- 1 2 3 4 5 6 7 8 UNITED STATES DISTRICT COURT 9 FOR THE EASTERN DISTRICT OF CALIFORNIA 10 11 WILLIAM L. BABBITT, No. 2:23-cv-0923-CKD 12 Plaintiff, 13 v. ORDER 14 TANGELA T. BABBITT, 15 Defendant. 16 17 18 Plaintiff William L. Babbitt proceeds without counsel with a civil action asserting a 19 violation of the Computer Fraud and Abuse Act, 18 U.S.C. § 1030 (“CFAA”). This matter is 20 before the undersigned for all purposes including trial and entry of judgment pursuant to the 21 parties’ consent and the court’s order of July 20, 2023. (ECF Nos. 10, 12, 13.) 22 A motion to dismiss under Rule 12(b)(6) of the Federal Rules of Civil Procedure by 23 defendants Tangela Babbitt and the County of Sacramento is before the court. (ECF No. 5.) On 24 July 26, 2023, the court held a hearing on defendants’ motion to dismiss via videoconference. 25 Attorney Katie Bonin appeared on behalf of defendants and Mr. Babbitt appeared pro se. For the 26 reasons set forth below, the motion to dismiss is granted and plaintiff’s complaint under the 27 CFAA is dismissed without leave to amend. 28 //// 1 I. Background 2 Plaintiff initiated this action with a civil complaint filed in the Superior Court of 3 California, County of Sacramento. Defendants removed the case to this court on May 17, 2023. 4 (ECF No. 1.) 5 Plaintiff alleges that, “beginning about August 2017,” defendant Babbitt used a 6 Sacramento County fax machine to fax “multiple fraudulent fax transmissions” to the U.S. 7 Department of Veterans Affairs, which resulted in plaintiff’s Veterans Disability pay being 8 temporarily redirected to defendant Babbitt’s “personal green dot [bank] card.” (ECF No. 2 at 2.) 9 At the relevant time, defendant Babbitt was employed by the County of Sacramento and had a 10 restraining order against plaintiff. (Id.) Plaintiff was incarcerated from February 2018 to 11 November 2019. (Id.) Plaintiff alleges the County of Sacramento “Department of Health and 12 Human Services failed to properly monitor and enforce their use of county electronics for 13 personal use policy.” (Id. at 1.) 14 In the motion to dismiss, defendants argue plaintiff’s complaint fails to state an actionable 15 claim for any violation of 18 U.S.C. § 1030. The motion is fully briefed with plaintiff’s 16 opposition and defendants’ reply. (ECF Nos. 8, 11.) 17 II. Legal Standard 18 Dismissal under Rule 12(b)(6) may be warranted for “the lack of a cognizable legal theory 19 or the absence of sufficient facts alleged under a cognizable legal theory.” Balistreri v. Pacifica 20 Police Dep’t, 901 F.2d 696, 699 (9th Cir. 1990). In evaluating whether a complaint states a claim 21 on which relief may be granted, the court accepts as true the allegations in the complaint and 22 construes the allegations in the light most favorable to the plaintiff. Hishon v. King & Spalding, 23 467 U.S. 69, 73 (1984); Love v. United States, 915 F.2d 1242, 1245 (9th Cir. 1989). 24 “[R]ecitals of the elements of a cause of action, supported by mere conclusory statements, 25 do not suffice” to state a valid claim for relief. Ashcroft v. Iqbal, 556 U.S. 662, 676 (2009). A 26 complaint must do more than allege mere “labels and conclusions” or “a formulaic recitation of 27 the elements of a cause of action.” Bell Atl. Corp. v. Twombly, 550 U.S. 544, 555 (2007). In 28 order to state a valid claim for relief, a plaintiff must allege “enough facts to state a claim to relief 1 that is plausible on its face.” Twombly, 550 U.S. at 570. A claim that is plausible on its face has 2 sufficient factual content to allow a reasonable inference that the defendant is liable for the 3 misconduct alleged. Iqbal, 556 U.S. at 678. This plausibility standard “asks for more than a sheer 4 possibility that a defendant has acted unlawfully.” Id. 5 III. Discussion 6 A. CFAA Background 7 “The CFAA was enacted in 1984 to enhance the government’s ability to prosecute 8 computer crimes [and] was originally designed to target hackers[.]” LVRC Holdings LLC v. 9 Brekka, 581 F.3d 1127, 1130 (9th Cir. 2009) (citing 18 U.S.C. § 1030). “The CFAA prohibits a 10 number of different computer crimes, the majority of which involve accessing computers without 11 authorization or in excess of authorization, and then taking specified forbidden actions, ranging 12 from obtaining information to damaging a computer or computer data.” Id. at 1130. 13 The CFAA is a criminal statute which creates a limited right of action for private persons 14 injured by such crimes. See 18 U.S.C. § 1030(g). A private plaintiff must prove that the defendant 15 violated one of the provisions of § 1030(a)(1)-(7), and that the violation involved at least one of 16 five factors set forth by subclause in the statute. See LVRC Holdings LLC, 581 F.3d at 1131. 