Opinion
CIVIL ACTION NO. 20-2970 SECTION "R" (2)
04-01-2021
ORDER AND REASONS
Before the Court is plaintiff SMH Enterprises, L.L.C. and third-party defendant Conway Solomon's motion to dismiss defendant Krispy Krunchy Foods, L.L.C.'s ("KKF") counterclaims and third-party claims under Rule 12(b)(6). KKF opposes the motion. For the following reasons, the Court grants the motion in part and denies it in part.
R. Doc. 42.
R. Doc. 23.
R. Doc. 76.
I. BACKGROUND
This case arises from an alleged misappropriation of trade secrets. In a complaint filed on November 2, 2020, plaintiff SMH, a software company, alleges that it built an employee-training software platform for defendant Krispy Krunchy Foods ("KKF"), which sells products to numerous Krispy Krunchy Chicken fast food restaurants. SMH states that KKF, working with defendants Parthenon Software Group, Inc. and Andrew Schmitt, misappropriated information from SMH's software and used that information to develop its own, competing employee-training platform. SMH sued KKF, Parthenon, and Schmitt for alleged violations of federal and Louisiana law.
R. Doc. 1.
Id. at 3, ¶¶ 5-6, 5-7, ¶¶ 9-17.
Id. at 14-15, ¶¶ 29-31.
See id. at 18-29.
In the complaint, SMH alleged that Solomon, one of its partners, logged into KKF's new platform, purportedly to "view the new system." Now, KKF brings counterclaims against SMH and third-party claims against Solomon. First, KKF alleges that Solomon, acting on SMH's behalf, violated the Computer Fraud and Abuse Act, 18 U.S.C. § 1030 ("CFAA"), when he logged into the new KKF system. Second, KKF alleges that, pursuant to a "Proposed Scope of Work" ("SOW"), SMH had contractual obligations to deliver and maintain an effective employee-training platform. KKF alleges breach of contract under Louisiana law, contending that SMH provided a defective platform, and that SMH failed to satisfy its obligation to maintain it. Finally, KKF brings a claim for redhibition under Louisiana law against SMH as manufacturer of the allegedly deficient training platform.
Id. at 14, ¶ 29.
R. Doc. 23.
Id. at 4-5, ¶¶ 17-25.
Id.at 5, ¶¶ 27-28.
Id. at 5-6, ¶¶ 26-33.
Id. at 6-7, ¶¶ 34-40.
II. LEGAL STANDARD
Plaintiff's motion to dismiss defendant's counterclaim and third-party complaint is brought under Federal Rule of Civil Procedure 12(b)(6). To survive a Rule 12(b)(6) motion to dismiss, a party must plead enough facts to "state a claim to relief that is plausible on its face." Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009) (quoting Bell Atlantic Corp. v. Twombly, 550 U.S. 544, 547 (2007)). A claim is facially plausible when the party "pleads factual content that allows the court to draw the reasonable inference that the [opposing party] is liable for the misconduct alleged." Id. at 678. The Court must accept all well-pleaded facts as true and must draw all reasonable inferences in favor of the nonmoving party. Lormand v. U.S. Unwired, Inc., 565 F.3d 228, 239, 244 (5th Cir. 2009). But the Court is not bound to accept as true legal conclusions couched as factual allegations. Iqbal, 556 U.S. at 678.
On a Rule 12(b)(6) motion, the Court must limit its review to the contents of the pleadings, including attachments. Brand Coupon Network, L.L.C. v. Catalina Mktg. Corp., 748 F.3d 631, 635 (5th Cir. 2014). The Court may also consider documents attached to a motion to dismiss or an opposition to that motion when the documents are referred to in the pleadings and are central to a [party's] claims. Id.
III. DISCUSSION
A. Computer Fraud and Abuse Act
The CFAA provides for criminal and civil liability for a violation, which generally involves accessing a computer without authorization or in excess of authorization, and then taking proscribed actions, such as obtaining information, or damaging a computer or computer data. 18 U.S.C. §§ 1030(a), (g); see LVRC Holdings LLC v. Brekka, 581 F.3d 1127, 1131 (9th Cir. 2009). To bring a civil action, a "person who suffers damage or loss by reason of a violation of" § 1030 must show a violation of the act and one of the following factors:
(I) loss to 1 or more persons during any 1-year period (and, for purposes of an investigation, prosecution, or other proceeding brought by the United States only, loss resulting from a related course of conduct affecting 1 or more other protected computers) aggregating at least $5,000 in value;
(II) the modification or impairment, or potential modification or impairment, of the medical examination, diagnosis, treatment, or care of 1 or more individuals;18 U.S.C. §§ 1030(c)(4)(A)(i)(I)-(V), (g). KKF alleges loss of at least $5,000, and that Solomon and SMH violated two provisions of the CFAA: § 1030(a)(2) and § 1030(a)(4).
