A telephone long-distance carrier prevailed on fraud and conversion theories against Myron and Susan Bezenek — whose teenage sons
Thrifty-Tel, Inc., provides long-distance telephone services. Subscribers' telephones are programmed with a confidential access code and a six-digit authorization code that directs calls into Thrifty-Tel's computerized switching network.
Through its internal security system, Thrifty-Tel learned of the computer hacking almost immediately. And by late November, the carrier identified the Bezeneks' home as the source. Although Thrifty-Tel had the Bezeneks' address and telephone numbers, it failed to contact them concerning the matter.
After a three-month hiatus, the Bezenek children resumed manual searches for an authorization code. After several days and apparently some frustration with the slow pace, Ryan acquired computer software to expedite the quest. On February 18, 1992, he used the program to access Thrifty-Tel's system and conducted rapid-fire random number searches. He ran the program between six and seven hours, generating over one thousand three-hundred calls. Because Thrifty-Tel is a small carrier with relatively few telephone lines, Ryan's automated calling overburdened the system, denying some subscribers access to phones lines.
Still, Thrifty-Tel did not contact or complain to the Bezeneks. Instead, it filed this action on April 1, 1992, seeking damages for conversion, fraud, and reasonable value of services. The April Fools' Day lawsuit provided the Bezeneks' first notice of their sons' computer hijinks. In a trial to the court, defendants unsuccessfully sought judgment on the conversion and fraud causes of action, arguing those remedies were not available on these facts. (Code Civ. Proc., § 631.8.)
Thrifty-Tel offered no explanation for its failure to complain to the Bezeneks after the November 1991 hacking episode. It presented no evidence of any actual losses, either. Rather, plaintiff simply relied on the "unauthorized usage" tariff in its PUC-approved rate schedule to establish damages. That tariff, in effect, liquidates Thrifty-Tel's damages for computer hacking by imposing a $2,880 per day surcharge, a $3,000 "set up fee," and a $200 per hour labor fee. It also provides for attorney fees and costs
Courts have traditionally refused to recognize as conversion the unauthorized taking of intangible interests that are not merged with, or reflected in, something tangible. (Adkins v. Model Laundry Co. (1928) 92 Cal.App. 575, 583 [268 P. 939] [business goodwill]; Olschewski v. Hudson (1927) 87 Cal.App. 282, 286-288 [262 P. 43] [competitor's customer route]; Faircloth v. A.L. Williams & Associates (1992) 206 Ga.App. 764 [426 S.E.2d 601, 604-605] [unpaid commissions not evidenced by a receipt or certificate]; Matzan v. Eastman Kodak Co. (1987) 134 A.D.2d 863 [521 N.Y.S.2d 917, 918] [no protected interest in an idea].) And Dean Prosser has cautioned against scuttling conversion's tangibility requirement altogether, recommending instead the use of other remedies to protect intangible interests. (Prosser & Keeton on Torts, supra, § 15, p. 92.)
Whether the intangible computer access code, which was never reduced to paper or reflected on a computer disk, and the tie-up of Thrifty-Tel's system
This very point was argued in the trial court, where defense counsel essentially conceded Ryan and Gerry trespassed, but maintained the mislabeling of the cause of action as one for conversion was fatal.
Trespass to chattel, although seldom employed as a tort theory in California (indeed, there is nary a mention of the tort in Witkin's Summary of California Law), lies where an intentional interference with the possession of personal property has proximately caused injury.
A misrepresentation need not be oral; it may be implied by conduct. (See, e.g., Universal By-Products, Inc. v. City of Modesto (1974) 43 Cal.App.3d 145, 151 [117 Cal.Rptr. 525] and Prosser & Keeton on Torts, supra, § 106, p. 736.) We are aware of no decision holding the unauthorized use of a telephone access code constitutes misrepresentation. But decisions in analogous circumstances support that conclusion. For example, in State v. Hamm (Mo. Ct. App. 1978) 569 S.W.2d 289, the defendant used the bank card and personal identification number (PIN) of another person to steal cash at an automatic teller machine. Rejecting the assertion he made no misrepresentation, the court noted defendant's use of the card and confidential PIN was an was an implied misrepresentation as to his identity. (Id. at pp. 290-291.)
But misrepresentation is only one element of a fraud cause of action; the plaintiff must also have relied on the misrepresentation to its detriment.
We view Thrifty-Tel's computerized network as an agent or legal equivalent. In this regard, State v. Hamm, supra, 569 S.W.2d 289 is again persuasive. There, the defendant argued a bank did not detrimentally rely on his misrepresentation to an automatic teller machine via the unauthorized use of someone else's bank card and PIN. Rejecting this contention, the court noted, "The machine was so programmed that no money would be paid out without the insertion of the appropriate card and the corresponding personal identification numbers. When those items were supplied, the response was programmed so as to pay out the money. No difference can be perceived whether the bank gave approval after the presentation of those identification items or whether it programmed its acceptance upon those conditions in advance. In either case, the bank equally relied upon the presentation of the card and personal identification." (Id. at p. 291.)
