Opinion
4:22-CV-04049-KES
04-23-2024
ORDER DENYING DEFENDANTS' MOTION FOR SUMMARY JUDGMENT AND DENYING PLAINTIFF'S MOTION FOR SUMMARY JUDGMENT
KAREN E. SCHREIER UNITED STATES DISTRICT JUDGE
Plaintiff, Huseyin Cengiz, sued defendants, Huron Title Company, Homestead Holdings, Inc., and Lara Hinricher, for negligence, breach of contract, and breach of fiduciary duty. Docket 1. Cengiz alleges that defendants failed to implement the proper safeguards and procedures for wire transactions, which caused him to lose about half a million dollars after he wired money to a hacker's account. Id. Defendants move for summary judgment on all of Cengiz's claims, and Cengiz moves for partial summary judgment on his negligence claim. Docket 22; Docket 26. After reviewing the parties arguments and the record, the court issues the following order.
I. Facts
Cengiz is an eye surgeon who attempted to purchase real estate in Huron, South Dakota. Docket 34 ¶¶ 1, 20-21, 73-74. To effectuate this purchase, on May 7, 2021, Cengiz contacted a commercial broker, Hank Wolfer, who in turn contacted Huron Title that same day. Id. ¶¶ 22, 73. Huron Title is a South Dakota corporation located in Huron, South Dakota, that provides county land and title services. Id. ¶¶ 24, 26. Huron Title operates under the majority ownership of Homestead Holdings. Id. ¶ 25.
In Wolfer's May 7, 2021 email, Wolfer sent a request to open escrow on the business property Cengiz sought to purchase, and included Cengiz in the email chain. Id. ¶¶ 74, 77. Cengiz replied in the email chain that he intended to go forward with the transaction online because he planned to be out of town after May 20, 2021. Id. ¶ 78. Cengiz also stated in a subsequent email that he preferred to make a wire transfer of funds and asked for wiring instructions. Id. ¶¶ 84-85.
On May 10, 2021, a Huron Title employee, Jeanette Gromer, emailed the wiring instructions to Cengiz. Id. ¶ 87; Docket 27 ¶ 8; Docket 33 ¶ 8. That same day, Cengiz wired $20,000 to Huron Title for an escrow deposit. See Docket 34 ¶ 89. Neither these instructions, nor any email correspondence between Huron Title employees and Cengiz, contained a warning from Huron Title to Cengiz of the risks of wire fraud or cybercrime. See Docket 27 ¶ 41; Docket 33 ¶ 41. At that time, almost all wiring instructions that Huron Title itself had received included wire fraud warnings and instructions to confirm the correct accounts over the phone. Docket 27 ¶ 34; Docket 33 ¶ 34.
As the closing date for Cengiz's purchase neared, Cengiz sent an email on June 10, 2021, to an account belonging to another Huron Title employee, Lara Holt (who goes by Lara Hinricher), inquiring about whether he should send the remaining purchase amount to the account where he previously deposited the $20,000. Docket 34 ¶ 104-06; Docket 27 ¶ 9; Docket 33 ¶ 9. On June 11, 2021, Hinricher's email account responded and sent Cengiz different (and fraudulent) instructions for wiring the remaining funds. See Docket 27 ¶ 52; Docket 33 ¶ 52 (not disputing the email was sent and that the instructions were fraudulent). The same day, Cengiz responded to Hinricher's account requesting the ability to send the remaining money to the original account to which he wired his escrow money. See Docket 27 ¶ 53; Docket 33 ¶ 53. Hinricher's account responded that Cengiz should send the money to a different account. Docket 27 ¶ 53; Docket 33 ¶ 53. On June 14, 2021, relying on the fraudulent instructions he received from Hinricher's account three days earlier, Cengiz wired $659,700 to the fraudster's account. See Docket 27 ¶¶ 55, 61; Docket 33 ¶ 55, 61. Of this amount, Cengiz recovered only $109,735.
Docket 27 ¶ 63; Docket 33 ¶ 63 (not disputing the amount Cengiz recovered). Cengiz also recovered the $20,000 in escrow funds that he originally wired to Huron Title. Docket 34 ¶¶ 184-88. Though the parties dispute how and when the fraudster first compromised Hinricher's email, the parties agree that the fraudster created rules on Hinricher's account to prevent Hinricher from seeing certain emails. See Docket 27 ¶ 59; Docket 33 ¶ 59; Docket 25 at 23-24; Docket 35 at 4-6.
