Opinion
CASE NO. C17-1766RSM
05-02-2018
ORDER GRANTING IN PART AND DENYING IN PART MOTIONS TO DISMISS
I. INTRODUCTION
This matter comes before the Court on Defendant U.S. Bank's Motion to Dismiss and the individual Defendants' joinder in that motion. Dkts. #62 and #63. Defendants argue that: 1) Plaintiff's claims for conversion, intentional interference with business relationships and breach of fiduciary duty of loyalty are all preempted by Washington's Uniform Trade Secret Act ("UTSA"); 2) Plaintiff fails to state a claim for relief for misappropriation of trade secrets under state and federal law; and 3) Plaintiff fails to state a claim for relief under the Computer Fraud and Abuse Act ("CFAA") against the individual Defendants. Id. Plaintiff responds that it has adequately pled facts to support its claims separate and apart from those facts that support its statutory trade secrets claims, and that its remaining claims have been adequately pled under Federal Rule of Civil Procedure 8. Dkt. #64. For the reasons set forth below, the Court now GRANTS IN PART and DENIES IN PART Defendants' motions to dismiss.
II. BACKGROUND
The instant matter was filed in this Court on November 22, 2017. Dkt. #1. Plaintiff MUFG Union Bank, N.A. ("Union Bank") alleges that a group of its former employees resigned en masse after planning for several months to take trade secrets, documents and confidential information that they are now utilizing to take business from it and unfairly compete with it. Dkt. #1 at ¶ ¶ 8-22. Plaintiff further alleges that Defendant U.S. Bank knew of the individuals' actions and encouraged them. Id. at ¶ ¶ 19-22. Based on these allegations, Union Bank asserts six claims for relief against the Defendants: 1) breach of fiduciary duty of loyalty (against all Defendants); 2) intentional interference with business relationships (against all Defendants); 3) misappropriation of trade secrets under Washington's UTSA, RCW 19.108.010, et seq. (against all Defendants); 4) conversion (against all Defendants); 5) misappropriation of trade secrets under the Defend Trade Secrets Act ("DTSA"), 18 U.S.C. § 1831, et seq. (against all Defendants); and 6) violations of the Computer Fraud and Abuse Act ("CFAA"), 18 U.S.C. § 1030, et seq. (against the individual Defendants). Id. at ¶ ¶ 23-56. Defendants have now moved to dismiss all claims.
Plaintiff erroneously pleads two "Fifth" Claims for Relief in its Complaint. Dkt. #1 at ¶ ¶ 45-56. For ease of reference, the Court will refer to the CFAA claim against the individual Defendants as the CFAA claim or as Plaintiff's sixth claim for relief.
III. DISCUSSION
A. Legal Standard
In deciding a 12(b)(6) motion, this Court is limited to the allegations on the face of the Complaint (including documents attached thereto), matters which are properly judicially noticeable and other extrinsic documents when "the plaintiff's claim depends on the contents of a document, the defendant attaches the document to its motion to dismiss, and the parties do not dispute the authenticity of the document, even though the plaintiff does not explicitly allege the contents of that document in the complaint." Knievel v. ESPN, 393 F.3d 1068, 1076 (9th Cir. 2005). The Court must construe the complaint in the light most favorable to the Plaintiff and must accept all factual allegations as true. Cahill v. Liberty Mutual Ins. Co., 80 F.3d 336, 337-38 (9th Cir. 1996). The Court must also accept as true all reasonable inferences to be drawn from the material allegations in the Complaint. See Brown v. Elec. Arts, Inc., 724 F.3d 1235, 1247-48 (9th Cir. 2013); Pareto v. F.D.I.C., 139 F.3d 696, 699 (9th Cir. 1998). However, the Court is not required to accept as true a "legal conclusion couched as a factual allegation." Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009) (quoting Bell Atl. Corp. v. Twombly, 550 U.S. 544, 555 (2007)).
