From Casetext: Smarter Legal Research

Stella Systems, LLC v. Medeanalytics, Inc.

UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF CALIFORNIA San Francisco Division
Nov 10, 2014
No. C 14-00880 LB (N.D. Cal. Nov. 10, 2014)

Opinion

No. C 14-00880 LB

11-10-2014

STELLA SYSTEMS, LLC, and ZLAGODA TEKHNOLOGII, Plaintiffs, v. MEDEANALYTICS, INC., et al., Defendants. MEDEANALYTICS, INC., et al., Counterclaimants, v. STELLA SYSTEMS, LLC, ZLAGODA TEKHNOLOGII, and OLESKIY STEPANOVSKIY, Counter-defendants.


ORDER DENYING MEDE'S MOTION FOR A PRELIMINARY INJUNCTION AND ORDERING PROCESSES REGARDING THIRD-PARTY VERIFICATION

[Re: ECF Nos. 62 and 115]

INTRODUCTION

Medeanalytics is a healthcare analytics firm that provides its healthcare clients with software tools to analyze patient data to deliver efficient, cost-effective services. See Wieland Decl., ECF No. 61-1, ¶¶ 2-4. Stella Systems is its former contractor and did the data analysis that Mede provided to its clients. Second Amended Complaint, ECF No. 74, ¶ 3. Stella's engineers coded on Mede's platforms, and to do that, they accessed Mede's proprietary software and source code via a secure Mede-controlled server. Gavrylenko Decl., ECF No. 63, ¶ 8. As a necessary part of the process, Stella's engineers routinely created copies of Mede's source code on their computers. Id. Mede paid for these computers. Id.

Citations are to the Electronic Case File ("ECF") with pin cites to the ECF-generated page number at the top of the document.

The parties' business relationship lasted for almost ten years until February 2014. Mede did not renew the parties' contract, and it expired on February 28, 2014. Stella sued on February 26, 2014, claiming breach of contract and interference with prospective economic advantage, in part based on Mede's allegedly poaching Stella's employees. See id.; ECF No. 1. Mede counterclaimed that Stella stole its trade secrets and breached the contract. See ECF No. 22.

On September 23, 2014, Mede moved for a temporary restraining order and an order to show cause why a preliminary injunction should not issue against Stella. See ECF No. 62. Mede asserts that Stella repeatedly failed to return Mede's computers and confidential information and "appears to be trying to use Mede's information to compete with Mede." Id. at 14. It asked the undersigned to: (1) enjoin Stella from using its source code, client site builds, and other confidential information; (2) enjoin Stella from using computers that have confidential information on them; and (3) require Stella to return all confidential information in 72 hours and move all computers and storage devices into third-party storage in 72 hours and then negotiate terms for access to the facility and equipment. See ECF No. 62-1. That day, the undersigned set a hearing for September 25, 2014. See ECF No. 73.

Stella opposed the motion on September 24, 2014 and supplemented its opposition on the record on September 25, 2014. See ECF No. 71; Digital FTR Recording, 9/25/14. It opposed the TRO on the following grounds: (1) it returned most computers and was entitled to keep the remaining 40 computers; (2) it returned Mede's confidential information; (3) the alleged improper use of Mede's trades secrets was either (a) in February 2014, which was during the contract period when Stella was working for Mede, or (b) in March 2014 and was related to a former Stella employee who then was working for Mede as an independent contractor; and (4) Mede did not establish urgency. It asked the court to allow it an adequate opportunity to respond. See ECF No. 71 at 4.

Because Mede did not establish an urgent need for action, the court deferred consideration of its motion for preliminary injunctive relief to allow Stella to file a full opposition. It also ordered the parties to submit to third-party verification of all disputed hardware to determine whether Mede's confidential information was on the hardware. See 9/26/14 Ooder. Following full briefing, the undersigned held a hearing on November 4, 2014. It also addressed the parties' disagreements about the third-party verification process. See Joint Letter Brief, ECF No. 115.

For the reasons set forth below, the court denies Mede's motion for a preliminary injunction and orders certain procedures about the third-party verification.

STATEMENT

I. MEDE'S CONFIDENTIAL TECHNOLOGIES

The parties do not dispute that Mede uses confidential technologies to provide its clients with healthcare analytics. Vitaliy Gavrylenko, Mede's Vice President of IT and System Engineering, provided context in his declaration about Mede's products, the services that Mede contracted with Stella to provide, and Mede's confidential and proprietary information. See Gavrylenko Decl., ECF No. 63, ¶ 1. Mr. Gavrylenko joined Mede in April 2013 as an Associate Vice President of Operations. Id. ¶¶ 1, 4. Before he joined Mede, he worked from Stella from August 2004 to early 2013 as its Operations Manager and managed a team of over 100 Stella employees, primarily engineers who worked on Mede software-development projects. Id. ¶ 3.

Mede uses source code, Mede-customized SQL and OLAP scripts (which enable the functionality of databases), predictive models (meaning, predictive-modeling algorithms), compliance engines, and configuration files. See Wieland Decl., ECF No. 61-1, ¶¶ 8, 11-12, 16; Gavrylenko Decl., ECF No. 63, ¶¶ 8-13; Opposition, ECF No. 71. Stella does not dispute that it accessed and used this confidential information as part of its contracted work or that confidential information was on its engineers' local computers. For example, Stella's engineers performed extensive coding work on Mede's platforms and specific Mede products by logging into a Mede-controlled server in California and checking out Mede's confidential and proprietary platform and application source code. Gavrylenko Decl., ECF No. 63, ¶ 8. As part of this process, Stella engineers routinely created copies of the source code on their local computers. Id. Stella engineers also accessed Mede SQL scripts, worked on Mede's customized OLAP scripts, accessed and worked with other proprietary features of Mede's platform and software solutions, implemented Mede's predictive-modeling algorithms in software solutions for Mede clients, and had access to and used proprietary client-specific technical information such as "site builds." Id. ¶¶ 9-15; see also Svetcov Decl., ECF No. 64 (describing Mede's protection of its confidential information by restricting access to authorized computers, employees, vendors, and contractors and by requiring employees and contractors to follow security procedures).