During the relevant time period, Huron Title had the following procedures and policies in place: Huron Title's physical server was located in Sioux Falls, South Dakota. Docket 34 ¶ 29. Huron Title used a third-party company for email protection. Id. ¶ 31. Huron Title also had a physical firewall unit at its office and required its employees to maintain and change passwords to their accounts every 90 days. Id. ¶¶ 32, 43. The company required the passwords to be at least eight characters (which had to include an upper and lower case letter, a number and a symbol). Id. ¶ 44. Huron Title also hosted its production software on two separate servers, had remote desktop connections, and its employees were unable to access the remote desktop connection from their phones. Id. ¶¶ 36-39. Huron Title's employees were only able to access the remote desktop if they were directly hardwired through the network, through the firewall, or if they established a VPN tunnel from their desktop computer to connect with the Sioux Falls server location. Id. ¶ 38.
Hinricher attended annual meetings and participated in educational webinars while employed at Huron Title. Id. ¶ 58. Hinricher reviewed cyber security materials that she received from a 2019 annual meeting on cyber security and phishing attacks. Id. ¶ 59-60. Hinricher also routinely shared updates on phishing scams with her fellow colleagues at Huron Title. Id. ¶ 69. Huron Title and Homestead Holdings occasionally sent their employees information about cyber security and fraud but did not require their employees to attend training on cybercrime. See Docket 27 ¶ 44; Docket 33 ¶ 44 (admitting training was not mandatory but pointing out various possible trainings employees could attend). Huron Title and Homestead Holdings also did not require their employees to read any cybercrime updates that Homestead Holdings' President and corporate counsel for Homestead Holding's Underwriter, Eric Hanson, provided Huron Title. See Docket 27 ¶ 44; Docket 33 ¶ 44 (not disputing that defendants did not require employees to read cybercrime updates from Hanson); Docket 23-2 (Hanson's deposition testimony explaining he is the president and corporate or claims counsel for Homestead Holdings).
In addition to not warning its clients about the dangers of cybercrime and wire fraud, Huron Title did not require its clients who sent in wire transactions, such as Cengiz, to call a Huron Title employee to verify the receiving account information. Docket 27 ¶ 41; Docket 33 ¶ 41. Furthermore, Huron Title did not require employees to use multi-factor authentication to log into their email or computer systems. Docket 27 ¶ 42; Docket 33 ¶ 42.
II. Standards
Under Federal Rule of Civil Procedure 56(a), “[t]he court shall grant summary judgment if the movant shows that there is no genuine dispute as to any material fact and the movant is entitled to judgment as a matter of law.” “[A] genuine issue of material fact exists if: (1) there is a dispute of fact; (2) the disputed fact is material to the outcome of the case; and (3) the dispute is genuine, that is, a reasonable jury could return a verdict for either party.” Morrow v. United States, 47 F.4th 700, 704 (8th Cir. 2022) (alteration in original) (quoting RSBI Aerospace, Inc. v. Affiliated FM Ins. Co., 49 F.3d 399, 401 (8th Cir. 1995)). In reviewing the record, the court views the facts in the light most favorable to the non-moving party. Lissick v. Andersen Corp., 996 F.3d 876, 882 (8th Cir. 2021). While “[t]he mere existence of a scintilla of evidence in support of the [movant's] position will be insufficient[,]” Turner v. XTO Energy, Inc., 989 F.3d 625, 627 (8th Cir. 2021) (citation omitted), a party moving for summary judgment is not entitled to summary judgment just because the facts he offers may appear to be more plausible or because the adversary may be unlikely to prevail at trial, see Handeen v. Lemaire, 112 F.3d 1339, 1354 (8th Cir. 1997).
III. Discussion
Because the court is sitting in diversity, it applies South Dakota substantive law. See Chew v. Am. Greetings Corp., 754 F.3d 632, 635 (8th Cir. 2014); Docket 1 at 1-2. In doing so, the court must follow the decisions of the state's supreme court interpreting the forum's law. See C.S. McCrossan Inc. v. Fed. Ins. Co., 932 F.3d 1142, 1145 (8th Cir. 2019). But if a state's supreme court “has not spoken on an issue, [federal courts] must predict how it would decide the issue[,]” and “may consider relevant state precedent, analogous decisions, considered dicta . . . and any other reliable data.” Olmsted Med. Ctr. v. Cont'l Cas. Co., 65 F.4th 1005, 1008 (8th Cir. 2023) (quoting Brill ex rel. Brill v. Mid-Century Ins. Co., 965 F.3d 656, 659 (8th Cir. 2020)).
