
    HOLOMAXX TECHNOLOGIES, a Pennsylvania Corporation, Plaintiff, v. MICROSOFT CORPORATION, a Delaware Corporation, and Return Path, Inc., a Delaware Corporation, Defendant.
    Case No. CV-10-4924-JF.
    United States District Court, N.D. California, San Jose Division.
    March 11, 2011.
    
      Erik Swen Syverson, Pick & Boydston, Los Angeles, CA, for Plaintiff.
    Gabriel M. Ramsey, Julio Cesar Avalos, Orrick Herrington & Sutcliffe LLP, Menlo Park, CA, for Defendant.
   ORDER GRANTING MOTION TO DISMISS WITH LEAVE TO AMEND IN PART

JEREMY FOGEL, District Judge.

Defendant Microsoft Corporation (“Microsoft”) moves to dismiss the complaint of Plaintiff Holomaxx Technologies (“Holomaxx”) pursuant to Fed. R. Civ. Pro. 12(b)(6) for failure to state a claim upon which relief may be granted. The complaint asserts the following claims: (1) violation of 18 U.S.C. §§ 2510, et seq. (“Wiretap Act”); (2) violation of 18 U.S.C. §§ 2701, et seq. (“Stored Communications Act”); (3) violation of 18 U.S.C. § 1030, et seq. (“Computer Fraud and Abuse Act”); (4) intentional interference with contract; (5) intentional interference with prospective business advantage; (6) violation of California Penal Code §§ 630, et seq. (“wiretapping/eavesdropping”); (7) violation of California Civil Code §§ 43, et seq. (Defamation); (8) false light; and (9) violation of California Business and Professions Code §§ 17200, et seq. (“UCL”). For the reasons discussed below, the motion will be granted, with leave to amend in part.

I. BACKGROUND

Holomaxx describes itself as an “ecommerce business development company” that provides a number of different services, including “contracting] with commercial clients to provide a fully-managed email marketing service .... ” (Compl. ¶ 13). It sends millions of daily marketing emails on its clients’ behalf. (Id. at ¶ 14). It generates these e-mails from subscriber lists provided by its clients. The lists consist of individuals who either have elected voluntarily to receive such correspondence or who have “opted-in” by co-registration. (Id. at ¶¶ 14-15). Typically, it is paid a “fixed amount per email sent” and receives no compensation for e-mails that are unsuccessfully delivered. (Id.). Holomaxx asserts that it is a legitimate, CAN-SPAM Act compliant email service provider. (Id. ¶¶ at 15-16). It alleges that it takes specific safeguards to ensure such compliance, including: (1) producing e-mails with clear and accurate transmission and header information; (2) including “opt out” mechanisms for users electing not to receive future communications; (3) registering its domains and IP addresses with all available feedback loops; (4) originating all emails from the same set of servers; and (5) monitoring the compilation techniques employed by its clients. (Id. at ¶¶ 15-18). As a result of these safeguards, Holomaxx maintains a self-reported complaint rate of between 0.1% and 0.3%. (Id. at ¶ 19).

Microsoft is a global technology company and a major Internet Service Provider (“ISP”). (Compl. ¶ 20). Microsoft provides free e-mail services to millions of Internet users. (Id.). Like most companies that offer e-mail service, Microsoft employs various filtering technologies and procedures that identify and reject potentially harmful communications. (Mot. to Dismiss, 1:11-14; Comp. ¶¶ 20-23). Holomaxx claims that Microsoft relies upon several faulty methods to determine whether incoming mail is spam, including an automated spam filter (“SmartScreen”), a technique known as a “dynamic spam trap,” and evaluations from “whitelisting” services such as those offered by Return Path, Inc. (Compl. ¶¶ 20-23). Holomaxx alleges that in practice these methods filter and block legitimate e-mail communications. Holomaxx also claims that Microsoft wrongfully has refused to offer a remedy for these errors. (Id. at ¶¶ 20-24).