(III) physical injury to any person;
(IV) a threat to public health or safety; [or]
(V) damage affecting a computer used by or for an entity of the United States Government in furtherance of the administration of justice, national defense, or national security . . . .
To bring a civil claim for a violation of § 1030(a)(2), KKF must allege that SMH and Solomon (1) intentionally accessed a computer, (2) without authorization or exceeding authorized access, and (3) the defendants thereby obtained information, (4) from a "protected computer," and (5) there was a loss of at least $5,000 to one or more persons. 18 U.S.C. §§ 1030(a)(2), (g); Brekka, 581 F.3d at 1132; Absolute Energy Sols., LLC v. Trosclair, No. 13-3358, 2014 WL 360503, at *2 (S.D. Tex. Feb. 3, 2014).
KKF's allegations essentially track the required elements under § 1030(a)(2). First, KKF states that "Solomon, on behalf of SMH, intentionally accessed" KKF's servers. Second, KKF alleges that Solomon acted "without prior authorization and after [the] relationship between SMH and KKF that would have entitled SMH or Solomon to access KKF's servers was terminated." Third, KKF avers that Solomon "obtained information from [the servers] regarding the KKF Platform and its appearance, as well as the personal information of third parties . . . , and possibly other confidential proprietary information." Fourth, KKF states that its servers are a "protected computer," i.e., a "computer" that is "used in or affecting interstate . . . or communication." 18 U.S.C. § 1030(e). Finally, KKF alleges that it suffered damages in excess of $5,000 as a result of SMH's and Solomon's activities, including funds it has and will expend for "additional security measures and forensic searches to ensure that SMH has not compromised the integrity of the KKF platform and to learn what other data SMH may have accessed."
R. Doc. 23 at 4, ¶ 19.
Id.
Id.at ¶ 20.
Id. at ¶ 21-22.
The CFAA defines a "computer" as "an electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions, and includes any data storage facility or communications facility directly related to or operating in conjunction with such device . . . ." 18 U.S.C. § 1030(e)(1).
R. Doc. 23 at 5, ¶ 24.
i. Authorization
In their motion to dismiss, SMH and Solomon primarily contest the sufficiency of KKF's allegations as to the second element. They argue that KKF fails to allege that Solomon acted "without authorization" or "exceed[ed] authorized access." 18 U.S.C. § 1030(a)(2). As the Fifth Circuit has found, the term "without authorization" in the CFAA—which is not expressly defined—has the same meaning as in the dictionary: "without permission." United States v. Thomas, 877 F.3d 591, 595 (5th Cir. 2017) (citing Brekka, 581 F.3d at 1133). The CFAA defines "exceeds authorized access" as "access[ing] a computer with authorization and [using] such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter." 18 U.S.C. § 1030(e)(6). In United States v. Nosal, 676 F.3d 854, 858 (9th Cir. 2012), the Ninth Circuit interpreted the term "without authorization" to apply to "outside hackers (individuals who have no authorized access to the computer at all"). In contrast, according to the Ninth Circuit, "exceeds authorized access" applies to "inside hackers (individuals whose initial access to a computer is authorized but who access unauthorized information or files"). Id.
R. Doc. 42-1 at 7-10.
Here, KKF alleges that Solomon had no authorization at all. Solomon and SMH argue that Solomon used still-valid login credentials, and because KKF has not alleged that it revoked those credentials, they contend that KKF fails to plead that Solomon lacked authorization.
R. Doc. 23 at ¶ 19.
R. Doc. 42-1 at 7-9.
The Ninth Circuit dealt with a similar situation in LVRC Holdings LLC v. Brekka, 581 F.3d at 1127, a decision relied on by numerous courts, including the Fifth Circuit in Thomas, 877 F.3d at 595, in interpreting the CFAA. In Brekka, the Ninth Circuit noted that "a person uses a computer 'without authorization' under [the CFAA] when the [entity entitled to give authorization] has rescinded permission to access the computer and the [person] uses the computer anyway." 581 F.3d at 1135. In Brekka, plaintiff LVRC sued its former employee, Christopher Brekka, for violations of the CFAA. Id. at 1129-30. While Brekka was working for LVRC, the company gave Brekka login credentials to its website. Id. LVRC contended that, while still employed with LVRC, Brekka violated the CFAA by using his credentials to access sensitive information, download it, and email it to himself on an external account. Id. at 1132-35. Additionally, LVRC alleged that Brekka violated the CFAA after the employment relationship had terminated by using his login credential to access its information. Id. at 1136-37.
