ORDER GRANTING DEFAULT JUDGMENT AGAINST DEFENDANT ERIK VOGELER

WILLIAM ALSUP, District Judge

INTRODUCTION

In this action involving spam of the electronic variety, plaintiff Tagged, Inc. moves for default judgment, monetary damages, a permanent injunction, and attorney's fees and costs against defendant and alleged spammer Eric Vogeler. For the reasons set forth below, plaintiff's motion is GRANTED with respect to liability, but only GRANTED-IN-PART with respect to the requested relief.

STATEMENT

The facts stated herein are as alleged in plaintiff's first amended complaint ("Compl.") and supporting declarations. Plaintiff operates Tagged (http://www.tagged.com), a social networking website that has over 70 million registered users (Compl. ¶ 17). Users must register with the website in order to communicate with other members of the Tagged social network ( id. ¶¶ 18, 19).

Communication between registered Tagged users can happen in two ways: by message or by comment. Messages are used for private communication between Tagged users, and operate much like an internal email system. Once sent, a message appears in the recipient's Tagged user account "inbox" with the familiar "from" and "subject" information. A message, being private, is visible only to the recipient ( id. ¶¶ 22, 24). A user can also communicate with another user by posting a "comment" on the recipient's user account profile. By contrast, a comment is visible to all registered Tagged users who are granted access to the recipient's user account profile ( id. ¶¶ 22, 25). Receipt of correspondence by either method results in a conventional email sent to the recipient user's personal email address (the one they initially provided when they registered on Tagged), notifying the user that they have a new message or comment ( id. ¶ 23).

During the registration process, Tagged users must read and agree to terms that restrict use of the Tagged network for social purposes. The use of Tagged for commercial purposes is prohibited, including sending messages or comments for commercial solicitation ( id. ¶ 20; Dworak Decl. ¶ 5, Exh. A). The terms also prohibit users from misrepresenting their identities in the registration process (Dworak Decl. Exh. A).

The conduct underlying this motion is relatively straightforward. Plaintiff alleges that certain Tagged users — called "affiliate spammers" in the complaint — have embarked on a campaign of initiating thousands of unsolicited commercial emails, or "spam," to registered Tagged users through the website's message system, seeking to fraudulently entice Tagged users to click on hyperlinks in these spam messages that take them to an adult dating website called XXXBlackBook (http://www.xxxblackbook.com) (Compl. ¶¶ 27, 28; Sargent Decl. Exh. 2). By funneling Tagged users to websites like XXXBlackBook in this fashion, affiliate spammers allegedly receive compensation from third parties — deemed "affiliate programs" in the complaint — who themselves profit from the internet traffic generated by this spam (Compl. ¶¶ 30, 32, 34).

To prevent such activities, plaintiff instituted a number of technological security measures within the Tagged social network. First, plaintiff prevented affiliate spammers from sending messages that would direct Tagged users to the XXXBlackBook website, presumably by unilaterally blocking any message that contained the URL "http://www.xxxblackbook.com." Second, plaintiff placed a limit on the number of messages a single Tagged user account could send to other users within a single day ( id. ¶ 37). Affiliate spammers, however, found ways to circumvent these measures. Instead of using hyperlinks in their messages that took users directly to the XXXBlackBook website, the affiliate spammers would use an intermediary website — with a URL that was not blocked by Tagged — that would automatically forward the user to the intended XXXBlackBook destination. Similarly, to defeat the daily message limitation, affiliate spammers created multiple fraudulent user accounts on Tagged to send their spam emails ( ibid.).

Plaintiff's original complaint targeting these activities, filed on April 17, 2009, named only "doe" defendants as affiliate programs and affiliate spammers for XXXBlackBook (Dkt. No. 1). Shortly thereafter, leave was granted for plaintiff to take discovery to ascertain the identities of the affiliate spammers and programs that sponsor their activities (Dkt. No. 10). A few months later, defendant Erik Vogeler was named by plaintiff as an affiliate spammer in the amended complaint filed on October 23, 2009.

