8 UNITED STATES DISTRICT COURT
9 NORTHERN DISTRICT OF CALIFORNIA 10 SYNOPSYS, INC., Case No. 19-CV-02082-LHK 11 Plaintiff, ORDER DENYING DEFENDANT’S 12 MOTION TO DISMISS v. 13 Re: Dkt. No. 52 INNOGRIT, CORP., 14 Defendant. 15
16 Plaintiff Synopsys, Inc. (“Synopsys”) brings this action against Defendants InnoGrit, Corp. 17 (“InnoGrit”) and Does 1–10. ECF No. 50 (“SAC”). Before the Court is InnoGrit’s motion to 18 dismiss the second amended complaint (“SAC”). ECF No. 52 (“Mot.”).1 Having considered the 19 submissions of the parties, the relevant law, and the record in the instant case, the Court DENIES 20 InnoGrit’s motion to dismiss the SAC. 21 I. BACKGROUND 22 A. Factual Background 23 Synopsys is a provider of electronic design automation (“EDA”). SAC ¶ 8. EDA entails 24 “using computers to design, verify, and simulate the performance of electronic circuits.” Id. 25
26 1 InnoGrit’s motion to dismiss the SAC contains a notice of motion that is separately paginated from the memorandum of points and authorities in support of the motion. See Mot. at ii–iv. Civil 27 Local Rule 7-2(b) provides that the notice of motion and points and authorities should be contained in one document with a combined limit of 25 pages. See Civ. Loc. R. 7-2(b). 1 Synopsys has invested substantial sums of money in designing EDA software, and offers a variety 2 of software applications to purchasers. Id. ¶¶ 10, 11. 3 In order to access Synopsys’s software, customers purchase licenses, which grant 4 “customers limited rights to install [Synopsys’s] EDA software and to access and use specific . . . 5 software programs subject to control by [Synopsys] via its license key system.” Id. ¶ 11. 6 Synopsys’s license key system is a “security system that controls access to its licensed software by 7 requiring a user to access an encrypted control code provided by [Synopsys] in order to execute 8 the licensed software.” Id. The “encrypted control code is contained in a license key file that 9 specifies the location(s) where the licensed software is authorized to be used and controls certain 10 aspects of the licensed software, including among other items the quality and term of the licensed 11 software in accordance with the purchased license terms.” Id. 12 In early 2017, Synopsys International Ltd., Synopsys’s wholly owned subsidiary charged 13 with distribution and oversight of Synopsys software in China, began negotiations to license the 14 EDA software to InnoGrit. Id. ¶ 18. On January 20, 2017, an end user license and maintenance 15 agreement (“EULA”) was executed between Synopsys International Ltd. and InnoGrit for 16 InnoGrit’s use of Synopsys’s software at the address that InnoGrit provided. Id. ¶ 19. The 17 address InnoGrit provided is located in Shanghai, China. Id. 18 1. Manipulation of Identifying Information of Computers 19 Synopsys alleges that around May 2017, months after the EULA that specified use 20 exclusively in Shanghai was signed, InnoGrit began pirating Synopsys software for use in 21 InnoGrit’s San Jose, California office. Id. ¶ 27. 22 Synopsys alleges that the Synopsys license key system requires software users to supply a 23 “Host ID for the computer(s) that will execute Synopsys license software,” which Synopsys then 24 includes in a license key file. Id. ¶ 14. The Host ID prevents users from accessing Synopsys 25 software on unauthorized computers. Id. ¶¶ 14, 15. 26 According to Synopsys, InnoGrit affirmatively manipulated the identifying information of 27 at least 15 InnoGrit computers in San Jose, California in order to bypass the Host ID restriction 1 and run Synopsys software. Id. ¶ 27. InnoGrit has allegedly used this technique to “use Synopsys 2 software without authorization many thousands of times.” Id. 3 2. “Crack File” Download from Iran 4 Synopsys also alleges that at an unknown time, an InnoGrit employee downloaded a 5 variety of “software piracy tools” from an Iranian website. Id. ¶ 30. The material that the 6 InnoGrit employee downloaded included a “crack file” that consisted of “counterfeit license keys 7 for Synopsys products, instructions for how to configure counterfeit Synopsys license keys, and 8 illegal copies of Synopsys’ software that InnoGrit never obtained a license to.” Id. 9 InnoGrit allegedly transferred this “crack file” onto a portable USB flash drive in order to 10 distribute it across different InnoGrit computers. Id. ¶¶ 30, 31. Synopsys alleges that the flash 11 drive that contains the “crack file” has been connected to at least seven different computers in this 12 district, and that the “crack file” contents currently reside on at least one computer in this district. 13 Id. ¶¶ 31, 32. Synopsys also asserts that InnoGrit manually configured the counterfeit license key 14 associated with the crack file to match identifying information on one of the InnoGrit computers 15 located in this district. Id. ¶ 33. 16 3. Piracy Tools and Counterfeit License Key Generator Download from China 17 In addition to the crack file that InnoGrit downloaded from the Iranian website, Synopsys 18 alleges that at an unknown time, an InnoGrit employee downloaded piracy tools and counterfeit 19 license key generator software from a Chinese website. Id. ¶ 34. On or around July 20, 2018, the 20 InnoGrit employee then copied a zip file containing this material into a file folder marked “share” 21 on an InnoGrit computer located in this district. Id. 22 Synopsys alleges that among the piracy tools were instructions for how to generate and 23 configure counterfeit license keys to Synopsys software. Id. ¶ 35. Synopsys asserts that an 24 InnoGrit employee used these instructions to generate at least one counterfeit license key to 25 Synopsys software, and that this counterfeit license key resides in the file folder containing the 26 piracy tools and counterfeit license key generator. Id. ¶¶ 35, 36. 