From Casetext: Smarter Legal Research

TD Ameritrade, Inc. v. Matthews

UNITED STATES DISTRICT COURT FOR THE DISTRICT OF ALASKA
Dec 20, 2018
Case No. 3:16-cv-00136-SLG (D. Alaska Dec. 20, 2018)

Opinion

Case No. 3:16-cv-00136-SLG

12-20-2018

TD AMERITRADE, INC., TD AMERITRADE HOLDING CORPORATION, INC., TD AMERITRADE IP COMPANY, INC., and TD AMERITRADE SERVICES COMPANY, INC., Plaintiffs, v. JAMES RICHARD MATTHEWS, Defendant.


ORDER RE MOTION TO DISMISS

Before the Court at Docket 100 is Plaintiffs' (collectively, "TD Ameritrade") Motion to Dismiss Defendant's Third Amended Counterclaims. Defendant James Matthews filed an opposition to the motion at Docket 103 and TD Ameritrade filed a reply at Docket 106. Oral argument was not requested and was not necessary to the Court's decision. For the reasons set forth below, the Motion to Dismiss will be denied.

BACKGROUND

This is TD Ameritrade's third motion to dismiss. The underlying facts of this case are set forth in the Court's orders on TD Ameritrade's first and second motions to dismiss; they are not repeated here. The pertinent facts as alleged in Mr. Matthews' Third Amended Answer and Counterclaims ("TAAC") are briefly summarized as follows:

See Docket 62 (Order re Motion to Dismiss); Docket 97 (Order re Pending Motions).

In early 2012, Mr. Matthews became aware of TD Ameritrade's thinkorswim applications program interface ("API"). On or about April 11, 2012, Mr. Matthews opened a live, unfunded, user-modifiable investment account with TD Ameritrade. This allowed him access to TD Ameritrade's thinkorswim API, which enabled him to create a self-directed trading environment. Mr. Matthews alleges he created analytical tools using the API, as expressly permitted by thinkorswim. He alleges users such as him were encouraged to practice with the API and were encouraged to devise their own software programs and modify software routines that were not locked. Mr. Matthews alleges that he has never "claimed that any of the source code created by him . . . was based upon a modification of any code or software from any TD Ameritrade website or trading platform, nor was it in any manner derived from any of TD Ameritrade's software." Mr. Matthews obtained a copyright registration for certain computer code effective June 28, 2012.

Docket 98 (Third Am. Answer and Countercls.) at 11, ¶¶ 61, 62.

Docket 98 at 12, ¶ 68.

Docket 98 at 12, ¶ 68.

Docket 98 at 12, ¶ 69.

Docket 98 at 12, ¶¶ 70, 71.

Docket 98 at 17-18, ¶ 103. Mr. Matthews had alleged in his First Amended Answer and Counterclaims that he "created analytical tools . . . in [a] novel manner, using the API" and that users of TD Ameritrade's thinkorswim "were permitted and encouraged to modify software routines available on the site." Docket 33 at 10-11, ¶¶ 64, 66.

Docket 98 at 16, ¶ 92.

Attached to the TAAC is an unsigned licensing agreement that Mr. Matthews maintains he downloaded from TD Ameritrade's website in March 2017; he asserts that it "is substantially the same" as the one in effect in May 2012. He alleges that he did not have any agreement with TD Ameritrade that precluded him from filing for copyright protection for software created by him "in connection with the TD Ameritrade website and software." He alleges that the primary purpose of the Client Agreement he admits that he did have with TD Ameritrade was to govern stock trading activity and that the Court must determine "what, if any licensing agreement existed between the parties" and then the Court "must reconcile all such agreements — which cannot be done as a matter of a pleading."

Docket 98 at 13, ¶ 76, referencing Docket 98-3 (Exhibit C—License Agreement with Commercial Affidavit of James Richard Matthews dated June 10, 2015); see also Docket 98-2 (Exhibit B—License Agreement dated Aug. 14, 2017).

Docket 98 at 14, ¶¶ 78-79.

Docket 98 at 14, ¶ 82.