II. STELLA'S OBLIGATION TO RETURN CONFIDENTIAL INFORMATION

Stella does not dispute that it has to return confidential information. See Opposition, ECF No. 71. Under the terms of its contract with Mede, it has to. The parties' business relationship was governed by an Agency and Services Agreement. The first one was dated March 1, 2004, and it was amended several times, including by the operative Amendment No. 5, dated December 23, 2010. See Huber Decl., ECF No. 68, Exs. A-B, D. Stella was to perform work for Zlagoda and ultimately for Mede as the third-party beneficiary. See id., Ex. C. The Agreement provided that Mede's confidential information and the work generated for Mede projects were owned by Mede. See Ex. A at §§ 3.1-3.2; Ex. C at § 3.5. Stella's employees, consultants, and contractors had to sign nondisclosure agreements recognizing Mede's ownership and agreeing to protect its confidentiality. Ex. A at § 7; Ex. C at § 7. The parties agreed that Mede's confidential information would be returned to it immediately upon the expiration of the parties' agreement. Ex. A at § 7.6; Ex. C at § 7.6. The parties also agreed that because of the unique nature of the confidential information, Mede would suffer immediate, irreparable harm in the event that Stella did not comply with its obligations under Section 7. Ex. A at § 7.3; Ex. C at § 7.3.

III. THE RETURN OF MEDE'S INFORMATION

What the parties dispute is whether Stella has returned Mede's confidential information. After the business relationship ended, Stella returned some computers but kept 40 computers that Mede paid for. Stepanovskiy Decl., ECF No. 79, ¶¶ 3-4. At the TRO hearing, Stella described these as newer computers that it bought in the last four or five years and asserted that the parties' contract does not require it to return them. Mede says that it owns the computers and is entitled to get them back. The reason Mede wants them, it says, is that they necessarily have confidential information on them because Stella's engineers had to copy confidential information such as source code to do their jobs. More facts about the ownerships of the computers and hardware are in a separate section below, and this section focuses on the facts about the data return.

Some data was returned between February 7 and 13, 2014. See Huber Decl., ECF No. 68, Ex. K (March 21, 2014 letter where Stella's former counsel estimates that 113GB of data had already been returned and asks Mede's counsel to identify confidential information that Mede believed Stella had not returned). Stella's then-counsel promised to return all confidential information by April 30, 2014, and said that it was willing to negotiate the return of Mede's equipment. Id. Mede complains that Stella refused to assure Mede that it had returned all confidential information. Huber Decl., ECF No. 68, ¶ 19, Ex. I. Instead, Stella said that it was copying hard drives of computers "that the parties agree belong to Mede" and said that it would return the computers after the copying. Id. On May 6, 2014, Stella's then-counsel wrote Mede that all confidential information had been returned on February 7 and 13, 2014. Id. ¶ 21, Ex. K. Mede says that this cannot be true because Stella did work for it through at least February 26, 2014, that necessarily required use of Mede's confidential information. Gavrylenko Decl., ECF No. 63, ¶¶ 7-13. Stella also said during this exchange that it would return computer hard drives. Huber Decl., ¶ 21, Ex. K. Mede complains that Stella threw up hurdles to the return of the property, first asking for a letter authorizing a representative to pick up the equipment, and then saying that a letter was insufficient and requiring a Ukrainian power of attorney. Id. ¶¶ 23-25, Exs. M-O. Mede's counsel provided the power of attorney on June 23, 2014. Id. ¶ 31, Ex. T.

On July 8, 2014, new counsel substituted into the case for Stella. See ECF No. 33. Stella's new counsel initiated a conversation with Stella's counsel after the July 10, 2014 initial case-management conference about how the return of the hardware and confidential information could be completed. Poe Decl., ECF No. 99, ¶ 2. On July 22, 2014, Stella told Mede that it would take another five weeks to return the property because it needed time to remove information from over 100 hard drives. Huber Decl., ECF No. 68, ¶ 26, Ex. U. Mede gave a list of missing items, including 170 hard drives or workstations, two servers that Mede paid for, copies of source code, and custom site and product documentation. Id. ¶ 37, Ex. V.

Stella responds to Mede's complaints that during this period, Stella did not provide assurances that it was not misusing Mede's confidential information by saying that it had no obligation to do so, Mede cites no authority that it did, and that if Stella had, Mede would have pointed at trial to any traces of Mede's information on Stella's computers as evidence of Stella's duplicity. Opposition at 5 n. 2.

On August 29, 2014, Stella's new counsel sent Mede's counsel keys to a facility in Kiev that had equipment that Stella was returning to Mede. Id. ¶ 43. According to Mede, its inspection revealed that only old, obsolete computers were returned and not the newer computers. Gavrylenko Decl., ECF No. 63, ¶¶ 18-21. Thirty-nine computers were missing: 28 desktops and 11 laptops. See id.

Mede said that the facility was a mess and protected only by three padlocks. Motion, ECF No. 62 at 7-8; Wimmer Decl., ECF No. 72, ¶ 2 & Ex. A. Stella points out that the facility has exterior metal door and access to the area is restricted by electronic keys. Stepanovskiy Decl., ECF No. 89, at 13. Anticipating Mede's "false claims," Stella contemporaneously filmed the return of the property to the facility and posted it on YouTube. Wimmer Decl. ¶ 3 (citing http://www.youtube.com/watch?v=1Ko- 0dpKRM0). Stella points out that Mede left the hardware in the facility for a month thereafter, which it says undermines Mede's complaints about the security of the facility. Stepanovskiy Decl., ECF No. 77, ¶ 2.

