eBay, Inc. v. Digital Point Solutions, Inc.

The Cyber Blog IndiaCase Summary

Maintainability of a CFAA claim for cookie stuffing

eBay, Inc. v. Digital Point Solutions, Inc.
608 F.Supp.2d 1156
In the United States District Court for the Northern District of California
Case Number C 08-4052 JF (PVT)
Before District Judge Jeremy Fogel
Decided on February 24, 2009

Relevancy of the Case: Maintainability of a CFAA claim for cookie stuffing

Statutes and Provisions Involved

  • The Computer Fraud and Abuse Act, 18 U.S.C. § 1030
  • The Racketeer Influenced and Corrupt Organisations Act, 18 U.S.C. § 1962

Relevant Facts of the Case

  • eBay is a leading American e-commerce company and carries an advertising business with the help of marketing affiliates.
  • The plaintiff alleges that Digital Point Solutions (DPS), Brian Dunning, Todd Dunning, and KFC engaged in a cookie-stuffing scheme.
  • They altered their software code and forced users’ browsers to visit eBay’s website, engaging in a revenue action.
  • eBay alleges claims for relief for violations of CFAA and RICO statutes, fraud, unjust enrichment, and Section 502 of the Californian Penal Code.
  • DPS and Shawn Hogan (“DPS defendants”) have sought to dismiss the claim as the plaintiff’s first amended complaint fails to state a claim for relief. The other three groups are considered non-DPS defendants.

Prominent Arguments by the Counsels

  • The plaintiff’s counsel argued that eBay did not authorise DPS access to its computers. The defendants only intended to defraud eBay. He further submitted that the venue was proper as a party can bring a civil action against a defendant where he resides or where the incident has occurred.
  • The counsel for DPS defendants submitted that they technically accessed third-party computers, not eBay’s. Even if they directed a user’s computer to the eBay website, the court cannot consider such access unauthorised. A user’s access to the eBay website is a public website, and any internet user can access it. Moreover, the plaintiff’s first amended complaint (“FAC”) fails to prove the elements for a claim of FICO.

Opinion of the Bench

  • Using a third-party’s computer access to a website, rather than one’s own computer, does not prevent a claim under CFAA.
  • Fraud under the CFAA only requires showing unlawful access and not all the elements of common law fraud.
  • The court leaned in favour of dismissing RICO and state law claims for fraud and violating the California Penal Code.

Final Decision

  • The court granted non-DPS defendants to dismiss for an improper venue, while also granting DPS  defendants’ motion to dismiss for failure to state a claim.

Ojasvi Gupta, an undergraduate student at the Faculty of Law, Banaras Hindu University, prepared this case summary during her internship with The Cyber Blog India in May/June 2022.