17 B. The Parties’ Arguments 18 Defendants argue plaintiff’s allegations concerning use of a fax machine not connected to 19 a Sacramento County computer system cannot plausibly suggest a violation of 18 U.S.C. § 1030, 20 which is premised on computer usage. Defendants note plaintiff’s complaint fails to allege which 21 subsection of 1030(a) was violated, though defendants presume plaintiff intended to allege a 22 violation of 18 U.S.C. § 1030(a)(4). Defendants argue the complaint fails to allege a violation of 23 18 U.S.C. § 1030(a)(4), in part, because no computer was alleged to be involved. Defendants also 24 argue plaintiff failed to timely bring his claim within the applicable statute of limitations because 25 he discovered the facts underlying the claims when he was released from prison in 2019 and did 26 not bring them within 2 years. Defendants argue a claim under the CFAA does not lie against the 27 County of Sacramento even if plaintiff had adequately alleged a violation of 18 U.S.C. § 1030. 28 //// 1 In opposition to the motion, plaintiff argues defendant Babbitt knowingly extorted money 2 from plaintiff in violation of the CFAA under 18 U.S.C. § 1030(a)(7)1 with the use of a 3 Sacramento County computer and fax machine by successfully changing plaintiff’s direct deposit 4 information. Plaintiff argues defendant’s conduct violated another criminal statute, 18 U.S.C. § 5 1341, Frauds and Swindles. Plaintiff argues defendant Babbitt violated the Sacramento County 6 Employee Handbook through the misuse of County resources, and that the County is liable 7 because defendant Babbitt used a County computer and County fax machine to commit the 8 alleged acts.2 9 C. Discussion 10 The CFAA provides, in relevant part: 11 Any person who suffers damage or loss by reason of a violation of this section may maintain a civil action against the violator to obtain 12 compensatory damages and injunctive relief or other equitable relief. A civil action for a violation of this section may be brought only if 13 the conduct involves 1 of the factors set forth in [subclause] (I), (II), (III), (IV), or (V) of subsection (c)(4)(A)(i). [….] No action may be 14 brought under this subsection unless such action is begun within 2 years of the date of the act complained of or the date of the discovery 15 of the damage. [….] 16 18 U.S.C. § 1030(g). 17 Subclauses (I) through (V) set forth the following factors: 18 (I) loss to 1 or more persons during any 1-year period… aggregating at least $5,000 in value; 19 (II) the modification or impairment, or potential modification or 20 impairment, of the medical examination, diagnosis, treatment, or care of 1 or more individuals; 21 (III) physical injury to any person; 22 (IV) a threat to public health or safety; 23 //// 24 25 1 Plaintiff references 18 U.S.C. § 1030(7)(C), which does not exist. The court construes plaintiff’s argument as suggesting a violation of 18 U.S.C. § 1030(a)(7). 26 27 2 Plaintiff also argues defendants incorrectly reference 10 U.S.C. § 1030. Defendant’s reference to Title 10 (see ECF No. 5 at 1) in the moving papers appears to be a typographical error. The 28 substance of defendants’ argument clearly addresses 18 U.S.C. § 1030. 1 (V) damage affecting a computer used by or for an entity of the United States Government in furtherance of the administration of 2 justice, national defense, or national security 3 18 U.S.C. § 1030(c)(4)(A)(i)(I)-(V). 4 Of the above factors, the only potentially applicable factor is that in subclause (I), “loss to 5 1 or more persons during any 1-year period… aggregating at least $5,000 in value[.]” 18 U.S.C. § 6 1030(c)(4)(A)(i)(I). However, the complaint does not allege a loss to plaintiff aggregating at least 7 $5,000 in value. Therefore, the complaint fails to state a cause of action under the CFAA. 8 Moreover, while the CFAA allows recovery for losses beyond mere physical damage to 9 property, the types of damages awarded by courts under the CFAA have generally been limited to 10 costs related to the computer accessed. See Nexans Wires S.A. v. Sark-USA, Inc., 319 F. Supp. 11 2d 468, 475 (S.D.N.Y. 2004) (citing collected cases), aff’d, 166 F. App’x 559 (2nd Cir. 2006). 12 “Even cases which have taken an expansive view of the CFAA jurisdictional threshold have not 13 suggested that ‘loss’ can include a cost unrelated to the computer.” Id. at 474. Here, plaintiff’s 14 alleged losses arising from the temporary redirection of his Veterans Disability pay are “too far 15 removed from computer damage to count toward the jurisdictional threshold,” id. at 477, even if 16 the losses did aggregate $5,000. 