Opinion
Civil Action 22-482 (MAS) (TJB)
09-07-2022
THE RODGERS GROUP, LLC, Plaintiff, v. MADELINE LEWIS et al., Defendants.
NOT FOR PUBLICATION
MEMORANDUM OPINION
MICHAEL A. SHIPP UNITED STATES DISTRICT JUDGE
This matter comes before the Court on Defendants Madeline Lewis (“Lewis”), John String (“String”), and Aspirant Consulting Group LLC's (“Aspirant,” and collectively with Lewis and String, “Defendants”) Partial Motion to Dismiss Plaintiff The Rodgers Group, LLC's (“Rodgers Group”) Complaint. (ECF No. 21.) Rodgers Group opposed (ECF No. 28), and Defendants replied (ECF No. 30). The Court has carefully reviewed the parties' submissions and decides the matter without oral argument under Local Civil Rule 78.1. For the reasons below, the Court grants in-part and denies in-part Defendants' Motion.
I. BACKGROUND
All too familiar, this dispute stems from alleged violations of confidentiality and non-disclosure provisions in an employment agreement. This matter begins with Rodgers Group, a company that provides “policy drafting services, consulting, training and management services to public safety agencies and departments, including first responders and law enforcement” in New Jersey and Pennsylvania. (Compl. ¶¶ 2, 15, ECF No. 1.) Originating in 2008, Rodgers Group conducts training for thousands of police officers, firefighters, and other public safety officials. (Id. ¶¶ 14, 17.) In connection with its business, Rodgers Group alleges that it developed an array of confidential information and trade secrets, including (1) customer lists, (2) work product, (3) customer feedback, (4) training programs, (5) management programs, (6) reports and analyses, (7) assessments and evaluations, and (8) information derived from non-public sources. (Id. ¶ 19.) To safeguard this information, Rodgers Group required its employees to sign non-disclosure agreements (“NDA”) and covenants of confidentiality; it also employed a password protection system. (Id. ¶¶ 21, 32, 67-68.) Rodgers Group contractually and literally restricted its employees as to the data they may access, confidential information they may disclose, and ways in which they may use this confidential information. (Id. ¶¶ 34-38.) Relatedly, Rodgers Group required employees to return “any and all records” before leaving the company. (Id. ¶ 38.)
Enter Lewis and String. Hired in May 2020 and April 2021 respectively, Lewis and String worked as project managers and policy writers for Rodgers Group. (Id. ¶¶ 29, 30.) Because of then-positions, which involved drafting policies for the company, Lewis and String had access to confidential information and learned extensively about the company's operations and client relationships. (Id. ¶ 31.) Indeed, Lewis and String drafted and implemented policies for Rodgers Group's clients, such as several district attorney's offices, sheriff departments, and public policy departments in Pennsylvania. (Id.)
But the duo did not remain at Rodgers Group for long. Rodgers Group alleges that in late 2021, Lewis and String conspired to leave the company and start a competing business premised on the same business model. (Id. ¶ 45.) During the winter of 2021, Lewis and String “exfiltrated over 4,000 documents constituting massive amounts of [Rodgers Group]'s [c]onfidential [i]nformation and [m]ethods.” (Id. ¶ 46.) The company's access logs depict that these downloads occurred over several weeks between late December 2021 and early January 2022. (Id. ¶ 56.) Some of the extracted files were expressly labeled as confidential. (Id. ¶ 58.) Around the same time, Lewis and String also accessed Rodgers Group's client lists and project management systems. (Id. ¶¶ 71,85.) While all this was going on, the duo registered an “Aspirant LLC” website in December 2021, as well. (Id. ¶ 48.)