Plaintiff alleges that defendant, by means of multiple fraudulently created user accounts, initiated 4,273 spam emails on July 16, 2009, alone, to Tagged users through the Tagged website (Compl. ¶¶ 29, 33). Plaintiff alleges that between July 15, 2009, and July 19, 2009, defendant Vogeler initiated 6,079 spam emails (Suppl. Dworak Decl. ¶¶ 5, 13). Two examples showing the content of these messages allegedly sent by defendant are included below (Compl. ¶ 29; Dworak Decl. Exh. D):

"you look cool! I have some new pics of me too would love if u could check and rate them —

"what's up;) you sure look nauughty [ sic]! I have some new pics of me too would love it you could check and rate them —

is"

Plaintiff alleges that Tagged users who were tricked into visiting the links provided in these messages were automatically redirected to www.xxxblackbook.com, and that defendant was credited by affiliate programs for bringing those users to XXXBlackBook's website (Compl. ¶ 30; Dworak Decl. ¶ 13). The intermediary website used in all 6,079 spam emails was "www.uscoesdatingforlove.com" (Dworak Decl. ¶ 12; Suppl. Dworak Decl. ¶ 5).

None of the Tagged user accounts used to sent the 6,079 spam emails was registered under the name Erik Vogeler (Dworak Decl. ¶ 25; Suppl. Dworak Decl. ¶¶ 4, 5). Additionally, plaintiffs could not rely on the IP addresses used to post the 6,079 spam emails to identify defendant, since the pattern of IP addresses indicated the use of a proxy server ( see Dworak Decl. ¶ 26; Sargent Decl. Exhs. 8, 9; Suppl. Dworak Decl. ¶ 13).

Defendant's identification was based solely upon the search of WHOIS data, which is data that can identify the person or entity that registered a particular URL. According to the publically searchable WHOIS database at http://whois.domaintools.com, the registrant of the URL "www.uscoesdatingforlove.com" is Erik Vogeler of 2669 East Jenny Ave., Fresno, CA, 93720 (Sargent Decl. Exh. 6).

* * *

On October 23, 2009, a summons was issued as to defendant Erik Vogeler (Dkt. No. 26). At 7:18 p.m. on October 27, 2009, defendant was personally served at his residence in Fresno with a copy of the summons, civil cover sheet, first amended complaint, clerk's notice rescheduling hearing time, order setting initial case management conference and ADR deadlines, and plaintiff's certificate of interested entitles or persons (Dkt. No. 27). After defendant failed to answer the complaint within 21 days of service pursuant to FRCP 12(a), plaintiff filed a motion for entry of default against defendant on November 11, 2009 (Dkt. No. 30). In its motion for entry of default, plaintiff filed a sworn declaration that it knew no information that suggested that defendant was a minor, an incompetent person, or a person in military service or otherwise exempted from default judgment under the Soldiers' and Sailors' Civil Relief Act of 1940 (Dkt. No. 30; Hennessy Decl. ¶ 6).

Following entry of default pursuant to FRCP 55(a), plaintiff filed this motion seeking default judgment against defendant Erik Vogeler (Dkt. Nos. 32-34). Plaintiff, however, seeks default judgment on only nine of the twelve claims for relief set forth in the amended complaint, and seeks relief for only five of these nine (Dkt. No. 34 at 9). Defendant did not appear, either personally or by a representative, at the hearing on this motion, and has not appeared in any capacity at any stage of this action.

ANALYSIS

Upon entry of default, the well-pled factual allegations of the complaint, except those relating to the amount of damages, are taken as true. TeleVideo Systems, Inc. v. Heidenthal, 826 F.2d 915, 917 (9th Cir. 1987). However, "necessary facts not contained in the pleadings, and claims which are legally insufficient, are not established by default." Cripps v. Life Ins. Co. of No. America, 980 F.2d 1261, 1267 (9th Cir. 1992). Thus, default does not automatically entitle plaintiff to a judgment. Rather, granting or denying relief is within the court's sound discretion, and default judgment may be refused where the court determines no justifiable claim has been alleged. Draper v. Coombs, 792 F.2d 915, 924 (9th Cir. 1986).

In Eitel v. McCool, 782 F.2d 1470, 1471-1472 (9th Cir. 1986), the Ninth Circuit set forth seven factors for district courts to consider when ruling on a motion for default judgment:

1. The possibility of prejudice to plaintiff if relief is denied;

2. The substantive merits of plaintiff's claim;

3. The sufficiency of the complaint;

4. The amount of money at stake;

5. The possibility of dispute as to any material facts in the case;

6. Whether default resulted from excusable neglect; and

7. The strong FRCP policy favoring decisions on the merits.

Before applying the Eitel factors to this case, a few preliminary issues must be addressed.