B. Claims at Issue
Defendants move for the dismissal of all causes of action in this matter. The Court addresses each of those claims, in turn, below.
1. Plaintiff's Claims for Breach of Fiduciary Loyalty, Intentional Interference with Business Relationships and Conversion
Defendants first move to dismiss Plaintiff's First, Second and Fourth Claims for Relief alleged against all Defendants, on the basis that Washington's trade secret laws displace those theories of liability. Dkts. #62 at 4-8 and #63 at 3-5. Plaintiff opposes the motion, arguing that the facts supporting the claims for breach of fiduciary duty of loyalty, intentional interference with business relationships, and conversion are different that those facts it relies on in support of its claim for misappropriation of trade secrets. Dkt. #64 at 5-9.
Washington's UTSA prohibits misappropriation of trade secrets. RCW 19.108, et seq.; Thola v. Henschell, 140 Wn. App. 70, 76, 164 P.3d 524, 528 (2007). Before the legislature enacted the UTSA, the common law prohibited similar acts. See, e.g., J.L. Cooper & Co. v. Anchor Secs. Co., 9 Wn.2d 45, 64, 113 P.2d 845 (1941) (allowing equitable action against a former employee who used a confidential customer list in his new business venture). But the UTSA is not a catch-all for industrial torts. Electro-Craft Corp. v. Controlled Motion, Inc., 332 N.W.2d 890, 897 (Minn. 1983). The UTSA "displaces conflicting tort, restitutionary, and other law of this state pertaining to civil liability for misappropriation of a trade secret." RCW 19.108.900(1). However, it does not affect "[c]ontractual or other civil liability or relief that is not based upon misappropriation of a trade secret." RCW 19.108.900(2)(a).
When examining whether a civil claim is preempted by the UTSA, courts often utilize a three-step analytical framework as a "helpful guide," beginning with the premise that a plaintiff "may not rely on acts that constitute trade secret misappropriation to support other causes of action." Thola, 140 Wn. App. at 82 (citing to Mortgage Specialists, Inc. v. Davey, 153 N.H. 764, 778-79, 904 A.2d 652 (2006) and Ed Nowogroski Ins., Inc. v. Rucker, 88 Wn. App. 350, 358, 944 P.2d 1093 (1997), aff'd, 137 Wn.2d 427 (1999) (Rucker I)). Using this framework, the Court: (1) assesses the facts that support the plaintiff's civil claim, (2) asks whether those facts are the same as those that support the plaintiff's UTSA claim, and (3) will conclude that the UTSA preempts liability on the civil claim unless the common law claim is factually independent from the UTSA claim. See Mortgage Specialists, Inc. v. Davey, 153 N.H. 764, 778-79, 904 A.2d 652 (2006). This three-step analysis is meant to preclude duplicate recovery for a single wrong. Accordingly, the Court now turns to each of Plaintiff's claims.
In Claim One, Plaintiff asserts a breach of the fiduciary duty of loyalty. Dkt. #1 ¶ ¶ 23-29. Plaintiff alleges that the individual Defendants owed Union Bank an undivided duty of loyalty which prohibited them from soliciting customers for their own benefit and/or for rival businesses and from acting in direct competition with Union Banks' business interests, and that they breach that duty by soliciting Amazon.com business on behalf of themselves and U.S. Bank while still employed by Union Bank, soliciting individuals who had received pre-approval from Union Bank to move their business to U.S. Bank, and stealing Union Bank's confidential and trade secret business and customer information in order to unfairly compete against Union Bank. Dkt. #1 at ¶ ¶ 24-25. Plaintiff further alleges that individual Defendants Tyler and Fogliani, who worked in managerial positions, breached the duty by soliciting other employees to leave and work for their competitor, and by disclosing Plaintiff's confidential financial compensation information to Defendant U.S. Bank. Id. at ¶ 26. Finally, Plaintiff alleges that Defendant U.S. Bank conspired and agreed with the individual Defendants to misappropriate Plaintiff's trade secrets and confidential information, and aided, abetted, and assisted the individual Defendants in breaching the duty owed to Plaintiff. Id. at ¶ ¶ 27-28.
