Opinion
Civil Action 2:21-cv-711-BHH
03-29-2022
OPINION AND ORDER
Bruce Howe Hendricks United States District Judge
This matter is before the Court on Defendant Vitzeslav Zeif's (“Zeif”) Motion to Dismiss Counts One, Two, Three, Six, Seven, and Eight of the Amended Complaint pursuant to Federal Rule of Civil Procedure 12(b)(6) and conditional Motion for Summary Judgment as to Count Five of the Amended Complaint. (ECF No. 28.) For the reasons set forth in this Order, the Motion is denied.
The Amended Complaint does not include a Count Four. Accordingly, Zeif's Motion is dispositive as to all outstanding claims.
BACKGROUND
A. Factual History
The following facts are presented in SmartLinx Solutions, LLC's (“SmartLinx”) Verified Amended Complaint, and assumed to be true for purposes of the Motion to Dismiss. SmartLinx provides workforce management and scheduling solutions in the long-term care and nursing marketplace. (Am. Compl. ¶ 4, ECF No. 24.) SmartLinx distinguishes itself from other workforce management and placement companies through its scheduling products and software-Time and Attendance (“TA”) and Schedule Optimizer (“SO”), with the latest scheduling version including a feature called “Ideal Schedule.” (Id. ¶ 11.) Over the last twenty (20) years, SmartLinx has expended millions of dollars in research, development, and implementation of the scheduling software technology, including TA and SO. (Id. ¶ 12.) This scheduling technology is SmartLinx's competitive edge in the marketplace and generates more than half of SmartLinx's annual revenue. (Id. ¶ 13.)
The scheduling software technology, and particularly the recently implemented and trademarked Ideal Schedule feature, was designed to support unique and complex scheduling needs of the long-term care and nursing industry. (Id. ¶ 14.) The technology provides SmartLinx a comprehensive plan of a facility's scheduling needs based on certain criteria, which SmartLinx contends is unrivaled in the industry and affords the company a competitive advantage. (Id.)
During the year preceding the filing of the Amended Complaint, SmartLinx worked with other staffing agencies to roll out a new program that integrates the scheduling needs of nursing facilities with the supply of nurse staffing agencies through one interface provided by SmartLinx. (Id. ¶ 19.) Zeif was directly involved in the development of this program. (Id.)
SmartLinx hired Zeif in 2008 as Project Manager. (Id.) Zeif's role with SmartLinx evolved over the course of thirteen years, from Service/Support to Product Management. (Id.) Throughout his employment with the company, SmartLinx issued Zeif, among other things: (1) a Samsung Galaxy Note 9; (2) an iPad; and (3) a Dell and Lenovo laptop (“SmartLinx Electronic Devices”) for use in connection with his employment responsibilities. (Id. ¶ 20.) During his tenure, Zeif worked hand in hand with SmartLinx's development team in developing and enhancing the SmartLinx scheduling software application and had direct access to the source code underlying the software. (Id. ¶ 21.) SmartLinx's source code is the unique and most fundamental component in the development of its scheduling software application, including the customization of software installations and development of critical features to the scheduling software application, such as Ideal Schedule. (Id. ¶ 22.) SmartLinx describes the source code as the “DNA” of SmartLinx's scheduling technology. (Id.) SmartLinx's source code is not accessible to anyone outside of the company and, within the company, it is only accessible on a confidential and secured basis to those involved with its development. (Id. ¶ 23.)
Zeif had substantial exposure to SmartLinx's confidential and proprietary information and management-level proprietary data (“Proprietary Information”). (Id. ¶ 28.) As such, SmartLinx required Zeif to sign a document titled, “Non-Disclosure and Non-Compete Agreement” (“NDA”). (Id., Ex. A.) Zeif signed the NDA on April 10, 2009 and the form was acknowledged the same day by Georgia Haug on behalf of SmartLinx. (Id.) In September 2009, Zeif was promoted from Project Manager to the position of Director of Support and Implementation. (Id. ¶ 29.) The NDA states that the signatory “will maintain appropriate personal and equipment security precautions in order to protect and maintain the confidential nature of all such materials.” (Id. ¶ 31.) It further states that signatory “specifically acknowledge[s] the proprietary and confidential status of all customer lists customer data, requirements and development documentation, and source or object code supplied in the course of my job execution.” (Id.) The NDA also provides: “I also commit that for a period of two (2) years beyond the conclusion of my work with SmartLinx Solutions, LLC, I will not be employed either as an employee, contractor or consultant with any entity that is directly competitive with SmartLinx Solutions, LLC.” (Id. ¶ 32.)
Zeif received and was subject to the terms and conditions of the policies contained in the SmartLinx Employee Handbook, including its Code of Conduct, Corrective Action and Personal Property & Workplace Searches policies. (Id. ¶ 33; Ex. B.) Among other things, the Employee Handbook requires that “[e]mployees . . . exercise good judgment, good faith and loyalty to the Company in everyday performance, ” and that employees are required to “[a]dhere to the terms of the SmartLinx Solutions, LLC ‘Non-Disclosure and Non-Compete Agreement' signed upon hire and maintained in their personnel file.” (Id. ¶ 34.)
SmartLinx produces and maintains trade secrets and confidential information that have independent economic value. (Id. ¶ 75.) SmartLinx has taken and continues to take appropriate steps to maintain the confidentiality of its trade secrets and confidential and proprietary information. (Id. ¶ 75.) The source code for its scheduling software is maintained in the SmartLinx GitHub repository that only employees in SmartLinx's Information Technology department with an authorized UserID and Password can access in its native electronic form. (Id. ¶ 75(a).) The company's practice and procedure is to remove access upon an employee's separation of employment from SmartLinx. (Id.) SmartLinx requires all employees to sign agreements that protect its confidential and proprietary information, including the NDA, in an effort to ensure that its trade secrets and other proprietary information are not improperly used or disclosed. (Id. ¶ 75(b).)
