Alternative Legal Solutions, Inc. v. Ferman Management Services Corporation et al, No. 3:2007cv00880 - Document 217 (D. Or. 2009)
Court Description: Findings & Recommendation: Plaintiffs Motion for Partial Summary Judgment (docket # 135 ) should be GRANTED on the issue of liability on Count II of the Third Claim (Breach of Contract). Defendants Motion for Partial Summary Judgment (docket # 133 ) should be GRANTED in part as to: (1) the First Claim for a violation of 18 USC § 1030(a)(5)(A) (First Amended Complaint, 32); (2) the Fourth Claim for tortious interference with contract (id, 66-70); and (3) the Fifth Claim for tortious i nterference with prospective business relationships (id, 71-75), and should be DENIED in all other respects. As a result, the claims left for trial are: (1) First Claim for violations of 18 USC § 1030(a)(2)(C) & (a)(4) against all defendants; (2 ) Second Claim for misappropriation of trade secrets in violation of the OUTSA against all defendants; (3) Third Claim for breach of contract against Ferman, with damages only on Count II; and (4) Sixth Claim for trespass against all defendants.Objec tions to these Findings and Recommendations, if any, are due May 22, 2009. If no objections are filed, then the Findings and Recommendations will be referred to a district judge and go under advisement on that date. If objections are filed, then a r esponse is due within 10 days after being served with a copy of the objections. When the response is due or filed, whichever date is earlier, the Findings and Recommendations will be referred to a district judge and go under advisement. Objections to the Findings and Recommendation are due by 5/22/2009. (FILED UNDER SEAL- UNSEALED on 6/1/2009 per order #221) Signed on 5/5/2009 by Magistrate Judge Janice M. Stewart.(da) Modified on 6/1/2009 (da).
Download PDF
<![CDATA[
Alternative Legal Solutions, Inc. v. Ferman Management Services Corporation et al Doc. 217 IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF OREGON ALTERNATIVE LEGAL SOLUTIONS, INC., an Oregon corporation, dba COMPLI, CV-07-880-ST Plaintiff, FINDINGS AND RECOMMENDATIONS v. FERMAN MANAGEMENT SERVICES, CORPORATION, a Florida corporation; MOSAIC INTERACTIVE, LLC, a Florida limited liability company; and STEPHEN B. STRASKE II, individually, and JAMES S. GANTHER, individually, Defendants. STEWART, Magistrate Judge: INTRODUCTION Plaintiff, Alternative Legal Solutions, Inc., dba Compli, (“Compli”), an Oregon corporation, develops, sells, installs, and provides ongoing support for a web-based dealership compliance management system, primarily for automobile dealerships. Prior to this dispute, one of Compli’s customers was defendant Ferman Management Services Corporation (“Ferman”), a 1 - FINDINGS AND RECOMMENDATIONS Dockets.Justia.com Florida limited liability company which, together with an affiliate, Ferman Motor Car Company, operates automobile dealerships throughout Florida. Compli alleges that Ferman, together with the other defendants, unlawfully acquired proprietary and confidential information from its system, then used that information to develop a competing system. The other defendants are Mosaic Interactive, LLC (“Mosaic”), a Florida limited liability company, Stephen B. Straske II (“Straske”), a Florida attorney who is the Vice President and Corporate Counsel of Ferman and a member of the Board of Advisors of Mosaic, and James Ganther (“Ganther”), Mosaic’s President. Compli alleges four claims against all defendants: (1) violation of the Computer Fraud and Abuse Act (“CFAA”), 18 USC § 1030 (First Claim); (2) misappropriation of trade secrets in violation of the Oregon Uniform Trade Secrets Act (“OUTSA”), ORS 64.461- .475 (Second Claim); (3) tortious interference with prospective business relationship (Fifth Claim); and (4) trespass (Sixth Claim). Compli also alleges claims for breach of contract against Ferman (Third Claim) and tortious interference with contract against Straske, Ganther, and Mosaic (Fourth Claim). This Court has federal question jurisdiction pursuant to 18 USC § 1030(g) and 28 USC § 1331 and diversity jurisdiction pursuant to 28 USC § 1332.1 The parties have filed crossmotions for partial summary judgment, as well as competing motions to strike. Compli seeks summary judgment on the issue of liability on Count II of the Third Claim for Breach of 1 Compli initially stated its intent to amend its pleadings to add a claim for copyright infringement under the Copyright Act, 17 USC § 101, et seq. once it obtained the proper copyright registrations, which would provide subject matter jurisdiction pursuant to 28 USC § 1338. Complaint (docket #1), ¶ 10. However, that amendment never materialized. 2 - FINDINGS AND RECOMMENDATIONS Contract (First Amended Complaint, ¶¶ 49-54), and defendants seek summary judgment on all of Compli’s claims, with the exception of the Third Claim for Breach of Contract. This court has ruled in the motions to strike in a separate Order and will not consider any of the evidence stricken in that Order in this Findings and Recommendation. For the reasons that follow, Compli’s Motion for Partial Summary Judgment (docket #135) should be GRANTED on the issue of liability on Count II of the Third Claim (Breach of Contract). Defendants’ Motion for Partial Summary Judgment (docket #133) should be GRANTED in part as to: (1) the First Claim for violation of 18 USC § 1030(a)(5)(A) (First Amended Complaint, ¶ 32); (2) the Fourth Claim for tortious interference with contract (id, ¶¶ 66-70); and (3) the Fifth Claim for tortious interference with prospective business relationships (id, ¶¶ 71-75), and should be DENIED in all other respects. STANDARDS FRCP 56(c) authorizes summary judgment if “no genuine issue” exists regarding any material fact and “the moving party is entitled to judgment as a matter of law.” The moving party must show an absence of an issue of material fact. Celotex Corp. v. Catrett, 477 US 317, 323 (1986). Once the moving party does so, the nonmoving party must “go beyond the pleadings” and designate specific facts showing a “genuine issue for trial.” Id at 324, citing FRCP 56(e). The court must “not weigh the evidence or determine the truth of the matter, but only [determine] whether there is a genuine issue for trial.” Balint v. Carson City, Nev., 180 F3d 1047, 1054 (9th Cir 1999) (citation omitted). A “‘scintilla of evidence,’ or evidence that is ‘merely colorable’ or ‘not significantly probative,’” does not present a genuine issue of material 3 - FINDINGS AND RECOMMENDATIONS fact. United Steelworkers of Am. v. Phelps Dodge Corp., 865 F2d 1539, 1542 (9th Cir), cert denied, 493 US 809 (1989) (emphasis in original) (citation omitted). The substantive law governing a claim or defense determines whether a fact is material. T.W. Elec. Serv., Inc. v. Pacific Elec. Contractors Ass’n, 809 F2d 626, 630 (9th Cir 1987). The court must view the inferences drawn from the facts “in the light most favorable to the nonmoving party.” Id (citation omitted). FACTS Because all material facts must be viewed in the light most favorable to the non-movant, this court will view the evidence in the light most favorable to defendants with respect to the issue of liability on Count II of the Third Claim, and in the light most favorable to Compli on the other issues addressed in the summary judgment motions. A review of the parties’ facts, as well as the other materials submitted by the parties, including affidavits, declarations, and deposition excerpts,2 reveal the following facts. I. Development of Compli’s DCMS and Targeting of Automotive Dealerships Compli operates an online comprehensive compliance management software system, known as its “Dealer Compliance Management System” (“DCMS”). Compli began developing its DCMS in 2000 for companies to access through the Internet. In late 2004, Compli decided to exclusively target the automobile dealer industry and launched that initiative on January 1, 2005. Leneve Decl., ¶ 5. Through December 2007, Compli has spent over $3 million in developing its DCMS, with significant time, effort, and funding dedicated to its product development, product 2 Citations to affidavits, declarations, and depositions are identified by the last name of the affiant, declarant, or deponent, and citations are to the paragraph(s) of the affidavit, declaration or page(s) of the deposition. All other citations are to the exhibit number of the parties’ submissions. 