The Ninth Circuit rejected the first argument, finding that Brekka "had permission to access the computer," when he used his valid credentials as an employee of LVRC to access sensitive information. Id. at 1133. As to the second argument, the Ninth Circuit noted that "[t]here is no dispute that if Brekka had accessed LVRC's information . . . after he left the company . . . [he] would have accessed a protected computer 'without authorization' for the purposes of the CFAA." Id. at 1136. Nevertheless, the Ninth Circuit affirmed summary judgment for Brekka because LVRC did not introduce sufficient evidence to create an issue of material fact on the question of whether it was Brekka who had used his credentials to log in to LVRC's system. Id. at 1137.
Here, KKF alleges it terminated the relationship with SMH in November 2019. It also alleges that Solomon accessed KKF's servers after the relationship ended. KKF further alleges the termination ended any authorization to access its servers that would have arisen by virtue of the former relationship between the companies. The Court finds that KKF has adequately alleged that Solomon and SMH accessed its servers "without authorization." Cf. Brekka, 581 F.3d at 1136.
R. Doc. 23 at 3, ¶ 14.
Id. at 4, ¶ 19.
Id. at ¶ 16.
ii. Loss
Additionally, Solomon and SMH argue that KKF fails to allege that its losses exceed the $5,000 threshold. The CFAA defines loss as "any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service." 18 U.S.C. § 1030(e)(11). This definition includes two types of loss: (1) the direct costs of responding to a violation of the CFAA, and (2) consequential damages resulting from interruption of service. See Complete Logistical Servs., LLC v. Rulh, 350 F. Supp. 3d 512, 522 (E.D. La. 2018) (collecting cases). Here, KKF has plausibly alleged that it incurred over $5,000 in costs in responding to Solomon's allegedly unauthorized access—the first type of loss under § 1030(e)(11). Specifically, KKF states that it suffered damages exceeding $5,000 in "additional security measures and forensic searches to ensure that SMH has not compromised the integrity of the KKF Platform and to learn what other data SMH may have accessed." Because the Court finds that KKF has sufficiently pleaded that Solomon and SMH accessed its servers without authorization and incurred losses over $5,000, and because KKF sufficiently alleges the remaining elements under § 1030(a)(2), the Court denies the motion to dismiss these claims.
R. Doc. 42-1 at 9-10.
Id. at 5, ¶ 24.
Under § 1030(a)(4), KKF must plead that Solomon and SMH (1) accessed a "protected computer," (2) without authorization or exceeding such authorization that was granted, (3) "knowingly" and with "intent to defraud," (4) thereby furthering the intended fraud and obtaining anything of value, and (5) causing a loss to one or more persons during any one-year period aggregating at least $5,000 in value. 18 U.S.C. §§ 1030(a)(4), (g); Brekka, 581 F.3d at 1132; Absolute Energy Sols., LLC, 2014 WL 360503, at *2.
Claims under § 1030(a)(2) and § 1030(a)(4) are similar, and plaintiffs that allege violations of the CFAA often sue under both provisions. The Tenth Circuit, in United States v. Willis, 476 F.3d 1121, 1126 (10th Cir. 2007), noted two main differences between the pertinent subsections. First, subsection (a)(4), unlike (a)(2), requires "that a person act with the specific intent to defraud." Id. Second, a person violates subsection (a)(2) by merely obtaining "information," while (a)(4) requires that the person obtain "anything of value." Id.
Additionally, criminal violations of (a)(2) and (a)(4) are punished differently. Id. A person who violates subsection (a)(2) is subject to a maximum of one year in prison unless, for example, the value of the information obtained exceeds $5,000, in which case he or she is subject to up to five years' imprisonment. 18 U.S.C. § 1030(c)(2). In contrast, a person who violates subsection (a)(4) by obtaining anything of value—regardless of its value—is subject to five years' imprisonment. 18 U.S.C. § 1030(c)(3). Thus, "if a person knowingly and with the intent to defraud accesses a protected computer and by means of such conduct furthers the intended fraud and obtains information valued at only $1,000, for example, he would nevertheless be subject to the stricter penalty provided for under § 1030(c)(3)." Willis, 467 F.3d at 1126.