The TAAC alleges that on May 27, 2012, TD Ameritrade perpetrated a "cyber attack" against Mr. Matthews' computer, destroying his hard drive controller. The TAAC further alleges that prior to destroying Mr. Matthews' hardware, TD Ameritrade copied the routines that Matthews had created. Mr. Matthews maintains that he had certain specified "protective devices . . . enabled[] in [his] hardware and software" when his routines were copied, including encryption and anti-virus and firewall software. He further maintains that "[a]ll or most of the software stolen by thinkorswim had a copyright notice imbedded by Matthews that clearly identified Matthews, and his claim to copyright." Mr. Matthews alleges that TD Ameritrade continues to use, provide, and permit others to use Mr. Matthews' copyrighted code.

Docket 98 at 15, ¶ 86.

Docket 98 at 15, ¶ 87.

Docket 98 at 24-25, ¶ 133.

Docket 98 at 15, ¶ 89.

Docket 98 at 16, ¶ 94.

On June 27, 2016, TD Ameritrade filed its Complaint, alleging causes of action for declaratory judgment, cancellation and release of claimed nonconsensual common law lien, and injunctive relief. On September 9, 2016, TD Ameritrade filed a First Amended Complaint, alleging the same causes of action as the original complaint.

Docket 1 (Compl.) at 11-13, ¶¶ 34-46.

Docket 4 (Am. Compl.).

Mr. Matthews filed an answer to the First Amended Complaint on January 4, 2017. He asserted counterclaims and sought injunctive relief for copyright infringement. On March 20, 2017, Mr. Matthews filed a First Amended Answer to the First Amended Complaint, which also included eight counterclaims: three claims for copyright infringement; an alleged violation to Alaska's Unfair Trade Practices Act; two claims for breach of contract and breach of the implied covenant of good faith and fair dealing; trespass on real property; and a demand for accounting. TD Ameritrade filed a Motion to Dismiss Mr. Matthews' counterclaims. On October 25, 2017, the Court granted TD Ameritrade's Motion to Dismiss, allowing Mr. Matthews to file an amended answer with counterclaims only as to the copyright infringement claims and the breach of an unspecified contract and an associated implied covenant of good faith and fair dealing claim. All other counterclaims were dismissed with prejudice.

Docket 22 (Answer) at 7-8, ¶¶ 54-72.

Docket 33 (Am. Answer) at 14-18, ¶¶ 89-122.

Docket 41 (Mot. to Dismiss).

Docket 62 (Order on Mot. to Dismiss) at 14-15.

Docket 62 at 15.

On November 29, 2017, Mr. Matthews filed a Second Amended Answer and Counterclaims that alleged four counterclaims: a copyright infringement claim in violation of 17 U.S.C. § 101 et seq.; a claimed violation of 17 U.S.C. §§ 1201 and 1202; a claim seeking injunctive relief on claims one and two; and a claim for breach of contract and the implied covenant of good faith and fair dealing. TD Ameritrade again moved to dismiss each counterclaim. On July 16, 2018, this Court denied TD Ameritrade's Motion to Dismiss as to Mr. Matthews' counterclaims for copyright infringement under 17 U.S.C. § 101 et seq., violation of 17 U.S.C. § 1202, and injunctive relief related to those claims. This Court granted TD Ameritrade's Motion to Dismiss as to Mr. Matthews' counterclaims for violation of 17 U.S.C. § 1201 and injunctive relief related to that claim, but allowed Mr. Matthews to file an amended answer as to these counterclaims. His remaining counterclaim for breach of contract and the implied covenant of good faith and fair dealing was dismissed with prejudice. On July 30, 2018, Mr. Matthews filed his TAAC, which now enumerates specific technological measures protecting his hard drive at the time of the alleged hacking attack.

Docket 72 (Second Am. Answer and Countercls. ("SAAC")) at 19-29, ¶¶ 109-49.

Docket 80 (Mot. to Dismiss SAAC) at 21.

Docket 97 at 16-17.

Docket 98 at 24-26, ¶ 133.

LEGAL STANDARD

The legal standard for a motion to dismiss under Rule 12(b)(6) is set out in the Court's prior orders and is not fully restated here. However, the Ninth Circuit recently addressed two topics relevant to TD Ameritrade's motion to dismiss: the incorporation-by-reference doctrine, and judicial notice under Federal Rule of Evidence 201. Both topics are discussed below.

See Docket 62 at 2-3; Docket 97 at 1-2.

See Khoja v. Orexigen Therapeutics, Inc., 899 F.3d 988, 998 (9th Cir. 2018).