I. ELIGIBILITY FOR DEFAULT JUDGMENT: NOTICE AND JURISDICTION.

Under the Federal Rules and the Soldiers' and Sailors' Civil Relief Act of 1940, default judgments cannot be entered against persons in military service, or against minors or incompetent persons unless a general guardian, conservator, or like fiduciary has appeared. FRCP 55(b)(2); 50 U.S.C. App. § 520. Because defendant has made no appearances whatsoever in this action, and plaintiff's declaration accompanying its motion for entry of default asserts that it is aware of no information indicating that defendant falls within any of these exceptions, this order finds that default judgment is not barred on these grounds (Dkt. No. 30; Hennessy Decl. ¶ 6).

With respect to notice, a defendant is only entitled to notice before a hearing on a motion for default judgment if he has made a prior appearance in the action. FRCP 55(b)(2). Here, despite service of the complaint and summons, defendant has made no appearance herein, and therefore no notice was required. It should be noted, however, that plaintiff still served defendant by mail on December 10, 2009, well in advance of the hearing on January 21, 2010 (Dkt. No. 39).

Venue and personal jurisdiction over defendant have been properly established, because (1) a substantial part of the events that gave rise to the claims occurred in this district, (2) the servers used by Tagged to maintain its website are located in San Francisco, California (and therefore, all messages sent via Tagged flows through San Francisco, California), and (3) defendant Erik Vogeler maintains a residence in Fresno, California (Compl. ¶¶ 9, 14, 15).

II. DEFAULT JUDGMENT.

Plaintiff asserts twelve claims in its amended complaint: (1) fraud and deceit; (2) aiding and abetting fraud and deceit; (3) violation of the Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003 (the "CAN-SPAM Act"), 15 U.S.C. 7701, et seq.; (4) violation of California Business and Professions Code Section 17529.5; (5) violation of the Computer Fraud and Abuse Act ("CFAA"), 18 U.S.C. 1030; (6) violation of California Penal Code Section 502; (7) intentional interference with contractual relations; (8) intentional interference with prospective contractual relations; (9) trespass to chattels; (10) copyright infringement, 17 U.S.C. 101, et seq.; (11) violation of the Digital Millennium Copyright Act, 17 U.S.C. 1201, et seq.; and (12) violation of California Business and Professions Code Section 17200 ( id. ¶¶ 7-19).

As to defendant Vogeler, plaintiff asserts only nine claims — specifically Claims 1, 3, 4, 5, 6, 7, 8, 9, and 12 listed above. However, in this motion, plaintiff request relief against defendant Vogeler only on five claims — specifically, Claims 1, 3, 4, 5, and 6 listed above. Accordingly, only these five claims for which plaintiff seeks relief will be addressed in turn.

A. Merits of Substantive Claims Sufficiency of the Complaint.

Under the rule set forth in Eitel, both the merits of the plaintiff's substantive claims and the sufficiency of the complaint must be examined. Since the well-pleaded factual allegations in the complaint are taken as true at the moment default is entered, these two Eitel factors are often considered together.

It should be noted at the onset of this analysis that the sufficiency of the complaint requires two separate inquires: (1) whether the plaintiff has pled all required elements of a particular cause of action, and (2) whether the plaintiff has provided the sufficient level of particularity under the appropriate standard. See Ashcroft v. Iqbal, 129 S.Ct. 1937 (2009).

1. Claim 1: Fraud Deceit.

Plaintiff's claim for fraud and deceit is grounded in allegations of intentional misrepresentation and concealment (Compl. ¶¶ 41-59). To determine if the elements of fraud have been pleaded to state a claim for relief, district courts look to state law. Kearns v. Ford Motor Co., 567 F.3d 1120, 1126 (9th. Cir. 2009) (citations omitted). In California, the elements of a cause of action for fraud are: "(a) misrepresentation (false representation, concealment, or nondisclosure); (b) knowledge of falsity (or `scienter'); (c) intent to defraud, i.e., to induce reliance; (d) justifiable reliance; and (e) resulting damage." Engalla v. Permanente Med. Group, Inc., 938 P.2d 903 (Cal. 1997) (internal quotation marks omitted). "`[W]hile a federal court will examine state law to determine whether the elements of fraud have been pled sufficiently to state a cause of action, the Rule 9(b) requirement that the circumstances of the fraud must be stated with particularity is a federally imposed rule.'" Vess v. Ciba-Geigy Corp. USA, 317 F.3d 1097, 1102 (9th Cir. 2003) (citation omitted, emphasis omitted, brackets in original).