On February 12, 2021, Zeig informed Jim Pirraglia, SmartLinx Vice President of Product, that he was resigning from his employment with SmartLinx and would be willing to give the Company six weeks' notice of his departure. (Id. ¶ 38.) Then, on February 14, 2021, Zeif spoke with Marina Aslanyan, SmartLinx's Chief Executive Officer, and advised that he was resigning from the company with the intent to go to work for Intelycare, Inc. (“Intelycare”), which SmartLinx deems to be a direct competitor. (Id. ¶ 39.) Zeif stated that the job with Intelycare was an opportunity of a lifetime “too good to pass up” and that Intelycare wanted him “to come in and build a light version of a scheduling solution.” (Id. ¶ 40.) On the same day, Zeif was reminded of the restrictive covenant obligations in the NDA. (Id. ¶ 41.) SmartLinx contends that Zeif denied he had any agreement with the company imposing such obligations until he received a copy of the NDA from the company in the course of discussing his departure from employment. (Id.)
SmartLinx avers that Intelycare directly competes with the company in the same market space-the nursing and long-term care industry-and provides its own scheduling software that currently has less functionality than the SmartLinx software. (Id. ¶ 44.) On March 2, 2020, as reported by Forbes, Intelycare announced the completion of their Series B funding round, totaling $45 million, with the goal to “disrupt nursing scheduling” through further development of its software solutions. (Id. ¶ 45.) SmartLinx contends Zeif was aware of Intelycare's intention to further develop software solutions in competition with those that he was intimately familiar with in his role at SmartLinx. (Id.) The referenced Forbes article reporting on Intelycare's business development stated that Intelycare's “software allows nursing facilities to instantly request staff and for clinicians to take control of their schedule, potentially picking up shifts in less than 72 hours, which gives flexibility to nurses booking shifts. An associated machine-learning algorithm also matches prices and people, and based on previous behaviour, [the cofounder of Intelycare stated] that it can predict staffing-gaps before they happen, which appears to be solving problems at scale.” (Id. ¶ 46; Ex. C.) SmartLinx asserts that its software and the Ideal Schedule feature already provide a majority of this functionality and the new program being rolled out with staffing agencies, discussed above, will further improve and optimize the nursing scheduling industry. (Id. ¶ 47.) SmartLinx avers that by hiring Zeif, Intelycare “will have” access to SmartLinx Proprietary Information, including its scheduling software source code, that will aid the development of Intelycare's competing scheduling software to “disrupt nursing scheduling” to the detriment of SmartLinx and its competitive advantage in this space. (Id. ¶ 51.)
SmartLinx alleges that in connection with his resignation from the company and anticipated employment with Intelycare, Zeif “engaged in a systematic and strategic raid of [SmartLinx's] most confidential business plans and proprietary information, in violation of the confidentiality provisions of the SmartLinx [NDA] that he signed, as well as in violation of the [Defend Trade Secrets Act], the [Computer Fraud and Abuse Act], and the [South Carolina Trade Secrets Act].” (Id. ¶ 50.) SmartLinx first learned of these alleged activities by performing an internal audit of its systems and information after Zeif advised of his intention to join Intelycare. (Id. ¶ 52.) SmartLinx avers that Zief breached the confidentiality provisions of the NDA by accessing the SmartLinx GitHub repository to download approximately 50, 000 files containing SmartLinx Proprietary Information onto his Microsoft OneDrive cloud system and local C Drive. (Id. ¶ 53.) SmartLinx uses the OneDrive cloud system as its official cloud storage for sensitive proprietary information and the C Drive at issue was on Zeif's work computer provided by SmartLinx. (See Id. Ex. J.) SmartLinx alleges that Zeif had no authorization or permission from the company to engage in this activity and none of the other SmartLinx developers engaged in the same or similar behavior. (Id. ¶ 54.) Rather, SmartLinx developers responsible for working on the SmartLinx Proprietary Information always accessed the source code through the GitHub repository without ever downloading these files to the OneDrive or local C Drive. (Id.)
After being promoted to Director of Product Management in early 2020, Zeif was no longer responsible for coding and thus had no reason to access or work on SmartLinx Proprietary Information. (Id. ¶ 55.) SmartLinx expressly instructed Zeif to discontinue working on the source code; specifically, Mr. Pirraglia (SmartLinx Vice President of Product and Defendant's direct supervisor) and Ms. Aslanyan (SmartLinx CEO) had numerous conversations with Zeif from October 2020 through and including February 2021 in which they expressly instructed him not to work on the source code to ensure accountability of the development team. (Id. ¶ 56.) Zeif responded that he understood during those conversations and confirmed that he was no longer working on the source code. (Id.)
SmartLinx alleges that in January 2021, after he began the interview process with Intelycare and less than a month prior to his resignation, Zeif again performed a mass download of computer files containing the SmartLinx Proprietary Information from the GitHub repository to his OneDrive and Local C Drive without the permission of SmartLinx. (Id. ¶ 57.) SmartLinx further alleges that Zeif's conduct of downloading SmartLinx Proprietary Information to his OneDrive and Local C Drive continued, including unauthorized downloads on the same days he gave verbal and written notice of his resignation, February 14, 2021 and February 24, 2021, respectively. (Id. ¶ 58.) The majority of the file downloads occurred during non-working hours on weekends and after Zeif gave notice of his resignation. (Id. ¶ 59.)