The Court agrees with Defendants that those facts focus on the alleged misappropriation of confidential and proprietary information, and that Plaintiff's UTSA claim relies on the same facts. Id. at ¶ ¶ 35-39. Indeed, in its Third Claim for Relief, Plaintiff alleges that prior to leaving employment, the individual Defendants misappropriated customer lists, pricing information, customer contact information, customer financial data, social security numbers, and forms 1003 Uniform Residential Loan Applications, that U.S. Bank aided, abetted and facilitated those actions, and that Defendants used the information for their own benefit. Id.
Plaintiff attempts to salvage Claim One by noting it alleged specifically that the individual Defendants solicited Amazon.com in support of its breach of duty claim but not in support of its trade misappropriate claim, and therefore the claims do not rest on the same facts. Dkt. #64 at 6-7. The Court is not persuaded. When comparing the two claims, the essence of both is that the Defendants allegedly used misappropriated information to make such solicitations, inter alia, for their own benefit. Thus, the Court agrees that the claim for breach of fiduciary duty of loyalty is preempted or "displaced" by UTSA and the claim should be dismissed.
Likewise, the Court will dismiss the Second and Fourth Claims for Relief. In Claim Two, Plaintiff asserts intentional interference with business relationships, and in Claim Four Plaintiff asserts conversion. Dkt. #1 at ¶ ¶ 30-34 and 40-44. In each of those claims, Plaintiff relies on the same conduct. Id. For example, in Claim Two, Plaintiff alleges that Defendants used pre-financing approvals to interfere with the business relationship with Amazon.com. Id. at ¶ ¶ 30-34. In Claim Four, Plaintiff alleges that Defendants took proprietary documents and information and used them to unfairly compete for business. Id. at ¶ ¶ 40-44. As with the breach of duty claim, Claims Two and Four are not factually independent from the UTSA claim. Compare Dkt. #1 ¶ ¶ 35-39 with ¶ ¶ 30-34 and 40-44. Accordingly, those claims will also be dismissed.
C. Misappropriation of Trade Secrets Under State and Federal Law
Defendant U.S. Bank next argues that Plaintiff has failed to adequately allege claims for misappropriation of trade secrets under state and federal law. Dkt. #62 at 14-18. Defendant argues that under both Washington's UTSA and under the federal DTSA, Plaintiff alleges only bare legal conclusions, not supported by sufficient factual allegations. Dkt. #62 at 14-18. The Court disagrees.
To state a claim under Washington's UTSA, a plaintiff must plead (1) the existence of a protectable trade secret, and (2) facts constituting misappropriation. Inteum Co., LLC v. Nat'l Univ., 2017 U.S. Dist. LEXIS 212095, *8-9 (W.D. Wash. Dec. 27, 2017) (citing RCW § 19.108). A trade secret is "any information, including a formula, pattern, compilation, program, device, method, technique, or process." Id. (citing § 19.108.010). A trade secret is protectable if it "derives independent economic value . . . from not being generally known" and is the "subject of efforts that are reasonable under the circumstances to maintain its secrecy." Inteum Co., LLC v. Nat'l Univ., 2017 U.S. Dist. LEXIS 212095, *8-9 (citing § 19.108.010). Misappropriation includes disclosure "of a trade secret of another without express or implied consent, by [an entity that] . . . at the time of disclosure or use, knew or had reason to know that" it was under "a duty to maintain its secrecy or limit its use." Id. (citing § 19.108.010(2)(b)(ii)). The federal DTSA provides nearly identical definitions. See 18 U.S.C. § 1839.