IV. MEDE'S SUBMISSIONS PRE-TRO HEARING AND THE TRO HEARING

Many computers were not functioning, but Mede analyzed three that were, and two of the three computers showed access to confidential information. Id. ¶¶ 29, 31. The hard drive of computer 97 had "several temporary files showing that specific Mede site builds (including those of current Mede clients), among other documents, were accessed from a server from Stella's premises and viewed by a computer user during March 2014." Id. ¶ 29. Also on the drive were new site builds that appear to create a product in the same healthcare analytics field as Mede, and Vitaliy Gavrylenko, Mede's Vice President of IT and Systems Engineering, thus suspects that this was derived from Mede's own specific site builds. Id. Hard drive 136 had source code on it. The file history showed that the last time the computer was used was March 2014. Id. ¶ 31.

At the September 25, 2014 hearing, Stella challenged Mede's assertions that this analysis of the two computers showed inappropriate accessing of Mede's confidential information. As to computer 97, the analysis shows that the March 2014 access was traceable to a former Stella employee and now-Mede contractor named Oleg Kutsenko, who most likely was helping former Stella employees who by then had become Mede contractors to work on Mede work previously handled by Stella before Mede terminated the Agency Agreement. See Stepanovskiy Decl., ECF No. 79, ¶¶ 9-11; Poe Decl., ECF No. 99, ¶ 5, Ex. B. Skype chat logs from March 2014 show that former Stella employees who are now Mede contractors (e.g., Mr. Kutsenko) were chatting with Stella's employees to get help during this time period. See Stepanovskiy Decl., ECF No. 79, ¶ 9; Poe Decl., ECF No. 99, Ex. B. Stella did not approve this assistance, but Stella's employees did it anyway, and many employees ultimately decamped to Mede. Stepanovskiy Decl., ECF No. 79, ¶ 10. At the hearing, Stella's counsel argued that the access was in aid of a Mede client. Id. As to computer 136, Stella asserts that computers returned to Mede might have a copy of data that was uploaded to Mede's servers according to the standard work process on the evening of February 26, 2014, before the Agency Agreement was terminated. Id. ¶ 12. At the September 25 TRO hearing, Stella's counsel argued that this shows a connection to work performed during the contract period and also pointed out that Mede did not provide any detail about the source code allegedly found on Stella's computer, including the date associated with the source code. Id.

At the TRO hearing, Stella also pointed to Mr. Stepanovskiy's declaration that Stella has complied fully with its obligations under the agreement, does not use Mede's confidential information, and has no intention of using any confidential information belonging to Mede. Stepanovskiy Decl., ECF No. 79, ¶ 2. It returned all equipment that it was obliged to return under the agreement. Id. ¶ 3. Stella's counsel affirmed at the hearing that Stella had returned all of Mede's confidential information. Mede's post-hearing submission asserts that Mr. Stepanovskiy (1) never said that Stella had not used Mede's confidential information since February 28, 2014, and (2) had not committed to not using confidential information going forward and used words with no teeth by saying "Stella has no intention of using any Confidential Information." See ECF No. 78 at 2.

After the September 25, 2014 hearing, and at Stella's suggestion, the court directed the parties to have a third party verify whether any of Mede's Confidential Information remains on the equipment that Stella has. It also allowed Mede to file any supplemental declarations by October 2, 2014, directed Stella to file its full opposition by October 9, 2014, and allowed Mede to file its optional reply brief. See 9/26/14 Order, ECF No. 80 at 8-9.

V. MEDE'S POST-TRO DECLARATIONS ABOUT ITS CONFIDENTIAL INFORMATION

Mede filed two supplemental declarations about its confidential information.

Oleg Kutsenko, the account manager at Stella from December 2009 to April 2014, declared that he had access to a wide range of Mede's documents when he was account manager, including customer site builds, service requests, and instructional documents. See ECF No. 87, ¶ 3. He accessed numerous Mede documents from servers at Stella's offices, and a server at Stella contained specific folders corresponding to Mede clients that Stella performed work for. Id. ¶ 4. Within those folders, he could locate clients' site builds and detailed specifications describing clients' requirements. Id. Mr. Kutsenko's last day at work was April 7, 2014, when he arrived at work to find that computer equipment, including his desktop, had been removed from Stella's offices. Id. ¶ 2. He and other Stella employees were instructed to leave. Id. During March 2014, he was performing work for Stella and was not performing any work for Mede. Id. ¶ 5. He did not perform any work for Mede after February 2014. Id. In March 2014, he never received any requests or instructions from anyone at Mede to perform any work on Mede's behalf or provide any information to Mede using his computer or any other equipment at Stella. Id. Stella did not pay him for any work in March or April. Id. ¶ 6. Stella delayed in returning his Ukrainian work card, which meant that he could not get a new job until May 2014. Id. As a result, he and other similarly situated workers have sued Stella in the Ukraine for unpaid wages. Id.

Vitaliy Gavrylenko, Mede's Vice President of IT and System Engineering and Stella's former Operations Manager, provided more detail about his examination of the computers that Stella returned to Mede in the Ukraine. See ECF No. 88-3 (unredacted declaration), 88-2 (redacted declaration). He hired a contractor to inspect data on the hard drives of several operable, unencrypted computers. Id. ¶ 3. Eighty-one out of the 180 desktop computers were inoperable, and another 70 were encrypted. Id. ¶ 3. Given time constraints, the contractor did a small sample of computer drives that he was able to copy. "Based on a small sampling of hard drives" that the contractor was able to copy for Mr Gavrylenko's inspection, "there was extensive evidence of accessing and opening Mede confidential documents in March 2014." Id. ¶ 4. The documents apparently were accessed from a shared Stella network or a server in Stella's office or from user hard drives Id. These "confidential documents were opened during the same time period in March 2014 when computer users were opening and/or modifying documents relating to products or features that shared many similarities with Mede's products or product features." Id. To conduct his analysis, he searched for and reviewed files modified after February 27, 2014. Id. The following paragraphs describe what he found, but "a complete analysis of the extent to which Stella's new product documentation contains specific and proprietary Mede confidential algorithms, processes, and the like could not be completed in the short period of time during which [he] conducted this review." Id.