Zeif has suggested, through his counsel and in an affidavit (ECF No. 11-1), that he downloaded the files for work purposes to correct or fix software “bugs.” SmartLinx alleges that its forensic audit of Zeif's work computer discredits this explanation. (See Kyprianou Decl., ECF No. 24-10.) SmartLinx contends the audit revealed that the downloaded files were not actually being modified by Zeif, but rather were being locally stored on Zeif's hard drive where he could access them independently. (Am. Compl. ¶ 60.) A comparison of Zeif's activities and other employees that accessed the GitHub repository during this time revealed that no other employee downloaded or copied the SmartLinx Proprietary Information in the same or similar manner. (Id.)
During this time period, Zeif also used his SmartLinx issued work phone to communicate with Intelycare and to schedule his Zoom interviews with representatives of his prospective employer. (Id. ¶ 61.) Calendar entries obtained from Zeif's work phone reflect that from January 20, 2021 through February 8, 2021, Zeif engaged in multiple Zoom calls with varying levels of Intelycare senior management, including two meetings between Zeif and the Intelycare CEO. (Id. ¶ 62; Ex. E.) The process of interviewing Zeif for a position with Intelycare, which one of the Zoom meetings indicates is for a Product Director position, occurred over a sixteen (16) day period from January 20, 2021 to February 5, 2021, after which he was presented with an offer, with a follow up meeting on February 8, 2021. (Id. ¶ 63.) SmartLinx avers, upon information and belief, that Zeif received equity as part of the offer to join Intelycare. (Id. ¶ 64.)
On February 8, 2021, Zeif texted a fellow SmartLinx employee about his decision to leave SmartLinx, stating: “I'm gonna give them 6 weeks notice [sic] and moonlighting after.” (Id. ¶ 65.) SmartLinx contends this reflects Zeif's intent to act as a faithless servant against the interests of the company, and that this intent was manifested in mid to late-February 2021 when Zeif accessed the GitHub repository to download thousands of files containing the SmartLinx Proprietary Information to his local devices. (Id. ¶ 66.)
An audit of the internet searches performed by Zeif after giving notice of his resignation revealed two results that SmartLinx alleges are indicators of his intention to misappropriate SmartLinx source code. (Id. ¶ 67; Ex. F.) First, Zeif reviewed a software article entitled “Who Owns the Code?” which explains the issues associated with efforts of source code programmers to reuse code they had developed after moving to a new employer. (Id.) Second, Zeif conducted a search to determine how to use the remote desktop application to connect to a Windows 10 personal computer, which SmartLinx asserts would enable Zeif to remotely access SmartLinx systems from a separate, non-work computer. (Id.) In his affidavit, Zeif contests this explanation of the reasons for reviewing the referenced articles as baseless and provides innocent explanations for accessing those resources. (Zeif Aff. ¶¶ 20-21.)
SmartLinx avers the audit of Zeif's devices also showed that, on February 13, 2021, after downloading files containing SmartLinx Proprietary Information onto his OneDrive cloud system and local C Drive, Zeif used a series of USB devices to connect to his SmartLinx devices, which USB devices were not disclosed or returned to SmartLinx when his employment ended. (Id. ¶ 68.) The audit further revealed that Zeif had access to a number of external devices and platforms in addition to USB devices, including a Google Gmail address, a Dropbox account, and Google Drive account linked to his SmartLinx devices. (Id.)
On February 28, 2021, SmartLinx transmitted correspondence to Zeif, terminating him for cause and directing him to immediately discontinue utilizing all electronic devices provided to him by SmartLinx during the course of his employment. (Id. ¶ 76; Ex. G.) On the same day, SmartLinx sent a letter to Intelycare, advising the company of what SmartLinx viewed to be Zeif's illegal conduct and demanding that Intelycare cease and desist all efforts to employ Defendant. (Id. ¶ 77; Ex. H.) SmartLinx also demanded that Intelycare: (1) provide SmartLinx with a list of any SmartLinx Proprietary Information provided to Intelycare by Zeif; and (2) Intelycare return all SmartLinx Proprietary Information in its possession. (Id. ¶ 78; Ex. H.)
On March 1, 2021, SmartLinx received correspondence from John E. North, Jr., Esq., counsel for Zeif (the “North Letter”). (Id. ¶ 81; Ex. I.) In the North Letter, Zeif denies misappropriating SmartLinx Proprietary Information, explaining that he spent a significant amount of time rectifying software “bugs.” (Id. ¶ 82; Ex. I.) Zeif further asserts that he did this work for years, primarily on weekends so as not to interfere with his primary responsibilities, for the purpose of assisting his team. (Id. ¶ 83.)
SmartLinx avers that the forensic audit of Zeif's devices obtained after his termination contradicts the statement in the North Letter that he regularly worked weekends to fix the alleged bug problem. (Id. ¶ 85.) Rather, contends SmartLinx, the forensic data on the devices reveals that the bulk of this activity-downloading SmartLinx Proprietary Information from the GitHub repository to Defendant's local devices- occurred on three occasions: in April 2020, November 2020, with the majority of the activity in January and February 2021, after Defendant began to interview with Intelycare. (Id.; Ex. J.) SmartLinx further contends that the audit contradicts statements in the North Letter that Zeif would delete the source code files from his local devices after fixing the bug problem. (Id. ¶ 86.) Per SmartLinx's evaluation of the audit, Zeif neither modified the source code nor deleted it from his local devices. (Id.) Moreover, SmartLinx notes that its policies and procedures prohibited any such deletion of files and information from SmartLinx devices. (Id.) In sum, SmartLinx claims that Zeif's explanations for his activities with regard to the source code are not credible and are contradicted by SmartLinx's forensic analysis.