27 According to Synopsys, an InnoGrit employee also sent other InnoGrit employees located 1 outside of the United States the counterfeit license key generator software and/or counterfeit 2 license keys generated by the software. Id. ¶ 37. InnoGrit employees in both China and Canada 3 have allegedly used counterfeit license keys generated by the counterfeit license key generator 4 software to access Synopsys software. Id. 5 4. Synplify Version 2014.03 6 Finally, Synopsys alleges that InnoGrit downloaded an illegal copy of Plaintiff’s 7 copyright-protected software, Synplify version 2014.03 (“Synplify 2014.03”), from an Iranian 8 website. Id. ¶¶ 38, 41. The copy of Synplify 2014.03 downloaded by InnoGrit “is non-genuine; it 9 does not match the unique hash value signature of the authentic Synplify 2014.03 published by 10 Synopsys and appears to have code removed from the original binary file.” Id. ¶ 41. InnoGrit 11 lacks a license to use Synplify 2014.03. Id. ¶ 40. 12 Synopsys alleges that InnoGrit distributed the illegal copy of Synplify 2014.03 to InnoGrit 13 employees throughout this district, “including by reproducing copies of the illegal software on a 14 flash drive and multiple computers.” Id. ¶¶ 42, 45. Moreover, Synopsys claims that “InnoGrit 15 employees located within this judicial district executed the illegal copies of Synplify 2014.03 on 16 computers located within this judicial district” on multiple occasions. Id. ¶ 43. The execution of 17 the illegal Synplify 2014.03 copies by InnoGrit employees also allegedly “created additional 18 illegal copies in the random access memory . . . of their computers.” Id. 19 B. Procedural History 20 On April 17, 2019, Synopsys filed a complaint against InnoGrit. See ECF No. 1. On April 21 18, 2019, Synopsys filed an ex parte motion for: (1) a temporary restraining order; (2) an order to 22 show cause why a preliminary injunction should not issue; (3) expedited discovery; and (4) entry 23 of a protective order. See ECF No. 12. On April 13, 2019, the Court: (1) denied entry of a 24 temporary restraining order; (2) ordered InnoGrit to show cause why a preliminary injunction 25 should not issue; (3) granted expedited discovery; and (4) denied without prejudice the request to 26 enter a protective order. See ECF No. 16. Specifically, the Court denied entry of a temporary 27 restraining order because the Court determined that Synopsys could not show that Synopsys would 1 be irreparably harmed in the absence of a temporary restraining order. See id. at 4–6. 2 On May 23, 2019, Synopsys filed a first amended complaint (“FAC”) against InnoGrit, see 3 ECF No. 33, and on May 24, 2019, InnoGrit filed a motion to dismiss the FAC, see ECF No. 36. 4 The Court denied as moot the motion to dismiss the FAC based on the parties’ subsequent 5 stipulation allowing Synopsys to file the SAC. See ECF Nos. 49, 65. 6 On June 26, 2019, the Court filed an order granting a preliminary injunction. See ECF No. 7 48. In the course of doing so, the Court concluded that Synopsys had shown a likelihood of 8 success on the merits for the claims Synopsys alleged under 17 U.S.C. § 1201(a)(1) and (a)(2). 9 See id. at 4–5. 10 On June 28, 2019, Synopsys filed a second amended complaint (“SAC”) against InnoGrit. 11 See ECF No. 50. The SAC alleges three causes of action: (1) violations of the Digital Millennium 12 Copyright Act (“DMCA”), 17 U.S.C. § 1201(a)(1), SAC ¶¶ 49–58; (2) violations of the DMCA, 13 17 U.S.C. § 1201(a)(2), id. at ¶¶ 59–66; (3) violations of the Copyright Act, 17 U.S.C. §§ 106 and 14 602. 15 On July 12, 2019, InnoGrit filed the instant motion to dismiss the SAC. See ECF No. 52 16 (“Mot.”). On July 26, 2019, Synopsys opposed the motion to dismiss the SAC, see ECF No. 55 17 (“Opp.”), and on August 1, 2019, InnoGrit filed a reply, see ECF No. 58 (“Reply”). 18 II. LEGAL STANDARD 19 Rule 8(a)(2) of the Federal Rules of Civil Procedure requires a complaint to include “a 20 short and plain statement of the claim showing that the pleader is entitled to relief.” A complaint 21 that fails to meet this standard may be dismissed pursuant to Rule 12(b)(6). Rule 8(a) requires a 22 plaintiff to plead “enough facts to state a claim to relief that is plausible on its face.” Bell Atl. 23 Corp. v. Twombly, 550 U.S. 544, 570 (2007). “A claim has facial plausibility when the plaintiff 24 pleads factual content that allows the court to draw the reasonable inference that the defendant is 25 liable for the misconduct alleged.” Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009). “The plausibility 26 standard is not akin to a probability requirement, but it asks for more than a sheer possibility that a 27 defendant has acted unlawfully.” Id. (internal quotation marks omitted). For purposes of ruling 1 on a Rule 12(b)(6) motion, the Court “accept[s] factual allegations in the complaint as true and 2 construe[s] the pleadings in the light most favorable to the nonmoving party.” Manzarek v. St. 3 Paul Fire & Marine Ins. Co., 519 F.3d 1025, 1031 (9th Cir. 2008). The Court, however, need not 4 “assume the truth of legal conclusions merely because they are cast in the form of factual 5 allegations.” Fayer v. Vaughn, 649 F.3d 1061, 1064 (9th Cir. 2011) (per curiam). Indeed, mere 6 “conclusory allegations of law and unwarranted inferences are insufficient to defeat a motion to 7 dismiss.” Adams v. Johnson, 355 F.3d 1179, 1183 (9th Cir. 2004). 8 III. DISCUSSION 9 InnoGrit moves to dismiss each of Synopsys’s claims for failure to state a claim. 