Armed with this data and Rodgers Group's work product, Lewis and String resigned from the company on January 7, 2022. (Id. ¶ 52.) But that did not stop them from remotely accessing Rodgers Group's computer systems the next day and downloading hundreds of documents and other confidential information. (E.g., id. ¶¶ 57-58.) Within a few days after that, Lewis and String officially started their own company, Aspirant, and began operating a competing security and training business. (Id. ¶ 7.) Defendants then converted policy management software they formerly used with Rodgers Group by changing their login credentials over to an Aspirant email account. (Id. ¶¶ 73-75.) Next came Defendants' attempts to poach Rodgers Group's clients. For example, Defendants persuaded a district attorney's office to terminate its relationship with Rodgers Group and work with Aspirant two days after Lewis and String left the company. (Id. ¶ 92.) The following day, a similar situation occurred with another client of Rodgers Group, this time a police department. (Id. ¶ 93.) Rodgers Group continued to receive notifications from several existing customers that they would be terminating their contracts and using Aspirant instead. (Id. ¶ 82.)
Dismayed with its former employees' flagrant defiance, Rodgers Group sent Defendants a cease-and-desist letter in late January 2022. (Id. ¶ 99.) After making little progress, Rodgers Group filed suit with this Court. It alleges nine causes of action against Defendants. (See generally Compl.) Defendants now move to dismiss six of those counts under Federal Rule of Civil Procedure 12(b)(6), specifically-Count One, misappropriation of trade secrets under the New Jersey Trade Secrets Act (NJTSA); Count Two, misappropriation of trade secrets under the Defend Trade Secrets Act (DTSA); Count Three, computer fraud under the Computer Fraud and Abuse Act (CFAA); Count Four, breach of contract; Count Six, unjust enrichment; and Count Eight, violation of the New Jersey Computer Related Offenses Act (NJCROA). (See generally Defs.' Moving Br., ECF No. 21-1; Compl.)
Hereinafter, all references to “Rule” or “Rules” refer to the Federal Rules of Civil Procedure.
Likely a scrivener's error, the Complaint lists two different (and separate) causes of action for “Count Eight.” (Compl. ¶¶ 156-164 (conspiracy and NJCROA).) But Defendants move for dismissal only on the NJCROA violation. (Defs.' Moving Br. 1.)
II. LEGAL STANDARD
Rule 8(a)(2) “requires only ‘a short and plain statement of the claim showing that the pleader is entitled to relief,' in order to ‘give the defendant fair notice of what the . . . claim is and the grounds upon which it rests.'” Bell All. Corp. v. Twombly, 550 U.S. 544, 555 (2007) (alteration in original) (quoting Conley v. Gibson, 355 U.S. 41, 47 (1957)). A district court conducts a three-part analysis when considering a motion to dismiss pursuant to Rule 12(b)(6). Malleus v. George, 641 F.3d 560, 563 (3d Cir. 2011). “First, the court must ‘tak[e] note of the elements a plaintiff must plead to state a claim.'” Id. (quoting Ashcroft v. Iqbal, 556 U.S. 662, 675 (2009)). Second, the court must accept as true all of the plaintiffs well-pleaded factual allegations and construe the complaint in the light most favorable to the plaintiff. Fowler v. UPMC Shadyside, 578 F.3d 203, 210 (3d Cir. 2009) (citation omitted). The court, however, may ignore legal conclusions or factually unsupported accusations that merely state “the-defendant-unlawfully-harmed-me.” Iqbal, 556 U.S. at 678 (citing Twombly, 550 U.S. at 555). Finally, the court must determine whether “the facts alleged in the complaint are sufficient to show that the plaintiff has a ‘plausible claim for relief.'” Fowler, 578 F.3d at 211 (quoting Iqbal, 556 U.S. at 679). A facially plausible claim “allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged.” Id. at 210 (quoting Iqbal, 556 U.S. at 678). On a Rule 12(b)(6) motion, the “defendant bears the burden of showing that no claim has been presented.” Hedges v. United States, 404 F.3d 744, 750 (3d Cir. 2005) (citing Kehr Packages, Inc. v. Fidelcor, Inc., 926 F.2d 1406, 1409 (3d Cir. 1991)).
