Croy v. Google LLC

1

SHANNON CROY, Plaintiffs, v. GOOGLE LLC, Defendant.

Civil Action No. 23-12106

United States District Court, E.D. Michigan, Southern Division

August 21, 2024

Shalina D. Kumar United States District Judge

REPORT AND RECOMMENDATION TO GRANT DEFENDANT'S MOTION TO DISMISS (ECF NO. 17)

DAVID R. GRAND UNITED STATES MAGISTRATE JUDGE

Background

Pro se plaintiff Shannon Croy (“Croy”), brings this lawsuit against defendant Google LLC (“Google”), raising various claims arising out of a “scheme” to unlawfully prevent him from accessing his Gmail account, which allegedly contained “information” regarding 15,000 Bitcoin he claims to have purchased in 2010. (ECF No. 5).^[1] Croy's complaint is dense and difficult to follow, as it sets forth allegations in a largely stream-of-consciousness manner in 378 numerated single-spaced paragraphs over 43 pages accompanied by an additional 84 pages of exhibits.

As best as can be discerned, however, a liberal construction of Croy's lengthy complaint reflects that, in 2010, he allegedly purchased 15,000 Bitcoin, (Id., PageID.159, ¶ 314), and “stor[ed] his Bitcoin information in email messages to himself” including “a copy of the Dat File Bitcoin Address, and Keys” to his email at “Referralrewards@gmail.com.” (Id., PageID.156-57, ¶¶ 294-95). Croy alleges that “immediately after he sent the Bitcoin information from Referralrewards@gmail.com,” “his Bitcoin became corrupted inside his 2010 Wallet.” (Id., ¶ 295). He alleges that “there was no way for [him] to know or imagine this problem existed with 2010 Wallets,” as they were “new technology[] in the year 2010,” and “it's not his fault Google secretly disable[d] access to his account,” apparently by “secretly delet[ing] [the] recovery security answer for [the account].” (Id., ¶¶260, 295).

It appears that Croy either did not find out about the corruption of his Bitcoin or did nothing to address the situation until almost 11 years later in 2021, at which time he alleges Google “secretly disabled” his email address at Referralrewards@gmail.com because it was one of several “selected accounts with missing birthdate information.” (Id., ¶¶ 237, 300). Croy alleges that Google's disabling of his access to Referralrewards@gmail.com was a “breach of duty” that caused “damage or theft to his Bitcoin information.” (Id., ¶ 300). As a result, Croy alleges that, on April 27, 2021, he sent a letter to Google requesting that they restore his access to Referralrewards@gmail.com, but his request was “denied.” (Id., ¶¶ 241, 297). Croy “informed Google's CEO and Board Members that there is approximate[ly] 1 billion Dollar['s worth of] Bitcoin information located in 1 of 61” of his email accounts, and that only after he shared this information did Google assign his account at Referralrewards@gmail.com to “Enhanced or Targeted Re-Collection of Secretly Deleted Recovery Security Answer Scheme” in order to “try[] to permanently steal the value of [his Bitcoin] information from him.” (Id., ¶¶ 246, 348). He alleges that there was also an “inside person” from the United States Postal Service involved in this scheme who obstructed his sending of U.S. Certified Mail to remedy the issue. (Id., ¶ 279). He alleges that Google has a “pattern of suppressing evidence of secretly deleted recovery emails and recovery security answers.” (Id., ¶ 280).

Based on the above allegations,^[2] Croy contends that Google “actually verified, read[,] intercepted[,] and viewed [his] Bitcoin information inside Referralrewards@gmail.com” (Id., ¶ 263), in violation of (1) the Computer Fraud Abuse Act, 18 U.S.C. § 1030 (“CFAA”); (2) the Wiretap Act, 18 U.S.C. § 2511; (3) the Children's Online Privacy Protection Act (“COPPA”), 15 U.S.C. §§ 6501 et seq.; (4) the federal criminal wire fraud statute, 18 U.S.C. § 1343; and (5) the federal criminal mail fraud statute, 18 U.S.C. § 1341. (ECF No. 5, PageID.126, ¶ 2).^[3] As a result, Croy seeks monetary damages of $825,330,600.00, which is based on a value of $55,022.04 per each of his 15,000 Bitcoin. (Id., ¶ 310).

Google filed a motion to dismiss, which has been fully briefed. (ECF Nos. 17, 22, 27). The Court finds that oral argument will not aid it in resolving the motions, and declines to hold a hearing. See E.D. Mich. LR 7.1(f)(2).