B. Procedural History
SmartLinx initiated this action on March 11, 2021 by filing a Verified Complaint (“Original Complaint”) and Emergency Motion for Temporary Restraining Order and Preliminary Injunction (“TRO Motion”). (ECF Nos. 1 & 3.) On March 22, 2021, Zeif filed a motion for summary judgment and motion to dismiss the Original Complaint and an opposition to the TRO Motion. (ECF Nos. 11 & 12.) On March 28, 2021, SmartLinx filed its reply memorandum in support of the TRO Motion. (ECF No. 13.) With the Court's authorization, Zeif filed a sur-reply in opposition to the TRO Motion on March 31, 2021. (ECF No. 18.) The Court entered a Text Order denying the TRO Motion on April 5, 2021. (ECF No. 23.)
On April 5, 2021, SmartLinx filed a Verified Amended Complaint. (ECF No. 24.) SmartLinx also filed an opposition to Zeif's motion for summary judgment and motion to dismiss directed at the Original Complaint on the bases that the motions were moot in light of the Amended Complaint and that Zeif's summary judgment motion was premature. (ECF No. 25.) On April 8, 2021, Zeif filed a reply to SmartLinx's opposition to the original motion to dismiss and motion for summary judgment. (ECF No. 26.) On April 21, 2021, in a docket entry that is apparently not visible to the parties, the Court terminated the original motion to dismiss and motion for summary judgment in light of the Amended Complaint. (ECF No. 27.) On April 23, 2021, Zeif filed the instant Motion to Dismiss and conditional Motion for Summary Judgment directed at the Amended Complaint. (ECF No. 28.) The conditional Motion for Summary Judgment is operative because the Court terminated the original motion for summary judgment. The Motions are ripe for review (see ECF Nos. 29 & 30) and the Court now issues the following ruling.
STANDARD OF REVIEW
A motion to dismiss for failure to state a claim upon which relief can be granted pursuant to Federal Rule of Civil Procedure 12(b)(6) “challenges the legal sufficiency of a complaint, considered with the assumption that the facts alleged are true.” Francis v. Giacomelli, 588 F.3d 186, 192 (4th Cir. 2009) (internal citations omitted). The Amended Complaint asserts claims under the Federal Defend Trade Secrets Act (“DTSA”), 18 U.S.C. §§ 1836, et seq. (Count One), Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030 (Count Two), South Carolina Trade Secrets Act (“SCTSA”), SC Code § 39-8-20, et seq. (Count Three), Breach of Contract (Count Five), Misappropriation (Count Six), Conversion (Count Seven), and Breach of Fiduciary Duty and Duty of Loyalty (Count Eight). (Am. Compl. ¶¶ 90-138.) Claims that sound in fraud must satisfy both Rule 8(a)'s plausibility requirement and Rule 9(b)'s heightened standard to plead fraud with particularity. Universal Health Servs., Inc. v. U.S. ex rel. Escobar, 136 S.Ct. 1989, 2004 n.6 (2016).
“To survive a motion to dismiss, a complaint must contain sufficient factual matter, accepted as true, to ‘state a claim for relief that is plausible on its face.'” Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009) (quoting Bell Atl. Corp. v. Twombly, 550 U.S. 544, 570 (2007)). “A claim has facial plausibility when the plaintiff pleads factual content that allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged.” Id. (quoting Twombly, 550 U.S. at 556)). Although the allegations in a complaint generally must be accepted as true, that principle “is inapplicable to legal conclusions, ” and the Court is “not bound to accept as true a legal conclusion couched as a factual allegation.” Id. (citations and quotation marks omitted). “The plausibility standard is not akin to a ‘probability requirement,' but it asks for more than a sheer possibility that a defendant has acted unlawfully. Where a complaint pleads facts that are ‘merely consistent with' a defendant's liability, it ‘stops short of the line between possibility and plausibility of entitlement to relief.'” Id. at 678 (quoting Twombly, 550 U.S. at 557). Stated differently, “where the well-pleaded facts do not permit the court to infer more than the mere possibility of misconduct, the complaint has alleged-but it has not ‘show[n]'-‘that the pleader is entitled to relief.'” Id. at 679 (quoting Fed.R.Civ.P. 8(a)(2)). Still, Rule 12(b)(6) “does not countenance . . . dismissals based on a judge's disbelief of a complaint's factual allegations.” Colon Health Centers of Am., LLC v. Hazel, 733 F.3d 535, 545 (4th Cir. 2013) (quoting Neitzke v. Williams, 490 U.S. 319, 327 (1989)). “A plausible but inconclusive inference from pleaded facts will survive a motion to dismiss . . . .” Sepulveda-Villarini v. Dep't of Educ. of Puerto Rico, 628 F.3d 25, 30 (1st Cir. 2010).
Rule 9(b) imposes a heightened pleading standard on fraud claims, under which a plaintiff must “state with particularity the circumstances constituting fraud or mistake.” Fed.R.Civ.P. 9(b). The purposes of Rule 9(b) include “providing notice to a defendant of its alleged misconduct, ” “preventing frivolous suits, ” “eliminating fraud actions in which all the facts are learned after discovery, ” and “protecting defendants from harm to their good will and reputation.” U.S. ex rel. Nathan v. Takeda Pharm. N. Am., Inc., 707 F.3d 451, 456 (4th Cir. 2013) (quotation marks and modifications omitted).
The Court shall grant summary judgment “if the movant shows that there is no genuine dispute as to any material fact and the movant is entitled to judgment as a matter of law.” Fed.R.Civ.P. 56(a). The movant bears the initial burden of demonstrating that summary judgment is appropriate; if the movant carries its burden, then the burden shifts to the non-movant to set forth specific facts showing that there is a genuine issue for trial. See Celotex Corp. v. Catrett, 477 U.S. 317, 322-23 (1986). If a movant asserts that a fact cannot be disputed, it must support that assertion either by “citing to particular parts of materials in the record, including depositions, documents, electronically stored information, affidavits or declarations, stipulations (including those made for purposes of the motion only), admissions, interrogatory answers, or other materials;” or “showing . . . that an adverse party cannot produce admissible evidence to support the fact.” Fed.R.Civ.P. 56(c)(1).