The hard drive for computer 97 was used by Oleg Kutsenko. The screen shot at Exhibit A shows that many files were opened or accessed from March 12 to March 26, 2014, and the file paths show that some documents were accessed from a local file on the hard drive and others were accessed from Stella's internal server. Id. ¶ 6. Certain documents were opened or modified by the user: Dashboard, RCI site, SugarCR_Emails_spec, and SugarCRM_Teams. Id. ¶ 7. Dashboard shares similarities with the Dashboard feature of Mede product offerings but does not appear to be the same Mede product or a product that Mede would market. Id. ¶¶ 8. The RCI_site document refers to "Revenue Cycle Integrity" and the document borrows the product name but differs slightly from Mede's RCI product documentation. Id. ¶ 9. The logic appears to be taken directly from Mede's RCI product. Id. & Ex. C. This is confidential and proprietary information generated from extensive Mede research and development. Id. The CRM in SugarCRM documents refers to "Client Relationship Manager." Mede uses Salesforce software as a CRM, which lets it channel client communications and manage workflow. Id. After February 2014, Mede's Salesforce software was not available to Stella. Id. The SugarCRM documents appear to relate to an effort to develop an alternative CRM tool. Id. Mr. Gavrylenko also recognized the names of numerous documents (named in paragraph 11 and including SR_Templates, Denial Reports, and Exec Scorecard Build) as specific to Mede platform functionalities and features for specific Mede clients, and therefore he believes that the files contain confidential information. Id. One of the documents pertains to a specific client (identified in paragraph 12). The client name is in the file name. He could not access the document because he could tell only that the computer accessed the document on a Stella server. Id. ¶ 12. But he knows that the document refers to the client's service requests and therefore it contains confidential information. Id. He similarly was able to see that specific files were opened and accessed on March 12 and March 14, 2014. Id. ¶ 13 & Exs. E-F. Exhibit F is a specific client document with detailed information about Mede's customized implementation of its data analytics platform for the particular client. Id. Exhibits G, H, and J are additional examples for two additional Mede clients. Id. ¶¶ 14-15, 17. Exhibit I is a screenshot showing what he thinks is another confidential and proprietary document called "Segments," which was accessed on March 13, 2014 from an internal Stella network. Id. ¶ 16. He recognizes the name Segments as related to Mede-developed computer logic for the formatting, loading, and analysis of client data developed by Mede "over years." Id.

Desktop computer 171 was used by Stella employee Nataly Luchensova, a Quality Assurance Engineer who is not now and has never been a Mede employee or contractor. Id. ¶ 18. It shows that numerous computer files were accessed by the user from March 18, 2014 to March 31, 2014. Id. Files underlined in red in Exhibit K appear to be new projects (e.g., SugarCRM) or were confidential (SPS Regression or RM_QA investigation). Id. & Ex. K. As stated previously, SugarCRM appears from its title to relate to the development of a CRM tool for communicating with clients and managing work flow. Id. ¶ 20. Mr. Gavrylenko believes from the name that SPS Regression would be a confidential and proprietary Mede document developed over years of Mede R & D to help its clients improve collections by predicting propensity to pay through aggregation of data and predictive modeling. Id. ¶ 21. In a file path for document RM_QA investigation, accessed on March 29, 2014, he recognizes S-dc as the name of a Stella server and the file name as a highly confidential and proprietary Mede document that relates to the reimbursement model. Id. ¶ 22. The folder name in the path is ICD-10, which is a Mede product solution relating to the advent of new coding requirements in the U.S. healthcare industry that employs proprietary logic and predictive modeling developed by Mede to allow clients to analysis data to determine how the transition to ICD-10 coding will affect their financial concerns. Id.

Desktop computer 64 was used by Stella employee Sergey Bondarenko, an OPS Engineer who is not now and has never been a Mede contractor or employee. Id. ¶ 23. Exhibit O is a screen shot of a document titled "Draft HPS demo site build" that was accessed on March 11, 2014. Id. ¶ 25 & Exs. L & O. It is very similar to Mede client builds but different in format, and the data on it (such as the logic shown in the red circles in Exhibit O) is confidential and proprietary logic developed by Mede. Id. HPS stands for Heath Plan Solutions and is a Mede term referencing Mede's payer-side clients. Id. Exhibit N shows a file path for the document DER.doc, accessed on March 27, 2014 from an internal Mede server, and he believes that DER.doc is a confidential Mede document relating to training in the DER process, which is a proprietary data-exception process that Mede created to track issues with its client data. Id. ¶ 26. Exhibit M shows the file path for the document ETL.ppt, which was accessed from an internal Stella server on March 27, 2014 and is the name of a document that he believes is a confidential Mede document relating to the training of new engineers. Id. ¶ 8. ETL refers to "extract, transform, and load" and is the proprietary process that Mede developed to load its clients' data employing specialized computer algorithms and logic. Id.

Mr. Gavrylenko reviewed the hard drive for desktop computer 28, could not find user information readily, saw that it had a recently installed Windows operating system, and found no data. Id. ¶ 29. Computer 41 was used by Stella employee Serhi Makovetski, who is not and has never been a Mede employee or contractor, and the computer hard drive had no data. Id. ¶ 30. One of the two hard drives for computer 135 was encrypted, the other had confidential and proprietary Mede platform source code, and the user data was not readily ascertainable. Id. ¶ 31.

VI. STELLA'S ADDITIONAL INFORMATION SUBMITTED POST-TRO HEARING

Stella said that Mede asked Stella to access its information in March 2014. On March 4, 2014, Mede's general counsel Elizabeth Rushforth sent a letter to Mr. Stepanovskiy asking that Stella return all PHI (protected health information) in its possession. Stepanovskiy Decl., ECF No. 97, ¶ 3 & Ex. A. She reiterated that request on March 13, 2014, and asked Stella to "review and confirm that PHI does not reside on any laptop or desktop computer, or if such PHI does reside on a laptop or desktop computer, you will provide us with a detailed description of the PHI and the location." Id. ¶ 4 & Ex. B. Stella complied with that request and, during the month of March 2014, searched for PHI, which required accessing Mede files (if any) on the computers used by Stella's employees. Id. ¶ 5. On March 21, 2014, Stella's counsel notified Mede's counsel that Stella was reviewing its computer files and equipment to determine whether it possessed any of Mede's CI or PHI. Huber Decl., Ex. G at 1 (Stella's counsel anticipated that the review would take at least 30 days). Stella points out that Mede's counsel did not object and instead instructed Stella to preserve copies of Mede's confidential information that it found. Id., Ex. H. Stella did not delete any information on equipment belonging to Mede (other than personal information of the computer user or Stella's proprietary information). Stepanovskiy Decl., ECF No. 79, ¶ 12.

