CFAA Claim Based on Violation of Website Terms of Use Fails

Published On September 23, 2010 | By Jake Sommer | General, Litigation
TwitterLinkedInFacebookRedditCopy LinkEmailPrint

The Eastern District of Virginia, in Cvent, Inc. v. Eventbrite, Inc., No. 10-cv-00481 (E.D. Va. Sept. 14, 2010), dismissed a Plaintiff’s claims under the Computer Fraud and Abuse Act (“CFAA”) and for breach of contract, finding that browsewrap terms of use displayed as a link at the bottom of a webpage along with numerous other links was insufficient to put website users on notice of the terms.  Accordingly, the Court found that access to the otherwise publicly available website was not unauthorized so as to support a CFAA claim or uphold a breach of contract claim.

Cvent and Eventbrite are competitors in the event planning industry.  Both companies offer web-based tools for locating venues and organizing large scale events.  Cvent is the creator and copyright holder of an Internet database of meeting venues and “Destination Guides” that provides city and venue specific profiles designed for meeting and event planners. 

Cvent alleged that in the fall of 2008, Eventbrite hired a computer engineer to enter information about hotels, restaurants, bars, and meeting venues in various cities from Cvent’s online database.

Cvent brought suit in July 2010, alleging violations of the Copyright Act, the Computer Fraud and Abuse Act, the Virginia Computer Crimes Act, the Lanham Act, Breach of Contract, Business Conspiracy, and unjust enrichment.  Eventbrite moved for dismissal of all claims except for Cvent’s copyright claim.  The Court granted Eventbrite’s motion as to all claims except the Lanham Act and unjust enrichment claims.  Additionally, the Court held that Cvent could not recover attorney’s fees or statutory damages for its claims under the Copyright act.

The Court first dismissed the CFAA claim, holding that Eventbrite’s access was not unauthorized because there was no evidence that Eventbrite had the actual or constructive knowledge necessary to manifest assent to the site’s terms and conditions.  The Court found that without proof of Eventbrite’s agreement to the terms, Eventbrite’s access to an otherwise publicly available database was not “unauthorized” within the meaning of the CFAA.  The Court noted that “the Terms of Use for Cvent’s website are not displayed on the website in any way in which a reasonable user could be expected to notice them,” and explained that “[t]he Terms of Use do not themselves appear in the body of the first page of the Cvent website.  The link that accesses the Terms is buried at the bottom of the first page, in extremely fine print, and users must affirmatively scroll down to the bottom of the page to even see the link.”  In addition, the link was included in a list of a number of other links and even after clicking the link, users were directed to a second page with three different sets of terms.  As such, the Court found that Cvent failed to plead that Eventbrite had knowledge of and assented to the terms of use. 

In dismissing the CFAA claim, the Court joined the Ninth Circuit, the Southern District of New York, and the District Court for the District of Columbia in holding that inappropriate use of information that a defendant had lawful authority to access does not violate the CFAA.

The Court, however, allowed Cvent’s claims under the Lanham Act to proceed.  Cvent alleged that Eventbrite had engaged in “reverse passing off” of its website material as Eventbrite’s own.  The Court rejected Eventbrite’s argument that the scope of “reverse passing off” claims is limited to tangible goods.  The Court instead found the claim survived because Cvent had not alleged that Eventbrite “has passed off its ideas as its own, but rather Eventbrite has re-branded and re-packaged its product (the venue database) and sold it as its own.”  

Finally, the Court struck Cvent’s request for statutory damages and attorney’s fees under the Copyright Act, finding that because the events at issue occurred in 2008 and the copyrights were not registered until 2010, plaintiff may only recover compensatory damages.

About The Author

Jacob Sommer's practice focuses on legal issues related to Internet-based services and social networking, with a focus on protecting client's rights in litigation or government investigations involving the Copyright Act, Lanham Act, Digital Millennium Copyright Act ("DMCA"), Electronic Communications Privacy Act (“ECPA”), the Wiretap and Communication Acts, CAN-SPAM, FISA and federal and state laws governing Internet gambling. He also helps social networks, search engines, e-mail providers, ISPs and other clients fulfill their compliance obligations pertaining to the discovery and disclosure of customer and subscriber information.