Here, plaintiff alleges that defendant misrepresented himself to Tagged and to other Tagged users that he was seeking to use Tagged for social networking purposes (Compl. ¶ 42). Plaintiff alleges that defendant failed to disclose that he intended to use Tagged to send unsolicited commercials emails containing links to an adult dating website ( id. ¶¶ 43, 48). Defendant intended that Tagged users rely on his representation that he was a legitimate Tagged user ( id. ¶ 44). Plaintiff alleges that it allowed defendant to create multiple accounts, access its network, and send emails to other users based on his misrepresentation ( id. ¶ 45). Tagged users were tricked into clicking or entering the links contained in defendant's emails ( ibid.). Defendant's actions injured Tagged by (1) decreasing its servers' response time, (2) causing higher-bandwidth utilization, (3) expanding its resources on hardware, software repairs and upgrades to protected Tagged users, (4) hiring additional personnel to monitor and stop spammers like defendant, (5) deterring users and potential users, and (6) damaging Tagged's goodwill and reputation ( id. ¶ 46). Thus, plaintiff has stated a claim for fraud.

ii. Claim 3: CAN-SPAM Act Violations.

Plaintiff's claim for violation of the CAN-SPAM Act alleges violations of 15 U.S.C. 7704(a)(1), 15 U.S.C. 7704(a)(2), and 15 U.S.C. 7704(a)(5). These separate violations will be addressed in turn.

a. 17 U.S.C. 7704(a)(1) — False Header Information.

15 U.S.C. 7704(a)(1) prohibits transmission of commercial email that contain materially false or materially misleading header information. 15 U.S.C. § 7704(a)(1). Plaintiff alleges that it is an internet access service as defined by the statute (Compl. ¶ 57), that defendant's emails constituted "electronic mail messages" sent to an "electronic mail address" as protected by the statute, Myspace v. Wallace, 498 F. Supp. 2d 1293, 1301-02 (C.D.Cal. 2007), and these emails were sent for commercial purposes because they sought to promote a commercial dating website and generate profit for defendant (Compl. ¶¶ 3, 6, 27-32, 62). A header is "materially" misleading if it impairs an internet access service's ability to "identify, locate, or respond to a person who initiated the electronic mail message." 15 U.S.C. § 7704(a)(6). Plaintiff alleges that defendant's email messages contained materially false and misleading header information because they failed to identify that they came from defendant (Dworak Decl. ¶¶ 12-25; Suppl. Dworak Decl. ¶¶ 6-12). Plaintiff alleges that defendant's actions were calculated to lead Tagged users who received defendant's messages to believe that the emails came from other Tagged users who sought them out for personal and social reasons (Compl. ¶ 37; Dworak Decl. ¶¶ 12, 17, 18; Suppl. Dworak Decl. ¶¶ 8-12). Thus, plaintiff has stated a claim under 15 U.S.C. 7704(a)(1).

b. 17 U.S.C. 7704(a)(2) — Misleading Subject Headings.

15 U.S.C. 7704(a)(2) prohibits a person from transmitting commercial emails containing a subject heading that he knows would likely mislead the recipient about a material fact regarding the content or subject matter of the message. 15 U.S.C. § 7704(a)(2). Pursuant to 15 U.S.C. 7704(g)(1), internet access services must also prove that there's a pattern or practice violating 15 U.S.C. 7704(a)(2). Here, plaintiff alleges that defendant's email had subject lines such as "how are u," and "whassup," leading recipients to believe that the emails were personal messages, not unsolicited commercial messages with links to an adult dating website (Dworak Decl. ¶ 20, Exhs. D, E; Compl. ¶¶ 28-30; Suppl. Dworak Decl. ¶ 7, Exh. B). Plaintiff alleges that defendant sent thousands of emails in a matter of days which amounted to a pattern or a practice violating 15 U.S.C. 7704(a)(2) (Dworak Decl. ¶ 12, 17-20, Exhs. D, E; Suppl. Dworak Decl. ¶ 4-5, 13, Exh. B). Thus, plaintiff states a claim under 15 U.S.C. 7704(a)(2).

c. 17 U.S.C. 7704(a)(5) — Required Information.

15 U.S.C. § 7704(a)(5) requires that all commercial emails contain (1) clear and conspicuous identification that the message is an advertisement or solicitation, (2) clear and conspicuous notice of the opportunity to decline to receive further commercial electronic mail messages, and (3) a valid physical postal address for the sender. 15 U.S.C. § 7704(a)(5)(A). Pursuant to 15 U.S.C. 7704(g)(1), internet access services must also prove that there's a pattern or practice that violates 15 U.S.C. 7704(a)(5). Plaintiff alleges that defendant's emails contained none of the required information (Dworak Decl. ¶ 20, Exhs. D, E; Compl. ¶ 65; Suppl. Dworak Decl. ¶ 7, Exh. B). As already stated above, defendant's thousands of email messages also constituted "a pattern or a practice." Accordingly, plaintiff has stated a claim for a violation of 15 U.S.C. 7704(a)(5).

iii. Claim 4: California Business and Professions Code Section 17529.5 Violations.