A person does not violate § 1030(a)(4) when "the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period." 18 U.S.C. § 1030(a)(4).
i. Pleading standard
As a general matter, the Fifth Circuit holds that Rule 9(b) applies to claims involving allegations of fraud. Williams v. WMX Techs., Inc., 112 F.3d 175, 177 (5th Cir. 1997). Rule 9(b) provides that "[i]n alleging fraud or mistake, a party must state with particularity the circumstances constituting fraud or mistake." Fed. R. Civ. P. 9(b). But "[m]alice, intent, knowledge, and other conditions of a person's mind may be alleged generally." Id.
In contrast, the general rule, Federal Rule of Civil Procedure 8(a), requires only "a short and plain statement of the claim showing that the pleader is entitled to relief."
The Fifth Circuit has held that Rule 9(b) applies to claims of state fraud, federal securities fraud, and RICO claims based on predicate offenses of mail or wire fraud. Williams, 112 F.3d 175, 177 (state fraud); Tuchman v. DSC Communications Corp., 14 F.3d 1061, 1068 (5th Cir. 1994) (securities fraud); Tel-Phonic Serv., Inc. v. TBS Int'l, Inc., 975 F.2d 1134, 1139 (5th Cir. 1992) (RICO). In those contexts, to satisfy Rule 9(b), a plaintiff must allege the "time, place[,] and contents of the false representations, as well as the identity of the person making the misrepresentation and what [that person] obtained thereby." Williams, 112 F.3d at 177. But, the Fifth Circuit has noted that "Rule 9(b)'s ultimate meaning is context-specific, and thus there is no single construction of Rule 9(b) that applies in all contexts." U.S. ex rel. Grubbs v. Kanneganti, 565 F.3d 180, 188 (5th Cir. 2009) (internal quotation marks and citation omitted) (applying a "flexible" construction to claims under the False Claims Act).
Neither the Fifth Circuit nor any other circuit court has addressed whether Rule 9(b) applies to civil claims under § 1030(a)(4). The district courts that have considered the question are split on whether Rule 9(b)'s heightened pleading standard applies. For example, in Motorola, Inc. v. Lemko Corp., 609 F. Supp. 2d 760, 765 (N.D. Ill. 2009), and Oracle America, Inc. v. Service Key, LLC, No. 12-790, 2012 WL 6019580, at *6 (N.D. Cal. Dec. 3, 2012), the courts held that Rule 9(b) does not apply to the scienter element of § 1030(a)(4), but it "plainly" applies to the requirement that "the defendant's acts further the intended fraud." Other courts, including the court in Oracle America, Inc. v. TERiX Computer Co., No. 13-03385, 2014 WL 31344, at *3-4 & n.26 (N.D. Cal. Jan. 3, 2014) (collecting cases), have held that Rule 9(b) does not apply to § 1030(a)(4) claims.
On its face, Rule 9(b) applies when a plaintiff alleges "fraud or mistake." Fed. R. Civ. P. 9(b). The required elements of a claim under § 1030(a)(4) include the "intent to defraud" and that the defendant's "conduct furthers the intended fraud." 18 U.S.C. § 1030(a)(4). By its plain language, Rule 9(b) applies to this claim. Additionally, courts have interpreted the relevant elements of the CFAA according to precedent on mail fraud, See United States v. Czubinski, 106 F.3d 1069, 1074-75, 1078-79 (1st Cir. 1997), a type of claim for which the Fifth Circuit has held that Rule 9(b) applies. Tel-Phonic Serv., Inc., 975 F.2d at 1139. Because KKF's § 1030(a)(4) claim involves allegations of fraud, the Court finds that Rule 9(b)'s heightened pleading standard applies.
ii. Knowingly and with intent to defraud
Under either the Rule 9(b) standard, or the lower Rule 8(a) standard, KKF has failed to sufficiently allege that Solomon acted "knowingly and with intent to defraud." 18 U.S.C. § 1030(a)(4). "Fraud" under the CFAA has been interpreted to mean "simply . . . wrongdoing" and does not require "proof of the common law elements of fraud." Shurgard Storage Centers, Inc. v. Safeguard Self Storage, Inc., 119 F. Supp. 2d 1121, 1126 (W.D. Wash. 2000). More specifically, "defraud" under the CFAA means "wronging one in his property rights by dishonest methods or schemes." Id.
This interpretation of "defraud" is based on the U.S. Supreme Court's decision in McNally v. United States, 483 U.S. 350, 358 (1987), in which the Court discussed mail fraud under 18 U.S.C. § 1341. In McNally, the Court noted that "'to defraud' commonly refer[s] 'to wronging one in his property rights by dishonest methods or schemes,' and usually signif[ies] the deprivation of something of value by trick, deceit, chicane or overreaching." Id.