10 Specifically, with respect to Synopsys’s claim under Section 1201(a)(1) of the DMCA, InnoGrit 11 asserts that Synopsys failed to allege facts showing circumvention. With respect to Synopsys’s 12 claim under Section 1201(a)(2) of the DMCA, InnoGrit asserts that Synopsys failed to allege facts 13 showing that InnoGrit ever used any of the devices that InnoGrit allegedly trafficked. Finally, 14 with respect to Synopsys’s claim under the Copyright Act, InnoGrit asserts that InnoGrit’s 15 conduct falls under the de minimis copying or fair use exceptions to copyright infringement. 16 A. InnoGrit’s Untimely Request for the Improper Consideration of Evidence Lacks Merit 17 As an initial matter, InnoGrit also argues that the Court should look beyond the four 18 corners of the SAC to assess the sufficiency of Synopsys’s claims. 19 The Court first addresses InnoGrit’s argument that the Court should evaluate evidence in 20 the course of resolving the instant motion to dismiss. The Court then addresses the sufficiency of 21 each of Synopsys’s individual claims. 22 1. InnoGrit’s Request Is Improper as a Matter of Law 23 Despite filing a motion to dismiss, InnoGrit argues that the Court “is in the unique position 24 of being able to evaluate the evidence at an early stage in this matter,” and that the Court “can 25 dismiss all claims here with prejudice.” Mot. at 3. 26 InnoGrit’s request is improper as a matter of law. In the Ninth Circuit, the general rule is 27 1 that “district courts may not consider material outside the pleadings when assessing the sufficiency 2 of a complaint under Rule 12(b)(6) of the Federal Rules of Civil Procedure.” Khoja v. Orexigen 3 Therapeutics, Inc., 899 F.3d 988, 998 (9th Cir. 2018). InnoGrit’s motion to dismiss the SAC 4 relies solely on Rule 12(b)(6) to challenge the sufficiency of the SAC. See Mot. at 5 (outlining the 5 standard for “a Rule 12(b)(6) motion to dismiss”). The Court may not look beyond the four 6 corners of a complaint in ruling on a motion to dismiss, with the narrow exceptions of documents 7 incorporated by reference, and any relevant matters subject to judicial notice. See Swartz v. 8 KPMG LLP, 476 F.3d 756, 763 (9th Cir. 2007) (“In ruling on a 12(b)(6) motion, a court may 9 generally consider only allegations contained in the pleadings, exhibits attached to the complaint, 10 and matters properly subject to judicial notice.”); Lee v. City of L.A., 250 F.3d 668, 688–89 (2001) 11 (“As a general rule, ‘a district court may not consider any material beyond the pleadings in ruling 12 on a Rule 12(b)(6) motion.’” (citation omitted)). Accordingly, it is improper for the Court to 13 “evaluate the evidence” in ruling on the instant motion. 14 2. InnoGrit’s Request that the Court Consider Three Types of Documents Is Untimely 15 Moreover, in its reply, InnoGrit belatedly argues that “three types of documents” are 16 subject to the incorporation by reference and judicial notice exceptions. See Reply at 3–4. First, 17 InnoGrit requests that the Court consider the EULA, several versions of which Synopsys filed 18 alongside Synopsys’s ex parte application for a temporary restraining order. See Reply at 3; ECF 19 Nos. 11-4, 11-5. Second, InnoGrit requests that the Court consider a declaration by Daniel 20 Roffman, a forensic investigator, which Synopsys filed in response to the Court’s order to show 21 cause regarding a preliminary injunction. See Reply at 3–4; ECF No. 43-2. Finally, InnoGrit 22 requests that the Court consider two “emails sent by Synopsys employees to InnoGrit,” from 23 which InnoGrit argues that the Court may take judicial notice of “the free evaluation license to 24 Synopsys Premier that Synopsys granted to InnoGrit during May 9, 2017 – July 14, 2017.” See 25 Reply at 4; ECF Nos. 36-2, 36-3. 26 The Court disagrees. First of all, InnoGrit’s argument is untimely. InnoGrit only argued 27 1 that the foregoing documents fall within the incorporation by reference and judicial notice 2 exceptions in InnoGrit’s reply. This decision deprived Synopsys of an opportunity to respond to 3 either InnoGrit’s request or to the documents themselves in Synopsys’s own opposition. This 4 alone is fatal to InnoGrit’s request. See, e.g., Mahon v. Anesthesia Bus. Consultants, LLC, 2016 5 WL 1452333, at *3 n.3 (D.D.C. Apr. 13, 2016) (declining to take judicial notice of a document 6 because the moving party “belatedly produced” the document “in its reply, instead of in its motion 7 to dismiss”); see also United States v. Ritchie, 342 F.3d 903, 909 (9th Cir. 2003) (explaining that a 8 defendant “should have been given some opportunity to respond to the propriety of taking judicial 9 notice of the facts alleged” in administrative records). 10 Further, for the reasons outlined below, the Court concludes that the documents to which 11 InnoGrit points are not subject to either the incorporation by reference exception or the judicial 12 notice exception. The Court considers these two exceptions in turn. 13 3. None of the Documents Belatedly Cited by InnoGrit Are Incorporated by Reference in the SAC 14 InnoGrit argues that the documents cited by InnoGrit in its reply are incorporated by 15 reference in the SAC. See Reply at 3–4. A document is “incorporated by reference into a 16 complaint if the plaintiff refers extensively to the document or the document forms the basis of 17 plaintiff’s claim.” Ritchie, 243 F.3d at 908. 18 None of the documents cited by InnoGrit meet this standard. The SAC does not refer to 19 either the declaration of Daniel Roffman or the two emails that InnoGrit cites. The SAC does 20 refer to the EULA, but only a handful of times in the context of factual background. See SAC ¶¶ 21 19–27. The SAC’s references to the EULA therefore fall well short of “extensive[].” See id. 22 Moreover, none of the documents cited by InnoGrit “form[] the basis of plaintiff’s claim.” 