Stella asserts that some computers that it returned to Mede did not have any Mede data on the hard drives because the data had been purged long before the parties' dispute. Stepanovskiy Decl., ECF No. 97, ¶ 7. It was Stella's standard business practice that whenever an employer stopped using a computer (either because it stopped working or the employee was receiving an upgraded computer), Stella's IT administrators would remove data from the hard drives. Id. Stella points out that as Mede previously noted, most of the equipment returned by Stella was purchased before 2010 and was obsolete. See id.; Opposition, ECF No. 96 at 9 n.4.

Mr. Stepanovskiy also declared that neither he nor any other Stella manager ever instructed or authorized any Stella employee to access any documents that might contain Mede CI after termination of the Agency Agreement, except for the task of finding PHI, which, when located, was to be transferred back to Mede. Stepanovskiy Decl., ECF No. 79, ¶ 2; Stepanovskiy Decl., ECF No. 97, ¶ 5. Stella uploaded the PHI archive to the FTP site provided by Mede on May 19, 2014. Stepanovskiy Decl., ECF No. 97, ¶ 6.

Stella also points out that Skype chat logs for Ms. Luchensova, the user of computer 171, show that she was contacted by three different Mede employees with solicitation offers and never told Stella. Id. ¶ 8. She told another employee on March 25, 2014 that she was inclined to accept the offer. Id. It also says that the circled information on Exhibit O s not obviously confidential and proprietary logic and instead is patient data in the form of names, addresses, social-security numbers, and similar identifying information. It asserts that there are only so many ways to logically organize and process such data and that Mede cannot claim exclusive dominion of organizing and processing such data. See Opposition, ECF No. 96 at 19.

Stella says that CRM (customer relationship management) software (see supra) is just a tool and SugarCRM in fact is a competitor product to Salesforce's CRM. Stepanovskiy Decl., ECF No. 97, ¶ 9. Stella was interested in using SugarCRM at one point as a possible customer-relations management tool. Id. It similarly says that HPS (Health Plan Solutions) is not (as Stella says) a Mede term referencing Mede's payer-side clients but instead is a term widely used in the healthcare industry (just as CRM is a term widely used in the customer relationship management industry). Id. ¶ 10; Opposition, ECF No. 96 at 16 (referencing www.healthplan.com). Mr. Stepanovskiy reiterates that Stella never created any product based on Mede's proprietary information, including use of HealthPlan solutions, and has no plan of doing so. Stepanovskiy Decl., ECF No. 97, ¶ 11.

VII. OWNERSHIP OF THE DISPUTED HARDWARE

Stella did not return 39 computers, which were purchased recently. Mede says that it owns them. Motion, ECF No. 61 at 8. As part of its post-TRO submissions, it filed the Yang declaration, which attaches invoices from Zlagoda for computers, work stations, hardware, and software. See ECF No. 86. (Stella provided work to Zlagoda for Mede. See supra.) The parties' Agency Agreement (as amended) says nothing about ownership of computers and addresses only Mede's ownership of its confidential, proprietary information and Stella's obligation to return it. See supra.

In Mr. Stepanovskiy's September 25 declaration, he says that throughout the relationship, Stella purchased the hardware it needed and submitted the invoices to Mede for reimbursement. See ECF No. 79, ¶¶ 3-4. Through the end of 2009, the invoices contained three terms: (1) a description of the hardware purchased; (2) the amount of reimbursement; and (3) and an acknowledgment that the "above[-]mentioned assets belong to Principal [and] will be returned to Principal after termination of Agreement." Yang Decl., ECF No. 86, ¶¶ 2-5 & Exs. A-D. In 2010, the companies dropped the third term. Thereafter, the invoices stated only the hardware that was purchased and the reimbursement. Id. ¶¶ 6-16 & Exs. E-O. Mr. Stepanovskiy explains that in the absence of a commitment to return such hardware, it is "commonly understood within the software industry that equipment purchased by the contractor is actually the property of the contractor." See ECF No. 79, ¶ 3.

VIII. THE POTENTIAL HARM TO MEDE

Mede is concerned that Stella is using Mede's confidential information to compete against Mede. See Huber Decl., ECF No. 68, ¶ 39. A basis for its concern is Stella's work for a German company. Id. Mede says that Stella admitted in its responses to interrogatories that it was consulting for the company. Id. Stella responded that the German company is Digital Champion, which is affiliated with Mr. Stepanovskiy. It also said that requiring the immediate return of the computers would put it out of business. The undersigned suggested that a third-party vendor might assure Mede that its confidential information had been returned. In a post-hearing filing, Stella agreed to third-party verification of whether it has Mede's confidential information on the disputed hardware. See ECF No. 76. As part of its reply brief, Mede attached web pages printed on October 13, 2014 from the Digital Champion website at http://www.digitalchampion.net . It says in relevant part that "'Revenue Cycle Champion' is our product intended to help patient financial services professionals manage the revenue and accounts receivable of their hospitals." Lovett Decl., ECF No. 105, Ex. B. Stella responded at the hearing that this is a product demo, not a business concern.

In its post-TRO-hearing opposition, Stella pointed out that the answers to the interrogatories established not that Stella expected future revenues to come from Mede's clients and competitors but instead only that Stella would have done work for those companies had Mede not taken Stella's employees. Opposition, ECF NO. 96 at 17-18. These are the full interrogatories and responses:

Interrogatory No. 2: For ALL revenue YOU allege that you lost as a result of MEDEANALYTICS' alleged breach of § 6.3 of the AGENCY AGREEMENT, IDENTIFY the source of such potential revenue, ALL DOCUMENTS relating to such potential revenue, AND ALL PERSONS with knowledge of such potential revenue.