A. Negligence
Cengiz's first claim of negligence alleges that defendantsfailed to act as a reasonably prudent title company and closing agent would “by failing to provide industry-standard warnings to Mr. Cengiz regarding wire fraud, by failing to enact and/or follow reasonable cyber-security protocols, and by failing to implement proper technological safeguards.” Docket 1 ¶ 29. Defendants argue that summary judgment is appropriate because Cengiz cannot show that defendants breached their duty of care to Cengiz and that their actions did not cause Cengiz any damages. See Docket 25 at 16-27.
Cengiz sued three different defendants. Docket 1. But none of the parties distinguish between the defendants in their briefings with respect to Cengiz's substantive claims, so the court declines to do so as well. See Greenlaw v. United States, 554 U.S. 237, 243 (2008) (stating courts should follow the “principle of party presentation” by “rely[ing] on the parties to frame the issues for decision and assign to courts the role of neutral arbiter of matters the parties present”).
“In order to prevail in a suit based on negligence, a plaintiff must prove duty, breach of that duty, proximate and factual causation, and actual injury.” Bernie v. Catholic Diocese of Sioux Falls, 821 N.W.2d 232, 240 (S.D. 2012) (citation omitted). To prove duty and breach in a professional negligence suit, “the plaintiff must prove that the professional deviated from the required standard of care.” Hanson v. Big Stone Therapies, Inc., 916 N.W.2d 151, 158 (S.D. 2018). To establish that a professional failed to meet the required standard of care, a plaintiff generally needs to submit expert testimony, unless the area at issue is within the common knowledge, experience, and comprehension of a layperson. See Luther v. City of Winner, 674 N.W.2d 339, 344 (S.D. 2004); Mid-Western Elec., Inc. v. DeWild Grant Reckert & Assocs. Co., 500 N.W.2d 250, 255 (S.D. 1993). This general expert testimony requirement also extends to a plaintiff's burden of proving the defendants' alleged breach caused the plaintiff's injuries. See Burley v. Kytec Innovative Sports Equip., Inc., 737 N.W.2d 397, 407 (S.D. 2007); cf. Koeniguer v. Eckrich, 422 N.W.2d 600, 601 (S.D. 1988) (noting that plaintiffs generally must submit expert testimony on causation in medical malpractice cases).
The court need not decide whether Cengiz must submit expert testimony to support his claims in this context (namely, what the appropriate standards of care are for entities dealing with wire transactions and whether defendants breached their standard of care) because even if expert testimony is required, Cengiz has met such requirement. Indeed, Cengiz has submitted two expert reports in support of his negligence claim. The first expert is Matthew Miller, who has his PhD in computer science and is a senior security software architect. See Docket 30-6 at 3. The second expert is Alan Kravets, a licensed attorney with experience in real-estate transactions who has served as an expert witness four other cases within the past four years. See Docket 30-7 at 1-2.
Starting with the first expert, Miller opined that defendants “did not have sufficient cybersecurity protocols, they knew that they needed to have better cybersecurity protocols, and if they had implemented such cybersecurity protocols, then this attack would have not occurred.” Docket 30-6 ¶ 2. In support, Miller concluded that defendants failed to enable multi-factor authentication, failed to adequately train its employees on phishing or other cyber security attacks, and failed to implement appropriate policies to protect passwords. See id. ¶¶ 9-14. Miller concluded that these failures breached defendants duty of care to Cengiz and caused his damages. See id.
Turning to Cengiz's second expert, Kravets similarly concluded that defendants failed to “[i]mplement and execute policies and procedures appropriate to defend their own company and thus their clients, the Plaintiff, against cyber attacks, especially the dangers of hacking, phishing and [Business E-Mail Compromise].” Docket 30-7 at 5. Kravets also concluded that defendants failed to “ensure that employees received adequate training and guidance about the risks of cyber attacks,” as well as failed to “implement appropriate security policies and procedures governing the wire transfer of their clients' funds both incoming and outgoing.” Id. According to Kravets, some examples of these failures include the defendants' failures to provide warnings about the risks of wire transfers and fraud and to provide Cengiz with direction and guidelines to mitigate loss, and defendants' failure to instruct Cengiz to call Hinricher or Gromer to confirm the bank account information into which he was to wire transfer his funds. Id. at 5-6. These collective failures, Kravets opined, caused Cengiz's loss. Id.