23 Ritchie, 243 F.3d at 908. Synopsys is not a party to the EULA. See Mot. at 5 (“Synopsys is not a 24 party to the [EULA] and asserts no breach claim.”). Synopsys International Ltd., Synopsys’s 25 wholly owned subsidiary, is the only party to the EULA other than InnoGrit, and is not a party to 26 the instant case. Id. Further, Synopsys does not assert any claim in the SAC arising out of the 27 1 EULA. Id. Additionally, none of the claims that Synopsys asserts are in any way based on the 2 two emails that InnoGrit cites. 3 Moreover, the declaration of Daniel Roffman largely outlines the technical process by 4 which Roffman’s firm conducted a forensic inspection of InnoGrit’s computers. See ECF No. 43- 5 2 ¶¶ 7–12. However, the examples of documents that the Ninth Circuit has provided that “form 6 the basis” of complaints are documents directly implicated by claims, like “a coverage plan in a 7 claim about insurance coverage and SEC filings when a claim for stock fraud was based on their 8 content.” Lazy Y. Ranch, Ltd. v. Wiggins, 2007 WL 1381805, at *5 (D. Idaho Mar. 13, 2007); see 9 also Ritchie, 243 F.3d at 908 (“The doctrine of incorporation by reference may apply, for example, 10 when a plaintiff’s claim about insurance coverage is based on the contents of a coverage plan, or 11 when a plaintiff’s claim about stock fraud is based on the contents of SEC filings.” (citations 12 omitted)). Roffman’s declaration does not “form the basis” of any of Synopsys’s claims in the 13 way that a coverage plan forms the basis of an insurance coverage claim or an SEC filing forms 14 the basis of a claim for stock fraud. The Court therefore concludes that none of the documents 15 InnoGrit belatedly cites in its reply are incorporated by reference in the SAC. 16 Moreover, even if the Court considered all of the documents InnoGrit belatedly cites in its 17 reply, the documents would not affect the Court’s analysis in the instant Order. The Court 18 proceeds to consider whether these documents are subject to judicial notice. 19 4. None of the Documents Belatedly Cited by InnoGrit Are Subject to Judicial Notice 20 InnoGrit also argues that the documents it cites in its reply are subject to judicial notice 21 under Federal Rule of Evidence 201. See Reply at 3–4. Under Federal Rule of Evidence 201, “a 22 court may take judicial notice of ‘matters of public record.’” Lee, 250 F.3d at 689 (citation 23 omitted). However, the Court “may not take judicial notice of a fact that is ‘subject to reasonable 24 dispute.’” Id. A fact is “not subject to reasonable dispute” only if it is “generally known,” or “can 25 be accurately and readily determined from sources whose accuracy cannot reasonably be 26 questioned.” Fed. R. Evid. 201(b)(1)–(2). The Court may deny a request to take judicial notice of 27 1 facts that are irrelevant to the instant motion. See, e.g., CYBERsitter, LLC v. People’s Rep. of 2 China, 805 F. Supp. 2d 958, 963–64 (C.D. Cal. 2011) (declining to take judicial notice of a fact 3 because it “is irrelevant to the instant motions”); Metro. Creditors’ Trust v. 4 Pricewatershousecoopers, LLP, 463 F. Supp. 2d 1193, 1197 (E.D. Wash. 2006) (same). Indeed, 5 the Ninth Circuit has explained that because of the impact of taking judicial notice of a fact, 6 “caution must be used in determining that a fact is beyond controversy under Rule 201(b).” 7 Rivera v. Philip Morris, Inc., 395 F.3d 1142, 1151 (9th Cir. 2005). 8 Here, the Court concludes that none of the documents that InnoGrit belatedly cites in its 9 reply are subject to judicial notice. The EULA and the declaration of Daniel Roffman are both 10 irrelevant to the instant motion. Synopsys is not a party to the EULA. See Mot. at 5 (“Synopsys is 11 not a party to the [EULA] and asserts no breach claim.”). Synopsys International Ltd., Synopsys’s 12 wholly owned subsidiary, is the only party to the EULA other than InnoGrit, and is not a party to 13 the instant case. Id. Further, Synopsys does not assert any claim in the SAC arising out of the 14 EULA. Id. As for the declaration of Daniel Roffman, this document largely outlines the technical 15 process by which Roffman’s firm conducted a forensic inspection of InnoGrit’s computers and is 16 not relevant to the instant motion to dismiss. See ECF No. 43-2 ¶¶ 7–12. Because neither 17 document is relevant to the instant motion, the Court concludes that judicial notice of these 18 documents is inappropriate. See, e.g., Hitachi Kokusai Electric Inc. v. ASM Internat’l, N.V., 2018 19 WL 6099953, at *3 (N.D. Cal. Nov. 21, 2018) (declining to take judicial notice of webpages 20 because the court found them to be irrelevant to motion). 21 Moreover, InnoGrit requests that the Court consider the two emails that InnoGrit cites in 22 its reply to take judicial notice of what InnoGrit calls “the free evaluation license to Synopsys 23 Premier that Synopsys granted to InnoGrit during May 9, 2017 – July 14, 2017.” Reply at 4. 24 InnoGrit claims that the fact of “the free evaluation license to Synplify Premier . . . are [sic] not 25 disputed by Synopsys.” Reply at 4. 