In or about November 2009, Microsoft allegedly began “intermittently blocking, rerouting, and ‘throttling’ (i.e. delaying) emails,” sent by Holomaxx from a block of IP addresses referred to as the “.78 addresses.” (Id. at ¶ 31). Microsoft stopped delaying the e-mails for approximately one month after being threatened with legal action, only to begin blocking them again in June 2010. (Id.). Microsoft continues to block the .78 addresses. (Id.). In May 2010, Holomaxx obtained a different block of IP addresses referred to as the “.88 addresses” that became operative in June 2010. (Id. at 32). In July 2010, Microsoft began blocking the .88 addresses as well. (Id. at 33). Holomaxx received error messages stating that rejection of its e-mails “may be related to content with spam-like characteristics or IP/domain reputation problems.” (Id. at 34). Microsoft also indicated that it may have blocked Holomaxx’s e-mails “based on the recommendations of [its] SmartScreen filter.” (Id.). Holomaxx alleges that Microsoft continues to interfere with its legitimate communications and that Microsoft’s refusal to remedy the situation has caused loss of revenue and damage to Holomaxx’s reputation and client relationships. (Id. at 36).

Holomaxx also claims that Microsoft wrongfully accessed the computer on which Holomaxx’s e-mails were stored, scanned the content of the e-mails, and obtained information therefrom without receiving consent from either Holomaxx or the intended recipients. (Id. at ¶ 41). Microsoft allegedly used this wrongfully obtained information, together with a “reputation score” provided by Return Path, Inc., to determine that Holomaxx’s e-mails were spam. (Id.). Finally, Holomaxx alleges that Microsoft communicated or implied to Dragon Networks, Holomaxx’s hosting IP data center, that it believed Holomaxx was sending spam. (Id. at ¶¶ 44-46). It is unclear whether Microsoft initiated this communication with Dragon Networks, or whether the communication was made in response to an inquiry by Dragon Networks after Microsoft blocked all messages originating from the data center’s IP addresses. (Id.). As a result, Holomaxx claims that its reputation was and continues to be damaged, and that its profits and its contractual relationships have been affected adversely. (Id. at 46). It seeks declaratory and injunctive relief; statutory, compensatory and punitive damages; and reasonable costs and attorneys’ fees. (Compl. 42:7-50:22).

II. MOTION TO DISMISS

“Dismissal under Rule 12(b)(6) is appropriate only where the complaint lacks a cognizable legal theory or sufficient facts to support a cognizable legal theory.” Mendiondo v. Centinela Hosp. Center, 521 F.3d 1097, 1104 (9th Cir.2008). For purposes of a motion to dismiss, “all allegations of material fact are taken as true and construed in the light most favorable to the nonmoving party.” Cahill v. Liberty Mutual Ins. Co., 80 F.3d 336, 337-338 (9th Cir.1996). However, “[w]hile a complaint attacked by Rule 12(b)(6) motion to dismiss does not need detailed factual allegations, a plaintiffs obligation to provide the ‘grounds’ of his ‘entitle[ment] to relief requires more than labels and conclusions, and a formulaic recitation of the elements of a cause of action will not do.” Bell Atlantic Corp. v. Twombly, 550 U.S. 544, 127 S.Ct. 1955, 167 L.Ed.2d 929 (2007) (internal citations omitted). Leave to amend must be granted unless it is clear that the complaint’s deficiencies cannot be cured by amendment. Lucas v. Department of Corrections, 66 F.3d 245, 248 (9th Cir.1995).

