Opinion
4:21-00309-CV-RK
05-02-2022
FOLEY INDUSTRIES, INC., Plaintiff, v. KAMMY NELSON, Defendant.
ORDER
ROSEANN A. KETCHMARK, JUDGE UNITED STATES DISTRICT COURT
Before the Court is Defendant Kammy Nelson's partial motion for judgment on the pleadings and motion to dismiss Count I for lack of subject matter jurisdiction. (Doc. 32.) Defendant brings the instant motion for partial judgment on the pleadings as to Counts IV and V under Rule 12(c) and motion to dismiss Count I under Rule 12(b)(1) of the Federal Rules of Civil Procedure. (Doc. 32). For the reasons below, Defendant's partial motion for judgment on the pleadings and motion to dismiss is GRANTED in part and DENIED in part.
Specifically, the Court holds as follows:
(1) Defendant's partial motion for judgment on the pleadings is DENIED as to Count IV (violation of the MCTA).
(2) Defendant's partial motion for judgment on the pleadings is GRANTED as to Count V (breach of the duty of loyalty).
(3) Defendant's partial motion for judgment on the pleadings is DENIED as to Plaintiff's prayer for permanent injunctive relief.
(4) Defendant's motion to dismiss for lack of subject matter jurisdiction is DENIED as to Count I (breach of contract).
Background
For purposes of analyzing Defendant's partial motion for judgment on the pleadings, the Court “accept[s] the allegations contained in the complaint as true and draw[s] all reasonable inferences in favor of the nonmoving party.” Cole v. Homier Distrib. Co., 599 F.3d 856, 861 (8th Cir. 2010) (citation and quotation marks omitted); Buckley v. Hennepin Cty., 9 F.4th 757, 760 (8th Cir. 2021).
Plaintiff serves as the exclusive Caterpillar dealer for Kansas and western Missouri, providing the sale and rental of construction equipment and equipment for the oil and gas industries. (Doc. 10 at ¶ 12.) On or about July 13, 2020, Defendant was hired as a Credit Manager for Plaintiff. (Id. at ¶ 15.) As part of her daily duties, Defendant managed the credit department and performed many tasks including exercising control over accounts receivable, performing credit underwriting, establishing bad debt reserves, managing past-due accounts, coordinating with Plaintiff's legal department, collaborating with internal customers, managing credit risks, and administering credit policies and standards. (Id. at ¶ 16.) As credit manager, Defendant had access to confidential and proprietary information belonging to Plaintiff and its customers. (Id. at ¶ 18.) To ensure protection of the confidential information, Plaintiff required Defendant to sign a nondisclosure agreement (“NDA”) as part of her employment. (Id. at ¶ 19.) On July 13, 2020, Defendant signed the agreement. (Id.) By the NDA's terms, Defendant was prohibited from disclosing the proprietary information of the company to anyone, except on a need-to-know basis, and was prohibited from using the proprietary information for her benefit. (Id. at ¶ 21.) Additionally, at the start of her employment, Defendant obtained and acknowledged a copy of Plaintiff's employee handbook, which noted that she was authorized to access and use Plaintiff's computers and information-technology system only for business purposes. (Id. at ¶¶ 22, 27.)
On January 15, 2021, Defendant received information indicating her employment with Plaintiff would be terminated on January 18, 2021. (Id. at ¶ 30.) After receiving that information, on or about January 15 through January 17, 2021, while at the office or using remote access to Plaintiff's computer systems, Defendant logged into the system on her company-issued computer and forwarded dozens of emails and documents from her Foley email account, KJNelson@foleyeq.com, to her personal email account, kammynelson@gmail.com. (Id. at ¶¶ 31, 32.) The forwarded emails contained Plaintiff's proprietary information and/or confidential information about and belonging to Plaintiff's customers. (Id. at ¶ 33.) Defendant then deleted the emails she forwarded to her personal account from her company-issued computer and/or Plaintiff's server. (Id. at ¶ 35.)