4 - FINDINGS AND RECOMMENDATIONS management, technology platform development, content development, and rollout processes and procedures. Id. Compli’s DCMS provides a software platform where its customers may store company policies and tests on those policies on a customer-specific website. It is accessed by dealer employee users and designated system administrators through a secure website. A separate website is created for each customer, populated with client-specific data, and hosted by a Compli third-party contractor. Each customer user and administrator has a confidential secure password and login code. Users of Compli’s DCMS can review polices, complete training exercises, conduct workflow, review guidelines and subject matter reference materials, review reports, and file reports and forms online. Customer “administrators” have broader access, allowing them to, among other things, create user profiles, add and edit role-based employee groups, add and edit various types of content, establish each employee’s required training and policy reviews, review various levels of detailed reporting, and determine who in the organization will receive and monitor the employee’s and company’s reports. Id, ¶ 3. Compli also created a “demonstration” compact disc (“demo CD”) containing screen shots that depict in static images various screens that a user might see when accessing Compli’s online system. The demo CDs can be viewed without access to the Internet and do not contain a legend indicating that they contain confidential materials. However, the demo CDs do not contain all of the features and functions of Compli’s DCMS and do not disclose the work-flow logic or interrelationship of the various features. The demo CD was provided to a limited audience of prospective customers. Id, ¶ 13. 5 - FINDINGS AND RECOMMENDATIONS In addition to distributing the demo CD, Compli representatives sometimes demonstrated the use of the Compli DCMS through an active online demonstration. These online demonstrations were limited in duration and scope, controlled by Compli personnel, and limited to only those interested in becoming a Compli customer or partner, including being a subject matter expert. The online demonstrations were insufficient for the viewer to learn and understand the specific features and functions of the Compli system. In particular, the demonstration was insufficient to allow a viewer to understand the workflow and integration of the Compli DCMS, which would require the viewer to have both thorough software development experience and continuous and repeated access to the system. Leneve Decl., ¶ 9. II. Compli Contact, Negotiations, and License Agreement with Ferman After deciding to target automotive dealerships with its DCMS, Compli representatives identified key dealer groups which it perceived to be particularly important to its success in marketing its product in particular states. Bryan Depo., p. 28. One such dealer group identified by Compli was Ferman. In the spring of 2005, Compli representatives met with Straske (Ferman’s Vice President and Corporate Counsel) and David Gaul (Ferman’s Risk Manager) and gave an overview of all the ways Compli’s DCMS could help Ferman with compliance issues. Bryan Depo., pp. 28-29, 33-34. Initially, Ferman was not interested in the Compli system, telling Compli representatives that Ferman had an internal internet system which could be used to manage compliance issues. Id at 34. Compli responded with a request for a face-to-face meeting. Id. In May 2005, Compli representatives met with James Brakeman (“Brakeman”), then Ferman’s Chief Financial Officer, and Nick Boicheff (Ferman’s Controller and Chief 6 - FINDINGS AND RECOMMENDATIONS Information Officer), and performed an online demonstration of the Compli DCMS. Id, pp. 3638; Boicheff Aff., ¶¶ 2-3. Ferman’s primary interest in the Compli system was to provide a human resources (“HR”) function for Ferman, namely to track employee compliance with its own policies. Straske Aff., ¶ 3; Brakeman Aff. ¶ 3. Ferman was looking for a system that allowed its employees to view and be tested on Ferman company policies, to have Ferman supervisors electronically notified of which employees had or had not completed those tests, and to have electronic reports of employee completion of company policy tests. Straske Aff., ¶ 3; Brakeman Aff., ¶ 3. Nevertheless, at the time, Compli’s standard sales practice was to describe and promote the DCMS as a comprehensive compliance management system. Leneve Decl., ¶ 6. This included describing the HR functions, as well as describing other compliance related functions and coverage such as finance and insurance (“F&I”) and corporate governance areas. Id. Compli representatives explained that it was expanding the system to include additional training that would address F&I issues. In fact, the system already had some F&I training modules when Ferman began using the Compli system. Leneve Decl., ¶ 5; Bryan Depo., pp. 28-38, 40, 44. Brakeman was interested in the Compli system, but asked Compli to follow up with Robert Shimberg (“Shimberg”), a Florida attorney practicing in the area of regulatory matters related to automotive dealerships. Shimberg, a former colleague of Straske’s at the Hill Ward Henderson law firm, began performing legal services for Ferman in the late 1990’s or early 2000’s. Shimberg Depo., pp. 7-8; Straske Depo., p. 76; Ferman Depo., p. 22. A few days later, Compli representatives met briefly with Shimberg. Shimberg Depo., pp. 10-13; Bryan Depo., 7 - FINDINGS AND RECOMMENDATIONS pp. 30, 39, 41-42. Shortly thereafter, Brakemen negotiated a license agreement with Compli on behalf of Ferman. Brakeman Aff., ¶ 3. III. Compli-Ferman License Agreement On May 26, 2005, Compli and Ferman entered into a License and Subscription Agreement, which gave Ferman a limited license for the use of Compli’s DCMS. Leneve Decl., Ex. 2 (the “License Agreement”). The License Agreement extended from June 1, 2005, through November 30, 2006, initially covered the use of Compli’s system by 950 users, with a total license fee of nearly $40,000.00. Id, p. 1. The License Agreement restricted access to Compli’s DCMS to authorized users and expressly prohibited authorized users from competing with Compli by developing a competing product in the compliance marketplace. Id, pp. 2 (¶ 2), 7. The License Agreement also required Ferman to maintain the confidentiality of passwords and account information and required Ferman to immediately notify Compli of any unauthorized use of its account. Id, p. 2 (¶ 2). In addition, the License Agreement contained the following provision regarding “Customer Content:” Customer is solely responsible for any content it creates or modifies, and any data (including but not limited to any personally identifiable information of Customer’s employees, agents, subcontractors or other third parties) placed on the System by Authorized Users (collectively “Customer Content”). Customer warrants that Customer Content will not infringe on any third party intellectual property rights or violate any other laws or regulations. In the event that Customer Content violates third-party intellectual property rights or other laws or regulations, Customer shall indemnify and hold Compli harmless for any costs, expenses losses, damages, and settlement amounts incurred by Compli in connection with the infringements or violations. Id, p. 2 (¶ 3). 8 - FINDINGS AND RECOMMENDATIONS Ferman authored and placed employment policies and assessment questions onto the Compli-Ferman website on the Compli DCMS. Ferman contends that its company policies, tests on those policies, and Ferman employee test-taking history were not Compli’s proprietary and confidential, trade secret information, but Ferman’s “Customer Content” as defined by the Compli-Ferman Agreement. Brakeman Aff., ¶ 4. IV. Ferman’s Purchase of Compli Training Modules About 10 months after Ferman signed the License Agreement, Compli and Ferman representatives discussed expanding the training modules for the use of Ferman employees. Leneve Decl., ¶ 7. Ferman employees, including Straske, reviewed a number of these automobile dealer training modules in May 2006. About two months later, on July 31, 2006, Ferman (through Brakeman) executed a contract to purchase a bundle of F&I training modules (the “Compliance Bundle”) from Compli. Leneve Decl., Ex. 3; Straske Depo., pp. 60-63. Compli made the training modules of its Compliance Bundle available to Ferman on Compli’s system. Leneve Decl., ¶ 7. V. Compli’s Contact with Ganther In late May 2006, Compli’s President, Lon Leneve (“Leneve”), contacted Ganther, who at that time worked as in-house counsel for Continental-National Services Corporation (“Continental-National”). Continental-National is a brokerage firm for automobile dealer finance and insurance products. Ganther Depo., pp. 9-12, 27. Leneve had read an article authored by Ganther and wanted to introduce himself and Compli and to see whether Ganther had any interest in becoming a Compli subject matter expert. Leneve Decl, ¶ 8. On May 27, 2006, Leneve sent Ganther an email telling him, among other things, that Ferman was a Compli 9 - FINDINGS AND RECOMMENDATIONS customer. Id, Ex. 4. In a follow-up telephone call, Leneve and Ganther discussed, among other things, that Ferman was a Compli customer. Id, ¶ 8. Ganther mentioned that Straske was his close friend. Id. Soon thereafter, on June 6, 2006, Leneve gave Ganther a short demonstration of the Compli system over the Internet. Id. Ganther viewed some functions of Compli’s DCMS, but his access was limited in scope and duration and overseen by Leneve. Leneve Aff, ¶ 9; Ganther