The First Circuit in United States v. Czubinski, 106 F.3d 1069, 1079 (1st Cir. 1997), applied the same interpretation of "defraud" to the CFAA. In Czubinski, which involved criminal charges under the CFAA, an IRS agent was convicted by a jury on four counts of wire fraud under 18 U.S.C. §§ 1343, 1346 and computer fraud under § 1030(a)(4). The defendant had made numerous unauthorized searches in government databases to obtain tax return information on "friends, acquaintances, and personal rivals." Id. at 1071-72; 1078. The First Circuit reversed the defendant's convictions on the mail fraud and computer fraud counts, finding that the defendant "ha[d] not obtained valuable information in furtherance of a fraudulent scheme" under § 1030(a)(4) "for the same reasons" that it determined that defendant had not "deprived the IRS of its property," for the purposes of the Government's wire fraud charges. Id. at 1079. Specifically, the court found that defendant had engaged in "unauthorized browsing," which "even if done with the intent to deceive," is not a "'deprivation' within the meaning of the federal fraud statutes." Id. at 1075. To be a deprivation, "some articulable harm must befall the holder of the information as a result of the defendant's activities, or some gainful use must be intended by the person accessing the information, whether or not this use is profitable in the economic sense." Id.
Applying this interpretation, courts have found that a plaintiff states a claim under § 1030(a)(4) when it alleges that "the defendant participated in dishonest methods to obtain the plaintiff's secret information." Shurgard Storage Centers, Inc., 119 F. Supp. 2d at 1126.
Here, KKF does not allege, even generally, that Solomon had the requisite intent to defraud or that his unauthorized access was done "knowingly." Although KKF states that Solomon "intentionally accessed KKF's protected computer" without authorization, the counterclaim contains no allegation that Solomon knew that he had no right of access or that he intended to deprive KKF of anything or harm it in any way. At most, similar to the "unauthorized browsing" at issue in Czubinski, KKF alleges that Solomon accessed KKF's servers with the intent to obtain information. 106 F.3d at 1075. Accordingly, under either the heightened Rule 9(b) standard or the ordinary Rule 8(a) standard, the Court finds that KKF has failed to allege that Solomon acted with "knowledge" and "intent to defraud." The Court must dismiss KKF's claims under § 1030(a)(4).
R. Doc. 23 at 4.
B. Breach of Contract
KKF's second claim is for breach of contract against SMH under Louisiana law. In Louisiana, "[t]he essential elements of a breach of contract claim are (1) the obligor's undertaking of an obligation to perform, (2) the obligor failed to perform the obligation (the breach), and (3) the failure to perform resulted in damages to the obligee." Favrot v. Favrot, 68 So. 3d 1099, 1108-09 (La. App. 4 Cir. 2011).
KKF alleges that the parties entered into a "Scope of Work" ("SOW"), dated August 6, 2015, and allegedly signed on August 8, 2015. KKF points to two provisions of the SOW, under which SMH allegedly undertook the obligation to (1) "develop an effective and secure video training experience for a global workforce," and (2) "be a full-service partner that provides ongoing maintenance and monitoring to ensure that stores are receiving high quality training." KKF further alleges that SMH breached these obligations by providing a defective training platform, and failing to reliably remedy the platform's problems. Finally, KKF alleges that it suffered damages—including the cost of purchasing the defective training platform, paying SMH for undelivered maintenance on the training system, costs associated with paying a third-party for maintenance, and the costs of hiring a third-party to create a new training platform.
R. Doc. 23 at ¶ 27.
Id. at ¶ 28.
Id. at 5-6, ¶¶ 29, 32
Id. at 6, ¶ 33.
In its motion to dismiss, SMH does not contend that KKF failed to allege the elements of a breach of contract claim. Rather, it asserts an affirmative defense: that KKF's sole remedy under the terms of the parties' agreement was termination, and that KKF exercised that remedy. See Safeway Transit LLC v. Disc. Party Bus, Inc., 954 F.3d 1171, 1182 (8th Cir. 2020) ("An 'affirmative defense' is '[a] defendant's assertion of facts and arguments that, if true, will defeat the plaintiff's or prosecution's claim, even if all the allegations in the complaint are true.'" (quoting Defense, Black's Law Dictionary (11th ed. 2019)). In support, SMH points to an attachment to the SOW, the "Spectrum Interactive White Label Solutions Terms and Conditions" ("Terms and Conditions").