Accordingly, to prevail on a motion for summary judgment, the movant must demonstrate that: (1) there is no genuine issue as to any material fact; and (2) that he is entitled to judgment as a matter of law. As to the first of these determinations, a fact is deemed “material” if proof of its existence or non-existence would affect disposition of the case under applicable law. Anderson v. Liberty Lobby, Inc., 477 U.S. 242, 248 (1986). An issue of material fact is “genuine” if the evidence offered is such that a reasonable jury might return a verdict for the non-movant. Id. at 257. In determining whether a genuine issue has been raised, the Court must construe all inferences and ambiguities against the movant and in favor of the non-moving party. United States v. Diebold, Inc., 369 U.S. 654, 655 (1962). “Summary judgment is proper only when it is clear that there is no dispute concerning either the facts of the controversy or the inferences to be drawn from those facts.” Pulliam Inv. Co. v. Cameo Props., 810 F.2d 1282, 1286 (4th Cir. 1987). The Court must decide “whether the evidence presents a sufficient disagreement to require submission to a jury or whether it is so one-sided that one party must prevail as a matter of law.” Anderson, 477 U.S. at 251-52.
DISCUSSION
A. Whether SmartLinx Has Sufficiently Pled Claims Under the Defend Trade Secrets Act and the South Carolina Trade Secrets Act
“To establish a claim for misappropriation of trade secrets under the South Carolina Trade Secrets Act, a plaintiff must show: (1) the existence of a trade secret; (2) misappropriation, wrongful use, or wrongful disclosure of a trade secret by the defendant; and (3) damages.” Indus. Packaging Supplies, Inc. v. Davidson, No. CV 6:18-0651-TMC, 2018 WL 10456201, at *4 (D.S.C. June 22, 2018) (citation and quotation marks omitted). A “trade secret” is “all forms and types of financial, business, scientific, technical, economic, or engineering information . . . if (A) the owner thereof has taken reasonable measures to keep such information secret; and (B) the information derives independent economic value, actual or potential, from not being generally known[.]” 18 U.S.C. § 1839(3); see also S.C. Code § 39-8-20(5). The source code for SmartLinx's proprietary scheduling software application constitutes a trade secret, and this element of the pleading requirements is satisfied. See Trandes Corp. v. Guy F. Atkinson Co., 996 F.2d 655, 663 (4th Cir. 1993) (“The source code can and does qualify as a trade secret.”)
The elements under the SCTSA and DTSA are substantially the same, and the respective claims in the Amended Complaint are analyzed together. See Indus. Packaging Supplies, 2018 WL 10456201, at *3 n.8.
Here, the dispositive issue is whether SmartLinx has adequately alleged that Zeif “misappropriated” the trade secret(s) in question. The DTSA and SCTSA generally define misappropriation as involving the improper acquisition of a trade secret of another by improper means. See 18 U.S.C. § 1839(5) (defining misappropriation); S.C. Code § 39-8-20(2) (defining misappropriation). The DTSA further includes as misappropriation “disclosure or use of a trade secret of another without express or implied consent by a person who . . . at the time of disclosure or use, knew or had reason to know that the knowledge of the trade secret was . . . acquired under circumstances giving rise to a duty to maintain the secrecy of the trade secret or limit the use of the trade secret; or . . . derived from or through a person who owed a duty to the person seeking relief to maintain the secrecy of the trade secret or limit the use of the trade secret[.]” 18 U.S.C. § 1839(5). The SCTSA contains a materially identical definition of “misappropriation” by way of wrongful disclosure. S.C. Code § 39-8-20(2)(c).
The Amended Complaint sets forth detailed facts about Zeif's alleged misappropriation through improperly accessing and downloading SmartLinx's source code without the consent of SmartLinx. (See supra at 6-11.) The allegations include assertions that-despite his position as Director of Product Management at the company-Zeif had no authorization or permission to download SmartLinx's proprietary information onto the OneDrive and the C Drive of his local computer, that none of the other SmartLinx developers engaged in such behavior, that the source code was always accessed through the GitHub repository without downloading it, that SmartLinx management expressly instructed Zeif to discontinue working on the source code when he was promoted, that Zeif indicated he understood the instruction and stated he was no longer working on the source code, and that the timing and nature of large source code downloads specifically corresponds to Zeif's stated intent to switch employment to a direct competitor to “build a light version of a scheduling solution.” (Id.)
Zeif's arguments in the Motion to Dismiss largely hinge on the notion that all of the allegedly improper and unlawful downloads occurred from computing equipment owned by SmartLinx to computing equipment owned by SmartLinx-including “his” (Zeif's) computer, which was a work-related asset. (See ECF No. 28 at 10-16.) If the trade secrets in question never left SmartLinx computers, the argument goes, how could they have been misappropriated? However, this argument misses the fact that the alleged protocols that SmartLinx placed on how the trade secrets were permitted to be accessed were precisely for the purpose of limiting access to the source code such that the modalities of access could be tightly monitored in order to prevent improper use. Once the source code left the GitHub repository there are many ways in which it could be misused that are potentially very difficult to detect. In this context, the allegations in the Amended Complaint are sufficient to state a plausible claim for misappropriation by way of unauthorized acquisition under 18 U.S.C. § 1839(5) and S.C. Code § 39-8-20(2).