Aff., ¶ 9. Compli did not require Ganther to sign or verbally agree to any confidentiality agreement before viewing Compli’s demonstration website. Ganther Aff., ¶ 10. However, Compli’s practice was not to require a non-disclosure agreement during such demonstrations due to the limited disclosures made during such demonstrations. Leneve Decl., ¶¶ 9-10. VI. Formation of Mosaic By the late spring or early summer of 2006, Straske, Ganther, and Shimberg all knew about Compli and that Ferman was a Compli client.3 In the months before October 2006, Shimberg conceived an idea to create an online regulatory compliance company for the automotive industry. Shimberg Depo., pp. 9–10. Shimberg and Ganther knew each other socially and professionally, and Shimberg had performed legal services for Ganther’s previous employers. Id, pp. 8-9; Ganther Depo., pp. 43-44; Straske Depo., p. 76. In June 2006, the same month he was shown an online demonstration of Compli’s DCMS, Ganther was contemplating leaving Continental-National and shared that decision with 3 Defendants dispute this contention. However, the record contains evidence that Straske and Shimberg met with Compli representatives in the spring of 2005, prior to execution of the Compli-Ferman License Agreement (Bryan Depo., pp. 30, 33-34, 39, 41-42; Shimberg Depo., pp. 10-13) and that Ganther observed an online demonstration of Compli’s DCMS in June 2006, after Leneve contacted him to see if he had any interest in working for Compli as a subject matter expert. Leneve Decl., ¶ 8. 10 - FINDINGS AND RECOMMENDATIONS Straske, who told Shimberg. Ganther Depo., pp. 44-45. A couple days later, Shimberg contacted Ganther, and they met to discuss the development of an online training and compliance system for auto dealers. Id, pp. 44-46; Shimberg Depo., pp. 18-19. Ganther expressed concern that other companies provided similar services. Ganther Depo., p. 46. However, they agreed to research the issue and meet again. Id. Ganther left Continental-National in mid-November 2006, to become President of Mosaic. Id, p. 12. On December 15, 2006, Mosaic signed an agreement with Intelladon Corporation (“Intelladon”) to develop learning modules that would be presented on Intelladon’s off-the-shelf learning management software platform. Ganther Aff., ¶ 4; Goewey Depo. Ex. 40; Nelson Decl., Ex. 14. Intelladon’s learning management system could track which dealership employees took an online training module and the test associated with that module, the results of the test, and provide reporting functionality. Mosaic’s target was to complete 36 learning modules by the end of January, in time for the February 2007 National Automobile Dealers Association (NADA) annual meeting because, “[i]ts the annual event where you announce products, or you miss that audience for another year.” Ganther Depo., p. 68. Mosaic’s plan was to create course materials and accompanying video tapes for Intelladon to load on its stock learning management system with some custom graphic designs. Id, pp. 67-69. The focus of Mosaic’s website was professional training in finance and insurance matters related to regulatory compliance in the automotive industry, along with numerous other compliance-related features and links. Ganther Aff., ¶ 4. /// 11 - FINDINGS AND RECOMMENDATIONS VII. Unauthorized Access to the Compli DCMS By mid-Janaury 2007, Mosaic was actively working toward adding a “‘Compli-like’ function to the website [it was] developing.” Nelson Decl., Ex. 16. Meanwhile, Ferman was under pressure from Compli to commit to, and pay for, the extension of the Compli-Ferman License Agreement which had by its terms automatically renewed on December 1, 2006.4 Ferman had not paid the renewal fees and was putting Compli off, pending Intelladon’s development of an “enhanced version of the Compli product.” Id, Ex. 17. Ganther initially contacted Intelladon to discuss development of a system to deploy video training. Goeway Depo., p. 59. The Intelladon Bronze platform had the capability to deliver that service. However, after Mosaic began collaborating with Ferman, Ferman asked for features and functionality that Ferman utilized on the Compli system that could not be delivered on that platform. Id, Exs. 41-42; Ganther Depo., pp. 38-39. Mosaic had to change to a software platform that could support that functionality. Goewey Depo., pp. 39-40, & Exs. 20, 42, 43, 55. On January 17, 2007, Ganther asked Ferman employees Straske and Jon Zorian for an access code to log on to the Compli-Ferman website as an employee. Ganther Depo., Ex. 18. In response, Ferman created employee-level user accounts5 for Ganther and an Intelladon software developer, Linsey Bohnenstiehl (“Bohnenstiehl”). Straske Aff., ¶ 5; Ganther Aff., ¶ 5; Brakeman Aff., ¶ 6. Bohnenstiehl accessed the Compli DCMS to look at the functionality of the 4 The Compli-Ferman License Agreement required Ferman to provide notice to Compli at least 60 days prior to the expiration date of the contract (November 30, 2006) that Ferman did not intend to renew the contract. Ferman did not give that notice. Leneve Decl., ¶ 6, Ex. 2; Thrasher Decl., ¶¶ 6-8; Brakeman Depo., pp. 34-35. Instead, Ferman continued to access the Compli system and provided Mosaic access to the Compli system after the contract expiration date. Brakeman Depo., p. 38. 5 Ferman did not provide system administator-level access to the Compli DCMS to Mosaic and Intelladon. Nelson Depo., pp. 34-35, 123-24; White Depo., pp. 51-52. 12 - FINDINGS AND RECOMMENDATIONS Compli system and conferred with another Intelladon employee, Tim Goewey (“Goewey”), in order to deliver a product to Mosaic that would provide the functionality of the Compli system. Bohnenstiehl Depo., pp. 43-45; Goewey Depo., pp. 34, 43. In particular, Bohnenstiehl was looking to see if the Intelladon platform had the same type of functionality as the Compli system to deliver the features that Ferman wanted. Bohnenstiehl Depo. p. 62. After Bohnenstiehl emailed Ganther on January 19, 2007, that she was “surprised at the poor quality of [Compli’s] offering,” Ganther emailed Bohnenstiehl and Goewey that their “mission, should you choose to accept it is to Blow . . . Compli . . . AWAY.” Id, Ex. 38. Using unauthorized passwords and login codes, Mosaic and Intelladon representatives accessed the Compli system at Ferman. During that unauthorized access, these individuals manipulated the assessments, causing the system to register that multiple assessments were taken and failed. That activity became part of the data stored on the Compli system. Feingold Decl., ¶ 7. VIII. Competition Between Compli and Mosaic Since launching its DCMS, Mosaic has made contact with multiple automobile dealerships, some of whom were either existing Compli customers, or customers Compli had been actively pursuing. Miller Decl., ¶¶ 5-10. Compli and defendants strenuously disagree whether Mosaic’s action of contacting those dealerships constitutes legitimate competition or tortious interference with Compli’s existing and prospective business relationships and devote considerable portions of their fact statements to those topics. /// /// /// 13 - FINDINGS AND RECOMMENDATIONS IX. Migration from Intelladon to AgileView In August of 2007, Mosaic ended its relationship with Intelladon. Ganther Aff., ¶ 8. Mosaic started using a software firm named AgileView and migrated its system onto the AgileView platform. Id; Ganther Depo., pp. 137-39. FINDINGS Defendants seek summary judgment against each of Compli’s claims except for the Third Claim for breach of contract. Compli seeks summary judgment on the issue of liability only on Count II of the Third Claim for breach of contract. Therefore, the court will address each of Compli’s claims. I. Computer Fraud Abuse (First Claim) Compli’s First Claim alleges several violations of the CFAA. Specifically, Compli alleges violations of 18 USC § 1030(a)(2)(C) (First Amended Complaint, ¶ 30) (intentionally accessing a computer without authorization and thereby obtaining information from a protected computer), 18 USC § 1030(a)(4) (First Amended Complaint, ¶ 31) (knowingly and with intent to defraud, accessing a protected computer and by means of such conduct furthering the intended fraud and obtaining anything of value), and 18 USC § 1030(a)(5)(A)(ii) and (iii) (First Amended Complaint, ¶ 32) (intentionally accessing a protected computer without authorization and, as a result of such conduct, causing damage).6 Defendants raise various arguments against each of these claims. For the reasons that follow, this court concludes that defendants should be granted 6 In 2008, 18 USC § 1030 was amended and to redesignate clauses (a)(5)(A)(ii) and (a)(5)(A)(iii) as subparagraphs (a)(5)(B) and (a)(5)(C) respectively. Act of September 26, 2008, PL 110-326, Title II – Identity Theft Enforcement and Restitution Act, Sec. 204 (Malicious Spyware, Hacking, and Keyloggers), 2008 HR 5938. This court will cite to the clauses in effect at the time of defendants’ alleged violations. 