Philips Medical Systems Nederland B.V. et al v. TEC Holdings, Inc. et al, No. 3:2020cv00021 - Document 637 (W.D.N.C. 2023)

Court Description: ORDER granting in part and denying in part 379 Motion for Partial Summary Judgment; denying 383 Motion for Summary Judgment. This action shall proceed to trial. Signed by District Judge Max O. Cogburn, Jr on 1/17/2023. (ams)

Download PDF
Philips Medical Systems Nederland B.V. et al v. TEC Holdings, Inc. et al Doc. 637 UNITED STATES DISTRICT COURT WESTERN DISTRICT OF NORTH CAROLINA CHARLOTTE DIVISION 3:20-cv-21-MOC-DSC PHILIPS MEDICAL SYSTEMS NEDERLAND B.V., ET AL., ) ) ) Plaintiffs, ) ) vs. ) ) TEC HOLDINGS, INC., ) ) ) Defendant. ) __________________________________________) ORDER THIS MATTER is before the Court on a Motion for Partial Summary Judgment, (Doc. No. 379), filed by Plaintiff Philips Medical Systems (“Plaintiff” or “Philips”), and on a Motion for Summary Judgment, filed by Defendants TEC Holdings, Inc., Transtate Equipment Company, Inc., and Robert A. Wheeler. (Doc. No. 383). For the following reasons the motions are granted in part and denied in part. Plaintiff Philips North America LLC1 develops and sells medical imaging systems to hospitals and other medical facilities and provides after-market service. Medical facilities may also hire independent service organizations (“ISOs”) to provide maintenance and support services necessary to maintain Philips’ systems, such as assembly, installation, adjustment, and testing (“AIAT”) procedures. 1 Plaintiff Phillips refers to six named Plaintiff entities in this matter, all of which are collectively in the business of inter alia developing, manufacturing, selling, supporting, maintaining, and servicing medical imaging systems, including the proprietary hardware and software and related trade secrets necessary to operate, service, and repair such systems. 1 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 1 of 34 Plaintiff has named the following as Defendants in the Second Amended Complaint: TEC Holdings, Inc., formerly known as Transtate Equipment Company, Inc. (“Transtate I”), Transtate Equipment Company, Inc., formerly known as Transtate Holdings, Inc. (“Transtate II”) (collectively, “Transtate”), and Robert A. (“Andy”) Wheeler, individually and in his capacity as executor and personal representative of the Estate of Daniel Wheeler (“the Estate”) (Andy Wheeler and the Estate are referred to collectively as “the Wheelers”). According to the Second Amended Complaint, as ISOs, Transtate I provided and Transtate II provides maintenance and support services for Plaintiff’s medical systems. Several current Transtate II employees in service specialists, service technicians, or similar positions, were previously employed by Transtate I, and before that employed by Philips North America LLC. According to Plaintiff, Plaintiff’s medical imaging systems include Plaintiff’s copyrighted and proprietary intellectual property, and proprietary trade secrets, in the form of, among other things, proprietary software that Plaintiff’s technicians use to service the medical imaging systems. Plaintiff restricts access to its proprietary software to authorized individuals by installing proprietary access controls on the medical imaging systems. Plaintiff alleges that: Transtate I has used, and Transtate II continues to use, misappropriated trade secret information from Plaintiff to circumvent the access controls on Plaintiff’s medical imaging systems to gain unauthorized access to proprietary and copyrighted software; Transtate has also made unauthorized copies of Plaintiff’s standalone service software, circumvented access controls on the standalone software, and made unauthorized use of such software; Transtate has decrypted and made unauthorized copies of Plaintiff’s copyrighted service documentation; and Transtate has used their unauthorized access to make copies of Plaintiff’s proprietary software and copyrighted documents to unfairly compete against Plaintiff. 2 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 2 of 34 Plaintiff brings the following claims against the Defendant ISOs and their employees: violations of the Computer Fraud and Abuse Act, (“CFAA”), 18 U.S.C. § 1030; violations of the Digital Millennium Copyright Act (“DMCA”), 17 U.S.C. § 1201; violations of the Defend Trade Secrets Act (“DTSA”), 18 U.S.C. § 1836; Misappropriation of Trade Secrets and violation of the Georgia Trade Secrets Act (“GTSA”), O.C.G.A. § 10-1-760 et seq.; copyright infringement under the Copyright Act, 17 U.S.C. § 101 et seq.; and tortious inference with contractual relations.2 In its own motion for partial summary judgment, Plaintiff Philips seeks summary judgment on its claims under the Digital Millennium Copyright Act (“DMCA”) and Computer Fraud and Abuse Act (“CFAA”); on the 27th and 28th defenses of Defendants TEC and Transtate, and the 6th and 15th defenses of Defendant Robert A. Wheeler (collectively, the “AIAT Defenses”); on Defendants’ antitrust counterclaims for monopolization, attempted monopolization violations, and violation of the North Carolina Unfair and Deceptive Trade Practices Act (“NCUDTPA”) (collectively, the “Antitrust Counterclaims”); and on Defendants’ claims for tortious interference with contractual relations and prospective economic advantage. Defendants have brought the following counterclaims against Philips: violations of antitrust provisions under the Sherman Act, violation of the North Carolina Unfair and Deceptive To the extent the Court has dismissed portions of Plaintiff’s Copyright Act and other claims, those claims are no longer before the Court. See (Doc. No. 42). Moreover, on September 24, 2021, the parties stipulated and agreed that (1) Plaintiffs’ claims for violations of 17 U.S.C. § 1202 of the Digital Millennium Copyright Act (“DMCA”) and for violations of 18 U.S.C. § 1030(a)(6) of the Computer Fraud and Abuse Act (“CFAA”), as set forth in Plaintiffs’ Second Amended Complaint (Doc. No. 139), and (2) Defendant TEC Holdings, Inc.’s claims for Tortious Interference with Contract, as set forth in TEC Holdings, Inc.’s Answer, Defenses, and Counterclaims to Plaintiffs’ Second Amended Complaint (Doc. No. 275), were voluntarily dismissed without prejudice pursuant to Federal Rule of Civil Procedure 41(a)(1)(A)(ii), with each side to bear its own fees and costs. (Doc. No. 405). 