United States District Court, W.D. Washington
ORDER GRANTING PLAINTIFF'S MOTION TO EXPEDITE
RICARDO S. MARTINEZ CHIEF UNITED STATES DISTRICT JUDGE
alleges copyright and trademark infringement claims against
several unknown John Doe Defendants that appear to be using
IP address 18.104.22.168 to illegally activate
Plaintiff's software. Dkt. #1 at ¶ ¶ 37-52. It
now seeks permission to take limited, expedited discovery
from Comcast IP Services, LLP (“Comcast”), an
internet service provider (“ISP”), to identify
and name the John Doe Defendants in this case so that it can
complete service of process and proceed with litigation. Dkt.
#6 at 5-7. As further discussed below, Plaintiff has
demonstrated that: (1) the John Doe Defendants are real
people and/or entities that may be sued in federal court; (2)
it has unsuccessfully attempted to identify the John Doe
Defendants prior to filing this motion; (3) its claims
against the John Doe Defendants would likely survive a motion
to dismiss; and (4) there is a reasonable likelihood that
service of the proposed subpoena on Comcast will lead to
information identifying the John Doe Defendants. As a result,
the Court finds that good cause exists to allow Microsoft to
engage in expedited, preliminary discovery.
develops, distributes, and licenses various types of computer
software, including operating system software (such as
Microsoft Windows) and productivity software (such as
Microsoft Office). Dkt. #1 at ¶ ¶ 8-16. Microsoft
holds registered copyrights in the various different versions
of these products, and has registered trademarks and service
marks associated with the products. Id. at ¶
has implemented a wide-range of initiatives to protect its
customers and combat theft of its intellectual property,
including its product activation system, which involves the
activation of software through product keys. Id. at
¶ 24. A Microsoft product key is a 25-character
alphanumeric string generated by Microsoft and provided
either directly to Microsoft's customers or to
Microsoft's original equipment manufacturer
(“OEM”) partners. Id. at ¶ 25.
Generally, when customers or OEMs install Microsoft software
on a device, they must enter the product key. Id.
Then, as part of the activation process, customers and/or
OEMs voluntarily contact Microsoft's activation servers
over the Internet and transmit the product keys and other
technical information about their device to the servers.
Id. Because Microsoft software is capable of being
installed on an unlimited number of devices, Microsoft uses
the product activation process to detect piracy and protect
consumers from the risk of non-genuine software. Id.
at ¶ 26.
has created the Microsoft Cybercrime Center where they
utilize, inter alia, certain technology to detect
software piracy, which it refers to as
“cyberforensics.” Id. at ¶ 29.
Microsoft uses its cyberforensics to analyze product key
activation data voluntarily provided by users when they
activate Microsoft software, including the IP address from
which a given product key is activated. Dkt. #1 at ¶ 30.
Cyberforensics allows Microsoft to analyze the activations of
Microsoft software and identify activation patterns and
characteristics that make it more likely than not that the IP
address associated with certain product key activations is
one through which unauthorized copies of Microsoft software
are being activated. Dkt. #7 at ¶ ¶ 2-5.
Microsoft's cyberforensics have identified more than 2,
000 product key activation attempts originating from IP
address 22.214.171.124. Id. at ¶ 6. According to
publicly available data, that IP address is presently under
the control of Comcast. Id.
alleges that for at least the past three years, the
aforementioned IP address has been used to activate thousands
of Microsoft product keys. Id. at ¶ 7. These
activations have characteristics that demonstrate that the
John Doe Defendants are using the IP address to activate
unauthorized copies of Microsoft's software. Id.
Microsoft believes these activations constitute the
unauthorized copying, distribution, and use of Microsoft
software, in violation of Microsoft's software licenses
and intellectual property rights. Id. at ¶ 8.
Despite its best efforts, Microsoft has been unable to
positively identify the John Doe Defendants. Id. at
¶ 9. Microsoft believes Comcast has access to the
subscriber information associated with the subject IP address
from records kept in the regular course of its business.
Id. at ¶ 11.
Court may authorize early discovery before the Rule 26(f)
conference for the parties' and witnesses'
convenience and in the interests of justice. Fed.R.Civ.P.
26(d). Courts within the Ninth Circuit generally consider
whether a plaintiff has shown “good cause” for
such early discovery. See, e.g., Yokohama Tire Crop. v.
Dealers Tire Supply, Inc., 202 F.R.D. 612, 613-14 (D.
Ariz. 2001) (collecting cases and standards). When the
identities of defendants are not known before a Complaint is
filed, a plaintiff “should be given an opportunity
through discovery to identify the unknown defendants, unless
it is clear that discovery would not uncover the identities,
or that the complaint would be dismissed on other
grounds.” Gillespie v. Civiletti, 629 F.2d
637, 642 (9th Cir. 1980). In evaluating whether a plaintiff
establishes good cause to learn the identity of John Doe
defendants through early discovery, courts examine whether
the plaintiff (1) identifies the John Doe defendant with
sufficient specificity that the Court can determine that the
defendant is a real person who can be sued in federal court,
(2) recounts the steps taken to locate and identify the
defendant, (3) demonstrates that the action can withstand a
motion to dismiss, and (4) proves that the discovery is
likely to lead to identifying information that will permit
service of process. Columbia Ins. Co. v.
seescandy.com, 185 F.R.D. 573, 578-80 (N.D. Cal. 1999).
Plaintiff Has Shown Good Cause to Take Early
Here, Plaintiff has established good cause to engage in early
discovery to identify the John Doe Defendants. First,
Plaintiff has associated the John Doe Defendants with
specific acts of activating unauthorized software using
product keys that are known to have been stolen from
Microsoft, and have been used more times than are authorized
for the particular software. Dkt. #7 at ¶ ¶ 6-8.
Plaintiff has been able to trace the product key activations
as originating from one IP address, and nearly all of the
activations have involved voluntary communication between the
John Doe Defendants and Microsoft activation servers in this
judicial District. Id. at ¶ 7. Second,
Plaintiff has adequately described the steps it took in an
effort to locate and identify the John Doe Defendants. Dkt.
#7. Specifically, it utilized its
“cyberforensics” technology to analyze product
key activation data and identified certain patterns and
characteristics which indicate software piracy. Dkt. #7 at
¶ ¶ 2-4 and Dkt. #1 at ¶ ¶ 29-32. Third,
Plaintiff has pleaded the essential elements to state a claim
for Copyright Infringement under 17 U.S.C. § 501, et
seq., and Trademark Infringement under 15 U.S.C. §
1114. Dkt. #1 at ¶ ¶ 37-52 and Exs. 1-36. Fourth,
the information proposed to be sought through a Rule 45
subpoena appears likely to lead to identifying information
that will allow Plaintiff to effect service of process on the
John Doe Defendants. Dkt. #7 at ¶ ¶ 10-12.
Specifically, Plaintiff states it will seek subscriber
information associated with the alleged infringing IP
address. Dkt. #5 at ¶ 12.
together, the Court finds that the foregoing factors
demonstrate good cause to grant Plaintiff's motion for
leave to conduct limited expedited discovery. See
Semitool, 208 F.R.D. at 276. Therefore, the Court will
grant discovery limited to documents and/or information that
will allow Plaintiff to ...