CoStar sued defendants Mark Field, his company Alliance Valuation Group, and others, alleging that they granted unauthorized access to CoStar’s database by allowing other companies and people to use Field’s username/password. CoStar was able to detect and prove this unauthorized use by analyzing IP addresses that had been used to access CoStar’s database using his username/password. This information showed not only that there had been unauthorized use but also the extent of that use, which the court ultimately used to calculate damages.
The court also held that the defendants who had made unauthorized access to CoStar’s site had committed copyright infringement by making unauthorized copies of CoStar’s copyrighted webpages. The defendants did this (probably without realizing it) whenever they accessed CoStar’s site, because the defendants’ improper access necessarily entailed making electronic copies of CoStar’s webpages in the cache or random access memory (RAM) of the defendants’ computers. While this may seem a bit harsh and like overreaching by the court, other courts have reached similar conclusions that unauthorized, cached copies of web pages can be copyright infringement. For this infringement, the court awarded $771,120 in additional damages to CoStar, bringing the total to nearly $2,000,000.
(Although these facts would also seem to support claims by CoStar for unauthorized access under the Computer Fraud and Abuse Act (CFAA), the court had previously ruled that CoStar’s damages were not sufficiently related to computer damage to satisfy the $5,000 requirement for a CFAA claim.)
The case is CoStar Realty Information, Inc., et al. v. Mark Field d/b/a Alliance Evaluation Group, et al., U.S. District Court for the District of Maryland, Case No. 08:08-CV-0663-AW. ( Download Opinion. )