2 3 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 3 of 34 Trade Practices Act, N.C. GEN. STAT. § 75.1.1 et seq., and a claim for tortious interference under North Carolina common law. In support of its counterclaims, Defendants contend, among other things, that Plaintiff takes anti-competitive measures against Defendants and other ISOs which ultimately hurt consumers, specifically medical patients. According to Defendants, Plaintiff’s anti-competitive measures include charging service prices that are significantly higher than those charged by ISOs, controlling the parts market, interfering with third-party repairs, preventing ISOs such as Defendants from accessing certain security levels necessary to properly service Plaintiff’s machines, and disparaging Defendants and other ISOs to the public. According to Defendants, this conduct in the aggregate amounts to “anticompetitive intent.” In their summary judgment motion, Defendants moved for summary judgment on all of Plaintiff’s claims. The Court held a hearing on the motions on November 15, 2021. Thereafter, this action and all related actions were stayed on December 10, 2021, pending the FDA’s ruling on an FDA Trade Complaint filed by Defendant Transtate. (Doc. No. 595). On March 10, 2022, the parties filed a joint status report, indicating that there had been no change in the status of Defendant’s FDA Trade Complaint, and the parties agreed that the cases should proceed. The Court therefore lifted the stay on until June 15, 2022. (Doc. No. 618). On August 15, 2022, the Court held a status on conference, in which the parties discussed, in part, a pending motion to withdraw as counsel, filed by the law firm of Faegre, Drinker, Biddler & Reath, LLP. On September 13, 2022, the Court granted the motion to withdraw. (Doc. No. 631). For the following reasons, considering the applicable statutes, and the facts as articulated by both parties, the Court finds that Plaintiff is entitled to summary judgment as to its DMCA and CFAA claims. However, genuine disputes of material fact prevent this Court from granting 4 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 4 of 34 summary judgment as to any other claims at this time. Furthermore, the issue of damages as to the DMCA and CFAA claims is also an issue for trial. I. Plaintiff’s Facts and Evidence Presented on Summary Judgment Plaintiff Philips North America LLC3 makes and sells various medical imaging systems purchased by medical providers and healthcare facilities and provides after-market service.4 These include interventional X-ray systems (a.k.a. “cath labs”), such as Philips’ Allura and Azurion series.5 These complex medical systems comprise combinations of hardware and software.6 The healthcare facilities also hire independent service organizations (“ISOs”) to provide maintenance and support services necessary to maintain the systems, such as assembly, installation, adjustment, and testing (“AIAT”) procedures. Defendant Transtate is one of those ISOs. Philips services its systems during the warranty period, which is typically one year. 7 After that, the provider can maintain its medical systems in several ways: contracting with Philips, using its own in-house employees (“biomeds”), or hiring ISOs such as Defendants Transtate and TEC.8 Regardless of their employer, technicians who service Philips systems often must use software installed on the medical device itself and reference service manuals and other documents published by Philips to diagnose and service these systems. 3 Plaintiff Phillips refers to six named Plaintiff entities in this matter, all of which are collectively in the business of inter alia developing, manufacturing, selling, supporting, maintaining, and servicing medical imaging systems, including the proprietary hardware and software and related trade secrets necessary to operate, service, and repair such systems. 4 Ex. A (Riley Rpt.) ¶¶ 21–23; Doc. No. 384 (Def. MSJ), at 2 ¶ 1. 5 Doc. No. 274 ¶ 160; Doc. No. 384 (Def. MSJ), at 2 ¶ 1. 6 Ex. C (Fenn Rpt.) ¶ 38; Ex. D (Dickson 12/31 Tr.), at 29:8–30:25, 194:7–195:17; Ex. E (Suijs Tr.), at 27:2–28:8, 12:7–16; Ex. F (McAlpin Tr.) at 45:12–46:13. 7 Sec. Am. Compl. ¶ 49; Defs.’ Ans. ¶ 49; Ex. 2, 75:13–76:1. 8 Sec. Am. Compl. ¶ 49; Defs.’ Ans. ¶ 49; Ex. 2, 19:9–18. 5 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 5 of 34 A. Philips And Its Valuable Intellectual Property Philips has developed various Customer Service Intellectual Property (“CSIP”) software tools and documents to service and maintain its Allura systems. 9 These software programs and other materials provide advanced software tools and information for servicing, troubleshooting, and configuring Philips medical imaging systems. 10 Philips’ service software is solely for use by Philips and its authorized agents, and accordingly Philips’ restricts access to its service software.11 Philips authorizes individuals to have “levels” of CSIP access based on their role and contract terms.12 Philips places greater restrictions on Level 1 CSIP materials, which are available only to Philips’ employees and customers under contract (but not ISOs).13 Level 2 CSIP includes more advanced proprietary materials, such as higher-level service tools, Philips’ specialized knowledgebase of servicing know-how (“KNOVA”), and other proprietary materials reserved for Philips’ employees and specific trade partners under contract.14 9 Ex. C (Fenn Rpt.) ¶ 38; Ex. D (Dickson 12/31 Tr.), at 29:8–30:25, 194:7–195:17; Ex. E (Suijs Tr.), at 27:2–28:8, 12:7–16; Ex. F (McAlpin Tr.) at 45:12–46:13. 