Zeif asserts that he was given access to the trade secrets as part of his job responsibilities, that no one at SmartLinx ever suggested that the way he was using the software repository management tools or downloading source code should be changed, and that his intent for accessing and downloading the source code was to fix software bugs. (ECF No. 28 at 17; Zeif Aff. ¶¶ 11-14.) However, Zeif's mere disagreement with the facts asserted in the Amended Complaint is not a sufficient basis upon which to find that the trade secret misappropriation counts fail to state plausible claims to relief. Zeif also argues that SmartLinx has not made a factual showing that he actually disclosed the trade secrets to anyone outside of the company. (ECF No. 28 at 17.) But the Amended Complaint does allege that Zeif's acquisition of the source code was improper and without SmartLinx's consent, and that the improper downloads happened while he was interviewing for a job to build a competing product at Intelycare. (See Am. Compl. ¶¶ 54- 57.) It further alleges that by hiring Zeif, Intelycare “will have” access to SmartLinx's Proprietary Information, including the source code, which will aid development of a competing software product to “disrupt nursing scheduling” to the detriment of SmartLinx and its competitive advantage in the applicable market. (Id. ¶ 51.) SmartLinx's allegations of Zeif's improper access and download of SmartLinx Proprietary Information, the timing of mass downloads of source code coinciding with his preparation to leave SmartLinx for Intelycare, and the fact that Zeif's explanations for those actions were allegedly contradicted by SmartLinx's forensic audit of Zeif's devices are sufficient to support a plausible inference that Zeif intended to misuse the source code. Further evidence of disclosure is unnecessary at this stage. See Autodesk, Inc. v. ZWCAD Software Co. Ltd., No. 5:14-CV-01409-EJD, 2015 WL 2265479, at *6 (N.D. Cal. May 13, 2015) (“[T]here is no requirement that [the plaintiff] plead exactly how [d]efendants improperly obtained or used the alleged trade secret. Again, as discovery has not yet commenced, it would be unreasonable to require a plaintiff to demonstrate the precise ways in which [d]efendants may have used their trade secrets, given that [d]efendants are the only ones who possess such information.” (citations, modification, and quotation marks omitted)). Accordingly, the Motion to Dismiss Counts One and Three is denied.
B. Whether SmartLinx Has Adequately Pled its Claim Under the Computer Fraud and Abuse Act
With respect to SmartLinx's CFAA claim, the Court will first address Zeif's assertion that the claim must meet the heightened pleading requirements of Rule 9(b) because it “sounds in fraud.” (See ECF No. 28 at 17.) The Court notes that Zeif does not cite any controlling authority for the proposition that Rule 9(b)'s particularity requirement applies to the type of CFAA claims at issue here. (See ECF Nos. 28 & 30 (citing case law from other federal circuits and districts regarding general principles of the Rule 9(b) standard).) There is at least some authority that stands for the opposite principle. See, e.g., NetApp, Inc. v. Nimble Storage, Inc., 41 F.Supp.3d 816, 833 (N.D. Cal. 2014) (holding, where the plaintiff advanced various theories of liability under CFAA, that “the weight of authority counsels that Rule 9(b) does not constrain [the plaintiff's] CFAA claims”); Sprint Nextel Corp. v. Simple Cell, Inc., No. CIV. CCB-13-617, 2013 WL 3776933, at *6 (D. Md. July 17, 2013) (“Because the statute is more logically read as prohibiting ‘wrongdoing' to obtain something of value and not, specifically, only acts that sound in common law fraud, the court will decline to apply Rule 9(b) to [the plaintiff's] CFAA claims.”). Nevertheless, given that SmartLinx has articulated at least part of its CAFA claim as premised upon Zeif's alleged “intent to steal, deprive, and defraud SmartLinx of its computer data and records” (Am. Compl. ¶ 100), the Court assumes that Rule 9(b)'s pleading requirements apply and finds that SmartLinx has pleaded Zeif's alleged conduct with sufficient specificity to satisfy those requirements. See Dorsey v. Portfolio Equities, Inc., 540 F.3d 333, 339 (5th Cir. 2008) (stating that Rule 9(b) requires a plaintiff to set forth “the who, what, when, where, and how” of the events at issue).
Among other things, the CFAA renders liable a person who (1) “intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains . . . information from any protected computer, ” in violation of 18 U.S.C. § 1030(a)(2)(C); (2) “knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, ” in violation of § 1030(a)(4); or (3) “intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage[, ] or . . . causes damage and loss, ” in violation of § 1030(a)(5)(B)-(C). SmartLinx has alleged that Zeif “engaged in a systematic and strategic raid of [the company's] most confidential business plans and proprietary information” for the purpose of providing that proprietary information to a competitor and/or using it to the detriment of SmartLinx, has provided specific dates and times on which the relevant computer systems were allegedly accessed in a manner that exceeded authorization, has identified specific computer files taken, and has itemized evidence that plausibly demonstrates Zeif's intent to use those files for improper purposes. (Am. Compl. ¶¶ 48, 50-68, 80-84; Exs. D, J.)
Zeif's sole argument in support of dismissal of SmartLinx's CFAA claim is that he cannot be liable for unlawful access to the proprietary information because he was given permission to access the source code, he used SmartLinx-issued computer equipment to gain access, and any subsequent access, therefore, cannot have been unauthorized. (See ECF No. 28 at 17-18.) In support of this argument, Zeif cites a Ninth Circuit case that affirmed the grant of summary judgment to an employee where his access to the employer's computer system was found to be permissive. (See Id. at 18 (citing LVRC Holdings LLC v. Brekka, 581 F.3d 1127, 1135 (9th Cir. 2009) (“There is no dispute that [the employee] was given permission to use [the employer's] computer and that he accessed documents or information to which he was entitled by virtue of his employment with [the employer]. Because [the employee] had authorization to use the [employer's] computer, he did not access a computer ‘without authorization.'”)).)