III. DISCUSSION

Microsoft argues that Claims Three, Four, Five, Six, and Nine, all of which are based on Microsoft’s filtering activities, are subject to an affirmative defense pursuant to the Communications Decency Act of 1996 (“CDA”), 47 U.S.C. § 230. (Mot. to Dismiss, 1:25-2:4). Microsoft also contends that Claims One, Two, Seven, and Eight are insufficiently pled and fail to state a cognizable claim. (Id. at 2:4-15). In opposition, Holomaxx argues that affirmative defenses are not properly considered on a motion to dismiss, (Pl.’s Opp., 3:20-4:3), and that in any case the CDA does not give Microsoft “blanket immunity” or otherwise provide protection for providers that filter legitimate “business content.” (Id. at 4:3-9). Holomaxx also asserts that each of its remaining claims is pled adequately. (Id. at 9:1-25:1).

A. Communications Decency Act (Claims Three Through Six)

A principal purpose of the CDA is to encourage ISP’s to engage in effective self-regulation of certain content. The Ninth Circuit has recognized that § 230 of the statute is “designed at once ‘to promote the free exchange of information and ideas over the internet and to encourage voluntary monitoring for offensive and obscene material.’ ” Barnes v. Yahoo!, Inc., 570 F.3d 1096, 1099-1100 (9th Cir.2009) (quoting Carafano v. Metrosplash.com, Inc., 339 F.3d 1119, 1122 (9th Cir.2003)); see also Zeran v. America Online Inc., 129 F.3d 327, 330 (4th Cir.1997) (finding that an important purpose of the CDA is to “encourage service providers to self-regulate the dissemination of offensive materials over their services.”). Accordingly, § 230(c) provides protection for “good Samaritan” blocking and screening of offensive material. Pursuant to § 230(c)(2):

No provider or user of an interactive computer service shall be held liable on account of—
(A) any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, or otherwise objectionable, whether or not such material is constitutionally protected; or
(B) any action taken to enable or make available to information content providers or others the technical means to restrict access to material described in paragraph (1)

42 U.S.C. § 230(c)(2)(A) & (B). An “interactive computer service” means “any information service, system, or access software provider that provides or enables computer access by multiple users to a computer server----”42 U.S.C. § 230(f)(2). Significantly, “[n]o cause of action may be brought and no liability may be imposed under any State or local law that is inconsistent with this section.” 42 U.S.C. § 230(e)(3). Moreover, § 230(c)(2) “allows [an interactive service provider] to establish standards of decency without risking liability for doing so.” Goddard v. Google, 2008 WL 5245490, at *6 (N.D.Cal. Dec. 17, 2008) (Fogel, J.) (citing Green v. America Online, 318 F.3d 465, 472 (3rd Cir.2003)).

1. Whether the Court may consider Microsoft’s affirmative defenses

Holomaxx argues that defenses pursuant to the CDA “should not even be considered on a Rule 12(b)(6) motion.” (PL’s Opp., 3:20). However, both this Court and others have held to the contrary. (Defs Reply to PL’s Opp., 2:5-13) (citing Goddard v. Google, Inc., 640 F.Supp.2d 1193, 1200 n. 5 (N.D.Cal.2009)). The assertion of an affirmative defense properly may be considered on a Rule 12(b)(6) motion where the defense is “apparent from the face of the [c]omplaint.” Goddard v. Google, Inc., 640 F.Supp.2d 1193, 1200 n. 5 (N.D.Cal.2009) (internal citation omitted); see also Langdon v. Google, Inc., 474 F.Supp.2d 622, 630-31 (D.Del.2007) (granting Rule 12(b)(6) motion to dismiss based on application of CDA immunity); see also Jones v. Bock, 549 U.S. 199, 215, 127 S.Ct. 910, 166 L.Ed.2d 798 (2007) (finding “[w]hether a particular ground for opposing a claim may be the basis for dismissal for [a 12(b)(6) motion] depends on whether the allegations in the complaint suffice to establish that ground----”). Perfect 10 v. Google, Inc., 2008 WL 4217837, at *8 (C.D.Cal. Jul. 16, 2008), does not hold otherwise. The section of the CDA at issue in that case is not implicated here, and more to the point, the pleadings themselves presented a question of fact as to whether Google was a “content provider” and thus not entitled immunity at all. Id.

