Campbells' summary judgement granted

A case that began nearly four years ago finally has some resolution, with an order from the U.S. District Court for Wyoming on cross motions for summary judgment in the case of Joe and Barbara Campbell along with 10 anonymous plaintiffs vs. Tri-County Telephone Association (TCT) filed last week.

The court’s conclusion was to grant Joe’s motion for summary judgment and deny TCT’s motion for summary judgment.

Joe said he was very pleased with the decision and believes it will be very beneficial to the class action suit against TCT going forward. Though not connected to that suit, he said, the decision shows that he did nothing wrong.

TCT is a telecommunications company headquartered in Cody. Prior to Jan. 1, 2015, it was a membership-owned cooperative, but then became a privately owned company after a decision by TCT’s board of directors to sell the cooperative to a private entity. Joe was a member of TCT’s board at the time of the action and was the only member to oppose the sale.

After the cooperative dissolved, Joe retained TCT computers with alleged confidential documents. He first got the documents while a board member, and TCT authorized his initial access and download of the documents. After his board membership termination, TCT requested he return the computers and in fact adopted a resolution requiring all board members to temporarily return their computers to TCT so the company back up alleged confidential documents. While other board members returned their computers, Joe refused despite requests from TCT.

In December of 2015, Joe initiated a class-action suit in Park County District Court against numerous defendants involved with the TCT sale. He attached documents he retained after the sale to his filings.

In March of 2017, TCT filed suit with the U.S. District Court of Wyoming against Joe under several theories of liability including the Computer Fraud and Abuse Act (CFAA), breach of contract, conversion, intentional or tortious interference with a prospective economic advantage and business expectancy.

The company claimed Joe’s disclosure of confidential information caused several parties to terminate negotiations regarding the data center and disrupt TCT’s prospective economic advantage, along with a loss of existing customers.

On March 1, 2019, Joe moved for summary judgment as to TCT’s CFAA and tortious interference claims. He contended summary judgment was proper because CFAA protections only extend to hacking activity. He noted he did not hack into a TCT server to obtain the documents, only downloaded the documents while still a board member with authorized access to them, and continued to access the documents even after he was no longer a board member.

Joe also contended that even if the court were to decide the CFAA prohibits activity beyond hacking, his motion for summary judgment is still appropriate because TCT can’t prove damage or loss within the meaning of the statute. Further Joe contended TCT’s state-based tortious interference claims on various grounds, as well as the simple idea that the claims fail for lack of causation and damages.

On March 29, TCT also moved for partial summary judgment as to its claims for CFAA violations, breach of contract and conversion. Essentially, TCT argued the judgment is appropriate because the record shows Joe retained a TCT computer and accessed confidential data after he was no longer a board member. Further, TCT alleged the record demonstrates Joe published the information of various agreements with the intent of harming TCT, and such conduct renders him liable for violations of various statutes and for breach of contract and conversion.

Responses to the cross motions for summary judgment were filed on April 19, and arguments were heard on May 22, during which Joe used the opportunity to offer new points regarding application of the CFAA in the case. He noted the CFAA’s protections only extend to activity on “protected computers,” and he observed a computer is only protected if it is connected to the Internet. As he did not access the TCT servers, he claimed the relevant computer was not protected under the statute and TCT’s CFAA claims fail under the state statute.

It was noted in the court’s discussion that TCT only had two remaining federal claims in the suit, both of which are under the CFAA. While TCT also brings several state-based claims, the court would only consider those claims through the exercise of supplemental jurisdiction, as diversity does not exist. Accordingly, the court focused its attentions on TCT’s CFAA claims.

In further discussion the court agreed with TCT that Joe was acting without authorization when he continued to access alleged confidential documents. However, proving unauthorized access alone will not trigger the liability under the CFAA and it was decided Joe’s conduct is not punishable under the CFAA and summary judgment in his favor is appropriate.

Joe also offered another argument that justified dismissal of TCT’s CFAA claims, according to the court, noting their claims fail as a matter of law because TCT has not suffered a compensable injury under the statute. The court further noted that the record was largely devoid of evidence suggesting Joe compromised the integrity of any TCT data or rendered that data permanently unavailable.

As for loss to the company, TCT identified several pieces of evidence to suggest it suffered loss under the statute, including about 79 hours of technician time, 58 hours of administrative time, 104 hours of administrator time and 148 hours of Chief Technical Officer time investigating Joe’s breach. Additionally, TCT CEO Chris Davidson noted the company had to pay a forensic computer company to assist in response efforts, and those efforts cost $24,369.95.

Davidson also stated Joe’s behavior forced TCT to upgrade security systems, costing $58,625 in 2017 and $13,250 in 2018, and paid attorney’s fees and costs associated with data breaches and enforcement of the company’s non-disclosure agreements and its efforts to retrieve its property.

The court found the costs cited by Davidson problematic, as many of them amount to litigation expenses, and the fact that most expenses were incurred by TCT in 2017 and 2018 is troubling as it was long after TCT became aware that Joe had wrongfully retained TCT equipment and data.

The company also identified several pieces of evidence documenting alleged loss of business relationships and opportunities. These include restrictions placed on TCT related to its credit facility being able to make acquisitions, borrow funds for capital expenditures, extend credit facility beyond maturity date, alter amortization schedules and use accumulated cash balances outside liquid investments.

Similarly, a TCT official testified restrictions were imposed on TCT’s ability to borrow money after Joe filed a class action lawsuit, and further suggested the disclosure of confidential documents caused TCT to lose existing customers. It was also suggested Joe’s conduct prompted termination of TCT’s involvement in the Cody Data Center project.

The court doesn’t doubt that Joe’s conduct likely carried negative consequences for TCT, the injuries described are compensable within the meaning of the statute.

It was determined summary judgment for Joe is appropriate. The court dismissed TCT’s only federal claims. Since diversity doesn’t exist, it did not entertain TCT’s state-based claims. Accordingly, the court dismissed those claims, declining to exercise supplemental jurisdiction where there is no federal cause of action and diversity is absent.

In addition to the court’s judgment on the motions for summary judgment, it was further ordered that TCT’s CFAA claims are dismissed with prejudice.