III. DISCUSSION
Defendants move to dismiss Counts One, Two, Three, Four, Six, and Eight of Rodgers Group's Complaint, arguing that each fails to state a claim. (See generally Defs.' Moving Br.) The Court considers the besieged counts in turn, grouping together those claims that involve similar issues.
A. Misappropriation of Trade Secrets under the DTSA and the NJTSA
First up, Defendants argue that Rodgers Group fails to establish that the information Lewis and String hijacked from the company constitutes trade secrets, proving fatal to Counts One and Two. (Id. at 2.) Relying heavily on Oakwood Laboratories LLC, Defendants aver that Rodgers Group must plead with heightened specificity precisely what information constituted trade secrets and why. (Id. at 6-11 (citing Oakwood Lab'ys LLC v. Thanoo, 999 F.3d 892 (3d Cir. 2021)).) Rodgers Group counters that it adequately specifies which of its stolen information and data constitutes trade secrets and demonstrates how its confidential information and methods are unique. (Pl.'s Opp'n Br. 9-11, ECF No. 28.)
To survive a motion to dismiss under the DTSA, a plaintiff must plead facts that establish (1) a trade secret exists; (2) the trade secret is “related to a product or service used in, or intended for use in, interstate or foreign commerce”; and (3) the defendant misappropriated the trade secret. Oakwood Lab 'ys LLC, 999 F.3d at 905 (internal quotation marks and citations omitted). Similarly, the NJTSA requires that a plaintiff plead “(1) the existence of a trade secret and (2) the misappropriation of that secret.” Par Pharm., Inc. v. QuVa Pharma, Inc., No. 17-6115, 2018 WL 1374023, at *6 (D.N.J. Mar. 16, 2018) (citing N.J. Stat. Ann. § 56:15-2). Considering the parallel between the DTSA and NJTSA, the Court considers these two counts together. Scherer Design Grp., LLC v. Schwartz, No. 18-3540, 2018 WL 3613421, at *4 (D.N.J. July 26, 2018) (analyzing DTSA and NJTSA together).
Trade secrets are defined as “information with independent economic value that the owner has taken reasonable measures to keep secret.” Oakwood Lab'ys. LLC, 999 F.3d at 905. “The essential inquiry for a trade secret is whether the information derives economic value, the information is not readily ascertainable by other means, and the holder endeavors for it to remain confidential.” Scherer Design Grp., LLC, 2018 WL 3613421, at *4. Independent economic value “focuses on whether a plaintiff would lose value and market share if a competitor could enter the market without substantial development expense.” Oakwood Lab'ys LLC, 999 F.3d at 914 n.20 (quoting Miles Inc. v. Cookson Am., Inc., No. 12,310, 1994 WL 676761, at * 10 (Del. Ch. Nov. 15,1994)). Misappropriation is defined as either knowingly acquiring the information by improper means or employing the trade secret for one's benefit. Id. at 905.
Construing the facts in a light most favorable to Rodgers Group, the Court finds that it sufficiently pleads trade secret causes of action under federal and state law. The Court begins with whether trade secrets were stolen, an element vigorously disputed by the parties. (Compare Defs.' Moving Br. 6-12 with Pl.'s Opp'n Br. 9-13.) Here, the Complaint lists out the allegedly stolen data, including (1) information from projects; (2) information from assignments; (3) non-public information, such as “confidential analysis and reports”; and (4) work that was in progress and not readily accessible. (Compl. ¶¶ 63-65.) The Court finds that the Complaint adequately pleads facts that Rodgers Group developed work product over time and at a considerable expense that is not readily ascertainable by competitors. (See, e.g., Compl. ¶ 65 (“The stolen data also included key in-progress [Rodgers Group] work product that was necessary to service [Rodgers Group's] existing customers and which was not publicly available, and would never be made publicly available, and which was not otherwise discernable by legitimate means.”); Scherer Design Grp., LLC, 2018 WL 3613421, at *4 (highlighting that the information must not be readily ascertainable with ease and at little cost).)