2. Whether Microsoft’s filtering decisions qualify for CDA immunity

To assert an affirmative defense under § 230(c)(2)(A), a moving party must qualify as an “interactive computer service,” that voluntarily blocked or filtered material it considers “to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable,” and did so in “good faith.” 47 U.S.C. § 230(c)(2)(A). Holomaxx does not dispute that Microsoft qualifies as an “interactive computer service,” (Compl. ¶ 20), and other district courts have concluded that ISP’s that provide email services properly are characterized as “interactive computer service” providers. See eS60lnsight, LLC v. Comcast Corp., 546 F.Supp.2d 605 (N.D.Ill.2008); Winter v. Basssett, 2003 U.S. Dist. 26904, at *7 n. 4 (M.D.N.C. Aug. 22, 2003) (finding that ISP’s properly are considered interactive computer services under the CDA because they “allow internet users to connect to the internet” and they “provide email services.”).

However, Holomaxx contends that § 230(c)(2)(a) “was not intended to immunize the blocking of routine business emails.” (PL’s Opp., 6:1-3), and that the business content of its e-mails is not the type of content that providers might find “objectionable.” (Id. at 6:1-7:17). It points to Goddard v. Google, Inc., 2008 WL 5245490 (N.D.Cal. Dec. 17, 2008) (discussing National Numismatic Certification, LLC v. eBay, Inc., 2008 WL 2704404 (M.D.Fla. July 8, 2008)), in which this Court acknowledged the vagueness of the word “objectionable” and adopted the application of ejusdem generis in National Numismatic to determine the appropriate scope of § 230(c)(2). Goddard, 2008 WL at *6. The Court observed that content that a provider subjectively finds “otherwise objectionable” must have some relationship to the categories of content enumerated by Congress.

No court has articulated specific, objective criteria to be used in assessing whether a provider’s subjective determination of what is “objectionable” is protected by § 230(c)(2). In e360Insight, LLC v. Comcast Corp., 546 F.Suppüd 605, 608 (N.D.Ill.2008), the court ^concluded that virtually total deference to provider’s subjective determination is appropriate. Although the Ninth Circuit has yet to address the issue directly, it has expressed concern about giving providers unfettered discretion. See Zango v. Kaspersky Lab, Inc., 568 F.3d 1169, 1178 (9th Cir.2009) (Fisher, J., concurring) (expressing concern with a rule under which “providers of blocking software [are] given free license to unilaterally block the dissemination of material by content providers under the literal terms of § 230(c)(2)(A).”). Here, however, it is clear from the allegations of the complaint itself that Microsoft reasonably could conclude that Holomaxx’s e-mails were “harassing” and thus “otherwise objectionable.” Holomaxx acknowledges that it sends approximately three million e-mails per day through Microsoft’s servers, and that at least .5% of these either are sent to invalid addresses or result in user opt-out. (Compl. ¶¶ 17-19). On an annual basis, this amounts to more than five million invalid or unwanted e-mails.

Although Holomaxx pleads conclusorily that Microsoft acted in bad faith, the appropriate question is whether Holomaxx has “pled an absence of good faith.” eS60lnsight, LLC v. Comcast Corp., 546 F.Supp.2d 605, 609 (N.D.Ill.2008). Holomaxx claims that Microsoft uses faulty filtering technology and techniques, (Compl. ¶¶ 9-11, 20-24, 28, 30-31, 48-51, 117), that its decisions are motivated by profit derived from blocking both good and bad emails, (Id.), and that it refuses to discuss in detail its reasons for filtering Holomaxx’s e-mails or to provide an acceptable remedy that will prevent the e-mails from being filtered in the future. (Id. at ¶ 34). These allegations are insufficient. Holomaxx alleges no facts in support of its conclusory claim that Microsoft’s filtering program is faulty, nor does it identify an objective industry standard that Microsoft fails to meet. While it suggests that Microsoft is “[pjossibly seeking to cut costs in its service to its free email service” and alleges based on information and belief that Microsoft profits from requiring senders to join “whitelists,” (Compl. ¶¶ 20-22), it offers no factual support for these allegations. Nor does Holomaxx cite any legal authority for its claim that Microsoft has a duty to discuss in detail its reasons for blocking Holomaxx’s communications or to provide a remedy for such blocking. Indeed, imposing such a duty would be inconsistent with the intent of Congress to “remove disincentives for the development and utilization of blocking and filtering technologies.” 47 U.S.C. § 230(b)(4).