KKF argues that SMH's reliance on the Terms and Conditions is inappropriate under Rule 12(b)(6) because, in its view, the document is not part of the pleadings. R. Doc. 76 at 7-8. The Court may consider documents attached to a motion to dismiss or an opposition to that motion when the documents are referred to in the operative pleading and are central to a party's claims. Brand Coupon Network, L.L.C., 748 F.3d at 635. Here, KKF refers to the "contract" between the parties in its counterclaim but relies only on the proposed SOW. R. Doc. 23 at 5-6, ¶¶ 26-33. The Terms and Conditions state that they constitute the agreement between the parties that governs work under the SOW. R. Doc. 3-2 at 7. The Terms and Conditions and SOW thus are the entire agreement, and the "contract" referred to in the counterclaim includes the Terms and Conditions. Further, the Terms and Conditions were attached to plaintiff's motion for a temporary restraining order and preliminary injunction, R. Doc. 3-2, and plaintiff incorporates the document by reference to its opposition motion citing to the appropriate location in the record in its motion to dismiss. R. Doc. 42-1 at 2. Additionally, in the complaint, SMH describes the Terms and Conditions as the "Contract" and relies on it for its claim of bad faith breach of contract. R. Doc. 1 at 8, 19 ¶¶ 20, 34-38.
The Court finds that the document is central to the parties' claims. See Venture Assocs. Corp. v. Zenith Data Sys. Corp., 987 F.2d 429, 432 (7th Cir. 1993) (finding that a letter of intent and related letters were "central" to a party's claim because "they constitute[d] the core of the parties' contractual relationship."). Additionally, the Court notes that neither party has disputed the authenticity or contents of the document. The Court finds that the Terms and Conditions are part of the pleadings, and the Court may consider them in determining whether dismissal is appropriate under Rule 12(b)(6). See In re Katrina Canal Breaches Litig., 495 F.3d 191, 205 (5th Cir. 2007) ("[B]ecause the defendants attached the contracts to their motions to dismiss, the contracts were referred to in the complaints, and the contracts are central to the plaintiffs' claims, we may consider the terms of the contracts in assessing the motions to dismiss.").
The Court may dismiss a claim under Rule 12(b)(6) "if a successful affirmative defense appears clearly on the face of the pleadings." Clark v. Amoco Prod. Co., 794 F.2d 967, 970 (5th Cir. 1986) (emphasis added). For example, in Miller v. BAC Home Loans Servicing, Inc., 726 F.3d 717, 725-26 (5th Cir. 2013), the Fifth Circuit found a promissory estoppel claim properly dismissed under Rule 12(b)(6) when the defendants raised an affirmative defense under Texas's statute of frauds. The court noted that, under Texas law, all agreements pertaining to loans over $50,000, including modifications, must be written. Id.at 726. Because plaintiff's complaint alleged that the parties' agreement was entirely oral, and otherwise failed to allege that the agreement comported with Texas's statute of frauds, the Fifth Circuit in Miller found that the district court appropriately considered the statute of frauds defense when it dismissed the claim under Rule 12(b)(6). Id.
In contrast, in Clark, a case involving a dispute over mineral rights, the Fifth Circuit found that the district court erred by dismissing under Rule 12(b)(6) based on the "presumed lost deed" defense. 794 F.2d at 970-71. Under that doctrine, a party in possession of property is presumed to hold a deed to the property upon proving three elements: "(1) a long asserted and open claim, adverse to that of the apparent owner; (2) a nonclaim by the apparent owner; and (3) acquiescence by the apparent owner in the adverse claim." Id. The Fifth Circuit stated that dismissal would be appropriate if "each element of the doctrine [were] established through the pleadings," but found that the complaint did not "state or permit the inference" that the owner had not made claims, or that the owner acquiesced in the adverse claim. Id. at 971.
Here, SMH argues that KKF's sole remedy for breach of contract is termination. But this defense does not appear "clearly" on the face of the document that SMH relies on, the Terms and Conditions. Section 7 of the Terms and Conditions, titled "Termination," provides that either party may terminate the agreement with 30 days' written notice, but it contains no indication that termination is a party's sole remedy for a breach. In Section 2, the Terms and Conditions state that "termination of [the parties'] Agreement will be without prejudice to any other right or remedy of either party." By noting that termination will not prejudice any other right or remedy, the document recognizes the potential for rights other than termination. Indeed, the Terms and Conditions expressly recognize a procedure for "dispute[s] or alleged breache[s]" in addition to termination.
R. Doc. 42-1 at 2, 10-11.
R. Doc.3-2 at 10, § 7.
R. Doc. 3-2 at 8, § 2 (emphasis added).
Id. at 10, § 7.