Not only did Cengiz submit two expert reports opining that defendants breached their standard of care to Cengiz and that their breach caused his damages, but defendants themselves admit to many of the facts upon which the experts relied. For example, defendants admit that they “did not require multi-factor authentication to log into their email or computer systems.” Docket 27 ¶ 42; Docket 33 ¶ 42. Defendants also admit that Huron Title did not issue any warnings in its emails or any of its wire instructions regarding cybercrime, nor did Huron Title provide any instructions for its customers wiring money into defendants' trust account to verify the wire via a phone call. Docket 27 ¶ 41; Docket 33 ¶ 41. Defendants failed to provide warnings even though almost all wiring instructions that Huron Title received from others in the industry had similar wire fraud warnings and instructions to confirm with a phone call. Docket 27 ¶ 34; Docket 33 ¶ 34. Furthermore, defendants admit that they did not require their employees to participate in training on cybercrime or read any cybercrime updates. See Docket 27 ¶ 44; Docket 33 ¶ 44 (admitting training and reading cybersecurity updates were not mandatory and but pointing out various possible trainings employees could attend).
Viewing the record in the light most favorable to Cengiz, the court finds summary judgment against Cengiz and in favor of defendants on Cengiz's negligence claim is inappropriate. As discussed, Cengiz has submitted sufficient evidence on the record such that a reasonable juror could find that defendants breached their standard of care towards him and caused his damages.
Resisting this conclusion, defendants point out a variety of measures they had in place to show they acted reasonably. See Docket 31 at 6-7. For example, it is undisputed that defendants occasionally provided information to its employees regarding cyber security and fraud; that Hinricher routinely shared updates on phishing scams with her fellow Huron Title colleagues; that defendants used a third-party company to provide email protection; that Huron Title had a physical firewall unit at its office; that Huron Title limited employee access to the remote desktop connection to when the employee is hardwired through the network, through the firewall, or through a VPN tunnel from the employee's desktop computer; that its employees were not allowed to access the remote desktop connection through their phones; that Huron Title mandated specific password requirements (at least eight characters, including an upper and lower case, a letter, a number, and a symbol); and that employees had to change such passwords every 90 days. See Docket 34 ¶¶ 3132, 35, 36-39, 43-44, 69. Defendants also note that neither of Cengiz's experts mentioned any of these safeguards when reaching their conclusions. See Docket 31 at 7.
But both of defendants' arguments-that they did not breach their standard of care and that Cengiz's experts relied on incomplete information to form their opinion-are generally arguments and questions for the jury. See Ridley v. Sioux Empire Pit Bull Rescue, Inc., 932 N.W.2d 576, 580 (S.D. 2019) (“[W]hether a defendant's conduct constitutes a breach of a duty is a question of fact.”); cf. Synergetics, Inc. v. Hurst, 477 F.3d 949, 955 (8th Cir. 2007) (“As a general rule, the factual basis of an expert opinion goes to the credibility of the testimony, not the admissibility, and it is up to the opposing party to examine the factual basis for the opinion in cross-examination.”) (citation omitted). Thus, the court rejects defendants' first set of arguments.
Defendants next argue the record suggests that the fraudster actually hacked through Cengiz's devices, rather than defendants, and thus Cengiz cannot meet his burden to “conclusively” prove that defendants proximately caused his injuries. See Docket 25 at 27. But “[c]ausation is generally a question of fact for the jury except when there can be no difference of opinion in the interpretation of the facts.” Hamilton v. Sommers, 855 N.W.2d 855, 867 (S.D. 2014) (quoting Weiss v. Van Norman, 562 N.W.2d 113, 113-17 (S.D. 1997)). Furthermore, in determining whether the court should grant summary judgment against Cengiz, the standard is not whether Cengiz can “conclusively” prove defendants caused his loss, but rather whether a reasonable jury could so find. Morrow, 47 F.4th at 704. Here, Cengiz's experts both conclude that defendants' failures to adhere to industry standards caused Cengiz's injuries. See Docket 30-6 at 5-7; Docket 30-7 at 5-6. Defendants themselves admit that “[a] breach of HTC's security is a possibility[.]” Docket 25 at 27. In fact, defendants admit that at some point, the fraudster did in fact hack into Hinricher's email-they only dispute whether this hack is what actually caused Cengiz's loss. See id. (admitting that Hinricher's email was compromised); see also Docket 27 ¶ 59; Docket 33 ¶ 59 (defendants admitting that fraudster created rules on Hinricher's account to prevent Hinricher from seeing emails). Viewing the record in the light most favorable to Cengiz, a reasonable jury could conclude that defendants caused Cengiz's injury. Thus, defendants' causation argument fails.