"Generally, district courts may not consider material outside the pleadings when assessing the sufficiency of a complaint under Rule 12(b)(6)." However, there are two exceptions to this rule: the incorporation-by-reference doctrine, and judicial notice under Federal Rule of Evidence 201. Judicial notice permits a court to notice adjudicative facts that are "not subject to reasonable dispute." "A fact is 'not subject to reasonable dispute' if it is 'generally known,' or 'can be accurately and readily determined from sources whose accuracy cannot reasonably be questioned.'" Thus, "'[a] court may take judicial notice of matters of public record without converting a motion to dismiss into a motion for summary judgment.' But a court cannot take judicial notice of disputed facts contained in such public records."

Khoja, 899 F.3d at 998 (citing Lee v. City of Los Angeles, 250 F.3d 668, 688 (9th Cir. 2001)); see Fed. R. Civ. P. 12(d) ("If, on a motion under Rule 12(b)(6) or 12(c), matters outside the pleadings are presented to and not excluded by the court, the motion must be treated as one for summary judgment under Rule 56.").

Khoja, 899 F.3d at 998.

Khoja, 899 F.3d at 999 (quoting Fed. R. Evid. 201(b)(1)-(2)).

Id. (citations omitted) (citing Lee, 250 F.3d at 689).

Unlike judicial notice, "incorporation-by-reference is a judicially created doctrine that treats certain documents as though they are part of the complaint itself." A defendant may incorporate a document into a complaint "if the plaintiff refers extensively to the document or the document forms the basis of the plaintiff's claim." Unlike judicial notice, a court "may assume [an incorporated document's] contents are true for purposes of a motion to dismiss under Rule 12(b)(6)." However, "it is improper to assume the truth of an incorporated document if such assumptions only serve to dispute facts stated in a well-pleaded complaint."

Id. at 1002.

United States v. Ritchie, 342 F.3d 903, 908 (9th Cir. 2003).

Marder v. Lopez, 450 F.3d 445, 448 (9th Cir. 2006) (quoting Ritchie, 342 F.3d at 908).

Khoja, 899 F.3d at 1003.

DISCUSSION

Mr. Matthews' TAAC alleges three counterclaims: a copyright infringement claim in violation of 17 U.S.C. § 101 et seq.; a claimed violation of 17 U.S.C. §§ 1201 and 1202; and a claim seeking injunctive relief on claims one and two. TD Ameritrade moves to dismiss each counterclaim for failure to state a claim pursuant to Federal Rule of Civil Procedure 12(b)(6).

Docket 98 at 19-27, ¶¶ 109-42.

Docket 100 at 2.

1. Digital Millennium Copyright Act

Mr. Matthews' second counterclaim alleges violations under 17 U.S.C. §§ 1201 and 1202 of the Digital Millennium Copyright Act ("DMCA"). Section 1201(a) provides that "[n]o person shall circumvent a technological measure that effectively controls access to work protected under this title." The Court's prior order stated that Mr. Matthews had "fail[ed] to specifically allege what technological measure(s), if any Mr. Matthews had on his hard drive at the time of the alleged cyber attack," and granted TD Ameritrade's motion to dismiss the § 1201 counterclaim in Mr. Matthews' SAAC on this basis. Mr. Matthews' TAAC maintains that Mr. Matthews had "protective devices . . . enabled[] in [his] hardware and software" when his routines were copied, including encryption and anti-virus and firewall software. The TAAC also enumerates specific technological measures that were allegedly protecting Mr. Matthews' hard drive at the time of the alleged hacking attack. These additions remedy the deficiency in Mr. Matthews' prior § 1201 counterclaim identified in the Court's prior order.

Docket 98 at 21-26, ¶¶ 125-36.

Docket 97 at 12, 16; see Docket 80 at 9.

Docket 98 at 24, ¶ 133.

Docket 98 at 24-26, ¶ 133.