26 However, the emails demonstrate that the purported evaluation license is clearly “subject 27 to reasonable dispute.” Lee, 250 F.3d at 689. Indeed, for instance, the emails appear to show a 1 gap in the purported license period in early June 2017, which contradicts InnoGrit’s own claim 2 that the evaluation license was operative from “May 9, 2017 – July 14, 2017.” See ECF Nos. 36- 3 2, 36-3. For this reason, it is clear that InnoGrit’s purported evaluation license cannot “be 4 accurately and readily determined” from the two emails and that judicial notice of the emails is not 5 appropriate. Fed. R. Evid. 201(b)(1)–(2). In light of the foregoing, the fact of the “the free 6 evaluation license to Synopsys Premier that Synopsys granted to InnoGrit during May 9, 2017 – 7 July 14, 2017” cannot be “accurately and readily determined” from the emails that InnoGrit 8 provides and thus judicial notice cannot be taken of this alleged fact. 9 Moreover, even if the Court considered the documents InnoGrit belatedly cites in its reply, 10 the documents would not affect the Court’s analysis in the instant Order. Because neither 11 incorporation by reference nor judicial notice applies, the Court will not look beyond the four 12 corners of the SAC in resolving the instant motion. The Court now proceeds to consider 13 Synopsys’s three claims in turn. 14 B. Synopsys Adequately Alleges a Claim Under 17 U.S.C. § 1201(a)(1) 15 InnoGrit argues that the SAC fails to adequately allege that InnoGrit “circumvented a 16 technological measure” pursuant to the DMCA. 17 The Court disagrees. Section 1201(a)(1) of the DMCA prohibits circumvention of “a 18 technological measure that effectively controls access to” a copyrighted work. 17 U.S.C. § 19 1201(a)(1)(A); see United States v. Elcom Ltd., 203 F. Supp. 2d 1111, 1119 (N.D. Cal. 2002) 20 (explaining that Section 1201(a)(1) of the DMCA targets “circumvention of technology measures 21 that effectively control access to a copyrighted work” (emphasis in original)). 22 First, the Court considers whether Synopsys’s license key system is a “technological 23 measure” for the purposes of the DMCA. Second, the Court considers whether InnoGrit’s alleged 24 conduct amounts to “circumvention” for the purposes of the DMCA. 25 1. Synopsys Adequately Alleges that the License Key System Is a Technological Measure that Effectively Controls Access to a Copyrighted Work 26 Section 1201(a)(1) of the DMCA only applies to defendants who “circumvent a 27 1 “technological measure that effectively controls access to” a copyrighted work. 17 U.S.C. § 2 1201(a)(1)(A) (emphasis added). The DMCA defines a “technological measure that effectively 3 controls access to a work” as a measure that, “in the ordinary course of its operation, requires the 4 application of information, or a process or a treatment, with the authority of the copyright owner, 5 to gain access to the work.” Id. § 1201(a)(3)(B). 6 InnoGrit does not challenge the proposition that Synopsys’s license key system amounts to 7 a “technological measure that effectively controls access to a copyrighted work” under the 8 foregoing definition. Indeed, the relevant case law makes clear that the license key system fits this 9 definition. 10 Specifically, the SAC alleges that Synopsys’s license key system is “a security system that 11 controls access to its licensed software by requiring a user to access an encrypted control code.” 12 SAC ¶ 11. Each Synopsys customer receives a license key file, which contains an encrypted 13 control code that may be used to access Synopsys software. Id. Courts that have examined 14 similar password or encrypted control code systems in the past have roundly concluded that these 15 systems are indeed “technological measures” for the purposes of the DMCA. See, e.g., Universal 16 City Studios, Inc. v. Corley, 273 F.3d 429, 440 (2d Cir. 2001) (“The DMCA . . . backed with legal 17 sanctions the efforts of copyright owners to protect their works from piracy behind digital walls 18 such as encryption codes or password protection.”). 19 Synopsys’s license key system requires the use of an encrypted control code to access 20 Synopsys software. SAC ¶ 11. The license key system therefore “requires the application of 21 information . . . to gain access to the” Synopsys software. 17 U.S.C. § 1201(a)(3)(B). 22 Accordingly, the Court concludes that the license key system comprises a “technological 23 measure that effectively controls access to a” copyrighted work for the purposes of the DMCA. 24 The Court proceeds to consider whether Synopsys has adequately alleged that InnoGrit’s actions 25 amounted to “circumvention” of this technological measure. 26 27 2. Synopsys Adequately Alleges that InnoGrit Circumvented the License Key 1 System 2 InnoGrit asserts that the SAC’s allegation under Section 1201(a)(1) of the DMCA should 3 be dismissed because it fails to adequately allege that InnoGrit circumvented the license key 4 system. Mot. at 6. According to InnoGrit, as a matter of law, the use of “duly issued, authentic 5 license keys from Synopsys that function precisely as intended is no [sic] covered by the DMCA, 6 even if it is a violation of the parties’ contractual agreement.” Id. InnoGrit claims that even if 7 InnoGrit employees altered identifying information on InnoGrit computers, the use of Synopsys’s 8 own license key files can never amount to circumvention. Id. At worst, InnoGrit argues, 9 InnoGrit’s alleged behavior only represents a breach of the EULA. Id. 10 Synopsys responds by pointing to the majority of case law from this district that concludes 11 that unauthorized use of a license key constitutes circumvention under Section 1201(a)(1) of the 12 DMCA. Opp. at 9–10. Synopsys also asserts that the case law upon which InnoGrit relies is 13 distinguishable on several grounds. Opp. at 8–9. 14 The Court agrees with the majority of case law from this district cited by Synopsys that 15 holds that unauthorized use of a license key constitutes circumvention under Section 1201(a)(1) of 16 the DMCA. Moreover, the Court also agrees that the case law InnoGrit cites to the contrary is 17 distinguishable from the facts of the instant case. 18 As discussed above, Section 1201(a)(1) of the DMCA only applies to defendants who 19 “circumvent a technological measure that effectively controls access to” a copyrighted work. 17 20 U.S.C. § 1201(a)(1)(A) (emphasis added). The DMCA dictates that “to ‘circumvent a 21 technological measure’ means to descramble a scrambled work, to decrypt an encrypted work, or 22 otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the 23 authority of the copyright owner.” Id. § 1201(a)(3)(A). 