14 - FINDINGS AND RECOMMENDATIONS summary judgment against Compli’s claim under 18 USC § 1030(a)(5)(A), but Compli’s other claims under the CFAA should survive summary judgment. A. §1030(a)(2)(C) Violation A violation of 18 USC § 1030(a)(2)(C) is established when a person “intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains . . . information from any protected computer if the conduct involved an interstate or foreign communication.” For purposes of this motion, it is undisputed that defendants “intentionally accesse[d]” a protected computer “without authorization or exceed[ed] authorized access.” The dispute centers on whether by doing so, defendants obtained any “information.” The statute does not require that the information be used or even that the information obtained be confidential.7 It only requires that the defendant “obtains . . . information.” Defendants contend that even if they gained unauthorized access to Compli’s website and online system, they did not obtain any “information.” In particular, defendants contend that Ferman authored and placed its own “Customer Content” on the Compli-Ferman website and never used or adopted any of Compli’s own policy or test content. Instead, defendants assert that the only purpose of their access to Compli’s website was to determine whether Ferman’s “Customer Content,” i.e. Ferman’s policies, tests on those policies, and personally identifiable results and history of those tests, as presented on Compli’s system, could also be presented on Mosaic’s system. Despite defendants’ characterization of their access to the Compli-Ferman website as a benign effort to determine whether Ferman’s information could be presented on 7 Thoefel v. Farey-Jones, 359 F3d 1066, 1078 (9th Cir 2004), relied on by defendants, does not incorporate a requirement that the plaintiff prove “use” of any information obtained in order to prevail under 18 USC § 1030(a)(2). Moreover, even were such “use” required, at best this record reveals a factual dispute over defendants’ “use” of information obtained during their access to the Compli-Ferman website. 15 - FINDINGS AND RECOMMENDATIONS Mosaic’s system and not to obtain any information, Compli has submitted sufficient evidence to create a genuine issue of material fact on that issue. Bohnenstiehl obtained access to and evaluated the operation of Compli’s system on the Compli-Ferman website in an effort to match the functionality of Compli’s system. Bohnenstiehl Depo., pp. 45, 62. Bohnenstiehl’s access to the Compli-Ferman website contained none of the same limitations in duration or scope or oversight by Compli personnel normally imposed on demonstrations or presentations given by Compli to its prospective customers. See, e.g., Leneve Decl., ¶ 9. Through their unauthorized access, defendants were able to obtain information on the content and work flow of the Compli system, which defendants were attempting to replicate in the Mosaic system. White Depo, pp. 53-57. Here, the testimony allows the reasonable inference that defendants obtained valuable information through access to the Compli-Ferman website which allowed Mosaic to avoid steps in its development process, shorten its time to market, reduce production costs, and enjoy a range of other benefits that – absent the unauthorized access – would have been unavailable to defendants. See, e.g., Ganther Depo., pp. 200, 213; Nelson Decl, ¶¶ 5, 7-8. At best, the record reveals a factual dispute as to whether Mosaic’s DCMS includes many of the same or similar features and functions as were present on Compli’s DCMS at the time of defendants’ unauthorized access. Nelson Decl., ¶ 32; Young Aff., ¶¶ 4, 6. Defendants also assert that no one from Mosaic saw the Compli-Ferman Agreement until the filing of this case, so they were unaware that access by Intelladon to the Compli-Ferman website was unauthorized. Defendants point out that they never attempted to disguise their identities when logging on to the Compli-Ferman website, and contend that it is common 16 - FINDINGS AND RECOMMENDATIONS practice for a software development company such as Intelladon to look at a client’s current software provider’s system in order to see whether the proposed system will meet the client’s needs. However, the Compli-Ferman website required an access code which Ferman paid substantial fees to obtain. Additionally, evidence in the record suggests that defendants endeavored to “string” Compli along while accessing the Compli-Ferman website and significantly altering the development of the competing product. This evidence lends credence to Compli’s contention that defendants’ protestations of innocent access are unfounded. At best, defendants’ denials present factual issues that are not amenable to summary judgment on the present record. Thus, summary judgment should be denied as to a violation of 18 USC § 1030(a)(2)(C). B. § 1030(a)(4) Violation A violation of 18 USC § 1030(a)(4) is established when a person “knowingly and with intent to defraud, accesses a protected computer without authorization or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period.” Defendants argue that Compli is unable to show that defendants obtained “anything of value” or had an “intent to defraud.” Both arguments must be rejected. Citing P.C. Yonkers v. Celebrations Superstore, 428 F3d 504, 509 (3rd Cir 2005), defendants argue that no inference of “intent to defraud” and obtaining “anything of value” can be drawn from the mere fact of unauthorized access. “That information was taken does not flow logically from mere access. Access could be accidental, and, even if access were purposeful and 17 - FINDINGS AND RECOMMENDATIONS unauthorized, information could be viewed but not used or taken. Furthermore, without a showing of some taking, or use, of information, it is difficult to prove intent to defraud. . . ” Id. In particular, defendants contend that Compli cannot show that they obtained anything from their unauthorized access because there is no evidence that discrete information was copied from the Compli website. However, P.C. Yonkers presents a substantially different posture to this case and is not fatal to Compli’s claim under 18 USC § 1030(a)(4). In P.C. Yonkers, the plaintiff had no evidence to prove intent other than unauthorized access. Here, in contrast, Compli has submitted evidence that supports an inference of an intent to defraud. First, Compli points to Brakeman’s email of February 6, 2007, stating his belief that he could not delay Compli any further on Ferman’s license renewal without having service terminated. Brakeman Depo., Ex. 41. Contrary to defendants’ interpretation of that email, i.e. that Ferman was only trying to decide whether to renew the License Agreement, a jury could reasonably infer from its content and timing that Ferman intended to “string” Compli along in order to allow Mosaic additional time to build a competing system. Such an inference is sufficient to prove a fraudulent intent when Intelladon accessed Compli’s system as part of its development of a competing system. In addition, a fact issue exists as to whether “anything of value” was obtained. Intelladon’s idea evolved dramatically during the months it had unauthorized access to Compli’s system, changing from an F&I video training system to a system including “Compli-like functions” which would give it a “sizzle factor” based on how Compli’s system operates. Nelson Decl., Exs 2 & 16. While defendants contend that their use of Compli’s system was minimal (about 18 hours by their calculation), they would not have been able to use Compli’s system at all but for the Compli-Ferman Agreement which cost about $40,000.00. Viewed in its 18 - FINDINGS AND RECOMMENDATIONS entirety, the evidence permits the inference that defendants’ undisclosed intent (despite their asserted intent to merely determine whether Ferman’s information could be displayed on Mosaic’s system) was to copy the features and functions of the Compli system. Because this court must view the record in the favor of the non-movant, it must view this evidence in Compli’s favor. Thus, summary judgment should be denied as to an alleged violation of 18 USC § 1030(a)(4). C. § 1030(a)(5) Violation A violation of 18 USC § 1030(a)(5)(A) is established when a person “intentionally accesses a protected computer without authorization, and as a result of such conduct” either “recklessly causes damage” (under clause (ii)) or “causes damage” (under clause (iii)) and, as a result, causes a “loss . . . during any 1-year period . . . aggregating at least $5,000 in value.” The term “‘damage’ means any impairment to the integrity or availability of data, a program, a system, or information.” 