Response to Interrogatory No. 2: [objections] . . . . When Mede breached section 6.3 of the Agency Agreement by soliciting Stella's employees during the term of the agreement, it crippled Stella's ability to earn revenue from any source, because the key to Stella's success was the efficient functioning of all its employees as a coherent team. Mede's solicitation destabilized Stella's entire workforce by directly soliciting and hiring Stella employees, posting jobs on Ukrainian websites targeting Stella employees, using H-1B visas as a means of creating tension between Stella and its employees, misclassifying its new employees as "independent contractors" in order to pay them more and encourage additional Stella employees to leave, and spreading defaming and disparaging remarks about Stella and its management. At the time of Mede's solicitation, the sources of Stella's income were Mede and Digital Champion GmbH; following Mede's solicitation and into the future, Stella
would also have earned revenue from other clients, including The Advisory Board Company, HealthNet, Health Care Service Corporation, MedAssets, and Dimensional Insight.
Poe Decl., ¶ 4 Ex. A (emphasis added). Stella says that it is not done any work for any of the competitors that Mede proffers (through its citation of the interrogatory response) since the termination of the Agency Agreement. See Stepanovskiy Decl., ECF No. 97, ¶ 12.

ANALYSIS

I. LEGAL STANDARD

The decision to issue a preliminary injunction is within the court's discretion. See Indep. Living Ctrs. of S. Cal., Inc. v. Maxwell-Jolly, 572 F.3d 644, 651 (9th Cir. 2009). A preliminary injunction is "an extraordinary remedy that may be awarded only upon a clear showing that plaintiff is entitled to such relief." Winter v. Natural Res. Defense Council, 555 U.S. 7, 22 (2008). A movant must demonstrate (1) a likelihood of success on the merits, (2) a likelihood of irreparable harm that would result if an injunction were not issued, (3) the balance of equities tips in favor of the plaintiff, and (4) an injunction is in the public interest. See id. The irreparable injury must be both likely and immediate. See id. "[A] plaintiff must demonstrate immediate threatened injury as a prerequisite to preliminary injunctive relief." Carribean Marine Servs. Co. v. Baldrige, 844 F.2d 668, 674 (9th Cir. 1988).

Before Winter, the Ninth Circuit employed a "sliding scale" test that allowed a plaintiff to prove either "(1) a likelihood of success on the merits and the possibility of irreparable injury; or (2) [ ] serious questions going to the merits were raised and the balance of hardships tips sharply in its favor." See Walczak v. EPL Prolong, Inc., 198 F.3d 725, 731 (9th Cir. 1999) (citation omitted). In this continuum, "the greater the relative hardship to [a movant], the less probability of success must be shown." Id. The Ninth Circuit has held that the "serious questions" approach survives Winter when applied as part of the four-part Winter test. Alliance for Wild Rockies v. Cottrell, 632 F.3d 1127, 1131-32 (9th Cir. 2011). Thus, a preliminary injunction may be appropriate when a movant raises "serious questions going to the merits" and the "balance of hardships tips sharply in the plaintiff's favor," provided that the other elements for relief also are satisfied. Id. at 1132.

II. WHETHER MEDE MEETS THE STANDARD FOR A PRELIMINARY INJUNCTION

Mede argues that it will prevail on its misappropriation-of-trade-secrets and breach-of-contract claims and that it will suffer irreparable harm absent an injunction.

To prove misappropriation of trade secrets, Mede must show (1) that the information qualifies as a trade secret, and (2) that Stella misappropriated it or threatens to misappropriate it. See Cal. Civ. Code § 3426.1(b); Acculmage Diagnostics Corp. v. Terarecon, Inc., 260 F. Supp. 2d 941, 950 (N.D. Cal. 2010). To prove breach of contract, Mede must show (1) the existence of a contract, (2) Mede's performance, (3) Stella's breach, and (4) damages. See First Comm'l Mortg. Co. v. Reece, 89 Cal. App. 4th 731, 745 (2001).

The issue is not whether Mede is entitled to return of its confidential information. It is. If Stella misappropriated it, it may be a breach of the parties' Agency Agreement. But the court cannot determine on this record that confidential information was accessed or retained inappropriately and thus cannot conclude that Mede likely will prevail on the merits. Mede's examples of wrongful behavior and harm do not change this conclusion.

First, Mede points to the evidence about computers 97, 135, and 136. Mr. Kutsenko now verifies that computer 97 was his (a point that was not included in Mede's pre-TRO declaration about Mr. Gavrylenko's analysis of the computer). The analysis shows that it was accessed in March 2014, which remains consistent with Stella's argument that access was in aid of Mede's work. See supra. Also, Mr. Kutsenko works for Mede now as a contractor and presumably could say (but did not) what he was doing with the information during the March 2014 period. He does say that he never received requests from anyone at Mede to do work for Mede, but he says nothing about what he was doing or whether he helped any Mede contractors. As Stella points out, Mr. Kutsenko is a percipient witness who could have provided specific information about what he was doing with computer 97, and Mede has access to him and his knowledge.

Stella's former HR lead in the Ukraine also recently contacted Stella's attorney in the Ukraine, saying that Stella was pressuring former Stella employees now working for Mede to claim that they were accessing Mede's data in March 2014 when they still worked for Stella. Latun Decl., ECF No. 98, ¶¶ 2-4. One inference from this and from Mede's hiring of former Stella employees is that Mede has access to former Stella employees, has the ability to investigate what they know about any improper access, and presumably has found nothing from those efforts (including from Mr. Kutsenko) about improper access or else it would have said so to establish the likelihood of irreparable harm.
--------

Similarly, the information about computer 136 (source code on it, accessed in March 2014) does not alter the conclusion that as to these computers, Mede has not shown a likelihood of irreparable harm. As Stella pointed out, source code was necessarily on engineers' computers to do their job, and these computers were returned to Mede. Opposition, ECF No. 96 at 11. Stella also avoided deleting any of Mede's data to avoid claims of spoliation. Stepanovskiy Decl., ECF No. 79, ¶ 12. Stella also points out that Mede did not provide information about the date of the source code it found. Id. ¶ 12; Opposition, ECF No. 96 at 11. Stella says that the date would show whether Stella downloaded the source code before termination of the Agency Agreement, which would be proper, or after. Id. Stella pointed out this deficiency at the TRO hearing, and Mede did not respond. Id.