Many state laws contain analogues to the Federal CAN-SPAM Act, and California is no exception. Under California law, "[i]t is unlawful for any person or entity to advertise in a commercial e-mail advertisement either sent from California or sent to a California electronic mail address" where "[t]he e-mail advertisement contains or is accompanied by falsified, misrepresented, or forged header information" or "[t]he e-mail advertisement has a subject line that a person knows would be likely to mislead a recipient, acting reasonably under the circumstances, about a material fact regarding the contents or subject matter of the message." Cal. Bus. Prof. Code §§ 17529.5(a)(2), (3). Plaintiff alleges that defendant violated these two subsections by his actions.

Before proceeding, the issue of federal preemption must be addressed. This is because the federal CAN-SPAM Act contains an express preemption clause, that states:

This chapter supersedes any statute, regulation, or rule of a State or political subdivision of a State that expressly regulates the use of electronic mail to send commercial messages, except to the extent that any such statute, regulation, or rule prohibits falsity or deception in any portion of a commercial electronic mail message or information attached thereto. This chapter shall not be construed to preempt the applicability of . . . State laws to the extent that those laws relate to acts of fraud or computer crime.

With this precedent in mind, this order turns to the specific claims alleged.

a. California Business and Professions Code Section 17529.5(a)(2) — Header Information.

Section 17529.5(a)(2) prohibits email advertisement containing falsified, misrepresented, or forged header information from or to a California email address. As stated above, defendant Vogeler's email messages were sent for commercial purposes, and contained falsified, misrepresented, or forged header information and misled recipients as to the identity of the sender. Additionally, plaintiff's servers, which house all of Tagged's electronic user accounts and information, are located in California (Dworak Decl. ¶ 4). Thus, each time a Tagged user logs onto Tagged.com to review, send, or reply to a message, the user accesses a server located in California ( id. ¶ 29; Compl. ¶ 75). Accordingly, plaintiff has stated a claim under Section 17529.5(a)(2).

b. California Business and Professions Code Section 17529.5(a)(3) — Subject Line.

Section 17529.5(a)(3) prohibits email advertisement from or to a California email address with a subject line that a person would be likely to mislead a recipient about a material fact "regarding the contents or subject matter of the message." Cal. Bus. Prof. Code § 17529.5(a)(3). As stated above, defendant Vogeler's email messages were sent for commercial purposes and contained a subject line that were likely to mislead recipients as to their actual subject matter. Thus, plaintiff has stated a claim under Section 17529.5(a)(3).

iv. Claim 5: CFAA Violations.

In addition to setting forth particular acts warranting criminal punishment, CFAA authorizes a civil cause of action, which states:

Any person who suffers damage or loss by reason of a violation of this section may maintain a civil action against the violator to obtain compensatory damages and injunctive relief or other equitable relief. A civil action for a violation of this section may be brought only if the conduct involves 1 of the factors set forth in subclauses (I), (II), (III), (IV), or (V) of subsection (c)(4)(A)(I). Damages for a violation involving only conduct described in subsection (c)(4)(A)(i)(I) are limited to economic damages. No action may be brought under this subsection unless such action is begun within 2 years of the date of the act complained of or the date of the discovery of the damage. No action may be brought under this subsection for the negligent design or manufacture of computer hardware, computer software, or firmware.

(I) loss to 1 or more persons during any 1-year period (and, for purposes of an investigation, prosecution, or other proceeding brought by the United States only, loss resulting from a related course of conduct affecting 1 or more other protected computers) aggregating at least $5,000 in value;

(II) the modification or impairment, or potential modification or impairment, of the medical examination, diagnosis, treatment, or care of 1 or more individuals;

(III) physical injury to any person;

(IV) a threat to public health or safety;

(V) damage affecting a computer used by or for an entity of the United States Government in furtherance of the administration of justice, national defense, or national security;

(8) the term "damage" means any impairment to the integrity or availability of data, a program, a system, or information;

. . . .

(11) the term "loss" means any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service; and

(12) the term "person" means any individual, firm, corporation, educational institution, financial institution, governmental entity, or legal or other entity.

a. 18 U.S.C. 1030(a)(4) — Unauthorized Access with Intent to Defraud.

Section 1030(a)(4), in conjunction with subsection(g), creates civil liability for whoever:

knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period.

b. 18 U.S.C. 1030(a)(5)(A) — Unauthorized Transmission.