18 USC § 1030(e)(8). Defendants contend that Compli has failed to plead or prove that their conduct caused “damage” because Compli relies exclusively on an alleged misappropriation of trade secrets to support its claim. Compli responds that it was damaged in two ways: (1) by losing license fees, sales, and renewals, and (2) by damaging the integrity of the compliance data and resulting reports on its system. Compli alleges that defendants “analyzed, copied and implemented aspects” of Compli’s system by logging on to Compli’s system, reviewing and signing various policies, and completing a number of training modules. First Amended Complaint, ¶¶ 21-24. Following up on that allegation, Compli now contends that, during their unauthorized access, defendants “manipulated the assessments, causing [Compli’s] system to “register that multiple assessments were taken and failed [which] activity became part of the data stored on the Compli 19 - FINDINGS AND RECOMMENDATIONS system.” Feingold Decl., ¶ 7. Defendants contend that these arguments are insufficient for a viable claim under § 1030(a)(5)(A)(ii) or (iii). This court agrees. Only a handful of cases specifically discuss the “damage” requirement as it pertains to claims under § 1030(a)(5)(A)(ii) or(iii).8 Between 2000 and 2004, several courts concluded – with little or no analysis – that the copying and use of data can constitute an “impairment to the integrity” of the data.9 However, more recent cases have rejected that conclusion and instead determined that causing “damage” requires more than “the mere unauthorized copying, downloading, or emailing of confidential or proprietary information.” Condux Int’l, Inc. v. Haugum, 2008 WL 5244818 *7 (D Minn Dec. 15, 2008) (citing cases). Rather, “‘damage’ . . . requires some ‘diminution in the completeness or useability of data or information on a computer system.’” Id at *8, quoting Resdev, LLC v. Lot Builders Ass’n, Inc., 2005 WL 1924743, *5 n3 (MD Fla Aug. 10, 2005). As was the court in Condux, this court is persuaded that, under the plain language of the statute, a showing of “damage” for purposes of claims under § 1030(a)(5) requires a showing of “some alteration of or diminution to the integrity, stability, or accessibility of the computer data itself.” Id at *8. Here, the issue is whether logging on, accessing, analyzing, copying, and implementing system features constitutes an impairment to the “integrity” of Compli’s data, programs, system, or information. This court concludes that it does not. 8 Several of the cases cited by the parties do not specifically discuss the “damage” requirement under either of those subsections. See, e.g., EF Cultural Travel BV v. Explorica, Inc., 274 F3d 577 (1st Cir 2001); HUB Group, Inc. v. Clancy, 2006 WL 208684 (ED Pa Jan. 25, 2006); Pac. Aerospace & Elecs., Inc. v. Taylor, 295 FSupp2d 1188 (ED Wash 2003). 9 See George S. May Int’l Co. v. Hostetler, 2004 WL 1197395, **3-4 (ND Ill May 28, 2004) (infringement of copyrighted material could qualify as impairment of the integrity of the copyrighted information); I.M.S. Inquiry Mgmt Systems, Ltd. v. Berkshire Info. Systems, Inc., 307 F Supp2d 521, 525 (SDNY 2004) (copying of report formats to assist in the creation of a competing system sufficient to allege harm to integrity of data and system and avoid dismissal of § 1030(a)(5)(A)(iii) claim); Shurgard Storage Centers, Inc. v. Safeguard Self Storage, Inc., 119 F Supp2d 1121, 1126 (WD Wash 2000) (access and disclosure of trade secrets by means of emailing confidential business and expansion plans to competitor sufficient to allege impairment to integrity of data and avoid dismissal of § 1030(a)(5)(C) claim). 20 - FINDINGS AND RECOMMENDATIONS Compli alleges no alteration to its system or programs. Instead, it alleges that by logging on and accessing the Compli-Ferman website, then reviewing and signing various policies and completing (and failing) multiple training modules, defendants’ unauthorized conduct caused Compli’s system to store inaccurate data in the Compli-Ferman account. To the degree that defendants logged on, reviewed and signed policies, and completed (and failed) training modules in sham “employee” transmissions, defendants added inaccurate data to the Compli-Ferman website. Compli argues that this impaired its ability to provide accurate reports to Ferman, i.e. reports based on activities by actual Ferman employees rather than unauthorized users posing as Ferman employees in sham transmissions. However, that does not constitute “damage” to Compli’s data or information as contemplated by the recent cases interpreting this statutory term. The data generated by the unauthorized access was indeed inaccurate in the sense that the policies were not in fact signed and the training modules were not in fact completed by actual Ferman employees. However, the record does not support the conclusion that this additional (inaccurate) data altered or diminished the integrity, stability, or accessibility of the (accurate) data concerning actual Ferman employees which existed on the Compli-Ferman website prior to defendants’ unauthorized access. Compli’s case is premised on the theory that Ferman jumped ship from being a loyal Compli customer to engaging in concerted efforts to steal Compli’s trade secrets and use them to develop a competing product. Under that theory, Ferman (who gave the unauthorized access to Intelladon) no longer had any interest in ensuring that the data stored on the Compli-Ferman website contained no sham employee transmissions or in ensuring that any reports generated contained no such data. Thus, defendants should be granted summary judgment against Compli’s claims under § 1030(a)(5)(A)(ii) and (iii). /// 21 - FINDINGS AND RECOMMENDATIONS II. Trade Secret Misappropriation (Second Claim) A. Legal Standard The Second Claim alleges a violation of OUTSA, ORS 646.461-.475. To establish this claim, Compli must demonstrate that: (1) the subject of the claim qualifies as a statutory trade secret; (2) Compli employed reasonable measures to maintain the secrecy of its trade secret; and (3) the conduct of the defendants constitutes statutory misappropriation. Acrymed, Inc. v. Convatec, 317 F Supp2d 1204, 1217 (D Or 2004) (citation omitted). Defendants contend that: (1) Compli’s system features, organization, and design are not protected as trade secrets, and even if they were, Compli did not employ reasonable measures to maintain its secrecy; (2) the information viewed by Mosaic was not confidential under the Compli-Ferman Agreement; and (3) defendants did not misappropriate Compli’s online information. B. Existence of Trade Secret Defendants first contend that Compli cannot establish a claim under OUTSA because it has no protected trade secret. In particular, they argue that Compli’s system is comprised of publicly available software and contains numerous common software features grouped together on one website and that Compli publicly disclosed the nature and content of its system in a demo CD released without confidentiality restrictions. In response, Compli contends that, even if it uses publicly available software, its compilation and arrangement of that software can be a trade secret if it has economic value. Compli contends that its system had economic value from not being generally known and that it employed reasonable efforts to maintain the secrecy of its DCMS. This court agrees with Compli. OUTSA specifically provides that a “formula, pattern, compilation, program, device, method, technique, or process” that derives independent economic value from not being 22 - FINDINGS AND RECOMMENDATIONS generally known to the public and is the subject of reasonable efforts to maintain its secrecy can constitute a trade secret. ORS 646.461(4) (emphasis added). This definition is broad enough to protect Compli’s interest in its DCMS which consists of a compilation of compliance content such as training, employment practices content, and other content and training tailored to the needs of automobile dealers. See Integrated Cash Mgmt. Servs., Inc. v. Digital Transactions, Inc., 920 F2d 171, 174 (2nd Cir 1990) (protection afforded to the “manner in which [plaintiff’s] generic utility programs interact” based on secrecy of the “architecture of [plaintiff’s] product, or the ‘way in which [plaintiff’s] various components fit together as building blocks in order to form the unique whole.’”); Enterprise Leasing Co. of Phoenix v. Ehmkek, 197 Ariz 144, 149, 3 P3d 1064, 1069-70 (2000) (expansive definition of trade secret “may include a grouping in which the components are in the public domain but there has been accomplished an effective, successful and valuable integration of these public elements such that the owner derives a competitive advantage from it”); Essex Group, Inc. v. Southwire Co., 269 Ga 553, 555-56, 501 SE 2d 501, 503-04 (1998) (rejecting “the position that information is not protectable as a trade secret merely because it may be independently discovered or ascertained by others” and finding trade secret information “protectable until it has been acquired by others by proper means”); Woo v. Fireman’s Fund Ins. Co., 137 Wash App 480 487-88 154 P3d 236, 240 (“the use of commonly available materials in an innovative way can qualify as a trade secret, and the proponent of a trade secret need not prove that every element of an information compilation is unavailable elsewhere”) (internal