The same is true for the newly submitted analysis of computers 171 and 64. The access was in March 2014, a period when Mede asked Stella to provide a detailed description of PHI that remained on its computer equipment. Stepanovskiy Decl., ECF No. 97, Exs. A & B. Mr. Stepanovskiy said that this was the only time after the termination of the Agency Agreement that Stella instructed its employees to access any files or documents that might contain Mede data. Id. ¶ 5. Stella also points out that Skype chat logs for Ms. Luchensova, the user of computer 171, show that she was contacted by three different Mede employees with solicitation offers and never told Stella. Id. ¶ 8. She told another employee on March 25, 2014 that she was inclined to accept the offer. Id. Stella contends that the inference is that if she accessed Mede's data, it was at Mede's request. Moreover, the court finds persuasive Stella's point that the circled information on Exhibit O is not obviously confidential and proprietary logic, instead is patient data in the form of names, addresses, social security numbers, and similar identifying information, and is not the kind of organization and process that ought to be proprietary.

Second, Mede's assertions about computer files showing Stella's access of confidential information are not persuasive insofar as they are about what appear to be common terms such as CRM and HPS. Both appear to be common acronyms ("customer relations management" and "health plan solutions"). Stella asserts that SugarCRM is actually a competitor product to Salesforce's CRM, which belies Mede's assertion that its presence shows access to Mede's Salesforce CRM. Stepanovskiy Decl., ECF No. 97, ¶ 9. And again, Mr. Stepanovskiy reiterates that Stella never created any product based on Mede's proprietary and confidential information and does not plan to do so. Id. ¶ 11. As Stella points out, Mr. Stepanovskiy is guessing based on file names and file paths when he cannot view the specific documents. Actual client or verifiable confidential information appear to be all in the March 2014 time frame.

Third, Mede argues that Mr. Stepanovskiy chose his words too carefully. But he said that Stella is not using confidential information and "has no intention of using any Confidential Information belonging to Mede." Stepanovskiy Decl., ECF No. 79, ¶ 2. To the extent that Mede fears that this language gives Mr. Stepanovskiy wiggle room to change his mind, that seems unlikely given that the statement was given under penalty of perjury, was delivered with his counsel's statement that all confidential information had been returned, and was accompanied by an offer for third-party verification. He also reaffirmed this in a supplemental declaration following the TRO hearing. See ECF No. 97, ¶ 11. Mede nonetheless argues urgency because Stella "either is currently competing in the healthcare or another data analytics sector, or could and would do so on a moment's notice." Reply, ECF No. 104 at 11. Stella says that it is not done any work for any of the competitors that Mede proffers (through its citation of the interrogatory response) since the termination of the Agency Agreement. See Stepanovskiy Decl., ECF No. 97, ¶ 12. Mede points to the website of the Stepanovskiy-controlled Digital Champion and its product "Revenue Cycle Champion" for healthcare companies to manage revenue and accounts receivable. Lovett Decl., ECF No. 105, Ex. B. But Stella's counsel responded that this was a concept or a demo of a potential product, not an actual business concern.

Fourth, Mede wants the computers back because it says that they necessarily contain its confidential information now because they once did. The court cannot conclude on this record that Mede has established a likelihood of irreparable harm, especially given Stella's assertions that it returned the information, is not using proprietary or confidential information, and is willing to have that verified by a third-party vendor. Also, as Stella argues, the plain language of the Agency Agreement does not require the return of the computers, only the confidential information, and the later invoices show that the parties deleted the term requiring return of the hardware.

Fifth, Mede's counsel said at the TRO hearing that TROs (and preliminary injunctions) are issued all the time in cases like this. By that argument, presumably he meant cases where there are demonstrated thefts of trade secrets. Again, the forensic evidence arguably shows benign conduct, not the risk from theft of trade secrets that results in the immediate issuance of a TRO or a preliminary injunction. For example, in Shutterfly v. ForeverArts, Inc., a Shutterfly employee accessed and downloaded Shutterfly's back-end code while at work two days before he left for a competitor. See No. C 12-3671 SI, 2012 WL 2911887, at *1 (N.D. Cal. July 13, 2012). The district court granted the TRO. Id. Stealing source code two days before leaving a job is different than two isolated incidents that might be related to Mede-authorized work for Mede's clients. Another example is Bank of America, N.A. v. Immel, where the departing employees said that they were taking client information that the court found was a trade secret. See No. C 10-02483 CRB, 2010 WL 2380887, at *1 (N.D. Cal. June 11, 2010). Again, a contemporaneous taking of trade secrets by a departing employee is not what happened here.