Contrary to Defendants' contention that Rodgers Group must articulate each individual trade secret by name and description, that is not the standard at the pleadings stage. Oakwood Lab 'ys LLC, 999 F.3d at 906 (“[P]laintiff need not spell out the details of the trade secret to avoid dismissal.” (internal quotation marks omitted)). Instead, Rodgers Group must provide Defendants with notice “to ascertain at least the boundaries within which the secret lies” and detail sufficient facts that allow the Court to infer a trade secret claim. Id. (citing, among other, Diodes, Inc. v. Franzen, 260 Cal.App. 2d 244, 253 (Cal.Ct.App. 1968)). The Complaint does just that by specifying dates that Defendants accessed the information, the means through which they accessed it, the types of information that Defendants downloaded, the quantity of documents Defendants downloaded, and even some of the file names that Defendants copied. (E.g., Compl. ¶ 57 (showing that Defendants downloaded 440 documents on January 8), ¶ 58 (Defendants downloaded the file “trg-only-confidential-4392767622.html”), ¶ 60 (Defendants took “G-Suite accounts [and] Basecamp workflow management platforms”).) What's more, Rodgers Group attached to its Complaint a log of the data it contends Defendants looted. (Compl. Ex. F, ECF No. 1-7.) Surely the Complaint satisfies the notice requirement, and the Court separately finds facts to support that at least some of the information was proprietary and confidential. Oakwood Lab'ys LLC, 999 F.3d at 907 (“The Defendants here unquestionably are on notice of the trade secret information that is at issue.”). That is all the law requires at this juncture. Id. at 906 (rejecting the district court's “heightened pleading standard” employed in a trade secret action).
Defendants' contention that Oakwood Laboratories LLC supports their position misses the mark. (See Defs.' Reply Br. 1-3, ECF No. 30.) Far from acting as a sea change in trade secret law, as Defendants contend, there the Third Circuit reversed the district court for enacting a heightened pleading standard and clarified that notice of what is alleged to be a trade secret is the touchstone of the inquiry at this stage. Oakwood Lab 'ys LLC, 999 F.3d at 906-07 (“The factual allegations in [plaintiffs] [c]omplaint... are plainly sufficient to identify the trade secrets at issue.”).
Turning next to the remaining trade secret elements, the Court finds that these are also adequately pled. As to the purported economic value of Rodgers Group's proprietary information, Defendants were able to immediately enter the market and, within two days, compete with Rodgers Group to convert customers. (Compl. ¶¶ 91-94.) Both the timing of when Defendants were able to launch Aspirant and the number of Rodgers Group's clients that instantly joined Aspirant support the information's economic value. Oakwood Lab'ys LLC, 999 F.3d at 914 n.20 (finding that information has independent economic value where a plaintiff would lose market share because of a competitor using the information); Pyro Spectaculars N., Inc. v. Souza, 861 F.Supp.2d 1079, 1089 (E.D. Cal. 2012) (“[W]here the party compiling the customer lists, while using public information as a source, . . . expends a great deal of time, effort, and expense in developing the lists and treats the lists as confidential in its business, the lists may be entitled to trade secret protection.”). Turning next to whether Rodgers Group took reasonable measures to protect its proprietary information, the Court finds that it did. The company “employ[ed] a password control system” and required all employees to “agree to strict confidentiality requirements in connection with their employment and access to . . . data.” (Compl. ¶¶ 21, 32, 67-68; see Oakwood Lab'ys LLC, 999 F.3d at 905.) As to the interstate commerce element, Rodgers Group served clients in multiple states. (Compl. ¶ 15; see Oakwood Lab 'ys LLC, 999 F.3d at 905.) Finally, as to whether Defendants misappropriated the confidential data by acquiring the information without authorization before and after resigning, the Complaint adequately pleads such facts. (See e.g., Compl. ¶ 58 (“Some of the files Defendant String downloaded . . . post-resignation . . . were obviously confidential and solely intended to be accessed by [Rodgers Group] personnel as evidenced by file names like: ‘trg-only-confidential-4392767622.html.'”); Oakwood Lab 'ys LLC, 999 F.3d at 905 (defining misappropriation as knowingly and improperly acquiring information).)