Defendants argue summary judgment is appropriate here, analogizing the facts in this case with those in Cook v. McGraw Davisson Stewart, LLC, 496 P.3d 1006 (Okla.Civ.App. 2021). In Cook, the plaintiff, Cook, sued his real estate broker after he complied with an email he received that gave incorrect instructions for him to wire money to a bank account. See id. at 1008. Cook sued the estate broker for negligence, arguing that the defendant's email had been hacked and that the defendant had breached its duty to protect his personal and financial information. See id. at 1008-09. Crucially, Cook produced no evidence that the defendant was actually hacked, nor did Cook submit any expert testimony supporting his claim that the defendant caused Cook's loss or breached its duty of care. See id. at 1009, 1011. Thus, the court held that the evidence Cook submitted did not give rise to a reasonable inference that the defendant was hacked or that it breached its duty of care. See id. at 1011. But unlike in Cook, Cengiz has produced two experts who opine that defendants breached their duty of care and caused Cengiz's damages, and has produced evidence that defendants were indeed hacked. See Docket 30-6; Docket 30-7; Docket 27 ¶ 59; Docket 33 ¶ 59. Thus, Cook is distinguishable from the instant case. Here, because a reasonable jury could find that defendants breached their duty of care to Cengiz and caused his losses, the court denies defendants' motion for summary judgment on Cengiz's negligence claim.
For many of the same reasons that the court denies summary judgment against Cengiz on his negligence claim, the court also denies Cengiz's partial motion for summary judgment on such claim against defendants. Cengiz highlights that defendants failed to produce an expert to support their claims that they did not breach their standard of care. See Docket 35 at 3. Under Cengiz's view, determining whether defendants breached their standard of care is beyond the ordinary experience of a jury and requires expert testimony. See id. Because defendants failed to supply their own expert rebutting plaintiffs' expert opinions that defendants did in fact breach their standard of care, Cengiz reasons, the jury would have no way of determining that defendants did not breach their standard of care. See id. In other words, Cengiz argues that it is “undisputed that Defendants' breached [the standard of care] by not having [the necessary] protocols in place.” Id. at 4.
It is true that an expert's role is to assist the jury in interpreting the evidence and determine a fact in issue. See Fed.R.Evid. 702(a). And it is also true that a plaintiff may be required to submit expert testimony to prove their case if their theory requires a layperson to interpret information outside a layperson's ordinary and common experience. See Luther, 674 N.W.2d at 344. But the converse is not true: a defendant who does not bear the burden of proof does not need to provide expert testimony to rebut the plaintiff's expert testimony-even if plaintiff must himself provide expert testimony to prove his claims-because ultimately a jury could decide to reject the expert testimony and find that Cengiz failed to meet his burden of proof. See Russell v. Anderson, 966 F.3d 711, 722 (8th Cir. 2020) (“As for any witness, the jury could accept or reject [the expert's] testimony, in whole or in part”); Ratliff v. Schiber Truck Co., 150 F.3d 949, 954 (8th Cir. 1998) (holding that defendant did not need to rebut plaintiff's expert opinion with their own expert because jury was free to accept or reject plaintiff's expert's testimony). A jury has the ultimate decision on how much weight, if any, to place on any witness's testimony, including Cengiz's experts, and can make this determination without rebuttal expert testimony from defendants.