quote marks and citation omitted), rev’d in part on other grounds, 161 Wash2d 43, 164 P3d 454 (2007). Defendants contend that the information compiled on Compli’s DCMS is analogous to the marketing information compiled by a former employee in Western Med. Consultants, Inc. v. Johnson, 80 F3d 1331 (9th Cir 1996). However, Compli has submitted evidence that its DCMS 23 - FINDINGS AND RECOMMENDATIONS is a custom-designed application, including a unique user work flow and interface, and that the interrelated features and functionality are exclusive to its DCMS. Miller Decl., ¶ 3; Nelson Decl., ¶ 5(g). This is sufficient to show that this case stands on different ground than Western Medical Consultants, in which the plaintiff had compiled customer lists for the opening of a business similar to that of her former employer from the same set of generally known and accessible sources such as yellow pages, industry publications, and the like. With regard to whether the unique features of Compli’s DCMS has any actual or potential economic value, Compli has spent over $3 million developing and improving its DCMS, selecting, arranging, and customizing publicly available software and hardware into a unique system. Compli’s customers pay thousands of dollars in license fees in order to access and use the Compli DCMS by means of a login and password, including Ferman who paid nearly $40,000.00 for such access. This is sufficient to establish “actual or potential” independent economic value of the information (compilation) so as to fit within ORS 646.461(4)(a). This leaves only defendants’ argument that Compli’s efforts to maintain the secrecy of the information were insufficient. Prior to July 2007, Compli did not require anyone, including prospective customers, to sign a confidentiality agreement before viewing its demo CD for its website. Compli also presented a demo CD without confidentiality restrictions at national auto dealer conferences around the country. As a result, defendants argue that Compli is precluded from establishing that its efforts to maintain the secrecy of its alleged trade secrets were “reasonable under the circumstances.” ORS 646.461(4)(b). This inquiry is a highly fact-specific one, requiring the owner of the alleged trade secret to “take reasonable, though not overly extravagant, measures to protect its secrecy.” Zemco Mfg., Inc. v. Navistar Int’l Transp. Corp., 759 NE2d 239, 246 (Ind App Nov 29, 2001) (citations omitted); see also Elm City Cheese Co. v. Federico, 251 Conn 59, 80, 752 A2d 1037, 1050 24 - FINDINGS AND RECOMMENDATIONS (1999). Such measures might include requiring employees to sign confidentiality agreements or otherwise making them aware of the confidential nature of the process, posting warning or cautionary signs or placing warnings on documents, requiring visitors to sign confidentiality agreements, sign in, and shielding the process from their view, segregating information, using unnamed or code-named ingredients, and keeping secret documents under lock and key. Zemco, 759 NE 2d at 246. This court need not belabor this issue, except to note that Compli has submitted sufficient evidence that it took reasonable steps to maintain secrecy in order to avoid summary judgment. That evidence indicates that Compli limited the information on its demo CD to screen shots and provided only limited viewing of its system to potential clients and partners, while at the same time taking a variety of steps to maintain the secrecy of the features and functions of its DCMS, including having license agreements with customers and content partners and restrictions on access by employees and internal corporate safeguards. Leneve Decl., ¶¶ 9-13. This is confirmed by Intelladon’s need to access Compli’s system before completing development of its competing system. This evidence must be viewed in Compli’s favor and is sufficient at this juncture to preclude summary judgment on the basis of Compli’s alleged failure to reasonably maintain secrecy. Thus, defendants are not entitled to summary judgment against the Second Claim on the ground that Compli had no protected trade secret. Instead, this is a fact issue that must be resolved at trial. C. Whether Any Misappropriation Occurred Defendants also argue that they did not “misappropriate” any trade secrets, pointing to an alleged lack of similarity between Mosaic’s online system and Compli’s DCMS. This court does 25 - FINDINGS AND RECOMMENDATIONS not agree that defendants may obtain absolution simply by showing differences between the two systems. “Misappropriation” includes the improper acquisition, disclosure, or use of a trade secret. ORS 646.641(2) (emphasis added). “Use” is a broad concept, encompassing not only incorporation of confidential information into a competing product, but also the garnering of a strategic advantage. See Foster-Miller, Inc. v. Babcock & Wilcox Canada, 210 F3d 1, 12 (1st Cir 2000) (incorporation of information not required to show use where evidence indicated application of information in developing competing product). Compli has submitted sufficient evidence to create a fact issue as to whether Intelladon and Mosaic misappropriated certain features of Compli’s system. Nelson Decl., ¶¶ 5, 7-29. In sum, Compli has created fact issues not amenable to summary resolution on each issue raised by defendants on the claim for misappropriation of trade secrets. Accordingly, defendants’ request for summary judgment on the Second Claim should be denied. III. Breach of Contract (Count II, Third Claim) Compli seeks partial summary judgment on the issue of liability on Count II of the Third Claim (Breach of Contract). First Amended Complaint, ¶¶ 49-54. That claim alleges that Ferman breached the License Agreement by allowing Straske, Ganther, and others to access the Compli-Ferman website without authorization or for an unauthorized purpose and by failing to notify Compli of the unauthorized use. In response, Ferman denies that it allowed access to Compli’s system for any unauthorized purpose, asserting that the only purpose of allowing Intelladon to access Compli’s web site was to determine whether Ferman’s content (including Ferman’s policies, assessments on those policies, and employee history) could be presented on Intelladon’s system. Furthermore, Ferman contends that neither Straske, nor anyone else at Ferman of whom Straske is aware, authorized any Ferman, Intelladon, or Mosaic employee to 26 - FINDINGS AND RECOMMENDATIONS use or copy any content, feature, or function of Compli’s online system viewed during any access to Compli’s system by Ganther or Intelladon. Ferman’s responses to Compli’s motion are entirely irrelevant. The License Agreement permitted Ferman to allow access to the Compli system only by authorized users (which included only Ferman employees) and only for Ferman’s internal compliance needs. Ferman admits that it allowed unauthorized third parties to access Compli’s DCMS on multiple occasions through several different logins and then failed to notify Compli of the access, despite the terms of the License Agreement which required Ferman to do so. Ferman’s Response to Compli’s Concise Statement of Material Facts (docket #155), ¶¶ 7-8, 12-13. Based on these admissions, Compli is entitled to summary judgment on the issue of liability on Count II of the Third Claim for Breach of Contract. IV. Tort Claims (Fourth, Fifth, and Sixth Claims) A. Whether OUTSA Supersedes the Tortious Interference and Trespass Claims Defendants argue that the Fourth (Tortious Interference with Contract), Fifth (Tortious Interference with Prospective Business Relationships), and Sixth (Trespass) Claims are superseded by OUTSA. In response, Compli argues that defendants have not preserved this argument by failing to raise it as an affirmative defense, that several cases in this court preclude a finding that OUTSA usurps its tortious interference claims because those claims allege “additional element,” and that its trespass claim is not exclusively based on the misappropriation of trade secrets. This court concludes that Compli’s trespass claim may proceed, but that its claims for tortious interference are superseded by OUTSA. 1. Failure to Raise as an Affirmative Defense First, Compli argues that defendants are precluded from raising this argument because they did not allege it as an affirmative defense. Defendants disagree that preemption of 27 - FINDINGS AND RECOMMENDATIONS conflicting torts is an affirmative defense, pointing out that it is not listed in FRCP 8(c)(1) and that this court has characterized it instead as merely an “argument:” “If at some future time it becomes clear that ‘the essence’ of Plaintiffs’ tortious-interference claim ‘relates primarily to the alleged misappropriation of a trade secret,’ Defendants may raise their preemption argument again.” Precision Automation, Inc. v. Tech. Servs., Inc., 2007 WL 4480736 at *2 (D Or 2007). Even assuming that preemption by OUTSA is properly characterized as an affirmative defense, it may be raised by a defendant for the first time in a motion for summary judgment if the delay does not prejudice the plaintiff. Magana v. Commonwealth of the N. Mariana Islands, 107 F3d 1436, 1446 (9th Cir 1997) (citation omitted). Merely because an affirmative defense is untimely is insufficient to show prejudice where the affirmative defense would have been dispositive had it been timely alleged. Owens v. Kaiser Found. Health Plan, Inc., 244 F3d 708, 713 (9th Cir 2001) (citation omitted). Such is the case here. Accordingly, defendants are not precluded from raising the issue of preemption, whatever its proper characterization. 