Additionally, Defendant modified and altered a number of emails, including one sent on January 13, 2021, by Plaintiff's Vice President of Sales, Jeff Fouraker, to Defendant's supervisor, Steve Liggett. (Id.at ¶¶ 33, 38.) The original email sent by Fouraker stated “Here's another.” (Id. at ¶ 38.) On or about January 16, 2021, Defendant altered and modified the original email to insert the statement “result of your credit nazi” after the text “Here's another.” (Id. at ¶ 39.) Defendant then forwarded this altered email to her personal email account as well. (Id.at ¶ 41.)
On January 18, 2021, Defendant's employment with Plaintiff was terminated, unrelated to the forwarding and altering of the emails. (Id. at ¶ 48.) After Defendant's termination, Plaintiff routinely attempted to secure its technology infrastructure and noticed unusual activity on Defendant's account. (Id. at ¶ 49.) Plaintiff then conducted an internal preliminary examination into the unusual activity and retained a third-party information technology expert to complete a forensic review of Defendant's company-issued computer devices and her Foley email account to determine the full scope of the unusual activity. (Id. at ¶¶ 50, 51.) Plaintiff alleges between its internal investigation, third-party forensic investigation, and associated legal fees, Plaintiff incurred over $35,000 in damages as a result of Defendant's actions. (Id. at ¶ 52.)
Plaintiff filed its First Amended Complaint (“FAC”) against Defendant on July 14, 2021, asserting claims for: breach of contract (Count I); violation of the Computer Fraud and Abuse Act, 18 U.S.C. § 1030, et seq. (Count II); (3) violation of the Stored Communications Act, 18 U.S.C. § 2701 et seq. (Count III); violation of the MCTA (Count IV); and breach of the duty of loyalty (Count V). The Court granted in part and denied in part Defendant's first motion to dismiss. (Docs. 13, 30.) The Court dismissed Count II (Computer Fraud and Abuse Act) and Count III (Stored Communications Act) for failing to state a claim for which relief may be granted. (Doc. 30.) But the Court denied the motion to dismiss as to Count I, Count IV, and Count V, finding they met the requirements for diversity jurisdiction under 28 U.S.C. §1332. (Id.)
In the instant motion, Defendant seeks judgment on the pleadings under Rule 12(c) as to Counts IV and V, and dismissal under Rule 12(b)(1) as to Count I for lack of subject matter jurisdiction.
Defendant further challenges the appropriateness of Plaintiff's prayer for permanent injunctive relief, alleging Plaintiff has failed to plead the requisite elements. (Doc. 33 at 7.) Defendant appears to confuse the prayer for relief in Plaintiff's FAC with a motion for a preliminary injunction or temporary restraining order. Injunctive relief, however, “is a remedy and not a cause of action.” Goerlitz v. City of Maryville, 333 S.W.3d 450, 455 (Mo. banc 2011). Accordingly, Defendant is not entitled to its request for judgment on the pleadings as to Plaintiff's prayer for permanent injunctive relief as pleaded in its FAC.
Legal Standards
Under Rule 12(c), “[after the pleadings are closed - but early enough not to delay trial -a party may move for judgment on the pleadings.” A party may assert a claim the complaint fails to state a claim upon which relief can be granted in a Rule 12(c) motion for judgment on the pleadings. Rule 12(h)(2)(B). The standard of review for judgment on the pleadings under Rule 12(c) is the same as dismissal in Rule 12(b)(6). Buckley, 9 F.4th at 760 (citing Westcott v. City of Omaha, 901 F.2d 1486, 1488 (8th Cir. 1990)). To survive a motion to dismiss, a complaint must allege “enough facts to state a claim to relief that is plausible on its face.” Bell Atl. Corp. v. Twombly, 550 U.S. 544, 570 (2007). A claim is plausible if “the plaintiff pleads factual content that allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged.” Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009). The Court “accept[s] the allegations contained in the complaint as true and draw[s] all reasonable inferences in favor of the nonmoving party.” Cole, 599 F.3d at 861 (citation and quotation marks omitted). “In addressing a motion to dismiss, [t]he court may consider the pleadings themselves, materials embraced by the pleadings, exhibits attached to the pleadings, and matters of public record.” Illig v. Union Elec. Co., 652 F.3d 971, 976 (8th Cir. 2011) (citation and quotation marks omitted).