2. The Plausibility of Mr. Matthews' Hacking Allegation

TD Ameritrade does not contend that Mr. Matthews has failed to allege facts showing "circumvent[ion] [of] a technological measure" in violation of 17 U.S.C. § 1201(a). Instead, TD Ameritrade contends that Mr. Matthews' allegation that TD Ameritrade "perpetrated a cyber-attack" that destroyed his hard drive is implausible and conclusory. It further contends that Mr. Matthews' allegation of a cyber-attack would need to be plausible in order for each of his counterclaims to survive a Rule 12(b)(6) motion to dismiss. TD Ameritrade contends the counterclaims are implausible in three respects: First, it contends that Mr. Matthews' § 1201 claim requires him to allege that TD Ameritrade gained access to his software after bypassing a security feature, and that Mr. Matthews does not explain how TD Ameritrade "could have bypassed the newly alleged protective devices." Second, with respect to Mr. Matthews' § 1202 claim, TD Ameritrade contends that TD Ameritrade would have needed access to Mr. Matthews' software in order to "remove Matthews' [copyright] notice" and "substitute[] their own copyright notice and date in the software" — and that the TAAC suggests that TD Ameritrade obtained that access by perpetrating the alleged cyber-attack. Third, TD Ameritrade notes that Mr. Matthews' copyright infringement claim would also require him to show that TD Ameritrade had "access to his work."

See Docket 41 at 9 (seeking dismissal of the § 1201 counterclaim in Mr. Matthews' SAAC on this basis).

Docket 100 at 4; see Docket 98 at 15, ¶ 86 ("On May 27, 2012, Plaintiffs perpetrated a cyber attack (referred to previously as a 'hacking') against Defendant's computer system, in which they destroyed Defendant's hard drive controller; however, a copy of most of Matthews' code, fortunately, was saved on another drive, and not destroyed."). TD Ameritrade contends that this allegation is particularly implausible in light of the numerous protective measures that Mr. Matthews alleges were in place when his computer was hacked. See Docket 100 at 5.

Docket 100 at 5.

Docket 100 at 4.

Docket 100 at 4-5.

Docket 100 at 3, 4; see Berkic v. Crichton, 761 F.2d 1289, 1291-92 (9th Cir. 1985) ("To establish a successful copyright claim, a plaintiff must show: (1) his ownership of the copyright; (2) the defendant's access to his work; and (3) 'substantial similarity' between the defendant's work and his own.").

"To establish infringement, two elements must be proven: (1) ownership of a valid copyright, and (2) copying of constituent elements of the work that are original." "Copying may be established by showing that the infringer had access to plaintiff's copyrighted work and that the works at issue are substantially similar in their protected elements." "A party may establish access 'either by demonstrating that (1) the infringed work has been widely disseminated, or (2) a particular chain of events exists by which the alleged infringer might have gained access to the copyrighted work.'"

Feist Publications, Inc. v. Rural Tel. Serv. Co., 499 U.S. 340, 361 (1991).

Cavalier v. Random House, Inc., 297 F.3d 815, 822 (9th Cir. 2002).

Schkeiban v. Cameron, No. CV 12-0636-R (MANX), 2012 WL 12895722, at *1 (C.D. Cal. May 10, 2012) (quoting Repp v. Webber, 947 F. Supp. 105, 114 (S.D.N.Y. 1996), aff'd, 132 F.3d 882 (2d Cir. 1997)).

Mr. Matthews' TAAC does not allege facts demonstrating that his work was widely disseminated. However, it does allege facts plausibly showing "a particular chain of events by which [TD Ameritrade] might have gained access to the copyrighted work." Mr. Matthews alleges that he "opened a . . . user modifiable TD Ameritrade investment account, in which the user could use the API to create a self-directed trading environment." He further alleges that he created analytical tools "using the API" which he subsequently "tested." And he alleges that TD Ameritrade ultimately cancelled his account. Accordingly, it is plausible that Mr. Matthews will be able to establish that TD Ameritrade might have gained "access" to copyrighted material as required to demonstrate copyright infringement. These same facts plausibly allege that TD Ameritrade had the opportunity to "remove Matthews' [copyright] notice" and "substitute[] their own copyright notice and date in the software." Mr. Matthews' opening of an account with TD Ameritrade and use of the API to create analytical tools also support his § 1201 claim; it is plausible that during the interactions between Mr. Matthews and TD Ameritrade, TD Ameritrade gained access to Mr. Matthews' work in a manner that violated the statute. Finally, Mr. Matthews does not merely speculate that a cyber-attack may have occurred; rather, he specifies a date on which the alleged cyber-attack occurred, and provides information about the effects of the alleged hacking and TD Ameritrade's alleged use of materials obtained as a result of the hacking.

Docket 98 at 12, ¶ 68.