2. OUTSA’s Preemption Provision OUTSA, Oregon’s codification of the Uniform Trade Secrets Act (“UTSA”), “supersedes conflicting tort, restitution or other law of Oregon providing civil remedies for misappropriation of a trade secret.” ORS 646.473(1). However, this preemption provision does not apply to “(1) contractual remedies, whether or not based upon misappropriation of a trade secret, or (2) other civil remedies that are not based upon misappropriating of a trade secret.” ORS 646.473(2). Although the case law on this issue is sparse, the critical issue is crystal clear: “Where the essence of the claim relates primarily to the alleged misappropriation of a trade secret, the claim is displaced by the preemptive language of the [OUTSA].” Acrymed, Inc. v. Convatec, 317 F Supp2d 1204, 1217 (D Or 2004) (citation omitted). 28 - FINDINGS AND RECOMMENDATIONS OUTSA is to be “construed to effectuate [its] general purpose and to make uniform the law with respect to the [OUTSA] among states enacting [the UTSA].” ORS 646.475(1). UTSA in turn was intended to “‘create a more uniform business environment that created more certain standards for protection of commercially valuable information.’” Mortgage Specialists, Inc. v. Davey, 153 NH 764, 776, 904 A2d 652, 663 (2006), quoting Auto Channel, Inc. v. Speedvision Network, LLC, 144 F Supp2d 784, 789 (WD Ky 2001). In particular, the preemption provision “‘was meant to codify all the various common law remedies for theft of ideas.’” Id, quoting Thomas & Betts Corp. v. Panduit Corp., 108 F Supp2d 968, 971 (ND Ill 2000). Thus, the majority of courts that have considered the issue have concluded that their preemption provisions (identical to ORS 646.473) preempt “claims that are based upon the unauthorized use of information, regardless of whether that information meets the statutory definition of a trade secret.” Id at 664. A majority of courts have also concluded that determining whether a claim is preempted requires the court to “examine the facts alleged in support of each claim to determine the extent to which the claim is based upon the misappropriation of trade secrets or other information.” Id at 666. a. Tortious Interference Claims Compli makes two arguments why its tortious interference claims are not preempted. However, each of those arguments must be rejected because the type of interference alleged by Compli fits squarely within the reach of OUTSA. All of Compli’s claims are premised upon a single series of circumstances and events with its genesis in defendants’ unauthorized access to Compli’s DCMS and its culmination in either the unauthorized access itself or the acquisition or use of information garnered from that unauthorized access to develop, market, and sell a competing system. Specifically, Compli alleges that the Compli-Ferman Agreement required Ferman to limit access to Compli’s DCMS, 29 - FINDINGS AND RECOMMENDATIONS but that defendants gained unauthorized access through the use of logins and passwords provided by Ferman in violation of the Compli-Ferman Agreement and then used information gleaned from that improper access to develop a competing system, which was then advertised and sold to customers that might otherwise have used Compli’s DCMS. A claim for intentional interference, whether with business relations or with a contract, requires evidence of: (1) the existence of a professional or business relationship (which could include, e.g., a contract or a prospective economic advantage), (2) intentional interference with that relationship, (3) by a third party, (4) accomplished through improper means or for an improper purpose, (5) a causal effect between the interference and damage to the economic relationship, and (6) damages. McGanty v. Staudenraus, 320 Or 532, 535, 901 P2d 841, 844 (1995). Compli’s arguments against preemption center on the second and fourth elements requiring “intentional interference . . . accomplished through improper means.” First, Compli contends that its tortious interference claims may be proven by an “improper means” other than a misappropriation of trade secrets. Specifically, Compli alleges that defendants interfered with its contractual or business relationships by the improper means of gaining unauthorized access to its DCMS in violation of the CFAA. First Amended Complaint, ¶¶ 67, 72. Compli contends that it can show a violation of the CFAA without establishing that defendants used its trade secrets, which is an “improper means” not based upon misappropriation of a trade secret. However, that argument ignores the necessary causal relationship between the second and fourth elements of a tortious interference claim: “[A] plaintiff claiming intentional interference with economic relations must prove intentional interference with a business relationship with a third party that is ‘accomplished through improper means[.]’ The words ‘accomplished through’ indicate the necessity of a direct connection between the ‘interference’ and the ‘improper means.” Douglas Med. Center, LLC v. Mercy Med. Center, 203 Or App 619, 30 - FINDINGS AND RECOMMENDATIONS 636, 125 P3d 1281, 1290 (2006) (emphasis in original), quoting McGanty, 321 Or at 535, 901 P2d at 844. A claim for violation of the CFAA may theoretically be based on accessing a protected computer and causing “damage” without misappropriating information.10 Similarly, a claim for trespass need not involve any misappropriation of information. However, Compli has not alleged or submitted evidence that defendants “interfered” with its contract with Ferman, potential customers or business partners in any way that is unconnected with the unauthorized use of its confidential and proprietary information. Instead, the “interference” alleged by Compli is that defendants “used the Compli system as a source of material and information for the development of the Moasic [DCMS],” which Mosaic then advertised and marketed to Compli’s customers and prospective customers. First Amended Complaint, ¶ 28. In short, Compli’s tortious interference claims relate primarily to and rely on the alleged misappropriation of its confidential and proprietary information. Compli may be able to establish that some of defendants’ actions might provide a basis for tort or statutory claims which arguably could constitute an “improper means.” However, such proof does not avoid OUTSA’s preemption provision where those statutory or tort claims are entirely unconnected to the “interference” that forms the basis of Compli’s tortious interference claim. The fact that the interference alleged by Compli is inseparable from defendants’ alleged unauthorized use of Compli’s confidential and proprietary information also sounds the death knell for Compli’s other argument against preemption. Compli also argues that its tortious interference claims alleges an additional element beyond those required to establish an OUTSA violation. This alleged additional element is the second element of the tortious interference claims, which requires a showing of intentional interference with the contractual or prospective business relationship. Compli cites two cases previously decided by this court denying motions 10 As discussed above, that theory does not work in this case. 31 - FINDINGS AND RECOMMENDATIONS to dismiss tortious interference claims based on preemption by OUTSA because they allege the additional element of the interference itself. In Vigilante.com, Inc. v. Argus Test.com, Inc., 2005 WL 2218405 (D Or, Sept. 6, 2005), the plaintiff, a seller of software that diagnosed and corrected security vulnerabilities within computer networks, alleged 20 claims against 12 defendants for conspiring to steal its products, services and customer relationships. One of those claims alleged tortious interference with economic relations. Judge Mosman held that the claim was not superseded by OUTSA, explaining: “Simply put, OUTSA does not require the elements at the heart of a tortious interference claim – namely, intentional interference with a business relationship. While the alleged misappropriation of Vigilante’s software and database overlaps with an OUTSA claim, this claim is not superseded by OUTSA as a ‘conflicting tort.’” Id at *14. Unfortunately, no further analysis was made. At the same time, the court dismissed as preempted an unfair competition claim on the ground that it alleged “extra elements not required for an OUTSA action,” rejecting the plaintiff’s argument that it had