of fiduciary duty, and (V) violation of the CFAA, 18 U.S.C. § 1030, in connection with Abramowitz's access of the Account. Dkt. 1.
On December 2, 2020, Beeline filed a motion to dismiss Counts III and V of the Complaint. Dkt. 32. In response, on December 16, 2020, Better filed an Amended Complaint alleging the same Counts but adding additional factual allegations. Amended Compl. On February 5, 2021, Beeline moved to dismiss Count V. Dkts. 48, 49 (“Motion”).[2] Better filed its opposition on February 19, 2021, Dkt. 53 (“Opposition”), and Beeline filed its reply on February 26, 2021, Dkt. 54 (“Reply”). Then, on June 17, 2021, Beeline filed a letter regarding the Supreme Court's recent decision in Van Buren v. United States, 141 S.Ct. 1648 (2021), which Beeline contends is relevant to “and arguably dispositive” of the issues in its motion, Dkt. 86, and Better filed a response addressing Van Buren later that day, Dkt. 87.
Under Federal Rule of Civil Procedure 8(a)(2), a pleading must contain a “short and plain statement of the claim showing that the pleader is entitled to relief.” Fed.R.Civ.P. 8(a)(2). To survive a motion to dismiss, “a complaint must contain sufficient factual matter, accepted as true, to ‘state a claim to relief that is plausible on its face.'” Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009) (quoting Bell Atlantic Corp. v. Twombly, 550 U.S. 544, 570 (2007)). In deciding a motion to dismiss, a court must “accept all allegations in the complaint as true and draw all inferences in the non-moving parties favor, ” LaFaro v. N.Y. Cardiothoracic Grp., 570 F.3d 471, 475 (2d Cir. 2009) (citation and internal quotation marks omitted), but is “not bound to accept as true legal conclusions couched as factual allegations, ” id. at 475-76 (citing Iqbal, 556 U.S. at 681).
Beeline moves to dismiss Count V, which alleges a violation of the CFAA in connection with Abramowitz's accessing of the Account without authorization or exceeding authorization. Amended Compl. ¶¶ 123-126. Better seeks to hold Beeline responsible for Abramowitz's conduct on a theory of vicarious liability because Stockwell, Beeline's Vice President of Marketing at the time, “affirmatively urged and encouraged Abramowitz to access the . . . Account.” Id. ¶ 125.
The CFAA is “a scheme ‘aimed at preventing the typical consequences of hacking.'” Van Buren, 141 S.Ct. at 1660 (quoting Royal Truck & Trailer Sales & Serv., Inc. v. Kraft, 974 F.3d 756, 757 (6th Cir. 2020)). The CFAA “subjects to criminal liability anyone who ‘intentionally accesses a computer without authorization or exceeds authorized access,' and thereby obtains computer information.” Id. at 1652 (quoting 18 U.S.C. § 1030(a)(2)). As is relevant here, the CFAA also provides a limited private civil cause of action against a person who “knowingly accessed a computer without authorization or exceeding authorization” if the prohibited access resulted in “loss” exceeding $5, 000. 18 U.S.C. § 1030(a), (g), (c)(4)(A)(i)(I)-(V); see Hancock v. County of Rensselaer, 882 F.3d 58, 63 (2d Cir. 2018) (“The scope of the civil actions permitted under [the CFAA], however, has always been limited.”).
“To state a claim for loss in excess of $5, 000, Plaintiff must plead that Defendant: (1) accessed a ‘protected computer'; (2) ‘without any authorization or exceeding its authorized access'; and (3) caused ‘loss' in excess of $5, 000.” LivePerson, Inc. v. 24/7 Customer, Inc., 83 F.Supp.3d 501, 511 (S.D.N.Y. 2015). Beeline argues that Count V must be dismissed because Better has failed to plead (1) “loss” within the meaning of the statute, (2) that Abramowitz's access was “unauthorized, ” and (3) that Beeline encouraged or urged Abramowitz to access the Account. Because the Court agrees that the Amended Complaint must be dismissed because it does not allege any “loss” as defined by the CFAA, it does not address Beeline's other arguments.[3]
The CFAA defines “loss” as “any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service.” 18 U.S.C. § 1030(e)(11). “Damage” is defined as “any impairment to the integrity or availability of data, a program, a system, or information.” Id. § 1030(e)(8).
The Supreme Court recently clarified in Van Buren that “[t]he statutory definitions of ‘damage' and ‘loss' . . . focus on technological harms-such as the corruption of...
To continue reading
Request your trial