As it highlights in its response brief, Plaintiff has alleged facts that go beyond a mere recitation of the elements of misappropriation and states a claim that is plausible on its face. In its Complaint, Plaintiff alleges that:
Employees' plan included, and Employees in fact engaged in, taking and misappropriating Union Bank's trade secrets and confidential, proprietary information as well as taking and misappropriating documents . . . .Dkt. #1 at ¶ 14. Plaintiffs further allege that:
• "Defendants Tyler and Fogliani, both of whom worked for Union Bank in managerial positions, had access to confidential compensation and performance-related information for the Employees and disclosed that information to U.S. Bank." (Dkt. #1 at ¶ 17);
• "[p]rior to the end of their employment with Union Bank, Employees misappropriated, inter alia, Union Bank's customer lists, pricing information, customer contact information, customer financial data, social security numbers, and forms 1003 Uniform Residential Loan Applications" (Dkt. #1 at ¶ 36);
• "U.S. Bank was aware of Employees' intentions to take Union Bank's confidential and trade secret information and use that information to solicit Union Bank's
customers to move their business to U.S. Bank and encouraged Employees to do so" (Dkt. #1 ¶ 20);
• "[s]ince becoming employed by U.S. Bank, Employees have wrongfully possessed and used Union Bank's confidential trade secrets and information to solicit pre-approved customer loans from Union Bank to U.S. Bank and otherwise take business away from Union Bank and accrue that business to U.S. Bank and Employees" (Dkt. #1 at ¶ 19); and
• "U.S. Bank continues to profit from, possess, and have custody over the confidential and trade secret information which Employees misappropriated from Union Bank and took with them to U.S. Bank." (Dkt. #1 at ¶ 21).
Whether Plaintiff can prove those facts, and whether such facts will ultimately satisfy the elements of the claims remains for another day. At this time, the Court finds that a plausible claim has been pled, and will not dismiss these claims.
D. Consumer Fraud and Abuse Act Claim
Finally, the individual Defendants ask the Court to dismiss Plaintiff's CFAA claim against them. Dkt. #63 at 5-6. The CFAA was enacted in 1984 to enhance the government's ability to prosecute computer crimes. LVRC Holdings LLC v. Brekka, 581 F.3d 1127, 1130 (9th Cir. 2009). The Act was originally designed to target hackers who accessed computers to steal information or to disrupt or destroy computer functionality, as well as criminals who possessed the capacity to "access and control high technology processes vital to our everyday lives . . . ." Id. at 1130-31. The CFAA prohibits a number of different computer crimes, the majority of which involve accessing computers without authorization or in excess of authorization, and then taking specified forbidden actions, ranging from obtaining information to damaging a computer or computer data. Brekka, 581 F.3d at 1130-31 (citing 18 U.S.C. § 1030(a)(1)-(7) (2004). The individual Defendants argue that the Ninth Circuit Court of Appeals' decision in Brekka, supra, forecloses Plaintiff's claim against them. Dkt. #63 at 5-6. The Court agrees.
Plaintiff alleges that the individual Defendants violated CFAA, but do not specify the subsection of the statute. See Dkt. #1 at ¶ ¶ 53-56. However, it appears that Plaintiff alleges a violation of 18 U.S.C. § 1030(a)(4), in that Plaintiff alleges the individual Defendants without authorization or exceeding authorized access, and with the intent to defraud, intentionally accessed and obtained information from a protected computer. Id. Through briefing, it appears that Plaintiff is now focusing on the "exceeds authorized access" language of that subsection. Dkt. #64 at 10.
