Eysoldt v. Proscan Imaging, 2011 WL 2021502 (Ohio App. May 18, 2011) (full-text).
Factual Background Edit
Plaintiff Jeff Eysoldt opened an account with GoDaddy, the popular domain name registration and website hosting company, and in so doing, agreed to GoDaddy's Domain Name Registration Agreement (subsequently replaced by GoDaddy's Universal Terms of Service Agreement ("UTOS")). Under this one account, Plaintiff registered various personal and business domain names with associated email accounts. He also opened email accounts for his siblings and helped his sister develop a website for her business.
Plaintiff's account was locked, which, according to GoDaddy, meant that the only way a third party could access his domain names was if the third party knew his user name and password. While negotiating a business deal with the owners of Proscan Imaging, Plaintiff registered the domain name Myrejuvenate.com through his GoDaddy account. When the business deal fell through, Plaintiff refused to turn over the website domain and Defendant Proscan Imaging contacted GoDaddy to have the domain transferred.
When Proscan Imaging contacted GoDaddy to transfer the Myrejuvenate.com domain, it did not have Plaintiff's user name or password. Instead, GoDaddy's employee Barranowsky asked Proscan to validate the account used for payment. Since Plaintiff had used a company account to pay for the registration and hosting, Proscan was able to provide the last four digits of the bank account number used. Barranowsky then transferred all domain names under Plaintiff's account, as well as their associated email accounts, to Proscan. Included in this transfer was a number of personal and family email accounts with communications to doctors, lawyers, and the IRS. These emails also contained medical records, credit card numbers, bank records, and other private information.
When Plaintiff learned of the transfer, he filled out the "Request for Change of Account/Email Update" and faxed it, along with a copy of his driver's license, to GoDaddy. Upon receipt, GoDaddy informed Plaintiff that its legal department needed clear and readable copies of the submitted information. While the court noted that the submitted information was in fact readable, Plaintiff stopped paying for his account and brought this action.
Trial Court Proceedings Edit
The Eysoldts filed their complaint for invasion of privacy and conversion against GoDaddy. The trial court overruled GoDaddy's motion for summary judgment and a jury found in favor of the Plaintiffs, awarding each of them compensatory and punitive damages on all of their claims. GoDaddy filed motions for directed verdicts, for judgment notwithstanding the verdicts, and for a new trial. The trial court granted GoDaddy's motion for a directed verdict on the punitive damages, concluding that the evidence did not show actual malice, but overruled the remaining motions.
Appellate Court Proceedings Edit
Both parties filed timely appeals.
On appeal, GoDaddy argued that the Eysoldts could not recover on their claims for conversion and invasion of privacy under the economic-loss doctrine. The economic-loss doctrine generally prevents recovery of damages in tort for purely economic loss. However, as the Eysoldts argued, and the court agreed, this doctrine is restricted to negligence cases, not cases involving intentional torts. GoDaddy also argued that no independent duty existed outside of the UTOS, however, the appellate court agreed with the trial court's holding on this issue, which is that the tort claims arose not from the UTOS but from Baranowsky's conduct in authorizing the transfer.
GoDaddy also argued that the Eysoldt's claims for conversion were improper because Ohio law does not recognize a cause of action for conversion of intangible property. Disagreeing, the court pointed to case law showing that domain names are intangible property subject to conversion, as well as case law holding that emails and computer programs can be converted.
Finally, GoDaddy contended that the Eysoldt's invasion of privacy claims should have failed because they presented no evidence that GoDaddy had ever accessed or read any of their emails. To establish such a claim, however, plaintiffs must only produce evidence that there was a "wrongful intrusion into one's private activities" occurring "in such a manner as to outrage or cause mental suffering, shame or humiliation to a person of ordinary sensibilities.” The plaintiffs did not have to prove that GoDaddy accessed their emails, only that GoDaddy gave an unauthorized third-party access to the emails who could have then accessed them.
The appellate court dismissed claims by the Plaintiffs that the court erred in granted GoDaddy's motion for a directed verdict on the issue of punitive damages. The appellate court agreed with the trial court that while Barranowsky's conduct may have been reckless or even intentional, it did not rise to the level of actual malice required for an award of punitive damages.