alleged the “extra element” of “use of [its] trade secrets to steal its customers, distributors and employees.” Id at *13. The court explained that “[t]his allegation is clearly encompassed by OUTSA’s broad prohibition of any ‘improper acquisition, disclosure or use of a trade secret.’” Id, quoting ORS 646.461(1). It is unclear to this court why the same broad prohibition of ORS 646.461(1) would not encompass the element of “intentional interference with a business relationship,” at least insofar as the interference is premised upon the “use of a trade secret.” Thus, Vigilante is not persuasive insofar as Compli cites it as a basis to flatly reject preemption of tortious interference claims. More recently in Precision Automation, Inc. v. Technical Servs., 2007 WL 4480736 (D Or, Dec. 14, 2007), Judge Brown also declined to dismiss a tortious interference with business relations claim as superseded by the OUTSA. The court noted “numerous ways in 32 - FINDINGS AND RECOMMENDATIONS which a defendant may interfere with contracts between a plaintiff and its customers for improper purposes or improper means that do not rely on that defendant misappropriating trade secrets,” and found that the claim as pled “is not dependent on allegations of misappropriated trade secrets.” Id at * 2. In that case, defendants hired an individual who was the former National Sales Manager of the sole licensee of plaintiff’s three patents. Plaintiffs alleged that the hiring of that individual “coupled with [Defendants’] conspiracy to use plaintiffs’ trade secrets to mimic product designs and business plans of the plaintiff” constituted unfair competition, a violation of the OUTSA, and tortious interference with its business relationships. The court disagreed that the tortious interference claim was preempted, noting that, as pled, “the claim is not dependent on allegations of misappropriated trade secrets,” but left the door open to defendants raising the preemption argument again if “at some future time it becomes clear that ‘the essence’ of Plaintiffs’ tortious interference claim ‘relates primarily to the alleged misappropriation of a trade secret.’” Id at *2. Thus, absent the allegation concerning the hiring of an individual which clearly does not constitute misappropriation of a trade secret, the claim may well be preempted. Unlike those cases assuming allegations to be true for purposes of motions to dismiss, here the parties have submitted facts to flesh out their allegations. Based on the factual record in this case, this court concludes that Compli’s tortious interference claims do relate primarily to the alleged misappropriation of its trade secrets. The heart of the Fourth and Fifth Claims is that, as a result of defendants’ interference, Ferman terminated its contract with Compli, and Compli lost prospective business with auto sales companies and potential relationships with partners in the automobile sales industry. First Amended Complaint, ¶¶ 69, 73. A searching review of the pleadings and the record indicates that defendants’ ability to “interfere” is inextricably tied to their alleged acts of developing, advertising, and selling a competing DCMS, which in turn are 33 - FINDINGS AND RECOMMENDATIONS inextricably tied to their acts of accessing and using Compli’s confidential and proprietary information. In sum, the “interference” alleged by Compli goes hand-in-hand with defendants’ alleged misappropriation of trade secrets or other information and, therefore, is within the broad scope of the OUTSA’s preemption provision. Accordingly, defendants’ request for summary judgment against the Fourth and Fifth Claims should be granted. 3. Trespass Claim Defendants also argue that Compli’s claim for trespass is preempted by OUTSA. “‘In actions for trespass to personal property the gist of the action is the disturbance of the plaintiff’s possession.’” Huffman and Wright Logging Co. v. Wade, 317 Or 445, 456, 857 P2d 101, 110 (1993), quoting Swank v. Elwert, 55 Or 487, 496, 105 P 901, 905 (1910). Unlike the claims for tortious interference, the trespass claim is not dependent upon allegations of interference with its business relationships with third parties. Instead, it is premised upon defendants’ interference with Compli’s use or possession of its DCMS which damaged Compli’s rights to dominion and control over its property, damaged the confidential and copyrighted nature of Compli’s DCMS, and deprived Compli of the intended use of its property. First Amended Complaint, ¶¶ 79-80. While Compli alleges that defendants’ intended purpose was to misappropriate its proprietary, copyrighted and trade secret information (id, ¶ 79), that allegation is not necessary to prove disturbance to Compli’s right to possession and control over the use of its DCMS. Accordingly, Compli’s tresspass claim is “not based upon misappropriation of a trade secret” and is protected from the wide swath of the OUTSA’s preemption provision. B. Merits of the Trespass Claim (Sixth Claim) Finally, defendants argue that they are entitled to summary judgment on the trespass claim because they did not interfere with Compli’s use or possession of its DCMS or any of the 34 - FINDINGS AND RECOMMENDATIONS information available on the DCMS. Moreover, defendants contend that Compli has failed to show how the value of its website was diminished by their conduct. Compli responds that it injury flows from defendants’ act of using its DCMS without authorization and without paying for the use. This court agrees with Compli. The case on which defendants rely found that a claim for trespass to chattels could not proceed if the “only damage claimed is emotional.” Morrow v. First Interstate Bank of Oregon, N.A., 118 Or App 164, 168, 847 P2d 411, 413 (1993) (emphasis in original). In Morrow, the plaintiff, an attorney, attempted to cash a cashier’s check payable to the court which he contended had not been used for bail and which his client had given him for payment of attorney fees. He handed the check to a bank teller, who then refused to return the check to him while investigating how to handle the situation. The plaintiff eventually grabbed the check back away from bank personnel and sued for trespass to chattels. However, the plaintiff “did not seek to recover damages for loss of possession of the check or for nominal damages,” instead opting to plead only emotional damages. In contrast to Morrow, Compli does not plead only emotional damages, but instead seeks “any and all damages sustained as a result of [defendants’] trespass,” including punitive damages. First Amended Complaint, ¶¶ 81-82. Moreover, Compli alleges the requisite interference with use and possession of its website, contending that defendants’ use was unauthorized and for the wrongful purpose of misappropriating Compli’s proprietary, copyrighted, and trade secret information. Id, ¶¶ 78-79. Defendants’ denials that they did not interfere with Compli’s use or possession and that their use did not diminish the value of Compli’s website merely present a factual dispute that must be resolved at trial. Accordingly, defendants’ request for summary judgment against the Sixth Claim should be denied. /// 35 - FINDINGS AND RECOMMENDATIONS /// RECOMMENDATIONS Plaintiff’s Motion for Partial Summary Judgment (docket #135) should be GRANTED on the issue of liability on Count II of the Third Claim (Breach of Contract). Defendants’ Motion for Partial Summary Judgment (docket #133) should be GRANTED in part as to: (1) the First Claim for a violation of 18 USC § 1030(a)(5)(A) (First Amended Complaint, ¶ 32); (2) the Fourth Claim for tortious interference with contract (id, ¶¶ 66-70); and (3) the Fifth Claim for tortious interference with prospective business relationships (id, ¶¶ 7175), and should be DENIED in all other respects. As a result, the claims left for trial are: (1) First Claim for violations of 18 USC § 1030(a)(2)(C) & (a)(4) against all defendants; (2) Second Claim for misappropriation of trade secrets in violation of the OUTSA against all defendants; (3) Third Claim for breach of contract against Ferman, with damages only on Count II; and (4) Sixth Claim for trespass against all defendants. SCHEDULING ORDER Objections to these Findings and Recommendations, if any, are due May 22, 2009. If no objections are filed, then the Findings and Recommendations will be referred to a district judge and go under advisement on that date. If objections are filed, then a response is due within 10 days after being served with a copy of the objections. When the response is due or filed, whichever date is earlier, the Findings and Recommendations will be referred to a district judge and go under advisement. DATED this 5th day of May, 2009. s/ Janice M. Stewart_____________ 36 - FINDINGS AND RECOMMENDATIONS Janice M. Stewart United States Magistrate Judge 37 - FINDINGS AND RECOMMENDATIONS
]]>
Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You
should read the full case before relying on it for legal research purposes.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.