Discussion
I. Count IV - MCTA Claim
Defendant brings a partial motion for judgment on the pleadings as to Count IV for failure to state a claim under the MCTA. Defendant argues the MCTA is narrower than its federal counterparts because it applies only to persons who act “without authorization.” (Doc. 33 at 4.) Therefore, Defendant contends Plaintiff's “claim under the MCTA fails for the same reasons as its claims under the analogous federal anti-hacking statutes that were previously dismissed by the Court for failure to state a claim.” (Doc. 33 at 3.)
Even though Van Buren v. United States, 141 S.Ct. 1648 (2021), has yet to be cited by a single Missouri court, Defendant argues the MCTA should be interpreted consistent with Van Buren. (See Doc. 37 at 6.) Defendant claims “[t]here is no reason to believe in this case that Missouri courts would not apply the principles of Van Buren to limit the scope of the MCTA in the same fashion as the analogous federal statutes.” (Id. at n.5 (citing State ex rel. Jackson v. Dolan, 398 S.W.3d 472 (Mo. banc 2013), and State v. Mullenix, 73 S.W.3d 32, (Mo.Ct.App. 2002)).) In both Dolan and Mullenix, the courts addressed provisions of the U.S. Constitution and analogous provisions of the Missouri Constitution. The Dolan court noted that “provisions of our state constitution may be construed to provide more expansive protections than comparable federal constitutional provisions, [and] analysis of a section of the federal constitution is strongly persuasive in construing the like section of our state constitution.” 398 S.W.3d at 478 (citation and quotation marks omitted). Defendant's reliance on Dolan and Mullenix to support her argument is misplaced. This case does not involve the interpretation of analogous federal and state constitutional provisions, and Defendant offers no reason why that constitutional analysis should apply to analogous federal and state statutory provisions. Nothing in Dolan or Mullenix supports a federal court applying a federal statutory interpretation to a Missouri statute before a Missouri court has done so itself. Accordingly, the Court declines to apply the reasoning and holding of Van Buren to this case.
Section 537.525 of the MCTA provides a civil remedy for violations of § 569.095, RSMo. Section 537.525 provides:
In addition to any other civil remedy available, the owner or lessee of the computer system, computer network, computer program, computer service or data may bring a civil action against any person who violates sections 569.095 to 569.099 for compensatory damages, including any expenditures reasonably and necessarily incurred by the owner or lessee to verify that a computer system, computer network, computer program, computer service, or data was not altered, damaged, or deleted by the access.§ 537.525.1. Section 569.095 provides, in relevant part:
A person commits the offense of tampering with computer data if he or she knowingly and without authorization or without reasonable grounds to believe that he has such authorization:
(1) Modifies or destroys data or programs residing or existing internal to a computer, computer system, or computer network; or
(2) Modifies or destroys data or programs or supporting documentation residing or existing external to a computer, computer system, or computer network; or
(3) Discloses or takes data, programs, or supporting documentation, residing or existing internal or external to a computer, computer system, or computer network; or
(4) Discloses or takes a password, identifying code, personal identification number, or other confidential information about a computer system or network that is intended to or does control access to the computer system or network;
(5) Accesses a computer, a computer system, or a computer network, and intentionally examines information about another person;
(6) Receives, retains, uses, or discloses any data he knows or believes was obtained in violation of this subsection.§ 569.095.1.