Section 1030(a)(5)(A), in conjunction with subsection(g), creates civil liability for whoever "knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer." 18 U.S.C. § 1030(a)(5)(A). Plaintiff alleges that defendant, by sending out his email messages, knowingly caused the transmission of information and intentionally caused damage without authorization to plaintiff (Dworak Decl. ¶ 26; Compl. ¶¶ 37, 46, 83; Suppl. Dworak Decl. ¶ 13). Thus, plaintiff has stated a claim under 18 U.S.C. 1030(a)(5)(A).

c. 18 U.S.C. 1030(a)(5)(B) — Reckless Unauthorized Access.

Section 1030(a)(5)(B), in conjunction with subsection(g), creates civil liability for whoever "intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage." 18 U.S.C. § 1030(a)(5)(B). Plaintiff alleges that defendant intentionally accessed Tagged's network and computers to create multiple fraudulent accounts without authorization and sent spam emails and recklessly caused damage to Tagged (Compl. ¶¶ 46, 84). Thus, plaintiff has stated a claim under 18 U.S.C. 1030(a)(5)(B).

d. 18 U.S.C. 1030(a)(5)(C) — Unauthorized Access.

Section 1030(a)(5)(C), in conjunction with subsection(g), creates civil liability for whoever "intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage and loss." 18 U.S.C. § 1030(a)(5)(C). Plaintiff alleges that defendant intentionally accessed Tagged's computers without authorization and caused damage to Tagged (Compl. ¶¶ 46, 85). Plaintiff has stated a claim under 18 U.S.C. 1030(a)(5)(c).

v. Claim 6: California Penal Code Section 502 Violations.

Just as California Business and Professions Code Section 17529.5 authorizes analogous state actions to those available under the CAN-SPAM Act, California Penal Code Section 502 allows analogous state actions to those set forth in CFAA. Like CFAA, Section 502 authorizes civil actions to be brought for otherwise criminal conduct. Specifically, "the owner or lessee of the computer, computer system, computer network, computer program, or data who suffers damage or loss by reason of a violation of any of the provisions of subdivision (c) [of Section 502] may bring a civil action against the violator for compensatory damages and injunctive relief or other equitable relief." Cal. Penal Code § 502(e)(1).

Plaintiff alleges four violations under subdivision (c) of Section 502.

a. California Penal Code Section 502(c)(1).

Section 502(c)(1) provides that:

Except as provided in subdivision (h), any person who commits any of the following acts is guilty of a public offense: (1) Knowingly accesses and without permission alters, damages, deletes, destroys, or otherwise uses any data, computer, computer system, or computer network in order to either (A) devise or execute any scheme or artifice to defraud, deceive, or extort, or (B) wrongfully control or obtain money, property, or data.

Cal. Penal Code § 502(c)(1). Plaintiff alleges that defendant knowingly and without permission accessed Tagged's computers and network to carry out his spam campaign (Compl. ¶¶ 90-92). Plaintiff has stated a claim under Section 502(c)(1). b. California Penal Code Section 502(c)(2).

Section 502(c)(2) creates criminal liability for whoever:

Knowingly accesses and without permission takes, copies, or makes use of any data from a computer, computer system, or computer network, or takes or copies any supporting documentation, whether existing or residing internal or external to a computer, computer system, or computer network.

Cal. Penal Code § 502(c)(2). Plaintiff alleges that defendant knowingly and without permission used Tagged's computers and network (Compl. ¶¶ 90-91, 93). Plaintiff has stated a claim under Section 502(c)(2).

c. California Penal Code Section 502(c)(3).

Section 502(c)(3) creates criminal liability for whoever "[k]nowingly and without permission uses or causes to be used computer services." Cal. Penal Code § 502(c)(3). Plaintiff alleges that defendant knowingly and without permission used Tagged's computers and network (Compl. ¶¶ 90-91, 94). Plaintiff has stated a claim under Section 502(c)(3).

d. California Penal Code Section 502(c)(7).

Section 502(c)(7) creates criminal liability for whoever: "[k]nowingly and without permission accesses or causes to be accessed any computer, computer system, or computer network." Cal. Penal Code § 502(c)(7). Plaintiff alleges that defendant knowingly and without permission accessed Tagged's computers and network (Compl. ¶¶ 90-91, 95). Plaintiff has stated a claim under Section 502(c)(7).