Here, Cengiz's argument improperly shifts the burden to defendants. Defendants do not have the burden of proving they were not negligent. Rather, for summary judgment purposes, they need only show that the record contains a genuine dispute of material fact regarding whether they breached their duty of care and caused Cengiz's damages. With respect to breach, defendants have submitted sufficient evidence in the record such that a reasonable jury could find that the plaintiffs failed to meet their burden to prove defendants violated their standard of care. Although defendants do not have an expert to refute Miller's and Kravet's conclusions, a jury could still reasonably reject their opinions both because the jury may find their testimony uncredible and because of the above-discussed protocols defendants had in place. See Russell, 966 F.3d at 722. This conclusion is particularly appropriate given that the issue of whether defendants breached their duty of care to Cengiz is ordinarily a jury question. See Ridley, 932 N.W.2d at 580. The record contains a dispute of material fact about whether defendants breached their duty of care to Cengiz.Thus, the court denies summary judgment in favor of Cengiz and against defendants on Cengiz's negligence claim.
Because a reasonable jury could find that defendants did not breach their duty of care and because Cengiz bears the burden of proving every element of negligence, the court need not reach the issue of whether the record contains a material dispute of fact with respect to causation. See Bernie, 821 N.W.2d at 240; Kuehl v. Horner (J.W.) Lumber Co., 678 N.W.2d 809, 812 (S.D. 2004) (describing each element of negligence as “necessary”).
Cengiz states that he intends to move for sanctions against defendants should they proceed with their argument that the fraudster first hacked into Cengiz's devices. See Docket 35 at 5-6. The court expresses no view on this issue.
B. Breach of Contract
To succeed on a breach of contract claim, a plaintiff must prove he entered into an enforceable promise with the defendant, the defendants breached that promise, and he suffered damages. See Gul v. Ctr. for Family Med., 762 N.W.2d 629, 633 (S.D. 2009). While the existence and interpretation of a contract are ordinarily questions of law for the court to decide, such questions are for the jury if the underlying facts about whether a contract exists and its terms are in dispute. See J. Clancy, Inc. v. Khan Comfort, LLC, 955 N.W.2d 382, 389 (S.D. 2021).
“A contract is either express or implied. An express contract is one, the terms of which are stated in words. An implied contract is one, the existence and terms of which are manifested by conduct.” SDCL § 53-1-3. The South Dakota Supreme Court has defined an implied contract as:
A contract is implied in fact where the intention as to it is not manifested by direct or explicit words by the parties, but is to be gathered by implication or proper deduction from the conduct of the
parties, language used, or acts done by them, or other pertinent circumstances attending the transaction.Setliff v. Akins, 616 N.W.2d 878, 885 (S.D. 2000) (quoting Weller v. Spring Creek Resort, Inc., 477 N.W.2d 839, 841 (S.D. 1991)). Determining the existence and scope of an implied contract is inherently circumstance and fact dependent, because by definition, implied contracts arise from the parties' conduct and actions rather than by express words. See id.
Here, Cengiz alleges defendants breached an implied contract between himself and defendants because defendants “fail[ed] to receive and hold the purchase funds and [failed] to maintain proper safeguards in regard to the same.” Docket 1 ¶ 33. Defendants do not dispute the existence of some implied contract, but rather disagree on the scope of their agreement. See Docket 25 at 27-28. While Cengiz argues that defendants “agreed to properly request and hold all the funds for the transaction[,]” Docket 35 at 7 (emphasis added), defendants argue that the agreement was limited to them properly holding and maintaining only the escrow funds Cengiz sent to defendants. See Docket 25 at 27-28. Because the scope of this agreement is in dispute and its determination turns on a number of factual disputes, the court denies defendants' motion for summary judgment on Cengiz's breach of contract claim.
C. Breach of Fiduciary Duty
“To recover for breach of fiduciary duty, a plaintiff must prove: (1) that the defendant was acting as plaintiff's fiduciary; (2) that the defendant breached a fiduciary duty to plaintiff; (3) that plaintiff incurred damages; and (4) that the defendant's breach of the fiduciary duty was a cause of plaintiff's damages.” Redlin v. First Interstate Bank, 2 N.W.3d 729, 734 (S.D. 2024) (quoting Chem-Age Indus., Inc. v. Glover, 652 N.W.2d 756, 772 (S.D. 2002)). “It is generally accepted that an escrow agent is the agent and fiduciary of all parties to an escrow agreement.” Wandler v. Lewis, 567 N.W.2d 377, 384 (S.D. 1997) (quoting Am. State Bank v. Adkins, 458 N.W.2d 807, 810 S.D. 1990)). An escrow agent has a fiduciary duty “to act scrupulously and honestly in carrying out his duties.” Adkins, 458 N.W.2d at 811.
