CFAA Not Subject to Rule 9

The Computer Fraud and Abuse Act (“CFAA”) is not subject to the heightened pleading requirement of Rule 9.

On March 28, 2011, the United States District Court for the Northern District of California issued an Order in Facebook, Inc. v. MaxBounty, Inc. in which it reaffirmed earlier rulings that the CFAA is not subject to the heightened pleading requirements of Rule 9. Rule 9(b) of the Federal Rules of Civil Procedure requires that a plaintiff plead fraud with particularity:

(b) Fraud or Mistake; Condition of Mind.In alleging fraud or mistake, a party must state with particularity the circumstances constituting fraud or mistake. Malice, intent, knowledge, and other conditions of a person’s mind may be alleged generally.

However, it is well settled that the “fraud” referred to in the CFAA is not the same “fraud” as common law fraud. To defraud under the CFAA simply means wrongdoing and does not require proof of common law fraud, as the CFAA sets forth in 18 U.S.C. § 1030(a)(4), which provides that:

[w]hoever knowingly and with intent to defraud, accesses a protected computer withoutauthorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1 year period shall be punished as provided in subsection (c) of this section.

Proof of common law fraud, which is contemplated by Rule 9, requires far more than simple proof of wrongdoing. Based upon this rationale, the Court held that the CFAA does not implicate the heightened standard required by Rule 9. (Order p. 9).