A plaintiff has a duty to mitigate damages and cannot recover losses it could have avoided through reasonable efforts. (Shaffer v. Debbas (1993) 17 Cal.App.4th 33, 41 [21 Cal.Rptr.2d 110].) Citing Service v. Trombetta (1963) 212 Cal.App.2d 313, 320 [28 Cal.Rptr. 68], Thrifty-Tel's only response is
We know of no authority — and Thrifty-Tel cites none — suggesting a plaintiff may satisfy this burden merely by producing a formula or figure that in the abstract purports to represent the average damages suffered as a consequence of similar torts. Indeed, to assess damages based on a statistical average might be unfair. For example, the facts here indicate the actual damages resulting from hacking may vary dramatically depending upon the hacker's method: The damage flowing from the boys' manual efforts were likely modest compared to that caused by the automated barrage in February, 1992. Thus, a damage award based on this relatively draconian tariff might produce a windfall in instances of de minimis hacking. (Cf. Smith v. County of Los Angeles (1989) 214 Cal.App.3d 266, 292 [262 Cal.Rptr. 754] ["... the award of damages should be sufficient to make the [plaintiff] whole but not result in a windfall"].) Nor can Thrifty-Tel claim actual damages were not readily calculable: If it is able to determine an average loss for computer trespass, then surely it is able to produce evidence showing with reasonable certainty any damages caused by Ryan and Gerry in November 1991.
Nevertheless, Thrifty-Tel claims we must apply the PUC-approved tariff, insisting that to do otherwise would "interfere with the commission in the performance of its official duties" in violation of Public Utilities Code section 1759. We were troubled enough by this contention to solicit additional briefing and an amicus curiae brief from the PUC. The PUC's submission was particularly helpful and, perhaps surprisingly, did not support Thrify-Tel. There we were told, "The PUC respectfully submits that
From these facts the PUC reached the following conclusion, with which we agree: "It cannot be held, as a matter of law, that the unauthorized use tariff represents the result of a reasonable endeavor by the NDIEC and consumers to estimate a fair average compensation for any loss that may be sustained by a customer's bypass of the telephone company's billing mechanism. If the amount calculated pursuant to the tariff is disproportionate to the anticipated damages, it will be defined as a `penalty.' A contractual provision imposing a penalty is ineffective, and the wronged party can collect only the actual damages sustained. (Perdue v. Crocker National Bank (1985) 38 Cal.3d 913, 930 [216 Cal.Rptr. 345, 702 P.2d 503].) Whether the tariff collects fair average compensation or constitutes a penalty should be determined by the trier of fact."
Thus, we need not pass on whether the PUC properly approved Thrifty-Tel's tariff or whether the tariff is reasonable; we merely hold the superior court erred in awarding contract or tort damages based on that tariff instead of requiring plaintiff to prove actual damages. A suit to collect a tariff is in the nature of a breach of contract action. (South Bay Transportation Co. v. Gordon Sand Co. (1988) 206 Cal.App.3d 650, 660-661 [253 Cal.Rptr. 753].) Whether Thrifty-Tel's hacking tariff is a valid liquidated damages provision for a breach of contract claim is not before us: The trial court ruled against Thrifty-Tel on its quasi-contract cause of action, and Thrifty-Tel did not pursue a protective appeal.
We also note that even if the PUC intended unauthorized-use tariffs to apply to tort claims against third parties, and it tells us it did not, that would only be true of AT&T for the reasons noted above. Also, the courts might well have jurisdiction notwithstanding Public Utilities Code section 1759. Although we need not, and do not purport to, decide that issue because the discussion in the previous section seems equally applicable here, section
Although article XII, sections 4 and 6 of the California Constitution authorize the commission to establish rates utilities may charge for their services, it is a debatable question as to whether they empower the PUC to liquidate a utility's tort damages against third parties. (See, e.g., Bondanza v. Peninsula Hospital & Medical Center (1979) 23 Cal.3d 260 [152 Cal.Rptr. 446, 590 P.2d 22].) Our search of the Public Utilities Code for any statute permitting the commission to exercise such a power has been in vain.
In addition, the Bezeneks claim they are not liable under Civil Code section 1714.1 for the hacking of their children's friends. But they never
It is of no consequence that plaintiff did not plead a conspiracy between the Bezenek children and their friends or seek to amend the complaint after trial to conform to proof. A variance between pleading and proof is material only if it "actually misled the adverse party to his [or her] prejudice in maintaining [the] ... defense upon the merits." (Code Civ. Proc., § 469; see also Walker v. Belvedere (1993) 16 Cal.App.4th 1663, 1669-1670 [20 Cal.Rptr.2d 773].) That did not occur here: the Bezeneks knew plaintiff sued them based on their sons' conduct; and Myron Bezenek testified he learned from his sons "what had transpired and who was involved and how they went about doing it" well before trial.
Finally, defendants also note Civil Code section 1714.1 limits parents' damages to $10,000 for each tort committed by their children. They suggest their sons' hacking efforts were all part of a continuous course of conduct amounting to a single tort for which no more than $10,000 may be awarded. Because we have concluded plaintiff did not properly prove damages — let alone damages in excess of $10,000 — we decline to reach this issue.
That portion of the judgment awarding damages is reversed. The cause is remanded to the superior court for a new trial to determine damages based on defendants' children's tortious conduct before February of 1992. In all other respects, the judgment is affirmed. Each side shall bear its own costs.
Sonenshine, J., and Rylaarsdam, J., concurred.