Standard of Review

A motion to dismiss pursuant to Fed.R.Civ.P. 12(b)(6) tests a complaint's legal sufficiency. “To survive a motion to dismiss, a complaint must contain sufficient factual matter, accepted as true, to ‘state a claim to relief that is plausible on its face.'” Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009) (quoting Bell Atl. Corp. v. Twombly, 550 U.S. 544, 570 (2007)). “A claim has facial plausibility when the plaintiff pleads factual content that allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged.” Id. (citing Twombly, 550 U.S. at 556). The plausibility standard “does not impose a probability requirement at the pleading stage; it simply calls for enough facts to raise a reasonable expectation that discovery will reveal evidence of illegal [conduct].” Twombly, 550 U.S. at 556. Put another way, the complaint's allegations “must do more than create speculation or suspicion of a legally cognizable cause of action; they must show entitlement to relief.” League of United Latin Am. Citizens v. Bredesen, 500 F.3d 523, 527 (6th Cir. 2007) (emphasis in original) (citing Twombly, 550 U.S. at 555-56).

Pleadings filed by pro se litigants are entitled to a more liberal reading than would be afforded to formal pleadings drafted by lawyers. See Thomas v. Eby, 481 F.3d 434, 437 (6th Cir. 2007). Nonetheless, “[t]he leniency granted to pro se [litigants] . . . is not boundless,” Martin v. Overton, 391 F.3d 710, 714 (6th Cir. 2004), and “such complaints still must plead sufficient facts to show a redressable legal wrong has been committed.” Baker v. Salvation Army, 2011 WL 1233200, at *3 (E.D. Mich. Mar. 30, 2011).

Analysis

In its motion to dismiss, Google argues that Croy's “fantastical allegations are conclusory and implausible,” and each of his claims under the CFAA, Wiretap Act, COPPA, and federal wire and mail fraud statutes fail to state a cause of action. The Sixth Circuit has held that a complaint is subject to dismissal when it consists of “fantastical” allegations that lack “facial plausibility.” Burnett v. Garland, No. 20-2158, 2021 WL 4097505 (6th Cir. June 28, 2021); see also Hellmuth v. Hood, 2019 WL 9088170, at *3 (6th Cir. Dec. 20, 2019) (affirming dismissal of a complaint consisting of allegations that were “too speculative” and “implausible.”). Here, while Croy's complaint raises a far- fetched “scheme” among Google's CEO and Board Members and the USPS to fraudulently delete his Gmail account (and other users' email accounts), resulting in him allegedly being unable to access Bitcoin information worth more than $800,000,000 dollars that he emailed himself almost 15 years ago, the Court declines to recommend dismissal on that basis. However, dismissal of Croy's complaint is appropriate based on Google's more substantive arguments, which the Court will address below.

Computer Fraud and Abuse Act (“CFAA”) Claims

The CFAA “criminalizes certain computer-fraud crimes and creates a civil cause of action” for those harmed by such crimes. Pulte Homes, Inc. v. Laborers' Int'l Union of N. Am., 648 F.3d 295, 299 (6th Cir. 2011). In his operative complaint, Croy appears to allege that Google violated the CFAA in two respects: (1) Google “exceeded [its] authorized access [in] violation[] of the CFAA” by “secretly disabling user access accounts” (ECF No. 5, PageID.139, ¶ 43, 135); and (2) Google “obtain[ed], read[,] and intercept[ed] [his] Bitcoin information inside Referralrewards@gmail.com” (id., ¶ 43). While the complaint does not identify which specific provisions of the CFAA were violated it appears from Croy's allegations that he is first referring to 18 U.S.C. § 1030(a)(5)(c), which prohibits anyone from “intentionally access[ing] a protected computer without authorization, and . . . caus[ing] damage and loss,” and 18 U.S.C. § 1030(a)(2), which prohibits anyone from “intentionally access[ing] a computer without authorization or exceed[ing] authorized access, and thereby obtain[ing] information from any protected computer.” Both claims fail as a matter of law.^[4]

As to a claim under § 1030(a)(5)(c), Croy fails to sufficiently allege that Google accessed a “protected computer without authorization.” Here, the only “protected computer”^[5] that Google is alleged to have accessed is its own Gmail servers. See Abu v. Dickson, 2021 WL 1087442, at *5 (E.D. Mich. Mar. 22, 2021) (finding that a “cloud-based email account” qualifies as a “protected computer”); American Furukawa, Inc., v. Hossain, 103 F.Supp.3d 864, 875-76 (E.D. Mich. 2015) (finding that an employee accessed a protected computer without authorization when he accessed the company's email server to download emails during his leave of absence). However, because Google is the owner and operator of its own servers, including its Gmail server, Croy cannot show that Google's alleged improper access of that server was “without authorization.” See Pulte Homes, Inc., 648 F.3d at 304 (stating that “a person who uses a computer ‘without authorization' has no rights, limited or otherwise, to access the computer in question,” and so the court must ask whether defendant had “any right” to access) (emphasis in original and citations omitted). Thus, Croy fails to allege a violation of § 1030(a)(5)(c).

As to a claim under § 1030(a)(2), Croy again fails to allege that Google accessed its own Gmail servers “without authorization” for the reasons discussed above. See Pulte Homes, Inc., 648...