Defendant relies primarily on InfoDeli, LLC v. W. Robidoux, Inc. to support her conclusion that the MCTA applies only to persons who act “without authorization.” (See Doc. 33 at 4 (citing No. 4:15-CV-00364-BCW, 2020 WL 1853699, at *8 (W.D. Mo. Feb. 28, 2020)).) The InfoDeli court characterized the MCTA as “a civil cause of action for the owner or lessee of electronically- stored data that is improperly accessed.” 2020 WL 1853699, at *8. Defendant argues the phrase “improperly accessed” demonstrates civil liability arises only when a “defendant act[s] without authorization in accessing” information. (See Doc. 33 at 4 (citing InfoDeli, 2020 WL 1853699, at *9) (“Regardless of the statutory section under which a claim for violation of the MCTA might arise, InfoDeli must demonstrate that WRI acted ‘knowingly and without authorization' or ‘knowingly and . . . without reasonable grounds to believe' it had authorization”).) Further, Defendant argues the “without reasonable grounds” provision of § 569.095
appears to be a safe harbor provision that would save someone from criminal or civil liability who accessed a computer under a mistake [of] fact where the person was not actually authorized to access the system but reasonably believed such authorization had been given. In any event, a fundamental requirement for liability under the statute is that a person accesses a computer system without authorization (either actual or reasonably apparent).(Id. at 4 n.1.) Accordingly, Defendant contends Plaintiff's MTCA claim fails because the allegations show “Nelson was authorized to access her work email through her work computer.” (Id. at 5.)
In opposition, Plaintiff argues “[n]owhere in any part of the MCTA is there any language providing that a person must first access a computer system or data without authorization and then modify it, as Defendant suggests.” (Doc. 36 at 3.) Specifically, Plaintiff claims “only one of the six actions [in §569.095] is based on unauthorized access.” (Id.) Defendant argues in reply that § 537.525's civil remedy “is more limited and requires unauthorized access as an essential element of the claim.” (Doc. 37 at 2.).
However, § 537.525 uses only the word “access” and does not indicate whether or not that access must be unauthorized. More importantly, the word “access” appears in a phrase addressing the availability of damages, not describing the elements of an MCTA violation. See § 537.525.1 (authorizing compensatory damages for costs incurred to “verify that a computer system, computer network, computer program, computer service, or data was not altered, damaged, or deleted by the access”). In other words, § 537.525 provides only a civil remedy for violations of § 569.095, it does not limit or expand the scope of violations under § 569.095.
Thus, the central question - and the question left unanswered by both parties - concerns the meaning of “without authorization or without reasonable grounds to believe that he has such authorization.” § 569.095. Two Missouri cases, Western Blue Print Co., LLC v. Roberts, 367 S.W.3d 7, 12 (Mo. banc 2012), and ATD Tools, Inc. v. Fisher, No. 4:21-CV-00108-SRC, 2021 WL 533734 (E.D. Mo. Feb. 12, 2021), inform the Court's interpretation of the statutes here.
In Western Blue, the court denied a defendant's a motion for summary judgment as to the plaintiff's MCTA claim. 367 S.W.3d 7 at 12. The defendant was the vice president of Western Blue Print Co., and had access to information concerning revenues, costs, profits, and salaries, as well as proprietary and confidential information. Id. After the defendant left to work for a competitor, Western Blue discovered 47, 203 files had been deleted from the defendant's laptop, including emails containing “customer names, company names, contacts, telephone numbers, email addresses, sales activities, and related notes.” Id. at 21. Further, the defendant “left her employ with possession of two compact discs” containing many of the files deleted from the laptop. Id. Western Blue sued under § 537.525.1 of the MTCA. In denying the defendant's motion for summary judgment as to the MTCA claim, the Western Blue court noted:
While the jury could have inferred that [defendant] was authorized to retain these copies because they were made in the regular course of business, an equally permissible inference is that she retained these files after deleting them from her laptop in an effort to undermine Western Blue's ability to bid successfully on the university contract, or conversely, to aid DocuCopy in making its bid, which would be an unauthorized purpose.Id. at 22. The question in Western Blue was not whether the defendant's access was unauthorized. As vice president, the defendant was authorized to access all the deleted and copied information. Instead, the court recognized that destruction or use of information for an “unauthorized purpose” was cognizable as violating § 569.095 even if the conduct otherwise occurred during the regular course of business with authorized access. See id.