In Adkins, the South Dakota Supreme Court explained that “scrupulously and honestly” meant, “[a]mong other things,” that “the escrow agent may not act to defraud one of the parties to the escrow agreement” or “profit personally as a result of his status as escrow agent.” Id. (emphasis added). But Adkin's description is not directly applicable here, because Cengiz does not claim that defendants acted with fraudulent intent or dishonestly. See Docket 35 at 7-8; see also Docket 1 ¶¶ 35-38 (alleging that defendants failed to adopt and carry out “commercially accepted cyber-security policies and procedures and warning him against cyber-security threats.”). Rather, Cengiz argues only that defendants failed to act “scrupulously.” See Docket 35 at 7-8.
Neither party cites, and this court is unaware of, a South Dakota Supreme Court decision that explains what it means for an escrow agent to act “scrupulously.” Thus, the court must predict how the South Dakota Supreme Court would define “scrupulously.” See Olmsted, 65 F.4th at 1008. Without direct guidance from the South Dakota Supreme Court, the court first observes that while some dictionary definitions provide that “scrupulous” deals with moral integrity and honesty, other definitions simply define the term to refer to being precise or exacting. See Scrupulous, Merriam-Webster's Unabridged Dictionary, https://unabridged.merriam-webster.com/unabridged/scrupulous (last accessed Feb. 16, 2024); Scrupulous (adj.), Oxford English Dictionary, https://doi.org/10.1093/OED/7109726717 (last accessed Apr. 22, 2024); see also Matter of Estate of Gossman, 555 N.W.2d 102, 105-06 (S.D. 1996) (looking to dictionary meanings when interpreting a statute).
Numerous other state courts hold that one of an escrow agent's fiduciary duties, in addition to acting honestly, include acting with skill and diligence. See Meridian Title Corp. v. Pilgrim Financing, LLC, 947 N.E.2d 987, 992 (Ind.Ct.App. 2011); Maxfield v. Martin, 173 P.3d 476, 478 (Ariz.Ct.App. 2007); Denaxas v. Sandstone Ct. of Bellevue, L.L.C., 63 P.3d 125, 129 (Wash. 2003); United Am. Bank of Cent. Florida, Inc. v. Seligman, 599 So.2d 1014, 1016 (Fla. Dist. Ct. App. 1992); Broussard v. Hill, 682 P.2d 1376, 1378 (Nev. 1984). And at least one leading treatise confirms that “escrow holders have a fiduciary duty to exercise reasonable skill and ordinary diligence.” 28 Am. Jur. 2d Escrow § 23 (2024).
Based on dictionary definitions, a survey of numerous other state court decisions, and a leading treatise, the court predicts that Adkin's requirement that escrow agents act “scrupulously” means that they must act with reasonable skill and diligence, independent of acting honestly.
So the issue here is determining whether defendants breached their fiduciary duty to act “scrupulously,” which turns on whether defendants acted with reasonable skill and diligence. See Adkins, 458 N.W.2d at 811. Making this determination is a factual question. Estate of Thacker v. Timm, 984 N.W.2d 679, 687 (S.D. 2023) (citing Smith Angus Ranch, Inc. v. Hurst, 962 N.W.2d 626, 629 (S.D. 2021)). For the same reasons that summary judgment against Cengiz was inappropriate in his negligence claim with respect to breach, the court finds that the record contains material disputes of fact on whether defendants acted scrupulously towards Cengiz and in turn breached their fiduciary duty towards Cengiz.Defendants themselves implicitly accept that Cengiz's negligence and breach of fiduciary claims follow the same fate. See Docket 25 at 29 (expressly incorporating their arguments regarding breach of duty of care from negligence into section regarding breach of fiduciary duty). Thus, the court denies defendants' motion for summary judgment on Cengiz's breach of fiduciary duty claim.
Just as the court did not need to resolve whether Cengiz must submit expert testimony for his negligence claim, the court does not need to reach this issue either on the breach of fiduciary duty claim for almost identical reasons: he submitted at least one expert in support. See Docket 30-7 at 1 (showing Kravets evaluated both Cengiz's negligence and breach of fiduciary duty claims).
IV. Conclusion
For these reasons, it is ORDERED that
1) Defendants' motion for summary judgment (Docket 22) is DENIED; and that 2) Plaintiff's motion for partial summary judgment (Docket 26) is DENIED.