B. Remaining Eitel Factors.

The remainder of the Eitel factors favor entering default judgment on these claims in favor of plaintiff. If this motion is not granted, plaintiff will be left without a remedy or a means to prevent defendant Vogeler from further violations. The large amount of money (nearly eight million dollars) that plaintiff seeks disfavors default judgment. See Eitel, 782 F.2d at 1472 (stating that a three million dollar judgment at stake, considered in light of the parties' dispute as to material facts, supported the court's decision not to enter default judgment). Defendant never answered or otherwise responded to the complaint, so it is unclear whether there would be any dispute over material facts. Defendant has refused to litigate this case. There is no evidence that defendant's failure to respond was the result of an excusable neglect. Although federal policy does favor a decision on the merits, FRCP 55(b) does allow entry of default judgment in situations such as this, where the defendant has refused to litigate. On balance, the Eitel factors weigh in favor of granting default judgment.

III. DETERMINATION OF RELIEF.

Plaintiff seeks permanent injunction, statutory damages, liquidated damages, and attorney's fees and costs against defendant Vogeler.

A. Damages.

Courts may award the minimum damages authorized for violations of a statute without conducting a default hearing. However, if the complaint seeks more than the statutory minimum, plaintiffs are generally required to produce evidence supporting the damages sought.

i. CAN-SPAM Act.

A plaintiff may elect to recover monetary damages in an amount equal to the greater of actual losses or statutory damages specified by the CAN-SPAM Act. See 15 U.S.C. § 7706(g)(1). Plaintiff elects to recover statutory damages here. CAN-SPAM Act statutory damages are calculated as follows:

(3) Statutory damages.

(A) In general. For purposes of paragraph (1)(B)(ii), the amount determined under this paragraph is the amount calculated by multiplying the number of violations (with each separately addressed unlawful message that is transmitted or attempted to be transmitted over the facilities of the provider of Internet access service, or that is transmitted or attempted to be transmitted to an electronic mail address obtained from the provider of Internet access service in violation of section 5(b)(1)(A)(i) [ 15 USCS § 7704(b)(1)(A)(i)], treated as a separate violation) by —

(i) up to $100, in the case of a violation of section 5(a)(1) [ 15 USCS § 7704(a)(1)]; or

(ii) up to $25, in the case of any other violation of section 5 [ 15 USCS § 7704].

(B) Limitation. For any violation of section 5 [ 15 USCS § 7704] (other than section 5(a)(1) [ 15 USCS § 7704(a)(1)]), the amount determined under subparagraph (A) may not exceed $1,000,000.

(C) Aggravated damages. The court may increase a damage award to an amount equal to not more than three times the amount otherwise available under this paragraph if —

(i) the court determines that the defendant committed the violation willfully and knowingly; or

(ii) the defendant's unlawful activity included one or more of the aggravated violations set forth in section 5(b) [ 15 USCS § 7704(b)].

Plaintiff asserts that defendant initiated 6,079 illegal emails, and seeks the maximum penalty of $100 per violation, resulting in an award of $607,900. Furthermore, plaintiff asserts that defendant's willful and intentional conduct is deserving of aggravated damages pursuant to 15 U.S.C. 7706(g)(3)(C). Plaintiff points out that defendant created several fraudulent accounts on the same date and time, sometimes within mere seconds of each other, and that these accounts were accessed from IP addresses with servers located all over the world, indicating that defendant is in the business of sending commercial spam. Plaintiff seeks to treble the statutory damages to $1,823,700.

It is true that defendant's violations, from what plaintiff has alleged, were intentional and willful, and statutory damage awards are justified to punish defendant and to deter future violations. See Peer International Corp. v. Paisa Records Inc., 909 F.2d 1332, 1332 (9th Cir. 1990). That does not justify an award of nearly two million dollars under the CAN-SPAM Act to plaintiff. A court has wide discretion to determine the amount of statutory damages between the statutory maxima and minima. Harris v. Emus Records Corp., 734 F.2d 1329, 1335 (9th Cir. 1984). In calculating statutory damage, some courts have looked to estimates of actual damages. Sara Lee Corp. v. Bags of New York, Inc., 36 F. Suppl. 2d 161, 170 (S.D.N.Y. 1999). Here, plaintiff gives no estimates of actual damages to itself nor how much defendant profited from his actions. Plaintiff cites to three other default judgment orders to supports its position that it is entitled to nearly two million dollars in this instant action. In Facebook v. Guerbuez, No. C08-03889 (N.D.Cal. decided Nov. 21, 2008), Facebook was awarded $873 million against a defendant who had sent four million spam emails to other Facebook users. In Myspace v. Wallace, 2008 U.S. Dist. LEXIS 75752 (C.D.Cal. May 28, 2008), Myspace was awarded $223 million against a defendant who had sent nearly 400,000 messages and posted 890,000 comments from 320,000 "hijacked" Myspace.com user accounts.