In ATD Tools, the court analyzed the MCTA in the context of a motion for a temporary restraining order. 2021 WL 533734 at *1. The defendant was employed by the plaintiff. Id. As a condition of employment, the defendant “agreed to utilize confidential information only for the benefit of [the plaintiff].” Id. However, before ending his employment, the defendant “deleted and destroyed almost all emails in his account from the two years prior to his departure, ” and “transferred [the plaintiff's] information and documents to his own storage devices or accounts, ” including “information outside the scope of [defendant's] job duties with [the plaintiff], which he was not authorized to access or use.” Id. at *2. In holding there was a reasonable likelihood of success on the merits of the plaintiff's MCTA claim, the court stated only that the defendant “deleted data from [the plaintiff's] computer system and copied [the plaintiff's] confidential information to an external electronic storage device.” Id. at *5. The ATD Tools court considered both information the defendant was authorized to access - i.e., his email account - and information he was unauthorized to access. See id. Thus, unauthorized access is not the only relevant consideration when considering violations of the MCTA. See also InfoDeli, 2020 WL 1853699, at *8 (using the phrase “improperly accessed” to describe the conduct covered by §§ 537.525 and 569.095).
The Court finds the meaning of “without authorization or without reasonable grounds to believe that he has such authorization” includes using information for an unauthorized purpose, even if the individual making such use was authorized to access that information. For purposes of this partial motion for judgment on the pleadings then, the Court will determine whether Plaintiff has alleged an unauthorized purpose, not simply whether access was unauthorized.
Based on the allegations in Plaintiff's complaint, the Court finds that Plaintiff has plausibly stated a claim that Defendant used the information for an “unauthorized purpose.” On January 15, 2021, Defendant received information indicating her employment with Plaintiff would be terminated on January 18, 2021. (Doc.10 at ¶ 30.) On or about January 15 through January 17, 2021, Defendant forwarded dozens of emails and documents from her Foley email account to her personal email account. (Id. at ¶¶ 31, 32.) Defendant then deleted the emails she forwarded to her personal account from her company-issued computer and/or Plaintiff's server. (Id. at ¶ 35.) Additionally, Defendant modified and altered a number of emails. (Id. at ¶¶ 37.) Defendant used Plaintiff's computers and information-technology system but was limited to doing so for business purposes. (Id. at ¶ 27.) Defendant was prohibited from disclosing the proprietary information of the company to anyone and was prohibited from using the proprietary information for her benefit. (Id. at ¶ 21.) The forwarded emails contained Plaintiff's proprietary information and/or confidential information about and belonging to Plaintiff's customers. (Id. at ¶ 33.) On these alleged facts, drawing all reasonable inferences in Plaintiff's favor, Plaintiff's FAC alleges the use of information for an “unauthorized purpose.”
Accordingly, Defendant's motion for judgment on the pleadings as to Count IV is denied.
II. Count V - Breach of the Duty of Loyalty
In Count V, Plaintiff alleges Defendant breached her fiduciary duty of loyalty. In Missouri, “every employee owes his or her employer a duty of loyalty.” Scanwell Freight Express STL, Inc. v. Chan, 162 S.W.3d 477, 479 (Mo. banc 2005). “Activities that constitute a breach of the duty of loyalty in this respect include using confidential information peculiar to the employer's business, soliciting customers before the end of the employment or other acts that result in direct competition.” Western Blue, 367 S.W.3d at 17 (citing Scanwell, 162 S.W.3d at 480). Importantly, a breach of the duty occurs “when the employee goes beyond the mere planning and preparation and actually engages in direct competition.” Id.