On these facts, the Complaint sufficiently pleads that Defendants misappropriated Rodgers Group's trade secrets. The Court denies Defendants' Motion as to Counts One and Two.
B. Breach of Contract
Next up, Defendants argue that the breach of contract claim, Count Four, must fail for two reasons. First, Defendants contend that the NDA is unenforceable to the extent it aims to protect publicly available information and second, Defendants stress that Rodgers Group fails to allege the existence of trade secrets and therefore Lewis and String could not have breached their contractual obligations by taking the information. (Defs.' Moving Br. 2-3.) Rodgers Group, of course, disagrees. (Pl.'s Opp'n Br. 13.)
Under New Jersey law, a plaintiffs breach of contract claim must sufficiently plead (1) that a contract exists, (2) the defendant breached the contract, and (3) damages. Sheet Metal Workers Int'l Ass'n Loc. Union No. 27, AFL-CIO v. E.P. Donnelly, Inc., IM F.3d 879, 900 (3d Cir. 2013); Goldfarb v. Solimine, 245 A.3d 570, 577 (N.J. 2021). So long as a plaintiff points to a contractual provision and alleges the requisite elements, a breach of contract claim will survive a motion to dismiss. See StrikeForce Techs., Inc. v. WhiteSky, Inc., No. 13-1895,2013 WL 3508835, at *6 (D.N.J. July 11,2013) (denying a motion to dismiss where the plaintiff referenced the specific contractual provision at issue).
Here, the parties do not dispute that the covenants of confidentiality and the NDA are valid contracts. (See, e.g., Compl. Ex. C, ECF 1-4; see generally Defs.' Moving Br.) Thus, Rodgers Group must plead both that Lewis and String breached those contracts and resulting damages. E.P. Donnelly, 737 F.3d at 900. It does. When Lewis and String signed Rodgers Group's NDA, they became contractually obligated to return any records or data relating to confidential information. (Compl. ¶ 38.) The Complaint alleges that the pair violated their contractual duties, going so far as to download confidential materials while still employed at the company, without any legitimate business reason. (Id. ¶ 57.) Rodgers Group also alleges that, “[n]otwithstanding the clear language of these covenants of confidentiality . . . [Lewis and String] decided to exploit their access to [Rodgers Group]'s [c]onfidential [information and [m]ethods [and] steal [Rodgers Group]'s proprietary information and trade secrets” after resignation. (Id. ¶¶ 44, 46.) If true, Lewis and String likely breached their agreements with Rodgers Group. Moreover, the Complaint and attached exhibits describe the stolen information and data in detail. (Id. ¶¶ 61-65; Compl. Ex. F.) Thus, the Complaint sufficiently alleges that Defendants violated the NDAs and confidentiality agreements. See Fowler, 578 F.3d at 210; E.P. Donnelly, 131 F.3d at 900. And as stated above, in terms of damages, Rodgers Group further alleges that (1) the stolen information and data had independent economic value; and (2) several customers terminated their relationships with Rodgers Group and transferred over to Defendants' business, all while Aspirant utilized the misappropriated information. (Compl. ¶¶ 67, 91-94; E.P. Donnelly, 737 F.3d at 900.) The Court denies Defendants' Motion as to Count Four.
The burden is on the moving party to demonstrate that no claim has been presented. Hedges v. United States, 404 F.3d 744, 750 (3d Cir. 2005) (citation omitted). In moving for dismissal, Aspirant does not challenge Rodgers Group's breach of contract claim against it on the separate theory that Aspirant never entered into any contracts with Rodgers Group. Because this argument was not raised, the Court declines to reach it.