3. Conclusion

The first element of Microsoft’s affirmative defense under the CDA is not in dispute. While it is conceivable that Holomaxx could raise an issue of fact as to the second and third elements, it must provide significantly greater factual detail in order to do so. Accordingly, Holomaxx’s third, fourth, fifth, and sixth claims predicated on Microsoft’s filtering and blocking activities will be dismissed, with leave to amend.

B. Judicial Notice of Microsoft’s Service Agreement

Microsoft contends that it is immune from liability under both the Wiretap Act and the Stored Communications Act because its users specifically consent to the alleged wrongful access to their communications. (Mot. to Dismiss, 13:14-14:7; 16:25-17:3). Microsoft asks the Court to take judicial notice of its Hot-mail.com service agreement. Holomaxx opposes this request, disputing the authenticity of the document and arguing that it did not reference the service agreement its complaint, that user consent is not a core issue, and that even if it were the service agreement presents factual issues inappropriate for resolution on a motion to dismiss. (Pl.’s Opp. to RJN, 1:2-8). Holomaxx is correct that courts ordinarily “may not consider any material beyond the pleadings in ruling on a Rule 12(b)(6) motion.” Lee v. City of Los Angeles, 250 F.3d 668, 688 (9th Cir.2001) (citing Branch v. Tunnell, 14 F.3d 449, 453 (9th Cir.1994), overruled on other grounds by Galbraith v. County of Santa Clara, 307 F.3d 1119, 1127 (9th Cir.2002)); see also MGIC Indem. Corp. v. Weisman, 803 F.2d 500, 504 (9th Cir.1986). However, courts in the Ninth Circuit may consider documents that are not physically attached to the complaint when authenticity of the documents is not questioned and the complaint relies on the documents, (Lee, 250 F.3d at 688), and “a court may take judicial notice of ‘matters of public record.’ ” Id. (quoting Mack v. South Bay Beer Distrib., 798 F.2d 1279, 1282 (9th Cir.1986)).

Microsoft argues that the first exception applies here because the complaint “repeatedly references” the terms of the service agreement and specifically puts the terms at issue. (Def.’s Mot. to Dismiss, pp. 13-14 fn 3). In fact, Holomaxx alleges that Microsoft “[ajccessed computers on which Holomaxx’s confidential email communications were stored, and that Defendant ] also scanned the contents of those emails and obtained information therefrom, without the consent of either Holomaxx or the intended recipients.” (Compl. ¶ 41) (emphasis added). This single allegation is insufficient to trigger the “incorporation by reference doctrine.” See e.g., In re Facebook PPC Adver. Litig., 2010 WL 5174021, at *4 (N.D.Cal. Dec. 15, 2010) (Fogel, J.) (taking judicial notice of an “exemplary screen shot” of a web page advertisement as well as copies of “click-through” agreements. Significantly, the authenticity of these materials went unchallenged, specific portions were quoted in the complaint, and the contents formed the foundation of the dispute); In re Finisar Corp. Derivative Litig., 542 F.Supp.2d 980, 990 n. 4 (N.D.Cal.2008) (finding that a company’s closing stock price was “crucial” to the plaintiffs claims in a shareholder derivative action). Nor is the service agreement a “public record.” See Barron v. Reich, 13 F.3d 1370, 1377 (9th Cir.1994) (finding that public records are those documents obtained from government and administrative agencies); Lee v. City of Los Angeles, 250 F.3d 668, 688 (9th Cir.2001). The request for judicial notice will be denied.