Based on the allegations in Plaintiff's FAC, the Court finds Plaintiff has failed to plausibly state a claim for breach of fiduciary duty. Plaintiff alleges:
With [Defendant's] possession of [Plaintiff's] Proprietary Information, [Plaintiff] is at risk of [Defendant] providing this information to competitors or otherwise using the information for her own or a third-party's benefit, in direct contravention of the duties and obligations set forth in the Non-Disclosure Agreement and Employee Handbook and under the law.(Doc. 10 ¶ 56.) Plaintiff states only that Defendant possesses proprietary information. Plaintiff has failed to allege, however, that Defendant has “us[ed] confidential information peculiar to the employer's business” in direct competition. Plaintiff's argument that it does not know the “extent [to] which Defendant has misused its confidential information” because they have received “inconsistent, contrary, or implausible responses as to what she has since done with the Proprietary Information she forwarded to her personal email account” is insufficient to allege direct competition. (See Docs. 36 at 9; 10 ¶ 54.)
Even accepting Plaintiff's allegations as true, the FAC fails to allege Defendant is “actually engag[ing] in direct competition.” See Western Blue, 367 S.W.3d at 17. Accordingly, Defendant's motion for judgment on the pleadings as to Count V is granted.
III. Count I - Breach of Contract
Because judgment on the pleadings as to Count IV was denied, Defendant's assertion that Count I “by itself is insufficient to establish the requisite amount in controversy of more than $75,000 for purposes of federal diversity jurisdiction under 28 U.S.C. § 1332(a)” can no longer stand. (See Doc. 33 at 8.) The Court stated in its previous order that
[g]enerally, a complaint that alleges the jurisdictional amount in good faith will suffice to confer jurisdiction, but the complaint will be dismissed if it appears to a legal certainty that the claim is really for less than the jurisdictional amount.” Larkin v. Brown, 41 F.3d 387, 388 (8th Cir. 1994). “The legal certainty standard is met where the ‘legal impossibility of recovery [is] so certain as virtually to negative the plaintiff's good faith in asserting the claim.'” Schubert v. Auto Owners Ins. Co., 649 F.3d 817, 822 (8th Cir. 2011) (quoting JTH Tax, Inc. v. Frashier, 624 F.3d 635, 638 (4th Cir. 2010)).(Doc. 30 at 10.) Because Count IV remains, Plaintiff still alleges actual damages of $35,000.
The Court notes as before,
[t]o satisfy the federal jurisdictional amount, Plaintiff relies on its requests for injunctive relief damages, punitive damages for Defendant's breach of duty of loyalty, and attorney's fees under the MCTA. Although Plaintiff does not allege facts showing that its claim for injunctive relief, punitive damages, or attorney's fees would exceed $75,000, it is not legally impossible that Plaintiff could recover at least that amount. See [Peterson v. Travelers Indem. Co., 867 F.3d 992, 995 (8th Cir. 2017) (citing Crawford v. F. Hoffman-La Roche Ltd., 267 F.3d 760, 766 (8th Cir. 2001))] (retaining subject matter jurisdiction on a claim where plaintiff only alleged $5,000 in medical damages plus tort damages, punitive damages, and attorney's fees because, although plaintiff had not alleged facts showing her tort or punitive damages or attorney's fees would exceed $75,000, it was not legally impossible for plaintiff to recover at least that amount).(Id. at 11.) Accordingly, because the Court retains subject matter jurisdiction over Count I, Defendant's motion to dismiss for lack of subject matter jurisdiction is denied.
Conclusion
After careful consideration and for the reasons above, the Court ORDERS as follows:
(1) Defendant's partial motion for judgment on the pleadings is DENIED as to Count IV (violation of the MCTA).
(2) Defendant's partial motion for judgment on the pleadings is GRANTED as to Count V (breach of the duty of loyalty).
(3) Defendant's partial motion for judgment on the pleadings is DENIED as to Plaintiff's prayer for permanent injunctive relief.
(4) Defendant's motion to dismiss for lack of subject matter jurisdiction is DENIED as to Count I (breach of contract).