The CFAA creates a right of action for private persons injured by such crimes. Section 1030(g) provides in pertinent part:
Any person who suffers damage or loss by reason of a violation of this section may maintain a civil action against the violator to obtain compensatory damages and injunctive relief or other equitable relief. A civil action for a violation of this section may be brought only if the conduct involves 1 of the factors set forth in clause (I), (II), (III), (IV), or (V) of subsection (c)(4)(a)(i).18 U.S.C. § 1030(g). Subsection (c)(4)(a)(i) includes "loss to 1 or more persons during any 1-year period (and, for purposes of an investigation, prosecution, or other proceeding brought by the United States only, loss resulting from a related course of conduct affecting 1 or more other protected computers) aggregating at least $5,000 in value." 18 U.S.C. § 1030(c)(4)(a)(i)(I). Plaintiff alleges that the violation caused such a loss. Dkt. #1 at ¶ 56. Thus, to bring an action successfully under 18 U.S.C. § 1030(g) based on a violation of 18 U.S.C. § 1030(a)(2), Plaintiff must show that the individual Defendants: (1) accessed a "protected computer," (2) without authorization or exceeding such authorization that was granted, 3) "knowingly" and with "intent to defraud," and thereby (4) "further[ed] the intended fraud and obtain[ed] anything of value," causing (5) a loss to one or more persons during any one-year period aggregating at least $ 5,000 in value. See 18 U.S.C. § 1030(a).
In Brekka, the Ninth Circuit Court of Appeals held:
In interpreting the phrase "without authorization," we start with the plain language of the statute. See United States v. Blixt, 548 F.3d 882, 887 (9th Cir. 2008). The CFAA does not define "authorization," and it is a "fundamental canon of statutory construction . . . that, unless otherwise defined, words will be interpreted as taking their ordinary, contemporary, common meaning." Perrin v. United States, 444 U.S. 37, 42, 100 S. Ct. 311, 62 L. Ed. 2d 199 (1979); see also United States v. Morris, 928 F.2d 504, 511 (2d Cir. 1991) (holding that the word "authorization" for purposes of the CFAA is "of common usage, without any technical or ambiguous meaning," and therefore the district court "was not obliged to instruct the jury on its meaning"). Authorization is defined in the dictionary as "permission or power granted by an authority." RANDOM HOUSE UNABRIDGED DICTIONARY, 139 (2001); see also WEBSTER'S THIRD INTERNATIONAL DICTIONARY, 146 (2002) (defining authorization as "the state of being authorized" and "authorize" as "to endorse, empower, justify, permit by or as if by some recognized or proper authority"). Based on this definition, an employer gives an employee "authorization" to access a company computer when the employer gives the employee permission to use it. Because LVRC permitted Brekka to use the company computer, the "ordinary, contemporary, common meaning," Perrin, 444 U.S. at 42, of the statute suggests that Brekka did not act "without authorization."
No language in the CFAA supports LVRC's argument that authorization to use a computer ceases when an employee resolves to use the computer contrary to the employer's interest. Rather, the definition of "exceeds authorized access" in § 1030(e)(6) indicates that Congress did not intend to include such an implicit limitation in the word "authorization." Section 1030(e)(6) provides: "the term 'exceeds authorized access' means to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter." 18 U.S.C. § 1030(e)(6). As this definition makes clear, an individual who is authorized to use a computer for certain purposes but goes beyond those limitations is considered by the CFAA as someone who has "exceed[ed] authorized access." On the other hand, a person who uses a computer "without authorization" has no rights, limited or otherwise, to access the computer in question. In other words, for purposes of the CFAA, when an employer authorizes an employee to use a company computer subject to certain limitations, the employee remains authorized to use the
computer even if the employee violates those limitations. It is the employer's decision to allow or to terminate an employee's authorization to access a computer that determines whether the employee is with or "without authorization."Brekka, 581 F.3d at 1132-33 (emphasis added).
This leads to a sensible interpretation of §§ 1030(a)(2) and (4), which gives effect to both the phrase "without authorization" and the phrase "exceeds authorized access": a person who "intentionally accesses a computer without authorization," §§ 1030(a)(2) and (4), accesses a computer without any permission at all, while a person who "exceeds authorized access," id., has permission to access the computer, but accesses information on the computer that the person is not entitled to access.