C. Violation of the Wiretap Act (Claim One)

Holomaxx alleges that Microsoft “intentionally intercepted electronic communications sent by Holomaxx, in violation of 18 U.S.C. § 2510, et seq.,” (Compl. ¶ 59), and “intentionally used and disclosed the contents of such electronic communications sent by Holomaxx, while knowing or having reason to know that the information was obtained through the interception of those communications in violation of 18 U.S.C. § 2511.” (Id. at ¶ 60). It claims that Microsoft intercepted e-mails to evaluate the “spam like characteristics” on the e-mails. (Id. at ¶¶ 59-60). However, while the Court must “take all factual allegations in the complaint as true,” (Ashcroft v. Iqbal, 556 U.S. 662, 129 S.Ct. 1937, 1949, 173 L.Ed.2d 868 (2009)), it is not required to accept a “legal conclusion couched as a factual allegation.” Bell Atl. Corp. v. Twombly, 550 U.S. 544, 555, 127 S.Ct. 1955, 167 L.Edüd 929 (2007). Here, Holomaxx’s allegations are both conelusory and devoid of factual support. Holomaxx does not explain how Microsoft “intercepted” its communications or how Microsoft “used and disclosed” the contents of those communications. Additional factual detail is necessary in order to permit the Court to make a meaningful assessment of the plausibility of the allegations.

D. Violation of the Stored Communications Act (Claim Two)

Holomaxx also alleges that Microsoft violated the Stored Communications Act, which prohibits a party from “intentionally accessing] without authorization a facility through which an electronic communication service is provided; or intentionally exceeding] an authorization to access that facility; and thereby obtaining] ... or preventing] access to a wire or electronic communication while it is in electronic storage in such system ....” 18 U.S.C. § 2701(a). Here again, Holomaxx does no more than provide a “formulaic recitation of a cause of action” and fails to provide the type of factual support necessary to “raise a right to relief above the speculative level.” Bell Atl. v. Twombly, 550 U.S. 544, 555, 127 S.Ct. 1955, 167 L.Ed.2d 929 (2007). It fails to explain what facility or communication were accessed, or by whom, or how the alleged access exceeded a particular authorization.

E.Defamation (Claim Seven)

To state a claim for defamation, a plaintiff must establish “the intentional publication of a statement of fact that is false, unprivileged, and has a natural tendency to injure or which causes special damage.” Añkat v. JP Morgan Chase & Co., 430 F.Supp.2d 1013, 1020 (N.D.Cal.2006) (citing Smith v. Maldonado, 72 Cal.App.4th 637, 645, 85 Cal.Rptr.2d 397 (1999)). Publication means “communication to a third person who understands the defamatory meaning of the statement and its application to the person to whom reference is made.” Añkat, 430 F.Supp.2d at 1020. Holomaxx alleges, on information and belief, that Microsoft “informed Dragon Networks in writing” that it had blocked all IP addresses originating from Dragon Networks because “certain of Holomaxx’s .78 addresses had been rejected ‘for policy reasons,’ and were blocked manually ‘or for spamming.’ ” (Compl. § 45). Holomaxx does not explain how the alleged statement was defamatory or produce a copy of the alleged defamatory correspondence between Microsoft and Dragon Networks. Nor does it explain how the alleged communication amounts to “a statement of fact that is false.”