10 Ex. G (3d Rsp. Wheel. 1st Rog), at 5–6; Ex. D (Dickson 12/31 Tr.), at 30:5–34:23, 37:11– 40:6. 11 Ex. H (Philips Std. Terms), § 10. 12 Ex. I (Froman Tr.) 51:20–52:7; 53:11–54:7; Ex. J (Wheeler 5/13 Tr.), 17:17–20:2, 20:19– 20:22, 21:24–25; Ex. D (Dickson 12/31 Tr.), 29:8–34:23, 37:11–40:6, 176:1–10); (Ex. I (Froman Tr.), 53:11–16, 79:3–18, 91:11–25; Ex. J (Wheeler 5/13 Tr.) at 23:23–24:5; Ex. D (Dickson 12/31 Tr.), 31:12–16, 37:11–19). Level 0 CSIP materials are available generally upon request Upon request, Philips sends a local FSE to apply a service organization ID (SOID) to a device to enable such Level 0 access free of charge. (Ex. D (Dickson 5/31 Tr.) at 87:4–89:13. 13 Ex. I (Froman Tr.), 53:17–25; Ex. F (McAlpin Tr.), 172:7–174:20; Ex. K (Astrachan Tr.), 32:9–19, 66:14–25, 82:5–13; Ex. D (Dickson 12/31 Tr.), 31:12–24, 37:11–39:15). 14 These partners include the U.S. military and DOD, which are provided such access to allow servicing in war zones where Philips cannot go. (Ex. M (Philips Corp. Tr.), at 290:12–291:10, 305:6–309:15). (Ex. I (Froman Tr.) 54:1–7; Ex. D (Dickson 12/31 Tr.), 33:18–34:12, 61:23– 62:2; Ex. L (Orso Rpt.), ¶¶ 50–52, 279, 289. 6 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 6 of 34 Philips asserts that it owns the following nine trade secrets relating to its CSIP and other proprietary information, including: (1) secret information about protected security files on Philips Allura systems used to create Defendants’ FD Service program; (2) Philips’ Level 1 and higher CSIP software tools; (3) Philips’ Remote Services information and documents; (4) Philips’ Level 2 CSIP information and documents; (5) Philips’ KNOVA information and documents; (6) protected log files on Philips medical imaging systems; (7) Philips’ Common Analyzer Tool (CAT); (8) Philips’ Xper Management Tool (Xper Editor); and (9) detailed Philips’ customer information.15 Philips developed and owns copyrights for its CSIP software and has registered numerous versions.16 Those registrations include the major and semi-major versions of Allura software from 7.0 onward.17 Philips asserts that it has spent massive amounts of time, money, and effort to develop its CSIP.18 Philips maintains that a competitor that obtained Philips’ CSIP and related materials without incurring the costs to develop them would obtain a huge and unfair competitive advantage.19 B. Philips’ Extensive Measures to Protect Its Confidential CSIP and other Materials Philips asserts that it takes numerous measures to protect the secrecy of its CSIP and other asserted trade secrets. These measures include: confidentiality agreements with employees, customers, and trade partners; limiting employee access on a need-to-know basis and requiring 15 Ex. G (Rsp. Wheel. Rog), at 2–17; Ex. L (Orso Rpt.), ¶¶ 266–321; Ex. D (Dickson 12/31 Tr.), at 61:23–62:2; Ex. M (Philips Tr.), at 286:19–287:18. 16 Ex. N (2nd Resp. Trans. 1st Rog), at 9–11; Ex. L (Orso Rpt.), ¶¶ 353–56, 380–83. 17 Doc. No. 139 (SAC), Ex. A; Ex. M (Philips Tr.) 125:11–126:16; Ex. O (Fenn Tr.) 205:20– 206:6. 18 Ex. G (Rsp. Wheel. Rog), at 5–6). Philips estimates spending over $113 million to develop the CSIP software and tools just for Allura products. (Ex. P (Kennedy Rpt.), ¶¶ 167–82. 19 Ex. G (Rsp. Wheel. Rog), 3–17; Ex. P (Kennedy Rpt.), ¶¶ 169–70. 7 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 7 of 34 return of confidential materials at termination; including confidential markings on documents; restricting customer access to proprietary software tools on the imaging systems to those with written confidentiality agreements; using technological security measures such as its Integrated Security Tool (“IST”); and maintaining secure physical premises.20 According to Plaintiff, its IST tool, developed as a digital rights management solution for preventing unauthorized access to Philips’ CSIP, is particularly important.21 Philips generates and encrypts a user-specific and password protected IST certificate, which users load onto physical IST keys that are encoded with the user’s authorized service software.22 Philips’ CSIP functions are assigned specific IST levels, and each user is provided or denied access to service software based on the IST level on the user’s IST key.23 In short, Philips locks down its CSIP materials via a specific user’s IST key and password, such that only users with appropriate entitlements can gain access.24 C. Philips’ Contends that Defendants Hired Philips’ Employees and Misappropriated Its Trade Secrets 20 Ex. G (Rsp. Wheel. Rog), 2–17, 31–38; Ex. N (2nd Resp. Trans. 1st Rog), 14–25; Ex. D (Dickson 12/31 Tr.), 29:6–34:16, 70:5–71:8, 87:4–88:19, 94:4–95:16, 102:7–13; Ex. M (Philips Tr.), 254:4–256:16, 273:2–275:8; Ex. L (Orso Rpt.), ¶¶ 303–21, 53–114; Ex. Q (Rios Rpt.), ¶¶ 37–54; Ex. R (Regard Rpt.), ¶¶ 25–28; Ex. S (Regard Tr.), 72:6–12, 82:8–83:16, 93:7–94:10, 96:10–97:10, 98:16–101:4, 115:4–9, 119:7–21; Ex. T, at 5, 11–12, 16, 18, 24, 83, 86, 88, 129; Ex. U; Ex. V; Ex. W, at 4–11; Ex. X, slides 8–13 (CSIP Policy Updates); Ex. Y (Assist Agt.), at 1, 3–4, 6. 21 Ex. L (Orso Rpt.), ¶¶ 53-84; Ex. M (Philips Tr.) at 11:4–13:19, 25:20–27:2, 114:14–115:3, 254:21–256:16; Ex. Z (Ray Tr.) at 56:22–57:1, 58:19–59:10, 79:10–80:1, 81:10–82:12, 86:3– 88:2, 92:13–95:6; Ex. B (Kullolli Rpt.) ¶¶ 96–97; Ex. C (Fenn Rpt.) ¶ 38; Ex. O (Fenn Tr.) 83:21–85:8. 22 Ex. L (Orso Rpt.), ¶¶ 54–63, 66–80, 97, 99, 101–14; Ex. AA (Griswold Tr.) 39:24–42:24; Ex. I (Froman Tr.) at 92:10–14. 