Automattic Hit with Class Action over WP Engine Dispute

> There's no deception involved as far as I can tell

155 pages of deception here: https://wpengine.com/wp-content/uploads/2024/11/51-2.pdf Page 32 "Defendants Conceal the Truth Regarding the WordPress Directory" and page 73 "Wrongfully Expropriate WPE’s Most Popular Plugin" are particularly related. (The part where Matt decides to take over WP Engine's popular plugin and rename it, taking all their customers and reviews is particularly egregious)

When you file a lawsuit you initially make every argument you might possibly want to use in your initial filing, knowing some of them will be whittled down. Pretty much every lawsuit ever includes some claims that are a bit of a stretch, because the lawyers need to CYA. If you fail to make the argument you may be precluded from introducing it later, so it's just safer to include it now.

> There's no deception involved as far as I can tell

Whether it is germane to the case or not, there was plenty of deception:

When the rights were transferred to the WPF, Matt didn't disclose that the Foundation was essentially just him, and the two other nominal members were effectively absent.

When the rights were transferred, and a big deal was made of this, "It now belongs to the WPF, which ensures that no commercial entity or interest can affect what should be a community project", there was no mention of how, on that same day the WPF silently granted a "irrevocable, non-expiring, exclusive universal commercial licence" to Automattic.

Matt repeatedly would refer to wp.org as a community resource and not his, until push came to shove, and "no, actually, it's exclusively mine and has nothing to do with Automattic or the WPF".

And several other examples. Apropos of anything else, there has been deception.

What you are missing is that this whole drama is costing peoples whose business model is to help companies adopt and maintain wordpress. I have friends who lost their leads and existing clients over this drama. So no, its not as easy as this.

Can I ask based on what?

Just previous knowledge or by reading the claims here?

Why aren't costs involved with a mitigation actual damages?

I'n not sure this is the correct lawsuit to demonstrate this.

So hypothetically, if say you lent a key to a handyman and then they posted a photo on it to twitter it seems pretty reasonable for them to cover the costs of replacing the locks. As opposed to having to wait for somebody to rob you and then trying to show that the robber did so from the photo.

>"I could have been hacked, so I had to spend time/money on it" isn't actual damages

Sure it is. Money was spent that wouldn't have been if the situation didn't happen.

I have received class action settlement payments from Verizon, Apple, and others for things I hardly noticed at the time. So maybe your idea of what precedent considers “damages” here is incomplete.

I imagine it would be sufficient to show that he had to spend time or money analyzing the security impact of the event.

Sounds like actual damages to me.

If you break my door lock I'm pretty sure I can't just leave my door wide open for months and then sue you for all of my stuff that got stolen. I need to fix the lock. And ask you to pay for that. Also not a lawyer, but pretty sure you've got to proactively mitigate your damages.

Realistically, this is just going to piggy back on WPEngine's lawsuit.

However, there were customers who migrated to other hosts because of the potential security risk. That is an actual damage. There are people who lost contracts because their potential client chose software other than WordPress. That is an actual damage. There are lots of actual damages that occurred.

There is actually an important legal distinction between could and would. He just undermined his own case.

Disclosure: I've worked at WPE.

Consider that WP Engine's business model revolves around WordPress being a problematic platform for their customers in one way or another. They support sites that would otherwise need to be replaced if it were to continue being scaled. This keeps those customers, the whales, in the WordPress ecosystem.

Plugin and theme developers, digital marketing agencies, and independent web developers continue to put food on the table because of a market that otherwise wouldn't exist. This is healthy for the ecosystem.

Conversely, Matt used that market, the users, as leverage against WP Engine. He caused a deep loss of trust in WordPress as a platform for any serious business. He acted in spite of the community.

I don't think WP Engine is particularly "good", but they don't weaponize users for business goals under the guise of altruism.

Not the only WordPress host and they have no obligation to anything for an open source project.

This story isn't about them it's about their customers who chose to use their service and how Matt chose to make them collateral damage. That choice has consequences which is what this is.

Was WordPress not a fork of someone else's work? Why the double standard?

WP Engine is acting scummy and all, but this is the shadow side of releasing projects as open source. You can't force the people using the freedoms you're granting them to pay you or support you. If you don't like it when people take your code and build a competing business with it, pick a license that (effectively) prevents doing that. With some licenses you can at least get the additions they make out of them under the same license (AGPL and such).

WP Engine is ungrateful and generally kind of shit, but they did nothing that WordPress didn't allow. WordPress acted needlessly aggressive and conflated the business side of their operation with the non-profit side of their operation, which is why WP Engine has a legal basis to sue them over in the first place. WordPress has gathered a lot of good will for being open source and having a non-profit that maintains tooling, but if they don't respect the freedoms that made them popular, they're going to lose out in the end.

I don't have a horse in this race and I'd have to back WordPress if I had to make a decision, but neither party in this conflict is the good guy here.

All of that said, the true vultures here are the lawyers and companies organising the class action lawsuit. All of the customers they "represent" are doing it for a quick buck, and the lawyers are more than willing to blow up Automaticc and WordPress to get their pay day even if it means WordPress will no longer be maintained by anyone. Whatever side you're on, winning this class action lawsuit means everybody but the lawyers lose.

There are several other issues with this, but "1. entered into a formal agreement with the project’s maintainers"

You are aware (well, maybe you're not, because the WPF certainly has never announced it) that this would be ... difficult, because the same day the WPF was granted ownership over the WP "entity", it granted an exclusive, irrevocable, universal sole commercial license to Automattic.