Under Fourth Circuit law, an employee “accesses a computer ‘without authorization' when he gains admission to a computer without approval.” WEC Carolina Energy Sols., LLC v. Miller, 687 F.3d 199, 204 (4th Cir. 2012) (citing Brekka, 581 F.3d at 1133). “[A]n employee ‘exceeds authorized access' when he has approval to access a computer, but uses his access to obtain or alter information that falls outside the bounds of his approved access.” Id. As set forth above, the Amended Complaint alleges that Zeif was expressly told by his supervisor and the CEO to stop working on the source code in early 2020, and that he responded by confirming that he understood but subsequently performed mass downloads of SmartLinx source code notwithstanding previously stating that he would no longer work on the source code. (Supra at 7.) Moreover, even if as Zeif argues, his access to the source code was not revoked, SmartLinx has clearly alleged that he exceeded any permitted access when he downloaded the source code outside of the GitHub repository. (Id. at 6-7.)
Furthermore, SmartLinx avers with particularity that Zeif continued to use his SmartLinx computer after receiving notice of his termination and the express instruction from SmartLinx's counsel that he immediately cease using any of the SmartLinx computer devices. Specifically, SmartLinx alleges that “on February 28, 2021, . . . Zeif defied SmartLinx's Cease and Desist Directive issued to him on the same day to discontinue accessing any of his electronic devices and continued to use the machine to access source code development software and his Google Drive.” (Am. Compl. ¶ 79; Ex. J.) SmartLinx further alleges that Zeif “continued accessing the laptop for more than six hours after SmartLinx directed him verbally and in writing to stop working on the machine.” (Id. ¶ 80.) Zeif's alleged post-termination access of SmartLinx computers was not authorized and is sufficient to state a plausible violation of the CFAA. See Tech Sys., Inc. v. Pyles, 630 Fed.Appx. 184, 186 (4th Cir. 2015) (stating there was sufficient evidence for a reasonable jury to find a CFAA violation under the WEC Carolina framework where defendant former human resources director previously had full access to her employer's computer systems and, inter alia, accessed her corporate email account and company-issued Blackberry without authorization after her termination). The Court finds that SmartLinx has adequately pled a CFAA claim pursuant to the Rule 8(a) and 9(b) standards, and the Motion to Dismiss Count Two is denied.
C. Whether SmartLinx Has Sufficiently Pled its Misappropriation, Conversion, and Breach of Fiduciary Duty and Duty of Loyalty Claims
Zeif argues that SmartLinx's misappropriation, conversion, and fiduciary duty/duty of loyalty claims should be dismissed because they are “supported by no facts other than those stated in the Common Facts, which do not show a misappropriation and do not provide a factual basis for the necessary elements of those claim [sic].” (ECF No. 28 at 19.) Zeif does not provide any additional support for this argument. The Court finds that SmartLinx has stated facts sufficient to support each of these claims for the following reasons.
1. Misappropriation
As explained above with respect to the DTSA and SCTSA claims, SmartLinx has sufficiently alleged that Zeif misappropriated the company's trade secrets. (Supra at 15-18.) SmartLinx has provided a factual description of the trade secrets at issue and has set forth detailed facts concerning Zeif's alleged misappropriation through improperly accessing and downloading SmartLinx's trade secrets without the consent of SmartLinx. (Supra at 6-11.) No. more is required at this stage.
2. Conversion
The South Carolina Supreme Court has defined conversion as “the unauthorized assumption in the exercise of the right of ownership over goods or personal chattels belonging to another to the exclusion of the owner's rights.” Am. Credit of Sumter, Inc. v. Nationwide Mut. Ins. Co., 663 S.E.2d 492, 495 (S.C. 2008) (citation omitted). “Conversion may arise by some illegal use or misuse, or by illegal detention of another's chattel.” Id. To establish a prima facie case for conversion, the plaintiff must show either title to or the right to possession of the personal property. Moseley v. Oswald, 656 S.E.2d 380, 382 (S.C. 2008) (citation omitted).
The Court finds that SmartLinx has adequately pled a conversion claim under South Carolina law. The Amended Complaint alleges that Zeif accessed and downloaded, without SmartLinx's authorization, tens of thousands of computer files relating to SmartLinx's confidential and proprietary information and placed it on devices and drives that were not permitted and to which he had ongoing access until his employment was terminated. (Am. Compl. ¶¶ 48, 50-68, 80-84; Exs. D, J.) This is sufficient to state a plausible claim that Zeif exercised the right of ownership over property belonging to SmartLinx, in violation of SmartLinx's rights.
SmartLinx demanded the return of its confidential information and demanded that Zeif immediately discontinue using devices provided to him by SmartLinx. (See Id. Ex. G.) While Zeif has argued in other briefs and affidavits filed with the Court that he returned all of the SmartLinx information and devices (see ECF Nos. 11, 11-1, 18, 19), these statements, which SmartLinx to date has not had an opportunity to cross-examine or obtain discovery to verify their veracity, cannot form the basis of a motion to dismiss a conversion claim. SmartLinx's forensic audit of Zeif's work computer demonstrated that he connected external devices to the computer following his download of SmartLinx Proprietary Information, and that he also had access to various cloud storage devices linked to his SmartLinx devices. (Am. Compl. ¶ 68; Ex. J.) SmartLinx has alleged that Zeif has not returned or provided SmartLinx with access to these external devices or drives. (Id.) Of course, Zeif's innocent explanations for the use of these devices and drives (see ECF Nos. 11-1, 19) may turn out to be true, but that is not a matter for the Court's consideration at this stage. SmartLinx has properly pleaded a claim for conversion and dismissal would be improper.
