Searching over 5,500,000 cases.


searching
Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

National Network of Abortion Funds v. David

United States District Court, D. Massachusetts

September 27, 2019

NATIONAL NETWORK OF ABORTION FUNDS, EASTERN MASSACHUSETTS ABORTION FUND, GATEWAY WOMEN’S ACCESS FUND, KENTUCKY HEALTH JUSTICE NETWORK, NORTHWEST ABORTION ACCESS FUND, and PRETERM ACCESS FUND, Plaintiffs,
v.
MATTHEW JAMES DAVID[1] and JOHN DOES #1–15, Defendants.

          OPINION AND ORDER

          GEORGE A. O’TOOLE, JR. SENIOR UNITED STATES DISTRICT JUDGE

         The National Network of Abortion Funds (“NNAF”) and its co-plaintiffs are non-profit organizations that provide advocacy, outreach, and financial assistance to people seeking abortion services. They hold an annual on-line fundraiser, dubbed the National Abortion Access Bowl-a-Thon. According to their Amended Complaint, the 2016 Bowl-a-Thon “was attacked by a malicious actor or actors who hacked into the fundraising site to deliberately interrupt, block, harass, and burden the Funds’ work in providing access to abortions.” (First Am. Compl. ¶ 1 (dkt. no. 6).) “The attack shut down the Bowl-a-Thon fundraiser, costing NNAF and its member funds hundreds of thousands of dollars in lost donations, substantial fees, time, and resources to address the attack and the loss of goodwill from its donors and member organizations.” (Id. ¶ 2.) The complaint alleges that “Defendant Matthew James Davis (‘Davis’) is the person believed to be primarily responsible” for the attack and disruption of the fundraising site. (Id. ¶ 11.) “Defendants John Doe Nos. 1-15 are persons who, on information and belief, may have participated in or assisted Davis in carrying out” the attack. (Id. ¶ 12.) The complaint asserts causes of action under the Computer Fraud and Abuse Act, 18 U.S.C. § 1030, and the Freedom of Access to Clinical Entrances Act, 18 U.S.C. § 248.

         Davis, who apparently resides outside this judicial district, has moved under Federal Rule of Civil Procedure 12(b)(2) to dismiss the claims as to him for want of personal jurisdiction. He has also moved for dismissal of the claims against him under Rule 12(b)(6) on the ground that the factual allegations concerning his participation in the relevant events are insufficient to state plausible claims for relief under the now-familiar Twombly-Iqbal standard. See Ashcroft v. Iqbal, 556 U.S. 662 (2009); Bell Atl. Corp. v. Twombly, 550 U.S. 544 (2007).

         The plaintiffs’ central factual allegations are as follows:

         The 2016 fundraiser was obstructed by a person or persons who hacked into the Bowl-a-Thon website and disabled it through a distributed denial of service (“DDoS”) attack. The hacker or hackers impersonated the plaintiffs to send donors emails falsely purporting to be from the plaintiffs, and also gained access to donors’ financial and personal identifying information.

         The attack began on April 7, 2016, when the hackers began searching for vulnerabilities on the plaintiffs’ online fundraising application, Blue Sky Business Application, a product of Blue Sky Collaborative.[2] Using JavaScript, the hackers inserted a malicious code which was later activated. On April 8, NNAF employees began noticing actions on the site which seemed suspicious, such as an anonymous account posting “strange” comments on registrant pages.[3] (First Am. Compl. ¶ 23.) NNAF asked Blue Sky to investigate. A few days later, on April 11, the hackers registered several accounts under names such as “qwerty, ” “qwerty2, ” “adolph hitler, ” and “hitler.” (Id. ¶ 24.)

         The next day, April 12, the website began to display the receipt of “absurdly large” donations from registered accounts, including one from the user “qwerty” for $999, 999, 999. (Id.¶ 25.) “Minutes later, ” NNAF’s twitter.com account (“@abortionfunds”) received three consecutive tweets from a Twitter account called “@matthewjames.” The tweets congratulated NNAF on “passing the $830 trillion mark” and added, “you’re gunna [sic] make little boys and girls a complete thing of the past!” (Id. ¶ 27.)

         The @matthewjames Twitter account itself indicated that it belonged to “Matthew James Davis.” (Id. ¶ 28.) A website, located at www.davismj.me, connected Matthew James Davis with another website, www.Aurelia.io. That site is described as providing a “JavaScript client framework for web, mobile and desktop that leverages simple conventions to power creativity.” (Id. ¶ 28.)

         That same day, the Bowl-a-Thon website appeared to receive $66 billion in fraudulent donations through a DDoS attack which then caused the website to crash. Many of those donations were made in the name of “Adolph Hitler.” (Id. ¶ 35.) The donations were visible to all registrants for several hours. Registrants also began receiving emails alerting them to the donations.

         By April 14, the hackers gained administrative access to the Blue Sky Business Application using a malicious JavaScript attack and stole personal identifying information of 2705 participants and 14, 333 donors. The intruders also stole 435 credit card numbers and infected 1054 profile pages. (Id. ¶ 42–43.)

         I. Personal Jurisdiction

         In this case, the inquiry into whether Davis is subject to this Court’s exercise of personal jurisdiction over him collapses into the inquiry into whether the complaint plausibly alleges his involvement in the attack on the Bowl-a-Thon fundraising site. If he did what the plaintiffs suspect he did, then both the statutory and constitutional bases for personal jurisdiction would be satisfied. Contrariwise, if the complaint does not adequately allege his participation in the destructive acts as described in the complaint, then neither test would be satisfied.

         II. Plausible Allegation of Liability

         To survive a motion to dismiss under Rule 12(b)(6), a plaintiff must provide “enough facts to state a claim to relief that is plausible on its face.” Iqbal, 556 U.S. at 697 (quoting Twombly, 550 U.S. at 570). A complaint’s factual allegations may be “short and plain, ” but they must “show[] that the pleader is entitled to relief.” Fed.R.Civ.P. 8(a)(2). “[W]here the well-pleaded facts do not permit the court to infer more than the mere possibility of misconduct, the complaint has alleged-but it has not ‘show[n]’-‘that the pleader is entitled to relief.’” Iqbal, 556 U.S. at 679 (quoting Fed.R.Civ.P. 8(a)(2)). There is a difference between facts that are “consistent with” the plaintiffs’ claims and those allegations of fact ...


Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.