23 Ex. L (Orso Rpt.), ¶¶ 78–80, 100–14, 131–52, 327, 371; Ex. J (Wheeler 5/13 Tr.) 17:17–20:2; 22:16–24:25; Ex. AA (Griswold Tr.) 25:4–26:1, 26:17–27:14, 37:14–38:18, 39:24-42:24. 24 See id. 8 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 8 of 34 Defendant TEC Holdings (“TEC”) is an independent service organization (“ISO”) that serviced various medical equipment, including Allura systems. 25 On March 31, 2017, TEC sold all its assets to Transtate Holdings, which then changed its name to Transtate Equipment Co., Inc. (“Transtate II”).26 The business of TEC and Transtate II (collectively, “Transtate”) includes servicing, part sales, and sales of refurbished equipment for X-ray and other medical imaging systems.27 According to Plaintiff, as early as 2013, Transtate embarked on a scheme to hire key Philips employees and steal Philips’ trade secrets. Specifically, Transtate’s owners, Daniel and Robert (Andy) Wheeler, met in early 2013 with William Griswold, a Philips specialist who was contractually obligated not to use or disclose his extensive access to Philips’ trade secrets.28 Mr. Griswold got a job offer from Transtate in July 2013 (including responsibility for developing Transtate’s remote servicing program), but kept working for Philips for nearly two more months, despite his extensive access to Philips’ confidential and proprietary materials.29 According to Philips, he arrived at Transtate with an illegally retained backup of the hard drive from his Philips laptop, and he quickly began providing Transtate employees with confidential Philips materials, including secret information about Philips’ Remote Services he acquired from a Philips training course days before his job offer (enabling Transtate to have unauthorized remote 25 Doc. No. 384, at 3. Id.; Ex. AB (D. Wheeler Tr.), at 34:7–24. 27 See id.; Ex. AC; Ex. AD. 28 Id., Ex. AA (Griswold Tr.), at 94:21–99:23; Ex. AE (Griswold IP Agt). 29 Ex. AA (Griswold Tr.), at 103:21–104:19, 112:11–15; Ex. AF (Offer Ltr). 26 9 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 9 of 34 access to Philips’ protected materials), Level 1 and 2 CSIP information and documents, and KNOVA materials.30 It is undisputed that, in connection with Transtate’s servicing, Philips provides Transtate with IST accounts with only Level 0 CSIP access.31 Philips contends that, along with other secret materials, Griswold provided Andy Wheeler at TEC with information about specific changes that could be made to the SetupRegistry and ConfigRespository files to provide unauthorized access to Philips’ CSIP on Allura systems.32 Mr. Griswold repeatedly sent Wheeler SetupRegistry files– one of two files that Transtate modifies (out of tens of thousands of files on Allura systems) to gain unauthorized access.33 According to Philips, Wheeler used the misappropriated trade secret information to build the “FD Service” software program that modifies those same SetupRegistry and ConfigRepository files on Philips Allura systems to provide access to Level 1 and higher CSIP.34 Philips contends that Transtate’s employees admitted that FD Service provides access to Level 1 and higher CSIP tools that Philips restricts them from using.35 30 Ex. G (Rsp. Wheel. Rog), at 20–24; Ex. L (Orso Rpt.), ¶¶ 323–25, 330–31, 338; Ex. AA (Griswold Tr.), at 124:19–127:5, 128:19–130:16, 140:4–12, 149:23–152:11; Ex. AG, at 26; e.g., Ex. AH (RSN Info) at ‘71, 99, 110. 31 Ex. J (Wheeler 5/13 Tr.), 17:24–18:10, 52:10–20; Ex. I (Froman Tr.) 79:10–13. 32 Ex. G (Rsp. Wheel. Rog), at 21; Ex. L (Orso Rpt.) ¶¶ 153–164. 33 Ex. AI; Ex. AJ; Ex. AK; Ex. AL. 34 Ex. G (Rsp. Wheel. Rog), at 22; Ex. AV; Ex. L (Orso Rpt.), ¶¶ 120–25, 149–165, 272–73, 326–27, 361–364; Ex. J (Wheeler 5/13 Tr.) 35:19–36:1, 38:2-39:8, 52:22–55:21. According to Philips, Defendants’ assertion that FD Service merely uses Microsoft Windows Explorer to access Allura cath labs “through legal methods” is wrong. (See Doc. No. 384 at 8 ¶ 28). 35 Ex. AA (Griswold Tr.) 43:11–44:19 (FD Service provides access to service tools that are unavailable with the IST key from Philips); Ex. I (Froman Tr.) 69:23–70:1 (it allows access to Level 2 tools), 74:19-75:11 (FD Service “circumvents Philips’ security measures”). Philips contends that Defendants’ own admissions refute any assertion that they were only accessing Level 0 CSIP materials (which Philips makes available generally to comply with AIAT Regulations). Philips argues that, contrary to Defendants’ assertions, FD Service does not enable 10 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 10 of 34 In deposition, Defendants’ technical experts explained how FD Service changes files on Allura systems to bypass Philips’ security. Professor Astrachan acknowledged that Philips designs its Allura software to prevent users with Level 0 access from accessing Level 1 or higher software.36 He explained that Defendants run FD Service to “unlock” access to Level 1 and higher CSIP tools.37 Defendants’ other technical expert, Mr. Fenn, also testified Defendants modify Allura software to access Level 1 (IST Level 2) and higher CSIP commands without an IST key.38 According to Philips, Defendants thus unquestionably modify files on Allura systems to bypass Philips’ security and permit access to Level 1 and higher CSIP without a Level 1 or higher IST key and password. According to Philips, after obtaining Philips’ secret information to develop FD Service, Defendants continued to build their business upon Philips’ stolen intellectual property. In 2016, Defendants hired Dale Dorow, another Philips employee with extensive access to Philips’ trade secrets and proprietary materials.39 According to Philips, on January 2016, Dorow received a job offer from Transtate with an anticipated start date of August 1, 2016–providing more than six months during which Mr. Dorow hid from Philips that he would be going to a competitor and stockpiled copies of Philips’ confidential materials.40 Philips has presented evidence showing “AIAT” functions: it enables all CSIP functions. (Ex. K (Astrachan Tr.) 108:16–109:21 (FD Service gives access to all Level 1 through 8 service tools)). 