Docket 98 at 12, 15, ¶¶ 69, 85. Mr. Matthews clarifies, however, that he "did not work with the building blocks provided by thinkorswim" and that his work was "created on [his] own computer system" rather than "inside TD Ameritrade's website." Docket 98 at 11, 18, ¶¶ 62 n.1, 105.

Docket 98 at 11, ¶ 62 n.1.

Docket 100 at 4-5.

See Docket 98 at 15-16, ¶¶ 86, 90, 91; cf. Yee v. Lin, 2012 WL 4343778, at *3 (N.D. Cal. Sept. 20, 2012) (concluding that a plaintiff had sufficiently pled a claim under the Stored Communications Act, 18 U.S.C. § 2701(a), in part because the plaintiff "provide[d] specific times, dates and emails that were allegedly hacked.").

TD Ameritrade contends that "district courts have granted motions to dismiss similar claims based on a failure to plead plausible facts relating to access." The cases TD Ameritrade cites are distinguishable, however. In Schkeiban v. Cameron, the Central District of California granted a motion to dismiss a copyright infringement claim because "Plaintiff ha[d] pled no facts indicating that it was reasonably possible that defendants had access to the work but rather merely speculate[d] that it occurred without foundation." Schkeiban did not involve allegations of hacking; rather, the court considered whether it was plausible that the defendant may have gained access to the materials in question through interactions with a third party, which has not been alleged here. In Feldman v. Twentieth Century Fox Film Corp., the Massachusetts district court granted a motion to dismiss a copyright infringement claim in part because "Plaintiff's theories of access involving computer hacking, eavesdropping, and her ex-boyfriend [were] essentially 'speculation and conjecture,'" and were thus "insufficient to show that defendants had a reasonable opportunity of access." The Feldman plaintiff did not contend that she had any direct interaction with the defendants; instead, she advanced "several theories" regarding how defendants may have obtained copies of her work. In contrast, Mr. Matthews alleges the existence of a business relationship between the parties in which he developed his works in conjunction with TD Ameritrade's thinkorswim API. Finally, Metabyte, Inc. v. NVIDIA Corp. involved an alleged violation of the Computer Fraud and Abuse Act ("CFAA"). Mr. Matthews has not alleged that TD Ameritrade violated the CFAA. Furthermore, the Metabyte court granted the defendants' motion to dismiss because the plaintiff's pleadings suggested that the defendants were authorized to access the information at issue at the times they did so. This reasoning has no bearing on Mr. Matthews' copyright infringement and § 1202 claims; additionally, the TAAC does not suggest that TD Ameritrade was authorized to access Mr. Matthews' computer when it allegedly circumvented technological measures in violation of § 1201.

Docket 106 at 3; see Docket 100 at 5-6.

No. CV 12-0636-R (MANX), 2012 WL 12895722, at *2 (C.D. Cal. May 10, 2012).

Id. at *1.

723 F. Supp. 2d 357, 365 (D. Mass. 2010).

Id. at 365-66.

No. 12-0044 SC, 2013 WL 1729808, at *4 (N.D. Cal. Apr. 22, 2013); see 18 U.S.C. § 1030.

Id. at *4-5; see 18 U.S.C. § 1030(a).

CONCLUSION

Therefore, IT IS ORDERED that TD Ameritrade's Motion to Dismiss at Docket 100 is DENIED. TD Ameritrade shall file an answer responsive to the remaining claims within 14 days of the date of this order.

See Fed. R. Civ. P. 12(a)(4)(A) ("[I]f the court denies the motion . . ., the responsive pleading must be served within 14 days after notice of the court's action[.]"). --------

DATED this 20th day of December, 2018 at Anchorage, Alaska.

/s/ Sharon L . Gleason

UNITED STATES DISTRICT JUDGE


Summaries of

TD Ameritrade, Inc. v. Matthews

UNITED STATES DISTRICT COURT FOR THE DISTRICT OF ALASKA
Dec 20, 2018
Case No. 3:16-cv-00136-SLG (D. Alaska Dec. 20, 2018)
Case details for

TD Ameritrade, Inc. v. Matthews

Case Details

Full title:TD AMERITRADE, INC., TD AMERITRADE HOLDING CORPORATION, INC., TD…

Court:UNITED STATES DISTRICT COURT FOR THE DISTRICT OF ALASKA

Date published: Dec 20, 2018

Citations

Case No. 3:16-cv-00136-SLG (D. Alaska Dec. 20, 2018)