Sixth, Mede points to the parties' contractual agreement that failure to return confidential agreement would cause Mede irreparable harm, and injunctive relief would be appropriate. See Huber Decl., Ex. A at § 7.3, Ex. C at § 7.3. It analogizes to Flextronics Int'l, Ltd. v. Parametric Tech. Corp. ("PTC"), a copyright case where the court entered an injunction against Flextronics that prohibited unauthorized copies of PTC's Pro/Engineer Software. See 13-0034 PSG, 2013 WL 5200175, at *1, *9 (N.D. Cal. Sept. 16, 2013). In doing so, it pointed in part to a clause that gave PTC audit rights to protect against the irreparable harm of the chance to locate and account for infringing copies before engaging in expensive litigation (though it specified that it did not rely exclusively on the clause). Id. at *8. Flextronics does not alter the court's conclusion because it is a very different case involving infringing copies of a specific, licensed software product and an alleged infringer with multiple copies of the product that it could not match with valid licensing information. Id. at *6. Moreover, the court pointed to Flextronics' ever shifting counts of the number of copies of the software: 104 copies in January 2012 that it was unable to match with valid licensing information (and two confirmed "cracked keys"); 128 copies without legitimate licensing information in March 2013; and Flextronics' acknowledgment that its scanning was unlikely to yield all unauthorized copies. Id. at *6. Moreover, Flextronics' employees acknowledged that they could easily remove "cracked" files and might be able to erase evidence of infringing copies. Id. at *8. Given the changing landscape, the court was not convinced that a mere promise to preserve all documents was sufficient to preserve PTC's remedies. Id. at *8-9.

Finally, the court concludes that the balance of hardships does not tip in Mede's favor, particularly given the third-party verification that Stella agreed to and the immediate harm to Stella from taking away its hardware. Also, the overriding issue is that Mede has not established that there is an imminent irreparable injury. The last identified access is March 2014. Leaving aside the inference that this is consistent with either responses to Mede contractors' requests or removal of PHI in March 2014, nothing suggests Stella's use or accessing of information now, Stella's CEO denies it, and again, Stella offers verification to prove it. At the hearing, Mede argued essentially that all of this is in the Ukraine and insinuated that whatever credit the court might give to Stella's capable counsel's representations, that credit was not well placed for a potential competitor in the Ukraine. This point does not change the court's conclusion either. Stella brought this lawsuit, it remains under the court's jurisdiction, and the court has tools to adjust to whatever the landscape of third-party verification reveals. Moreover, Mede hired Stella's employees, has access to people like Mr. Kutsenko, has been scouring for information about any potential issues (see supra n. 4), and provided only the information recounted in this . It is Mede's burden to establish the appropriateness of a preliminary injunction, and it did not. On this record, the court concludes that - give the passage of time and Stella's representations - the third-party verification process is the right approach for addressing the issues.

III. RETURN OF COMPUTERS OWNED BY MEDE

Mede said in its reply that Stella had not returned computers that Mede owns. It points to eight desktop computers invoiced in 2009 and says that Stella returned only four of the eight computers. The courts return of the four computers that Mede owns.

IV. THE THIRD-PARTY VERIFICATION

The court previously ordered the parties to submit to third-party verification of all disputed hardware to determine whether any of Mede's Confidential Information remains on that equipment. The parties agreed on many terms of the verification but dispute what information Mede has to provide and who has to pay. See Joint Letter Brief, ECF No. 115.

The court gave some guidance at the hearing about how to engage with the process of verification. The reality is that some information seems likely to be identifiable by scan, running scripts, or using similar technology. The parties also know what the really confidential stuff is, and Mr. Stepanovskiy was the operations person at Stella.

Stella also does not dispute that it must return the confidential information. To the extent that the evidence suggested that some confidential information could reside still on some retained hard drives, that is not "return." Stella said that it imaged everything to retain a snapshot of the status quo at the time the contract ended, but that does not necessarily establish "return" either and instead is a potential mechanism to verify that Stella returned information.

The court also said at the hearing that the parties should split the cost of the verification. Stella said that it could not afford to pay more than $5,000 or $10,000 dollars as part of the forensics analysis, and Mede pointed out how this establishes that Stella may be judgment-proof and Mede's only remedy is getting all the information back. Balanced against this is Stella's representations that returning all of the computers would put it out of business. Another part of that representation is that if Stella is in start-up mode, why does it need all 40 computers? Or better, does it need all 40 hard drives? At the preliminary injunction hearing, Mede also referenced Stella's prior rejection of its offer to substitute hard drives, and Stella's new counsel asked if the offer still stood.

All of this demonstrates the difficulty of navigating a landscape where there is both no demonstrated immediate harm and Mede wants better forensic insight (given the lurching process that attached to the return of the subset of computers that Mede owned) into whether Stella returned all confidential information. Mede estimated that the cost could be between $100 and $1,000 per computer (if the court's memory serves), and that wide range from reasonable to expensive demonstrates why the court should craft a split to give both parties the appropriate skin in the game to reduce costs and increase incentives to cooperate to give insight.

At this stage, and without more information about costs, the court will not yet order a 50/50 split. It might. And it might not, depending on how the relative equities shake out. Stella can affect its outcome by various measures, including taking a hard look at what hard drives it really wants to retain and returning others that are less consequential to its continued existence. As the court said at the preliminary injunction hearing, presumably Stella can identify some computers by custodian. That gives Mede some ability to choose. Mede also might affect its outcome and what the court might order as a split by revisiting its offer of a hard-drive swap for certain identified computers. The parties might explain how the forensic images affect Mede's insights into what Stella retained. As the court said at the hearing, it cannot tell the landscape because it does not have the forensic insight that the parties have. But there are enough markers to suggest that the landscape can be illuminated fully.

CONCLUSION

The court denies Mede's motion for a preliminary injunction, orders the return of the computers mentioned above, rules that it will devise some allocation of the costs of the third-party verification, and directs the provision of further information when the parties are ready to talk more granularly about the costs of third-party verification.

This disposes of ECF Nos. 62 and 115.

IT IS SO ORDERED. Dated: November 10, 2014

/s/_________

LAUREL BEELER

United States Magistrate Judge


Summaries of

Stella Systems, LLC v. Medeanalytics, Inc.

UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF CALIFORNIA San Francisco Division
Nov 10, 2014
No. C 14-00880 LB (N.D. Cal. Nov. 10, 2014)
Case details for

Stella Systems, LLC v. Medeanalytics, Inc.

Case Details

Full title:STELLA SYSTEMS, LLC, and ZLAGODA TEKHNOLOGII, Plaintiffs, v…

Court:UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF CALIFORNIA San Francisco Division

Date published: Nov 10, 2014

Citations

No. C 14-00880 LB (N.D. Cal. Nov. 10, 2014)