SMH does not address these provisions. Rather, it relies on two clauses in the Terms and Conditions, arguing that KKF effectively waived its claim for breach of contract by failing to notify SMH of any deficiencies in the training platform, and by allowing Parthenon's access to the software. First, SMH points to Section 3, titled "Acceptance," which states:
R. Doc. 42-1 at 10-11.
[KKF] shall accept and pay for Deliverables which conform to the requirements of the Scope of Work. [KKF] will notify [SMH] of any nonconformance of the Deliverables with such requirements ("Non-conformance") within ten (10) days of the receipt of the Deliverables, and [SMH] shall have thirty (30) days, based on the
severity and complexity of the Non-conformance, to correct the Non-conformance. If [KKF] uses the Deliverables before acceptance, fails to promptly notify [SMH] of any Non-conformance, or unreasonably delays the beginning of acceptance testing, then the Deliverables shall be considered accepted by [KKF].SMH contends that KKF never gave the required notice of nonconformance, and thereby waived any claims regarding alleged deficiencies of the training platform. But even if KKF accepted the platform pursuant to the Terms and Conditions, the terms do not speak to the effect of that acceptance, or state that KKF is precluded from bringing a breach of contract claim for alleged defects in the training platform.
R. Doc. 3-2 at 9, § 3.
R. Doc. 42-1 at 11.
The second provision that plaintiff points to, a clause in the "[g]eneral" section of the Terms and Conditions, provides as follows:
To the extent that the Deliverables are integrated with any third party services, including social media services (e.g. Facebook, Twitter, Instagram, Tumblr, SnapChat, YouTube, etc.), as between [KKF] and [SMH], [KKF] is solely responsible for ensuring that its use of those third party services is in compliance with any applicable terms and conditions, guidelines, and privacy policies of such third party services. [SMH] is not liable for [KKF's] actions or non-actions or the use of third parties of any Deliverable through such third party services, terms, conditions, or policies.SMH does not adequately explain how this clause, which limits SMH's responsibility when the platform is integrated with a third-party service, applies to KKF's breach-of-contract claim. Instead, plaintiff makes an inapposite argument that "[b]ecause KKF accepted the Spectrum Engine as provided by SMH and attempted to integrate it into the KKF Platform that was administered by Parthenon, it took responsibility to ensure that Parthenon was managing the software properly." But KKF is not seeking to hold SMH liable for deficiencies in KKF's platform, or for its own actions regarding the use of third-party services—which the cited provision may apply to. Instead, KKF is seeking to hold SMH liable for deficiencies in and failure to maintain the Spectrum Engine during the period that KKF used SMH's product. The provision related to third-party services is, on its face, inapplicable to KKF's claim for breach of contract.
R. Doc. 3-2 at 11, § 9.
R. Doc. 42-1 at 11.
The Court finds that SMH's affirmative defense to KKF's breach of contract claim does not appear on the face of the pleadings. Because SMH raises no other basis for the requested relief, and because the Court finds that KKF has stated a plausible claim for breach of contract, the Court denies the motion to dismiss as to this claim.
C. Redhibition
Under the Louisiana law of redhibition, a "seller warrants the buyer against redhibitory defects, or vices, in the thing sold." La. Civ. Code art. 2520. A plaintiff suing in redhibition must prove that "(1) the thing sold is absolutely useless for its intended purposes[,] or that its use is so inconvenient that it must be supposed that he would not have bought it had he known of the defect; (2) that the defect existed at the time he purchased the thing, but was neither known [n]or apparent to him; [and] (3) that the seller was given the opportunity to repair the defect." Alston v. Fleetwood Motor Homes of Ind., 480 F.3d 695, 699 (5th Cir. 2007) (citing Dalme v. Blockers Mfd. Homes, Inc., 779 So. 2d 1014, 1028 (La. App. 3 Cir. 2001)). KKF pleads each of these elements in its counterclaims.
R. Doc. 23 at 35-40.
But redhibition does not apply when there is no contract of sale. See Alvis v. CIT Grp./Equip. Fin., Inc., 918 So. 2d 1177, 1183-84 (La. App. 3 Cir. 2005) ("[A] redhibition cause of action relates to error in the cause of completed sales and, absent a sale, the redhibition articles do not apply."); Hillard v. United States, No. 06-2576, 2007 WL 647292, at *4-5 (E.D. La. Feb. 28, 2007) (granting motion to dismiss redhibition claim because no sale occurred).
A contract of sale is "a contract whereby a person transfers ownership of a thing to another for a price in money." La. Civ. Code art. 2439 (emphasis added). There is no indication in the complaint, counterclaims, SOW, or Terms and Conditions that SMH transferred ownership of its training platform to KKF. Rather, SMH licensed the use of its software, which expressly "remain[ed] the exclusive property of [SMH]," under the Terms and Conditions. Because the parties' agreement does not provide for a transfer of ownership of a thing, it is not a sale, La. Civ. Code art. 2439, and redhibition is inapplicable. Alvis, 918 So. 2d at 1183-84. Accordingly, the Court finds that KKF has failed to state a claim for redhibition, and the Court must dismiss this claim.