24 Synopsys argues that InnoGrit circumvented Synopsys’s license key system when it 25 “altered identifying information on their computers and servers located in California in order to 26 circumvent Synopsys’ access control license key protections.” SAC ¶ 53. 27 The majority of the courts in this district have found that a defendant’s unauthorized use of 1 license keys or passwords, as Synopsys has alleged, constitutes circumvention under Section 2 1201(a)(1). See Actuate Corp. v. Internat’l Bus. Machines Corp., 2010 WL 1340519 (N.D. Cal. 3 Apr. 5, 2010) (Spero, M.J.) (“[U]nauthorized distribution of passwords and usernames avoids and 4 bypasses a technological measure in violation of sections 1201(a)(2) and (b)(1).”); Microsoft 5 Corp. v. EEE Bus. Inc., 555 F. Supp. 2d 1051, 1059 (N.D. Cal. 2008) (White, J.) (“By distributing 6 a VLK without authorization, [defendant] effectively circumvented [plaintiff’s] technological 7 measure to control access to a copyrighted work in violation of the DCMA.”); 321 Studios v. 8 MGM Studios, Inc., 307 F. Supp. 2d 1085, 1098 (N.D. Cal. 2004) (N.D. Cal. 2004) (Illston, J.) 9 (“However, while [defendant’s] software does use the authorized key to access the DVD, it does 10 not have authority to use this key, as licensed DVD players do, and it therefore avoids and 11 bypasses [the technological measure].”); see also Burroughs Payment Sys., Inc. v. Symco Grp., 12 Inc., 2012 WL 1670163, at *4 (N.D. Cal. May 14, 2012) (Spero, M.J.) (explaining that the 13 Northern District of California has taken the “view that unauthorized use of a valid password 14 ‘circumvents’ technology measures” (quoting Burroughs Payment Sys., Inc. v. Symco Grp., Inc., 15 2011 WL 13217738, at *5 (N.D. Ga. Dec. 13, 2011)). Under the holdings of these cases, 16 InnoGrit’s conduct clearly constitutes circumvention under Section 1201(a)(1) of the DMCA 17 because the SAC specifically alleges that InnoGrit lacked authorization to use the license key on 18 the 15 InnoGrit computers in San Jose, California. SAC ¶ 27. 19 InnoGrit points to a single case from this district that reached a different conclusion: 20 Adobe Sys. Inc. v. A&S Electronics, Inc., 2015 WL 13022288 (Armstrong, J.) (N.D. Cal. Aug. 19, 21 2015). The Adobe court held that because license keys used by unauthorized recipients still 22 “function[ed] precisely as intended,” the use of those license keys did not amount to 23 circumvention under Section 1201(a)(1) of the DMCA. See id. at *8. InnoGrit also cites Egilman 24 v. Keller & Heckman, LLP, 401 F. Supp. 2d 105 (D.D.C. 2005), in support of the Adobe court’s 25 position. See id. at 113 (“[E]ntering a valid username and password, albeit without 26 authorization—does not constitute circumvention under the DMCA.”). 27 However, Adobe and Egilman are inapposite. These two cases concern the mere use or 1 distribution of unauthorized passwords and license keys, without any additional actions taken on 2 the part of the defendants. See Adobe, 2015 WL 13022288, at *8 (challenged conduct consisted of 3 “unauthorized distribution of serial license keys”); Egilman, 401 F. Supp. 2d at 112 (challenged 4 conduct consisted of “gaining access to [a] website using an unauthorized but valid password”). 5 Moreover, Adobe and Egilman grounded their holdings in the fact that unauthorized license keys 6 and passwords still “function precisely as intended.” Adobe, 2015 WL 13022288, at *8; see 7 Egilman, 401 F. Supp. 2d at 113 (“[U]sing a username/password combination as intended—by 8 entering a valid username and password, albeit without authorization—does not constitute 9 circumvention under the DMCA.” (emphasis added)). 10 Synopsys’s allegations in the SAC go far beyond the allegation that InnoGrit lacked 11 authorization to use a license key that nonetheless functioned “precisely as intended.” Adobe, 12 2015 WL 13022288, at *8. Instead, Synopsys alleges that the Synopsys license key system 13 requires software users to supply a “Host ID for the computer(s) that will execute Synopsys 14 license software,” which Synopsys then includes in a license key file. Id. ¶ 14. The Host ID 15 prevents users from accessing Synopsys software on unauthorized computers. Id. ¶¶ 14, 15. 16 According to Synopsys, InnoGrit affirmatively manipulated the identifying information of at least 17 15 InnoGrit computers in San Jose, California, in order to bypass the Host ID restriction and 18 wrongfully run Synopsys software. Id. ¶ 27. 19 The alleged manipulation of the InnoGrit computers’ identifying information on the part of 20 InnoGrit constitutes circumvention even under Adobe and Egilman. According to Synopsys, 21 InnoGrit’s conduct prevented the Synopsys license key system from functioning “precisely as 22 intended.” Id. ¶¶ 27, 53. Specifically, the manipulation of InnoGrit computers’ identifying 23 information allegedly prevented the license key system’s Host ID requirement from restricting the 24 use of Synopsys software as it was designed and intended to do. Id. 25 Accordingly, the Court concludes that Synopsys has sufficiently stated a claim under 26 Section 1201(a)(1) of the DMCA. The Court proceeds to consider whether Synopsys has also 27 stated a claim under Section 1201(a)(2) of the DMCA. C. Synopsys Adequately Alleges a Claim Under 17 U.S.C. § 1201(a)(2) 1 InnoGrit asserts that Synopsys’s claim under Section 1201(a)(2) of the DMCA should be 2 dismissed. Mot. at 7–9. According to InnoGrit, Synopsys’s Section 1201(a)(2) claim fails 3 because it does not allege that InnoGrit actually used any of the technology that it allegedly 4 trafficked to circumvent the license key system. Id. at 8–9. InnoGrit also belatedly argues that 5 downloading files cannot amount to importation under Section 1201(a)(2) of the DMCA. Reply at 6 9–10. 