36 Ex. K (Astrachan Tr.), 66:14-23; 82:5–13, 83:14–22. 37 Id. at 89:13–23 (once FD service is run “you could access the system to perform services no matter what level they might otherwise have required”), 90:13–91:10, 94:11-20, 106:15–107:25, 108:16–109:21, 185:12–186:7, 198:3–199:8. 38 Ex. O (Fenn Tr.), 83:21–84:25, 92:10–22, 94:16–22. 39 Ex. G (Rsp. Wheel. Rog), at 27; Ex. AM (Dorow 5/7 Tr.), at 115:3–123:2; Ex. V (Dorow IP Agt). 40 Ex. AM (Dorow 5/7 Tr.), at 115:3–123:2; Ex. AN; Ex. R (Regard Rpt.), ¶¶ 56–59, 121–27, 174–75 & Ex. O. Philip asserts that the job offer document contains an obvious typo of January 15, 2015, given the new calendar year. 11 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 11 of 34 that Dorow secretly retained a hard drive containing over 200,000 files of Philips materials (55,000 of which were then accessed during his first week at Transtate), including Philips’ Level 2 CSIP and KNOVA documents, Philips’ CAT and Xper Editor Tools, and Philips’ confidential customer information.41 Plaintiff asserts that with the misappropriated materials, Dorow established a “library” of Philips’ information for Transtate employees, and also emailed Philips’ Level 1 and 2 CSIP materials, KNOVA information, and CAT presets to Wheeler and other Transtate employees.42 D. Philips Contends Widespread Use of Philips’ Trade Secrets in Transtate’s Business Philips contends that Defendants have made widespread use of Philips’ trade secrets through Transtate’s entire business. Transtate began using FD Service as early as November 19, 2013.43 Philips contends that Transtate employees have admitted to using FD Service to access software on Philips machines they cannot access using their Philips-provided access keys.44 Philips has presented evidence showing that Defendants’ FD Service has been used to circumvent Philips’ IST security measures more than 75,000 times with Defendants’ customers– 41 Ex. R (Regard Rpt.), ¶¶ 56–59, 101, 116, 121–27, 130–34, 174–75; Ex. AM (Dorow 5/7 Tr.), at 184:7–188:17, 191:23–192:24; Ex. G (Rsp. Wheel. Rog), at 27) 42 Ex. G (Rsp. Wheel. Rog), at 27–28; e.g., Ex. AO; Ex. AP, at ’951-57; Ex. AQ; Ex. AR at 9; Ex. AS at ’118; Ex. AT at ’324–25; Ex. AU at ’168–69)). According to Philips, Defendants also acquired Philips’ secret information from other employees, such as Dustin Zimmerman, who brought to Transtate Philips’ secret information that Philips licenses to the U.S. Military and Mr. Zimmerman improperly retained from his prior military service (Ex. G (Rsp. Wheel. Rog), at 25–26; Ex. BA (Zimmerman Tr.) 353:18–354:24, 356:22–357:17) and a fake IST certificate, which Defendants used to gain unauthorized access to Philips’ protected CSIP. (Ex. BB (Kalish Decl.), ¶ 10; Ex. L (Orso Rpt.), ¶¶ 185–192, 222–38; Ex. G (Rsp. Wheel. Rog), at 25. 43 Ex. L (Orso Rpt.), ¶ 324; Ex. AV, at 15. 44 Ex. AW (Dorow 6/3 Tr.), at 16:5–19:3, 43:20–46:1; Ex. AX (C. Peterson Tr.), at 100:15– 101:12; Ex. AA (Griswold Tr.) 39:24–44:19; Ex. I (Froman Tr.) 69:23-70:1, 74:19-75:11. 12 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 12 of 34 and that is just based on records of the systems that happen to report log files to Philips.45 According to Philips, such extensive use of FD Service gives Transtate unfettered unauthorized access to Philips’ entire suite of advanced servicing software, allowing Transtate to provide servicing more efficiently and profitably. 46 According to Philips, the fake IST credentials provide Transtate with another means to circumvent Philips’ access controls, decrypt Philips’ encrypted files, and acquire and use Philips’ advanced CSIP.47 Defendants dispute having a fake IST certificate, but Philips asserts that customer log files show the use of fake IST certificates over 2,000 times to access Philips’ CSIP at Transtate customer sites.48 According to Philips, Defendants’ use of fake IST certificates also enabled them to decrypt Philips’ documents, as shown by internal Transtate communications funneling requests for decryption of Philips’ documents and files to Messrs. Wheeler and Zimmerman.49 Philips further argues that Defendants have used Philips’ proprietary materials in other aspects of their business. For example, Transtate circumvented Philips’ security on its internal “test bays” to use Level 1 and higher CSIP to test and diagnose parts that Philips sells to customers.50 Philips further asserts that Transtate also used secret information about Philips’ Remote Services to provide remote diagnostic services to Transtate’s customers, including by remotely downloading and analyzing log files from Allura systems, enabling Transtate to increase its efficiency and 45 Ex. L (Orso Rpt.), ¶¶ 165–172; Ex. P (Kennedy Rpt.), ¶¶ 91–97. Ex. P (Kennedy Rpt.), ¶¶ 168–70. 47 Ex. L (Orso Rpt.), ¶¶ 185–92, 222–38, 245, 284. 48 Ex. L (Orso Rpt.), ¶¶ 222–38; Ex. P (Kennedy Rpt.), ¶¶ 102–05. 49 Ex. L (Orso Rpt.), ¶¶ 245, 284; Ex. G (Rsp. Wheel. Rog), 26–27; Ex. AY (email attaching encrypted files); Ex. S (Regard Tr.), 76:20–78:16; Ex. AZ; Ex. CI). 50 Ex. AW (Dorow 6/3 Tr.), 43:20–46:1; Ex. L (Orso Rpt.), ¶¶ 173–84. 46 13 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 13 of 34 profitability by evaluating problems before technicians arrive on site.51 Philips asserts that Transtate also uses Philips’ Level 2 CSIP documents, KNOVA trade secrets, CAT software, and Xper Editor tool in connection with its business, including via a “document library” Dorow created containing numerous Philips proprietary materials.52 Finally, Philips has presented evidence to show that Transtate’s business has used the CAT (to interpret log files) and Xper Editor tools (to adjust irradiation levels).53 E. FDA Regulation of Medical Imaging Systems The U.S. Food and Drug Administration (“FDA”) comprehensively regulates medical imaging systems, including through the federal Food, Drug, and Cosmetic Act (“FDCA”). 