In contrast, in this instant action, defendant Vogeler sent 6,079 individual emails to 6,079 Tagged users. Accordingly, this order concludes that it is just to award statutory damages of $25 per violation, amounting to a total of $151,975. These damages along with permanent injunction will adequately serve the purpose of punishment and deterrence.

ii. California Business and Professions Code Section 17529.5.

Plaintiff also seeks to recover liquidated damages pursuant to California Business and Professions Code Section 17529.5(b)(1)(B)(ii), which authorizes successful plaintiffs to recover liquidated damages as follows:

(ii) Liquidated damages of one thousand dollars ($1,000) for each unsolicited commercial e-mail advertisement transmitted in violation of this section, up to one million dollars ($1,000,000) per incident.

Cal. Bus. Pro. Code § 17529.5(b)(1)(B)(ii). Plaintiff seeks to recover $1000 for each spam email, for a total of $6,079,000. This order finds that an award of over six million dollars is not proportionate to defendant Vogeler's conduct and denies to award any liquidated damages to plaintiff. Statutory damages of $151,975 granted under the CAN-SPAM Act and permanent injunction against defendant Vogeler will be adequate.

B. Permanent Injunction.

Plaintiff seeks permanent injunction against defendant Vogeler from further violations pursuant to 18 U.S.C. 1030(g) and California Penal Code Section 502. Both statutory provisions allow a plaintiff to obtain injunctive relief or other equitable relief for violation of respective statutory provisions. 18 U.S.C. § 1030(g); Cal. Penal Code § 502(e)(1). Here, plaintiff has sufficiently pled facts demonstrating that defendant acted illegally and caused damage to plaintiff. Defendant's failure to appear in this action or respond to the allegations in the complaint give no indication that he would stop his spamming activities in the future. Plaintiff alleges that when it attempted to prevent spamming by limiting the number of messages a Tagged user can send out in a day, defendant created multiple fraudulent Tagged accounts to circumvent plaintiff's security measures (Compl. ¶ 37). Defendant also deliberately implemented other tactics to circumvent plaintiff's security measures such as creating intermediary landing pages such as www.uscoesdating.com and using IP addresses from other parts of the world ( ibid.). Thus, plaintiff sufficiently has demonstrated a reasonable likelihood of defendant's future violations. Plaintiff's request for permanent injunction is granted.

C. Attorney's Fees and Costs.

Plaintiff seeks to recover $74,752.50 in attorney's fees and litigation costs of $577.25. Reasonable attorney's fees may be awarded under California Penal Code Section 502(e) and reasonable attorney's fees and costs may be recovered under California Business and Profession Code Section 17529.5.

Plaintiff's counsel has filed a declaration describing the tasks they have performed in this action, each individual's billing rate, and the costs incurred due to this action (Hennessy Decl.). The amount of attorney's fees and costs asked for by plaintiff seems high under the circumstances. Accordingly, plaintiff will be granted $50,000 in attorney's fees and costs.

CONCLUSION

For the above reasons, plaintiff's motion for default judgment, request for statutory and liquidated damages, and permanent injunction is GRANTED-IN-PART. This order permanently enjoins defendant Vogeler and his agents, servants, employees, attorneys, affiliates, distributors, successors and assigns, and any other persons acting in concert or participation with them from:

1. Initiating, originating, procuring, transmitting, sending, or causing to be sent commercial electronic messages or any other commercial communications on or through Tagged's computers, Tagged's website, or Tagged's networks;

2. Paying, inducing, persuading, facilitating, enticing, or causing others to initiate, originate, procure, transmit, send, or cause to be sent commercial electronic messages or any commercial communications on or through Tagged's computers, Tagged's website, or Tagged's networks;

3. Accessing or attempting to access Tagged's website, networks, data, information, user information, profiles, computers and/or computer systems for commercial purposes;

4. Engaging in any activity that is intended to harm Tagged;

5. Circumventing technological measures that control access to Tagged's website and/or portions thereof, or inducing, encouraging, causing or materially contributing to any other person or entity to do the same; and

6. Misusing or abusing Tagged, the Tagged website, or Tagged services in any manner.

Plaintiff has the responsibility to serve the injunction order in such a manner as to make it operative in contempt proceedings. Plaintiff is awarded $151,975 in damages and $50,000 in attorney's fees and costs.

IT IS SO ORDERED.