R. Doc. 3-2 at 7.
D. Solomon's Personal Liability
In its third-party claims against Solomon, KKF alleges that Solomon violated the CFAA in his personal capacity. Counterclaim defendants move to dismiss these claims, arguing that Solomon is protected from personal liability for actions that he took on behalf of SMH.
R. Doc. 23 at 4, ¶¶ 18-20, 23-24.
R. Doc. 42-1 at 13-15.
The Fifth Circuit has not explicitly addressed a corporate officer's liability under the CFAA, but it recognizes that an individual officer may be held liable for violations of federal statutes even though they were committed on behalf of his or her corporation. For example, in the context of trademark infringement, the Fifth Circuit stated:
Appellees seem to support [their] position on the ground that to hold the individuals liable for the actions of the corporation would require a 'piercing of the corporate veil.' In point of fact appellees have the cart before the horse. There can be no doubt but that a trademark, like a patent, can be infringed by an individual. It is infringed when an individual performs the act or does the things that the patent or trademark law protects against. The fact that the persons thus acting are acting for a corporation also, of course, may make the corporation liable under the doctrine of respondeat superior. It does not relieve the individuals of their responsibility.Mead Johnson & Co. v. Baby's Formula Serv., Inc., 402 F.2d 19, 23 (5th Cir. 1968) (emphasis added); see also Engineering Dynamics, Inc. v. Structural Software, 26 F.3d 1335, 1349-50 (5th Cir. 1994). On the other hand, if a corporation violates a federal statute, its officers will not be personally liable solely because of their role as officers. See United States v. Sexton Cove Estates, Inc., 526 F.2d 1293, 1300 (5th Cir. 1976).
Similarly, under a "well settled" rule of tort law, "when corporate officers directly participate in or authorize the commission of a wrongful act, even if the act is done on behalf of the corporation, they may be personally liable." General Motors Acceptance Corp. v. Bates, 954 F.2d 1081, 1085 (5th Cir. 1992). Under this rule, "the officer to be held personally liable must have some direct, personal participation in the tort, as where the defendant was the 'guiding spirit' behind the wrongful conduct . . . or [was] the 'central figure' in the challenged corporate activity." Mozingo v. Correct Mfg., 752 F.2d 168, 174 (5th Cir. 1985) (citing Escude Cruz v. Ortho Pharmaceutical Corp., 619 F.2d 902, 907 (1st Cir.1980)).
The Ninth Circuit has expressly held that a corporate officer may be personally liable for a violation of the CFAA, even when "he acted as an agent of the corporation and not on his own behalf." Facebook, Inc. v. Power Ventures, Inc., 844 F.3d 1058, 1069 (9th Cir. 2016). In Facebook, the Ninth Circuit applied the tort law rule to a claim under the CFAA, finding that a corporate officer may be personally liable when he or she "was the 'guiding spirit' behind the wrongful conduct, or the 'central figure' in the challenged corporate activity." 844 F.3d at 1069. Based on the foregoing caselaw, the Court finds that a corporate officer may be personally liable for violations of the CFAA even though he or she was acting on behalf of the corporate employer.
Here, KKF alleges that Solomon personally participated in the alleged violation of the CFAA. KKF states that Solomon "intentionally accessed KKF's protected computer," "obtained information from them," and provided that information to SMH. In short, KKF has alleged that Solomon had "direct, personal participation in the" alleged violation of the CFAA. Mozingo, 752 F.2d at 174; Facebook, 844 F.3d at 1069. Because KKF alleges that Solomon took these actions, the Court finds that KKF has sufficiently pleaded that he was the "guiding spirit" or "central figure" in the alleged violation. Id. Accordingly, the Court may not dismiss the claims against Solomon on the ground that he acted on SMH's behalf.
R. Doc. 23 at 18-20.
IV. CONCLUSION
For the foregoing reasons, SMH's motion to dismiss KKF's counterclaims and third-party claims is GRANTED IN PART and DENIED IN PART. KKF's claims for redhibition and under § 1030(a)(4) of the CFAA are DISMISSED. As to the motion to dismiss KKF's claims for breach of contract and under § 1030(a)(2), SMH's motion is DENIED.
New Orleans, Louisiana, this 1st day of April, 2021.
/s/_________
SARAH S. VANCE
UNITED STATES DISTRICT JUDGE