17 In addition, the complaint does not currently allege that defendant Babbitt improperly 18 accessed a computer or computer information as required to show a violation of 18 U.S.C. § 19 1030(a)(4). This subsection addresses a person’s conduct who does the following: 20 knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of 21 such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists 22 only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period. 23 24 18 U.S.C. § 1030(a)(4). As defendants argue, the complaint’s allegations are silent about any use 25 of a computer by defendant Babbitt. But even if the complaint alleged use of a computer to 26 commit the alleged acts, it would not state a claim. Defendant Babbitt’s commission of the 27 alleged acts with a computer she was authorized to use for employment purposes would not 28 qualify as “access[ing] a protected computer without authorization” within the meaning of 18 1 U.S.C. § 1030(a)(4). See Brodsky v. Apple Inc., 445 F. Supp. 3d 110, 129 (N.D. Cal. 2020) 2 (explaining that “authorization” in the CFAA context is read in reference to the identity of the 3 person accessing the computer or website). The plain language of the CFAA targets the access of 4 computer information, rather than misuse or misappropriation. United States v. Nosal, 676 F.3d 5 854, 863 (9th Cir. 2012). 6 Plaintiff argues in opposition to the motion to dismiss that defendant Babbitt committed a 7 violation of 18 U.S.C. § 1030(a)(7). That subsection prohibits transmitting in interstate or foreign 8 commerce any communication with “intent to extort from any person any money or other thing of 9 value” when the transmission contains one of the following threats, demands, or requests for 10 money related to a protected computer: 11 (A) threat to cause damage to a protected computer; 12 (B) threat to obtain information from a protected computer without authorization or in excess of authorization or to impair the 13 confidentiality of information obtained from a protected computer without authorization or by exceeding authorized access; or 14 (C) demand or request for money or other thing of value in relation 15 to damage to a protected computer, where such damage was caused to facilitate the extortion; 16 17 18 U.S.C. § 1030(a)(7)(A)-(C). Defendant Babbitt’s alleged conduct did not involve any of the 18 above threats, demands, or requests for money related to a protected computer. Thus, the 19 complaint does not state a claim for a violation of 18 U.S.C. § 1030(a)(7). 20 Finally, plaintiff’s opposition and hearing argument that defendant Babbitt committed 21 fraud, and specifically that she violated 18 U.S.C. § 1341, Frauds and Swindles, must be rejected 22 as a basis for denying the motion to dismiss or granting leave to amend. There is no private cause 23 of action under 18 U.S.C. § 1341, a criminal statute prohibiting mail fraud. See Ateser v. Bopp, 24 29 F.3d 630 (9th Cir. 1994); Bell v. Health-Mor Inc., 549 F.2d 342, 346 (5th Cir. 1977). 25 Plaintiff’s claim against the County of Sacramento also fails. Even if the complaint 26 adequately alleged a CFAA violation, “neither the language nor the purpose of the CFAA are 27 consistent with holding employers liable under that statute on a respondeat superior theory.” Doe 28 v. Dartmouth-Hitchcock Medical Center, No. CIV. 00-100-M, 2001 WL 873063, at *6 (D.N.H. 1 July 19, 2001). To any extent plaintiff would seek to hold the County liable for an alleged internal 2 || policy failure, the court finds no authority for such a claim to be brought under the CFAA. 3 IV. Conclusion and Order 4 The CFAA does not encompass recovery for loss of the type alleged in the complaint. The 5 || complaint fails to state a claim and must be dismissed. Under these circumstances, the court 6 || declines to address defendants’ argument that plaintiff's claim under the CFAA is barred by the 7 || statute of limitations. Because it is clear the deficiencies in the complaint cannot be cured through 8 || amendment, the complaint is dismissed without leave to amend. See Fed. R. Civ. P. 15(a); Lucas 9 || v. Dep’t of Corrs., 66 F.3d 245, 248 (9th Cir. 1995). 10 For the foregoing reasons, IT IS ORDERED as follows: 11 1. Defendants’ motion to dismiss (ECF No. 5) is granted. 12 2. Plaintiff's complaint is dismissed without leave to amend. 13 3. The Clerk of the Court is directed to close this case. 14 || Dated: July 27, 2023 fed) / dha MIG f- A. CAROLYNK.DELANEY 16 UNITED STATES MAGISTRATE JUDGE 17 18 Rabbitt23ev923 utd 19 20 21 22 23 24 25 26 27 28
Document Info
Docket Number: 2:23-cv-00923
Filed Date: 7/28/2023
Precedential Status: Precedential
Modified Date: 6/20/2024