54 Subsection (g) of the “AIAT Regulation,” codified at 21 C.F.R. § 1020.30, requires a manufacturer of a diagnostic X-ray system to provide to assemblers (and, upon request, to others) “instructions for assembly, installation, adjustment, and testing” of certain certified components of the X-ray system that are adequate to assure that the product will comply with 51 Ex. G (Rsp. Wheel. Rog), at 23; Ex. BC, at 34, 40; Ex. BD at 1–2; Ex. BE (Wheeler 6/3 Tr.), at 24:11–25:1, 29:6–12; Ex. AX (Peterson Tr.), at 115:2–117:9; Ex. AA (Griswold Tr.), at 155:15–157:3). Philips designed both the log files and its Alllura software that creates the log files, which contain Philips’ proprietary data. (Ex. E (Suijs 1/23 Tr.) 155:5–159:7). Philips Allura software generates the log files. (Ex. K (Astrachan Tr.) 190:4–15). Philips implements closed profile security that locks users with Level 0 CSIP access into a closed software environment, which prevents their unauthorized access to Philips’ copyrighted log files. (Ex. L (Orso Rpt.) ¶¶ 102, 111–12, 294. 52 Ex. L (Orso Rpt.), ¶¶ 336–44, 347–50; Ex. AM (Dorow 5/7 Tr.), 169:12–174:22, 183:20– 188:17, 191:23–192:24; Ex. R (Regard Rpt.), ¶¶ 96, 121–27, 130–35, 141–46, 182–97, 198-206, 216–35, 239–44 & Ex. O (drive idx.)). Transtate employees also would share Philips’ KNOVA information. (Ex. R (Regard Rpt.), ¶¶ 37, 225–26, 323–28; Ex. BF (Dancy Tr.), 287:12–291:2; Ex. F (McAlpin Tr.), at 160:10–161:23. 53 Ex. I (Froman Tr.), 153:5–10, 188:10–190:8, 195:20–197:13, 203:11–204:8, 227:6–228:7; Ex. BE (Wheeler 6/3 Tr.), at 27:21–28:11; Ex. AA (Griswold Tr.), 223:1–234:15). 54 (Ex. BG (Stade Rpt.) ¶¶ 14, 21, 23–25, 29–42. 14 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 14 of 34 applicable performance standards set by the FDA when the component is assembled, installed, adjusted, and tested as directed by the manufacturer.55 It is undisputed the AIAT Regulation applies to the certified components of Philips Allura systems. According to Philips, Philips complies with it by providing the required instructions and related materials as part of its Level 0 CSIP access.56 As noted previously, this Court temporarily stayed this and all related cases pending a complaint made by Defendants to the FDA, and the FDA complaint has not changed anything. Philips asserts that it submitted its AIAT documentation to the FDA during the 510k premarket clearance process for its Allura systems and the FDA has not found these disclosures to be inadequate.57 According to Philips, the FDA confirmed in writing, during this litigation, that there were no “unresolved compliance issues associated with Philips’ disclosure obligations as set forth in 21 C.F.R. 1020.30(g) and 1020.30(h).”58 II. Defendants’ Facts and Evidence Presented on Summary Judgment In response to Plaintiff’s summary judgment motion, and in support of its own summary judgment motion, Defendants have presented the following evidence: I. Philips Views ISOs As a Competitive Threat Defendants asserts that during the COVID-19 pandemic, Philips’ systems have been critical to diagnoses and treatment of COVID-19.59 Defendants repair those systems and sell 55 21 C.F.R. § 1020.30(g). See Ex. BH, at 7; Ex. BI, at ‘878; Ex. W (2017 CSIP Policy), at ‘606–607; Ex. D (Dickson 12/31 Tr.), at 31:12–16, 37:11–19). Philips asserts that it thoroughly vets its compliance with FDA regulations, including the AIAT Regulation. (Ex. BJ (compl. record). 57 Ex. BK (Gutierrez Rpt.) ¶ 97; Ex. BL (Pre-Sub Ltr) at ‘819, ¶ 4. 58 Ex. BM (FDA Resp.) at ’95–96; Ex. BK (Gutierrez Rpt.) ¶¶ 98–102). 59 (Ex. 1; Ex. 4). 56 15 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 15 of 34 refurbished and new parts for these systems.60 As an original equipment manufacturer (“OEM”), Philips competes with ISOs including Transtate to service Philips’ systems after the warranty expires.61 ISOs provide lower-priced, 24/7 services that increase access to vital healthcare.62 The annual cost of a Philips service contract is over $187,000.63 II. Philips’ Conduct Has Injured Defendants, Market Competition, and Patients Defendants assert that while Philips’ service prices are significantly higher than ISOs, Philips’ service levels, including response times, are well-below its competitors, sometimes intentionally.64 Defendants assert that Philips deliberately delays service to non-contract customers to make them “suffer” and “feel some pain,” as a North Carolina field service engineer was told by his superiors.65 Defendants contend that Philips delayed “critical” repairs while a patient was on the table because the hospital didn’t have a contract.66 This coerces hospitals into entering Philips’ expensive service contracts—at the cost of patient safety—while excluding ISO competition.67 Additionally, Philips artificially shortens its systems’ useful life. For example, in 2017, Philips restricted its systems’ end of life (“EOL”) to 8 years, despite data showing an EOL of 10 years or more, “to be mindful of the impact to our tube & component supplier's (GTC) margins” and to prevent newer used parts from “de-installed machines” entering the “grey market,” which allowed third parties to obtain lightly used parts. Philips feared third parties’ access to lightly 60 (Ex. 3, 102:10–108:10; 116:1–9). In 2017, Philips identified Transtate as successfully competing against Philips to service Philips’ systems. (Ex. 5). 62 Defs. Br. at 2 ¶ 2. 63 Pl. Br., at Ex. H. 64 See Ex. 6, ¶ 4; Ex. 7, at 4; Ex. 8, ¶ 16. 65 Ex. 9, 142:18–151:04; Ex. 10, 96:01–96:16. 66 Ex. 81; see also Ex. 6; Ex. 8, ¶ 16. 