C. Unjust Enrichment
Moving on, Defendants argue that the unjust enrichment claim fails because they were not enriched beyond their contractual rights. (Defs.' Moving Br. 3.) Rodgers Group, on the other hand, contends that the Complaint sufficiently alleges each element of an unjust enrichment claim and it may plead in the alternative under the Rules. (Pl.'s Opp'n Br. 20.)
Under New Jersey law, “a plaintiff must show both that defendant received a benefit and that retention of that benefit without payment would be unjust and that the plaintiff expected remuneration and the failure to give remuneration unjustly enriched the defendant.”, EnviroFinance Grp., LLC v. Env't Barrier Co., 113 A.3d 775, 790 (N.J. Sup. Ct. App. Div. 2015) (internal quotation marks and citation omitted). The Court separates out the Defendants in considering this claim. As to Aspirant, on its face, the unjust enrichment claim must fail because Rodgers Group did not expect remuneration. Notably, when Lewis and String left Rodgers Group, the company was unaware of Aspirant and did not know that its confidential information would end up in Aspirant's files. See Nelson v. Xacta 3000 Inc., No. 08-5426, 2009 WL 4119176, at *7 (D.N.J. Nov. 24, 2009) (dismissing unjust enrichment claim where complaint did not allege expectation of remuneration “at the time” the benefit was conferred). In addition, numerous courts have concluded that New Jersey law requires some relationship between the parties when alleging unjust enrichment. See Maniscalco v. Brother Int'l Corp. (USA), 627 F.Supp.2d 494, 506 (D.N.J. 2009) (listing cases) (“New Jersey law requires a direct relationship between the parties.”). Here, the Complaint fails to allege any relationship whatsoever. See Debjo Sales, LLC v. Houghton Mifflin Harcourt Publ'g Co., No. 14-4657, 2015 WL 1969380, at *9 (D.N.J. Apr. 29, 2015) (“[The] plaintiff must be the party who provides the benefit to the defendant.”).
At bottom, against Aspirant, the Complaint alleges that Aspirant unjustly enriched itself by converting Rodgers Group's confidential and proprietary information. That is, conversion is the proper tort cause of action; unjust enrichment is the means to get there. See Warma Witter Kreisler, Inc. v. Samsung Elecs. Am., Inc., No. 08-5380, 2009 WL 4730187, at *7 (D.N.J. Dec. 3, 2009) (listing cases dismissing unjust enrichment claims brought as independent torts).
Turning next to Lewis and String, New Jersey recognizes unjust enrichment as a quasi-contractual claim only-not as an independent tort claim. See Cafaro v. HMC, No. 07-2793, 2008 WL 4224801, at *12 (D.N.J. Sept. 8, 2008). It is settled law that a party cannot plead an unjust enrichment claim along with a breach of contract claim where the parties do not dispute the validity of the contract at issue. Grudkowski v. Foremost Ins. Co., 556 Fed.Appx. 165, 170 n.8 (3d Cir. 2014). While Rule 8(d)(2) permits pleading in the alternative, unless the parties call into question the validity of the relevant contract, both an unjust enrichment claim and a breach of contract claim cannot survive a motion to dismiss. Cf DeFrank v. Samsung Elecs. Am., Inc., No. 19-21401,2020 WL 6269277, at *21 (D.N.J. Oct. 26, 2020) (permitting an unjust enrichment claim where the parties disputed the validity of a warranty). Here, Rodgers Group sued Defendants for breaching their employment contracts. (Pl.'s Opp'n Br. 21 (alleging Defendants stole confidential information “in violation of the NDAs and covenants of confidentiality”).) Defendants do not contest the validity of those employment contracts but rather argue that they did not breach them. (Defs.' Moving Br. 13-14 (arguing that the NDA did not protect public information or information that is not a trade secret).) As such, the unjust enrichment claim cannot stand. (See, e.g., Compl. Ex. C; see generally Defs.' Moving Br.; Grudkowski, 556 Fed.Appx. at 170 n.8 (holding that a valid, undisputed contract will do away with an unjust enrichment claim).) The Court dismisses Count Six without prejudice.