7 Synopsys responds that Section 1201(a)(2) of the DMCA only requires a showing that a 8 defendant trafficked the relevant technology, not that the defendant ever used the technology to 9 circumvent a security measure. Opp. at 11. 10 The Court agrees with Synopsys. Section 1201(a)(2) of the DMCA does not require a 11 showing that a defendant used the technology it allegedly trafficked. The Court need not reach 12 InnoGrit’s alternative argument that downloading files does not amount to importation under 13 Section 1201(a)(2) of the DMCA because InnoGrit first raised this argument in its reply. 14 Section 1201(a)(2) of the DMCA dictates that “[n]o person shall manufacture, import, 15 offer to the public, provide, or otherwise traffic in any technology, product, service, device, 16 component, or part thereof, that . . . is primarily designed or produced for the purpose of 17 circumventing a technological measure that effectively controls access to a [copyrighted] work.” 18 17 U.S.C. § 1201(a)(2). 19 Synopsys alleges that InnoGrit violated this DMCA provision in several ways. First, 20 Synopsys alleges that at an unknown time, InnoGrit downloaded a “crack file” that consisted of 21 “counterfeit license keys for Synopsys products, instructions for how to configure counterfeit 22 Synopsys license keys, and illegal copies of Synopsys’ software that InnoGrit never obtained a 23 license to.” Id. InnoGrit allegedly transferred this “crack file” onto a portable USB flash drive in 24 order to distribute it across different InnoGrit computers. Id. ¶¶ 30, 31. Synopsys alleges that the 25 flash drive that contains the “crack file” has been connected to at least seven different computers 26 in this district, and that the “crack file” contents currently reside on at least one computer in this 27 1 district. Id. ¶¶ 31, 32. Synopsys also asserts that InnoGrit manually configured the counterfeit 2 license key associated with the crack file to match identifying information on one of the InnoGrit 3 computers located in this district. Id. ¶ 33. 4 Second, Synopsys alleges that at an unknown time, an InnoGrit employee downloaded 5 piracy tools and counterfeit license key generator software from a Chinese website. Id. ¶ 34. On 6 or around July 20, 2018, the InnoGrit employee then copied a zip file containing this material into 7 a file folder marked “share” on an InnoGrit computer located in this district. Id. 8 Synopsys alleges that among the piracy tools were instructions for how to generate and 9 configure counterfeit license keys to Synopsys software. Id. ¶ 35. Synopsys asserts that an 10 InnoGrit employee used these instructions to generate at least one counterfeit license key to 11 Synopsys software, and that this counterfeit license key resides in the file folder containing the 12 piracy tools and counterfeit license key generator. Id. ¶¶ 35, 36. 13 According to Synopsys, an InnoGrit employee also sent other InnoGrit employees located 14 outside of the United States the counterfeit license key generator software and/or counterfeit 15 license keys generated by the software. Id. ¶ 37. InnoGrit employees in both China and Canada 16 have allegedly used counterfeit license keys generated by the counterfeit license key generator 17 software to access Synopsys software. Id. 18 In its motion to dismiss the SAC, InnoGrit does not dispute that any of the foregoing 19 material that InnoGrit allegedly downloaded and distributed represents “technology, product, 20 service, device, component, or part thereof, that . . . is primarily designed or produced for the 21 purpose of circumventing a technological measure that effectively controls access to a 22 [copyrighted] work.” 17 U.S.C. § 1201(a)(2). 23 Instead, InnoGrit argues that “neither file is alleged to have been used by InnoGrit for the 24 purpose of circumventing a technological measure as required to violate” Section 1201(a)(2) of 25 the DMCA. Mot. at 7. With respect to the “crack file,” InnoGrit claims that Synopsys has not 26 sufficiently alleged that the “crack file” “was ever executed.” Id. at 8. Similarly, with respect to 27 the piracy tools and counterfeit license key generator software, InnoGrit argues that Synopsys has 1 not sufficiently alleged that “this ‘generator’ was ever used to circumvent any of Synopsys’s 2 technological measures.” Id. at 9. 3 InnoGrit’s argument fails as a matter of law. Section 1201(a)(1) of the DMCA requires a 4 plaintiff to allege that a defendant has actually circumvented a technological measure. However, 5 Section 1201(a)(2) does not. See, e.g., Autodesk, Inc. v. Flores, 2011 WL 337836, at *9 n.2 (N.D. 6 Cal. Jan. 31, 2011) (explaining that a complaint that “focused on allegations that Defendants sold 7 or trafficked in circumvention technology and does not allege that they actually used the 8 technology themselves” states a claim under Section 1201(a)(2) of the DMCA); see also MDY 9 Indus., LLC v. Blizzard Entertainment, Inc., 629 F.3d 928, 953 (9th Cir. 2010) (outlining the 10 elements of a claim under Section 1201(a)(2) of DMCA). InnoGrit’s argument therefore cannot 11 justify dismissal of Synopsys’s Section 1201(a)(2) claim. 12 In its reply, InnoGrit raises a second argument. InnoGrit belatedly claims that 13 “[d]ownloading a file from a foreign website is not the ‘importation’ that § 1201(a)(2) was 14 intended to prohibit.” Reply at 9. Accordingly, InnoGrit argues, “[t]he mere downloading of 15 these two files is not a plausible DMCA violation.” Id. at 11. InnoGrit raises this argument for 16 the first time in InnoGrit’s reply, so the Court need not consider it. See, e.g., Zamani v. Carnes, 17 491 F.3d 990, 997 (9th Cir. 2007) (“The district court need not consider arguments raised for the 18 first time in a reply brief.”). 