F. False Light (Claim Eight)

As Judge Seeborg recently explained, a false light claim may be maintained only by individuals. Kennedy Funding, Inc. v. Chapman, 2010 WL 4509805, at *4-5, 2010 U.S. Dist. LEXIS 116038, at *13-14 (N.D.Cal.2010) (Seeborg, J.). False light implicates an invasion of privacy, (Cort v. St. Paul Fire & Marine Ins. Cos., 311 F.3d 979, 987 (9th Cir.2002)), which at common law in California is a right reserved exclusively for actual persons. See e.g., Ion Equipment Corp. v. Nelson, 110 Cal.App.3d 868, 878-9, 168 Cal.Rptr. 361 (1980). “As commonly understood, a corporation ... is not susceptible to the injured ‘feelings’ associated with invasion of privacy torts.” Kennedy Funding, Inc., 2010 WL 4509805, at *5, 2010 U.S. Dist. LEXIS at *13-14 (N.D.Cal.2010) (citing Ion Equipment Corp., 110 Cal.App.3d at 878, 168 Cal.Rptr. 361). Because this deficiency cannot be cured by amendment, Claim Eight will be dismissed without leave to amend.

G. Unfair Competition Law

California Business and Professions Code § 17200 et seq., prohibits acts of unfair competition, including “any unlawful, unfair, or fraudulent business act or practice and unfair, deceptive, untrue, or misleading advertising.” Cal. Bus. & Prof.Code § 17200. This statute “was intentionally framed in its broad, sweeping language.” Cel-Tech Communications, Inc. v. Los Angeles Cellular Telephone Co., 20 Cal.4th 163, 181, 83 Cal.Rptr.2d 548, 973 P.2d 527 (1999). “[A] plaintiff must have suffered an ‘injury in fact’ or ‘lost money or property as a result of the unfair competition’ to have standing to pursue either an individual or a representative claim under California Unfair Competition Law.” Hall v. Time Inc., 158 Cal.App.4th 847, 849, 70 Cal.Rptr.3d 466 (2008).

To state a claim under the “fraudulent” prong of the UCL, a plaintiff must allege that the challenged practice is likely to deceive members of the public. Bardin v. Daimlerchrysler Corp., 136 Cal.App.4th 1255, 1274, 39 Cal.Rptr.3d 634 (2006). To support liability under the “unfair” prong, the conduct must either “offend[] an established public policy or [be] immoral, unethical, oppressive, unscrupulous, or substantially injurious to consumers” or be “tethered to specific constitutional, statutory or regulatory provisions.” Id. at 1268, 39 Cal.Rptr.3d 634. A violation of the “unlawful” prong of the UCL may be established by a variety of unlawful acts, including those practices prohibited by law, whether “civil or criminal, federal, state, [] municipal, statutory, regulatory, or court made.” Because as discussed above Holomaxx has yet to state a viable claim for any actionable wrongdoing, the UCL claim in its present form also is subject to dismissal.

IV. ORDER

Good cause therefore appearing, the motion to dismiss is GRANTED, WITH LEAVE TO AMEND as to Claims One through Seven and Claim Nine, and WITHOUT LEAVE TO AMEND as to Claim Eight. Any amended complaint shall be filed within (30) days of the date of this order.

IT IS SO ORDERED. 
      
      . This disposition is not designated for publication in the official reports.
     
      
      . The complaint originally named Microsoft and Return Path, Inc. as Defendants. Plaintiff voluntarily dismissed Defendant Return Path, Inc., on December 15, 2010. (Dkt. No. 18).
     
      
      . According to Microsoft’s feedback loop data, the aggregate complaint rate consistently is approximately 0.5%. (Compl. ¶ 19).
     
      
      .As described by Holomaxx, a “dynamic spam trap” involves monitoring e-mail addresses that an e-mail service provider believes were abandoned by individual users. Based on its monitoring activities an e-mail service provider will determine whether the emails being received by those accounts are spam. (Compl. ¶ 21).
     
      
      . Significantly, the number of messages that result in delivery to invalid addresses or in user opt-outs is calculated with the existing filtering technology and techniques in place. Had Microsoft's filters been inactive, it is reasonable to assume that the number of invalid deliveries and user opt-outs would be far greater than 0.5%.
     
      
      . This exception commonly is referred to as the "incorporation by reference doctrine.” See e.g., In re Silicon Graphics, Inc. Sec. Litig., 183 F.3d 970, 986 (9th Cir.1999).
     