D. Computer Fraud under the CFAA
Defendants next argue that the Court should dismiss Count Three, computer fraud under the CFAA, under two theories, either one of which defeats this cause of action: (1) Defendants had authorization to access the computers and (2) Rodgers Group fails to allege the required damages or loss. (Defs.' Moving Br. 2, 14-17.) Conversely, Rodgers Group asserts that the Complaint alleges (1) the necessary elements to plead a violation of the CFAA; and (2) that Rodgers Group suffered at least $5,000 in damages, satisfying the loss element. (Pl.'s Opp'n Br. 15-20.)
At bottom, the CFAA criminalizes intentional access to a computer “without authorization.” Van Buren v. United States, 141 S.Ct. 1648, 1649 (2021) (citing 18 U.S.C. § 1030(a)(2)). But those with authorization do not violate the CFAA even if they have “improper motives for obtaining information that is otherwise available to them.” Id. at 1652. To state a claim under the CFAA, a plaintiff must plead facts that plausibly demonstrate (1) loss or damage that exceeds or equals $5,000 in value; and (2) that the defendant caused the loss or damage by violating the CFAA. Christine v. Nat'l Inst, for Newman Stud., No. 16-6572, 2019 WL 1916204, at *4 (D.N.J. Apr. 30, 2019). Although the Third Circuit generally treats the NJCROA and CFAA (the “Computer Acts”) similarly, and Rodgers Group brings both causes of action, the CFAA has an independent loss threshold that warrants separate discussion. Clinton Plumbing & Heating of Trenton, Inc. v. Ciaccio, No. 09-2751, 2011 WL 6088611, at *4 (E.D. Pa. Dec. 7, 2011) (noting $5,000 loss element in CFAA private cause of action).
Without alleging damages or monetary loss exceeding $5,000, a claim under the CFAA cannot survive a motion to dismiss. Volpe v. Abacus Software Sys. Corp., No. 20-10108,2021 WL 2451968, at *6 (D.N.J. June 16, 2021) (“A plaintiff must allege that the defendant's actions, in violating the CFAA, ‘caused damage or loss to the plaintiff in excess of $5,000 in a one-year period.'”). The CFAA defines loss as “any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service.” 18 U.S.C. § 1030(e)(11). To establish damage or loss, a plaintiff can show that the defendant damaged or impaired a computer system. Volpe, 2021 WL 2451968, at *6 (quoting Sealord Holdings, Inc. v. Radler, No. 11-6125, 2012 WL 707075, at *4 (E.D. Pa. Mar. 6, 2012)). Put differently, most district courts in the Third Circuit require that “the ‘loss' must generally be ‘in some way related to functionality of the protected computer at issue.'” Id. (quoting Clinton Plumbing, 2011 WL 6088611, at *5). Grievances that consist of “lost business opportunities, damaged reputation, loss of assets, and other missed revenue, however,” are insufficient to satisfy the statute's loss requirement. Sealord Holdings, Inc., 2012 WL 707075, at *4.
Here, the damage or loss requirement proves fatal to Rodgers Group's CFAA claim. For starters, the Complaint provides no facts to suggest that Defendants damaged or impaired the computer systems as a result of their conduct. (See generally Compl.; see Volpe, 2021 WL 2451968, at *6 (requiring either (1) damage to the physical computer system itself or its services; or (2) damages resulting from interruption of computer services).) Instead, Rodgers Group alleges that Defendants, without authorization, downloaded confidential documents with independent economic value. (Compl. ¶¶ 57, 58, 66, 67.) In doing so, the Complaint alleges that Defendants modified access rights to accounts in the computer system that required Rodgers Group to remediate. (Id. ¶¶ 69, 70.) And while Rodgers Group goes on to claim that Defendants caused $5,000 in damages to the computer systems, there are no specific facts to support this conclusion. (Id. ¶ 98.) “But the Federal Rules do not require courts to credit a complaint's conclusory statements without reference to its factual context.” Iqbal, 556 U.S. at 686. Thus, without further factual allegations-such as, which of Defendants' actions caused monetary damages, how, to what extent, and how that damage was remediated-the Court cannot credit Rodgers Group's unsupported conclusion. In addition, as noted above, Rodgers Group's business damages resulting from Defendants' alleged misappropriation are insufficient under the CFAA. Sealord Holdings, Inc., 2012 WL 707075, at *4. The Court therefore dismisses Count Three without prejudice.