3. Breach of Fiduciary Duty and Duty of Loyalty
To establish a cause of action for breach of a fiduciary duty, a plaintiff must show the existence of a fiduciary duty, a breach of that duty by the defendant, and damages proximately resulting from the wrongful conduct of the defendant. RFT Mgmt. Co., L.L.C. v. Tinsley & Adams L.L.P., 732 S.E.2d 166, 173 (S.C. 2012) (citation omitted). An employee owes a duty of loyalty to his employer to remain faithful to the employer's interests throughout the term of employment, to abide by his employer's instructions and policies, and to carry out those instructions and policies. Foreign Acad. & Cultural Exch. Servs., Inc. v. Tripon, 715 S.E.2d 331, 335 (S.C. 2011); Nucor Corp. v. Bell, 482 F.Supp.2d 714, 726 n.9 (D.S.C. 2007); Young v. McKelvey, 333 S.E.2d 566, 567 (S.C. 1985).
Zeif has not substantively challenged SmartLinx's allegations of a fiduciary duty and/or a duty of loyalty. (See ECF No. 28 & 30.) SmartLinx alleges that: (1) Zeif was a Director of SmartLinx and that SmartLinx entrusted him with a high level of management autonomy and information; (2) SmartLinx was entitled to place its trust and confidence in Zeif and relied on his loyalty, integrity, and faithful performance of his responsibilities; (3) during his employment with SmartLinx, Zeif breached his fiduciary duty and duty of loyalty by misappropriating SmartLinx's Proprietary Information, violating the NDA and other SmartLinx policies, and acting in conflict of interest; (4) Zeif engaged in this conduct to the detriment of SmartLinx; and (5) SmartLinx has been harmed by Zeif's conduct. (See Am. Compl. ¶¶ 28-89, 129-38; Exs. A, B, D, F, J.) The Court finds that the allegations in the Amended Complaint are sufficient to state a cause of action for Zeif's breach of a fiduciary duty and/or duty of loyalty.
Accordingly, the Motion to Dismiss Counts Six, Seven, and Eight of the Amended Complaint for failure to state a claim is denied.
D. Whether Zeif is Entitled to Summary Judgment on SmartLinx's Breach of Contract Claim
Zeif filed his Motion for Summary Judgment on SmartLinx's breach of contract claim before any discovery in this case commenced. The Court finds that the Motion for Summary Judgment is premature and it will, therefore, be denied. See Pacific Capro Indus. v. Glob. Advantage Distrib., Inc., No. 4:08-cv-4155-RBH, 2010 WL 890052, at *5 (D.S.C. Mar. 8, 2010) (denying the defendant's motion for summary judgment as premature where the case had been pending for approximately four months and the plaintiff “had not had a full and fair opportunity to develop the facts and establish through discovery each essential element of its case”); Temkin v. Frederick Cnty. Comm'rs, 945 F.2d 716, 719 (4th Cir. 1991) (“Summary judgment may only be entered after ‘adequate time for discovery.'” (quoting Celotex, 477 U.S. at 322)). If the Court were to grant summary judgment on the current record, SmartLinx would be denied the opportunity to conduct its own investigation into the material facts at issue regarding Zeif's alleged breach of his contractual obligations pursuant to the NDA. See Nader v. Blair, 549 F.3d 953, 961 (4th Cir. 2008) (“Generally, a district court must refuse summary judgment where the nonmoving party has not had the opportunity to discover information that is essential to its opposition.” (citation, modifications, and quotation marks omitted)).
The sole basis for Zeif's Motion for Summary Judgment is that SmartLinx cannot establish a breach of contract claim against him based on the NDA because he signed the NDA after he was already employed by SmartLinx and the NDA was not supported by any additional consideration. (See ECF No. 28 at 5-8 (citing Poole v. Incentives Unlimited, Inc., 548 S.E.2d 207, 209 (2001) (“[W]e adopt the rule that when a covenant is entered into after the inception of employment, separate consideration, in addition to continued at-will employment, is necessary in order for the covenant to be enforceable.”)).) In support of this position, Zeif points to statements in his own affidavit and the affidavit of Georgia Haug, former Office Manager for SmartLinx, stating that: (1) at the time the NDA was signed, Zeif was an existing “at will” employee of SmartLinx, and (2) he received no consideration for executing the NDA. (Id. at 6.)
However, Zeif's arguments overlook the fact that the NDA appears to have been executed within months of when Zeif was hired (see Am. Compl. ¶ 19 (stating Zeif “interned for SmartLinx after completing high school and was hired by SmartLinx in 2008 as Project Manager at the suggestion of his father, Alex Zeif, who is one of the founders of the Company”); Ex. A (indicating Zeif executed the NDA in April 2009)), and that Zeif was promoted to the position of Director of Support and Implementation a few months after he signed the NDA (id. ¶ 30). Cf. Poole, 548 S.E.2d at 209 (adopting the reasoning of jurisdictions “which find that ordinarily employment is a sufficient consideration to support a restrictive negative covenant, but where the employment contract is supported by the purported consideration of continued employment, there is no consideration when the contract containing the covenant is exacted after several years employment and the employee's duties and position are left unchanged” (emphasis added)). At a minimum, SmartLinx is entitled to investigate the proximity in time between when Zeif was hired and when the NDA was executed, the relationship of the promotion Zeif received following his execution of the NDA, and the grounds for the assertions in Zeif and Haug's affidavits, including whether there is evidence contradicting those assertions. Accordingly, the Motion for Summary Judgment as to Count Five is denied.
CONCLUSION
For the reasons set forth above, Defendant Vitzeslav Zeif's (“Zeif”) Motion to Dismiss Counts One, Two, Three, Six, Seven, and Eight of the Amended Complaint pursuant to Federal Rule of Civil Procedure 12(b)(6) and conditional Motion for Summary Judgment as to Count Five of the Amended Complaint (ECF No. 28) is DENIED.
IT IS SO ORDERED.