19 The Court notes, however, that another court in this district has found Section 1201(a)(2)’s 20 trafficking requirement was satisfied in a situation similar to the one in the instant case. See 21 Synopsys, Inc. v. Ubiquiti Networks, Inc., 2017 WL 3485881, at *8 (N.D. Cal. Aug. 17, 2017) 22 (holding that “the unilateral actions of defendant] in manufacturing the [counterfeit software] keys 23 using software secured from hacker websites . . . and importing those keys from Taiwan into the 24 United States is sufficient” to state a claim under Section 1201(a)(2) of the DMCA). 25 The Court therefore finds that Synopsys has successfully stated a claim under 17 U.S.C. § 26 1201(a)(2). The Court proceeds to consider Synopsys’s final claim under the Copyright Act. 27 D. Synopsys Adequately Alleges Claims Under 17 U.S.C. §§ 106 and 602 1 In its motion to dismiss the SAC, InnoGrit raises two affirmative defenses in response to 2 the SAC’s allegations that InnoGrit committed copyright infringement. Specifically, InnoGrit 3 argues that InnoGrit’s alleged conduct amounts to either de minimis copying or fair use. Mot. at 4 9–10. Synopsys responds that these two affirmative defenses are unavailable to InnoGrit at the 5 motion to dismiss stage because neither affirmative defense clearly appears on the face of the SAC 6 and because both defenses involve disputed issues of fact. Opp. at 12–15. 7 The Court agrees with Synopsys. InnoGrit may not invoke either of the affirmative 8 defenses that InnoGrit raises in order to dismiss Synopsys’s copyright infringement claims at this 9 stage of the litigation. 10 Synopsys alleges that InnoGrit committed two forms of copyright infringement under the 11 Copyright Act. First, Synopsys alleges that InnoGrit violated 17 U.S.C. § 106 when InnoGrit 12 “unlawfully copied and distributed Synopsys’ copyright-protected software [Synplify 2014.03] in 13 the United States and abroad.” SAC ¶ 76. Second, Synopsys alleges that InnoGrit violated 17 14 U.S.C. § 602 when InnoGrit “knowingly and unlawfully imported into the United States copies of 15 Synplify version 2014.03 acquired outside the United States.” Id. ¶ 75. 16 In order for the Court to dismiss the SAC on the basis of an affirmative defense, “the 17 defense must clearly appear on the face of the pleading.” Carson v. Verismart Software, 2012 WL 18 1038662, at *3 (N.D. Cal. Mar. 27, 2012). Further, the defense “may not raise disputed issues of 19 fact.” Id. Neither of the two affirmative defenses that InnoGrit raises meets this standard. 20 First, with respect to de minimis copying, the Ninth Circuit has explained that “a use is de 21 minimis only if the average audience would not recognize the appropriation.” Newton v. 22 Diamond, 388 F.3d 1189, 1993 (9th Cir. 2004). The SAC alleges that InnoGrit downloaded and 23 copied entire copies of Synplify 2014.03. SAC ¶¶ 41–43. InnoGrit’s appropriation was therefore 24 not so “meager and fragmentary that the average audience would not recognize the appropriation.” 25 Newton, 388 F.3d at 1193. Accordingly, it is not clear from the face of the complaint that the de 26 minimis copying defense would apply. See, e.g., Calibrated Success, Inc. v. Charters, 72 F. Supp. 27 1 3d 763, 770 (E.D. Mich. 2014) (“[Defendant] admits downloading [plaintiff’s] Tuning Guide in its 2 entirety. . . . There is nothing de minimis about copying an entire video.”). To the extent that 3 InnoGrit argues that InnoGrit’s possession of a license to use another version of the Synplify 4 software rendered any copyright infringement de minimis, this argument raises issues of fact 5 regarding the differences between two versions of Synopsys software that the Court declines to 6 resolve at the motion to dismiss stage. 7 Second, with respect to fair use, InnoGrit claims that InnoGrit’s allegedly unlawful use of 8 Synplify 2014.03 occurred during a software evaluation period and that “any harm to [the 9 software’s] commercial value is nonexistent.” Mot. at 10. As an initial matter, the Court notes 10 that InnoGrit’s motion to dismiss fails to analyze the four factors of the fair use defense. This 11 alone is fatal to InnoGrit’s argument. See, e.g., Carson, 2012 WL 1038662, at *3 (“Defendants do 12 not discuss any of the elements of the ‘fair use’ affirmative defense and their conclusory assertions 13 cannot defeat Carson’s allegations on a motion to dismiss.”). 14 Further, the SAC contradicts InnoGrit’s claim of fair use. Synopsys alleges that InnoGrit 15 engaged in copyright violations for seemingly commercial purposes, SAC ¶¶ 42–43, that InnoGrit 16 did not engage in any transformative use, id. ¶ 41, and that InnoGrit acted in bad faith by willfully 17 infringing Synopsys’s copyright, id. ¶ 47. Each of these allegations militates against a finding of 18 fair use. See A&M Records, Inc. v. Napster, Inc., 239 F.3d 1004, 1015 (9th Cir. 2001) (“A 19 commercial use weighs against a finding of fair use but is not conclusive on the issue.”); id. 20 (“Courts have been reluctant to find fair use when an original work is merely retransmitted in a 21 different medium.”); see also Perfect 10, Inc. v. Amazon.com, Inc., 508 F.3d 1146, 1164 n.8 (9th 22 Cir. 2007) (“[A] party claiming fair use must act in a manner generally compatible with principles 23 of good faith and fair dealing.”). 24 The Court therefore concludes that neither of the affirmative defenses that InnoGrit raises 25 in its motion to dismiss the SAC is sufficient to defeat Synopsys’s copyright infringement 26 allegations under 17 U.S.C. §§ 106 and 602 at this stage of the litigation. 27 IV. CONCLUSION 1 For the foregoing reasons, the Court DENIES InnoGrit’s motion to dismiss the SAC. 2 IT IS SO ORDERED. 3 Dated: October 1, 2019 4 ______________________________________ 5 LUCY H. KOH United States District Judge 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27