67 Exs. 11–13; Ex. 14, 58:21–59:24; Ex. 9, 142:18–151:04; Ex. 10, 98:24–99:01. 61 16 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 16 of 34 used parts “will put more pressure on [Philips] to be more competitive in the deinstallation space.”68 According to Defendants, Philips has continued to prey on its own customers to extract profits and prevent competition.69 Defendants contend that Philips also raised its rivals’ costs by increasing the trade-in value of used Philips’ systems and parts, which effectively became the cost of the used part.70 Philips also mandated only new parts could be used in Philips’ non-EOL machines even though it refuses to use new parts in EOL or EOS machines.71 Additionally, Philips told customers that they needed Philips-trained engineers to service their machines before receiving the access to service tools and information for which they paid. 72 But per an “ongoing policy,” Philips refuses essential service training to Defendants and other ISOs, despite Defendants’ offers to pay or to enter service contracts.73 Philips provides training only by non-disclosure agreements, and only to specifically designated in-house biomeds employed by purchasers of Philips’ “first-look” service contracts.74 A. Philips Defense that Customers Can Easily Switch OEM Imaging Systems is False According to Defendants, while Philips argues that customers who are dissatisfied with its poor service can simply switch to a different OEM’s imaging systems, the reality is that 68 For example, Exs. 15–16; Ex. 17 at 10; Ex. 18. Exs. 15, 18–19; see also Ex. 79–80. 70 See Ex. 20, 165:7–20 (“Do I think there's behavior by Philips to try to restrict and raise costs to firms that recondition parts? Yes. . . .if you want to raise cost to rivals to reconditioning, what you do is you raise the trade-in value because that becomes the cost of the used part. The arithmetic is pretty straightforward.”). 71 Ex. 92 (“Azurion Catalyst Upgrades have restrictions on re-use items.”). 72 Ex. 69, 139:5-140:3 and at Ex. 35; Ex. 70, 155:3-22; Ex. 71, at Ex. 12, at Philips_TEC0108971-Philips_TEC0108972. 73 Transtate Ans. to Sec. Am. Compl. [Doc. No. 274] ¶ 167; Ex. 69, 38:21–40:5, 115:16–116:20, and at Ex. 24. 74 Ex. 32, 88:6–9 (explaining 626 engineers received training from Philips’ subsidiary AllParts. 69 17 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 17 of 34 purchasers of these capital-intensive, long-lived systems are “locked in” to Philips’ services, despite Philips’ high prices, slow service, and information restrictions.75 Defendants note that a new system can cost $1.2 million plus significant installation, renovation, and training costs.76 Moreover, new systems require specially-configured secured rooms—which are unique to each OEM—and complex system integration.77 Defendants maintain further that regulatory barriers also exist: for example, North Carolina medical facilities must obtain State approval to replace or upgrade their systems.78 Defendants’ economic expert interviewed customers who affirmed that due to the “absurdly high” cost, no customer would respond to dissatisfaction with Philips’ services by removing a Philips system before its end-of-life to replace it with another OEM system; and no one had ever heard of this.79 B. Philips Controls the Parts Market Defendant has also presented evidence to show that Philips controls the parts market. Philips makes 100% of the parts for its imaging systems.80 Because Philips’ new parts are expensive, Transtate and other ISOs utilize used parts derived from buying, cannibalizing, or reconditioning equipment.81 Philips also buys, reconditions, and sells used parts for a premium.82 Starting in 2012, Philips began a campaign to buy up the available supply of used parts and remove them from the market.83 Defendants maintain that this campaign resulted in increased 75 Ex. 21; Ex. 20, 111:23–114:9. Ex. 22, ¶¶ 9–10 ($200,000 to $300,000 to renovate; $20,000-$30,000 per trainee). 77 Ex. 22, ¶¶ 9–10. 78 See (Ex. 25). 79 Ex. 20, 111:23-114:9. 80 Ex. 26, 155:12–155:16. 81 Ex. 20, 168:23–25 to 169:5; Ex. 68, 38:1–39:7, 42:3–43:11; Ex. 90, ¶ 6; see Ex. 77. 82 See generally Ex. 77. 83 Ex. 27; see also Ex. 28, at 9; Ex. 17 (“Commitment to take all professional equipment back by 2020”); Ex. 29; Ex. 77 ¶¶ 4–7. 76 18 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 18 of 34 control over prices of new and used parts for Philips, and increased costs for used parts for competitors. First, Philips “continue[d] to buy back used [X-Ray] CV MRC tubes from deinstalled systems. This should significantly cut supply to the 3rd parties and raise their prices. . . . We expect to command at least a 10-15% premium over 3rd Party used tubes.”84 Second, as the OEM, Philips applied a “certified service parts” mark to its used parts so that “if a customer is looking into purchasing a used tube from a 3rd party, then this should not be an issue since NO used tubes on the market have a renewed CSA mark”, so “if a customer insists on a CURRENT CSA Mark, then the only solution in the marketplace is a NEW MRC tube.” 85 Third, Philips seized an anticipated “$15M USD Opportunity” to crush “competing 3rd party de-installers” in the “Philips IGT Systems/Parts only” market: “increase control of parts resale market by keeping more parts/systems in-house”, giving its subsidiary AllParts “Right of First Refusal”; recycling parts not selected for refurbishing; and using Philips’ engineers for deinstallation jobs rather than third parties.86 According to Defendant, Philips’ board chairman noted in 2018: “Closing the loop is good business because I don't want our medical equipment to fall in the hands of third parties who then cannibalize the systems and destroy my spare parts business. So it is actually—it makes eminent sense to do this and close that loop for 100%, which we have committed to do.”87 Defendants contend that Philips augmented this removal of used equipment and reduction in available used parts by increasing trade-in value for used 84 Ex. 27; see also Ex. 77, ¶¶ 4–7. Ex. 27; see also Ex. 22, ¶ 20. 