Facebook, Inc. v. Vachani

Facebook filed suit against Power over a promotional campaign where Power accessed Facebook users’ data and initiated form emails and other electronic messages promoting its website. The court concluded that Power did not violate the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM), 15 U.S.C. 7706(g)(1), because neither e-mails nor internal messages sent through Power’s promotional campaign were materially misleading. Therefore, the court reversed the district court's judgment as to this claim and remanded for entry of judgment for defendants. The court held that a defendant can run afoul of the Computer Fraud and Abuse Act of 1986 (CFAA), 18 U.S.C. 1030(a)(2)(C), when he or she has no permission to access a computer or when such permission has been revoked explicitly. The court also held that a violation of the terms of use of a website - without more - cannot be the basis for liability under the CFAA. In this case, after receiving the cease and desist letter from Facebook, Power intentionally accessed Facebook’s computers knowing that it was not authorized to do so, making Power liable under the CFAA. Therefore, the court affirmed in part the holding of the district court with respect to the CFAA. The court also affirmed in part the district court’s holding that Power violated California Penal Code section 502 where Power knowingly accessed and without permission took, copied, and made use of Facebook’s data; affirmed the district court’s holding that Power's CEO, Steven Vachani, is personally liable for Power’s actions; and affirmed the discovery sanctions imposed against Power for non-compliance during a Rule 30(b)(6) deposition. However, the court vacated the injunction and the award of damages, remanding the case to the district court to reconsider appropriate remedies. View "Facebook, Inc. v. Vachani" on Justia Law