In the instant matter, Plaintiff alleged that prior to November 6, 2017, the individual Defendants were employed by Plaintiff. Dkt. #1 at ¶ 8. Plaintiff further alleges that the individual Defendants sold residential mortgages, and that two of the individual Defendants had access to certain confidential information in their managerial positions. Id. at ¶ ¶ 10 and 17. There appears to be no dispute that the individual Defendants had permission to access their computers, and in fact were required to do so for their jobs. See id. at ¶ 54. Further, Plaintiff alleges that various proprietary documents and electronically stored trade secrets were taken while the individual Defendants were still employed. Id. at ¶ 18. Thus, this Court can only conclude that the individual Defendants had authorization to use their computers. See Brekka, 581 F.3d at 1132-33.
Plaintiff argues that their claim rests on the allegation that the individual Defendants exceeded their authorized access and therefore violated the CFAA. Dkt. #64 at 10. It is true that the definition of the term "exceeds authorized access" from § 1030(e)(6) implies that an employee can violate employer-placed limits on accessing information stored on the computer. Brekka, 581 F.3d at 1135. However, Plaintiff fails to plead a single fact to support that conclusory allegation. See Dkt. #1 at ¶ ¶ 8-22. Thus, the Court finds that Plaintiff has failed to adequately plead a claim that the individual Defendants exceeded their authorized access, and the Court will dismiss this claim.
E. Leave to Amend
Ordinarily, leave to amend a complaint should be freely given following an order of dismissal, "unless it is absolutely clear that the deficiencies of the complaint could not be cured by amendment." Noll v. Carlson, 809 F.2d 1446, 1448 (9th Cir. 1987); see also DeSoto v. Yellow Freight Sys., Inc., 957 F.2d 655, 658 (9th Cir. 1992) ("A district court does not err in denying leave to amend where the amendment would be futile." (citing Reddy v. Litton Indus., Inc., 912 F.2d 291, 296 (9th Cir. 1990)).
With respect the Plaintiff's First, Second and Fourth Claims for Relief, the Court has determined that Plaintiff's claims are not factually distinct as drafted. Further, the Court concludes that granting leave to amend those claims would be futile. The Court can conceive of no possible cure for the deficiencies in Plaintiff's Complaint as to those claims, particularly given the invalidity of Plaintiff's arguments as discussed above. Accordingly, leave to amend these claims will not be granted.
With respect to the CFAA claim against the individual Defendants, although the Court has determined that the Complaint is factually deficient, Plaintiff asserts arguments in its brief which, if adequately supported by alleged facts, may state a claim for relief. Thus, the Court will allow Plaintiff to attempt to cure its deficiencies through amendment as to that claim.
F. Defendant U.S. Bank's Motion to Stay Discovery
Defendant U.S. Bank has filed a motion to stay discovery pending a determination on the motions to dismiss, which was noted for consideration on April 27, 2018. Dkt. #71. Given the Court's decision on these motions, the Court now DENIES the pending motion to stay discovery AS MOOT.
IV. CONCLUSION
Having reviewed the parties' motions, along with the remainder of the record, the Court hereby finds and ORDERS:
1. Defendants' Motions to Dismiss (Dkts. #62 and #63) are GRANTED IN PART and DENIED IN PART as discussed above, with leave to amend the CFAA claim only. Any amended complaint shall be filed no later than 20 days from the date of this Order. Should Plaintiff decline to file any Amended Complaint, Plaintiff's "Sixth" claim for relief under the CFAA will be dismissed with prejudice.
2. Plaintiff's First, Second and Fourth Claims for Relief are DISMISSED with prejudice.
3. Plaintiff's Third and Fifth Claims for trade misappropriation under state and federal law will proceed at this time.
4. Defendant U.S. Bank's pending Motion to Stay Discovery (Dkt. #71) is DENIED AS MOOT.
DATED this 2 day of May 2018.
/s/_________
RICARDO S. MARTINEZ
CHIEF UNITED STATES DISTRICT JUDGE