E. Computer Fraud under the NJCROA
Finally, Defendants argue that the Court should partially dismiss Count Eight to the extent that it relies on Lewis and String's actions before they resigned from Rodgers Group. (Def.'s Moving Br. 15.) According to Defendants, they had lawful and proper access to the files prior to leaving the company and thus could not have “unlawfully” accessed the information. (Id. (citing Compl. ¶¶ 43, 55).) So, Defendants ask the Court to slice Count Eight in half, parse out all factual underpinnings supporting Rodgers Group's NJCROA claim that predate Defendants' departure from the company, and then partially dismiss Count Eight to the extent that it relies on those predeparture facts. (Id.) Separately, Defendants also allege that Rodgers Group fails to adequately allege damages to sustain its NJCROA claim. (Id. at 14-17.)
As an initial matter, on a motion to dismiss, the Court questions the utility of dissecting a count on a factual basis, prior to discovery, and then partially dismissing that count based on a temporal cutoff. In any event, beginning with the damages argument, the NJCROA allows for a broader allegation of damages than the CFAA, which can include losses unrelated to the damage or impairment of a computer system. See N.J. Stat. Ann. § 2A:38A-3; In re Nickelodeon Consumer Priv. Litig., 827 F.3d 262, 277 (3d Cir. 2016) (“[the NJCROA] permits ‘[a] person or enterprise damaged in business or property' to sue for compensatory and punitive damages, as well as fees and costs.” (citation omitted)). Defendants provide no legal authority to the contrary. (See generally Defs.' Moving Br.) Further, unlike Rodgers Group's cursory pleadings as to the damages it suffered to its computer systems, it details at great length the business damages it suffered because Defendants took Rodgers Group's proprietary information. (See generally Compl.) Plus, there is no $5,000 minimum threshold that Rodgers Group must meet, as there is with the CFAA. Compare N.J. Stat. Ann. § 2A:38A-3, with 18 U.S.C. § 1030(a)(4). Thus, the Court disagrees that Count Eight fails on damages alone.
As to whether Lewis and String were authorized to download thousands of documents before they left Rodgers Group, that remains a factual dispute. The NJCROA “makes it unlawful to alter, damage, access, or obtain data from a computer without authorization.” In re Nickelodeon Consumer Priv. Litig., 827 F.3d 262 at 277. The parties contest whether Lewis and String acted with “authorization” when they downloaded documents prior to their departure. Because the answer to that question may be no, particularly if Lewis and String accessed the information improperly or for purely personal use, the Court finds it inappropriate to decide these fact-specific inquiries on the pleadings. Bro-Tech Corp. v. Thermax, Inc., 651 F.Supp.2d 378, 407 (E.D. Pa. 2009) (“[T]he quality or extent of a particular individual's authorization to access a computer is informed by the facts of the case.”). The Court accordingly denies Defendants' Motion as to Count Eight.
IV. CONCLUSION
The Court finds that Rodgers Group adequately states a claim for Counts One, Two, Four, and Eight, and, accordingly, the Court denies Defendants' Motion as to those counts. But Rodgers Group insufficiently pleads Counts Three and Six, and the Court therefore grants Defendants' Motion as to those counts. An Order consistent with this Memorandum Opinion will follow.