86 Ex. 29. 87 Pl. Br., Ex. A, at 24 n.147; see Ex. 20, 169:9–18. 85 19 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 19 of 34 Philips machines, raising third-party costs.88 In March 2020, Philips refused to sell used parts to ISOs.89 Defendants contend that Philips also refuses to install any part from a non-Philips source, even if it is a Philips-branded used part from a third-party. Defendants maintain that this drives up costs and delays repairs because Philips only sells brand-new parts at a premium, for far more than used parts sold by reputable third parties.90 Defendants note that, additionally, Philips appointed its subsidiary AllParts as the sole seller of its parts: but AllParts does not keep a full inventory of new parts (for ISOs and customers’ purchase) or of used parts (for customers).91 For both new and used parts, this increased prices and slowed fulfillment of orders (and thus repairs).92 III. Philips Limits Availability of and Access to Philips’ CSIP Materials As noted, Philips is required by law to provide “adequate” access to information for the assembly, installation, adjustment, and testing (“AIAT”) of its cath lab systems and other radiation emitting devices, to third parties, including ISOs that perform essential services on the machines, in order to meet federal performance and compatibility standards.93 Philips designates its service software, documentation, training materials, and other materials as “CSIP” and assigns “Levels” corresponding to access.94 Philips designates “Level 0,” or what it unilaterally 88 Ex. 30, at 9; Ex. 77 ¶ 7. Transtate Ans. to Sec. Am. Compl. [Doc. No. 274] ¶ 159; see Ex. 22, ¶ 20; Ex. 77, ¶¶ 4–7, 9– 12. 90 Ex. 22, ¶ 20 (third parties charge “a fraction of the price” of new parts). 91 Ex. 77, ¶¶ 4–7 (Philips/AllParts policy change increased parts costs), ¶¶ 9–12 (Philips/AllParts policy changes prevent Defendants from purchasing parts); Ex. 26, 194:1–12. 92 Ex. 21, at 22; Ex. 26, 141:13-21 (more supply of used parts would lead to lower prices); see generally Ex. 77). 93 Defs. Br. 3, at ¶ 4; Pl. Br. 8. 94 Defs. Br. 4, at ¶ 11–12. 89 20 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 20 of 34 deems “AIAT,” access for information that it claims it is required to disclose by the FDA, and limits ISOs, including Defendants, only to Level 0 CSIP access.95 According to Defendants, Philips refuses to provide access to or license necessary servicing information. Defendants assert that while Philips claims that Level 0 CSIP materials are available to anyone who requests access, including Transtate and all other ISOs, customers and ISOs must request access to even Level 0 CSIP information from Philips and do not receive it in a timely, unhindered manner, or in some cases, at all.96 Defendants further contend that Philips regularly denies access to Level 0 CSIP materials, including but not limited to: (i) revoking access to useful manuals and tools that third parties relied on for years, claiming they were shared “in error” or were “proprietary IP”; (ii) providing outdated information; (iii) giving updated information only to Contract Customers; (iv) effectively making access unavailable to competitors; (v) arbitrarily changing ISOs’ access levels.97 According to Defendants, Philips’ Level 0 CSIP materials also do not include access to all materials the law authorizes Defendants to access and use, including those identified in Philips’ own AIAT manuals.9899 Even to set up Level 0 access, Philips reaps millions of dollars in fees and labor for “no regulatory reason.”100 Defendants contend that this exceeded Philips’ 95 Defs. Br. 3, at ¶ 12 & 5 at ¶ 15. Ex. 32, 59:4–9; Ex. 3, 112:6–113:10; Ex. 70, 90:21–92:15, 147:20–149:12, and at Exs. 1, 6; Ex. 71 161:17–163:2, and at Ex. 16. 97 Ex. 33; Ex. 34, Ex. 35, Ex. 36, Ex. 37, Ex. 39, ¶¶ 10–11; Ex. 40–41; Ex. 43 ¶ 9; Transtate Ans. to Sec. Am. Compl. [Doc. No. 274] ¶ 87; TEC Ans. to Sec. Am. Compl. [Doc. No. No. 275] ¶ 88; Ex. 51 (from ISO Frontier Imaging Services); Ex. 59, 160:20–161:18, 162:21–163:24; Ex. 78, 77:16–79:08 (actual access may not correspond to access level on document’s face); Ex. 91, 81:7–82:6; 82:11–82.22; 279:21–280:11. 98 Ex. 46; Ex. 47 ($2,000 smartcard and $200 access dongle). 99 Defs. Br. 5, ¶ 16; Ex. 91 ¶ 6. 100 Ex. 42; see, e.g., Ex. 82 (Philips employee stating “there is no regulatory reason for Philips to require sending an FSE onsite to activate the service)”); Ex. 43 1–5; Ex. 44 ¶ 9 (must pay for $2,000 service call simply to populate an IP address); Ex. 84 ¶ 6. 96 21 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 21 of 34 costs of providing access, violating its obligations under 21 C.F.R. § 1020.30(g) and (h)).101 Philips also derived “substantial fees” of at least $7.5 million from “licensing” Level 0 information. Philips’ CSIP denials are calculated business decisions that often create delays and compromise patient safety.102 For example, without warning, Philips removed an ISO’s access to all instructions for all cardiovascular systems.103 Defendants contend that, facing revenue pressures from servicing rivals, Philips wields its CSIP in an attempt to justify technological lockouts to life saving equipment they do not own.104 Philips explicitly recognizes the anticompetitive nature of its CSIP access denials; its CSIP access guidelines even list elements of a competition law claim.105 IV. Philips also Uses TPMs to Hinder ISOs’ Ability to Properly Service Its Machines Philips’ attempted use of restrictive technological protective measures (“TPMs”) to deny access to data files–including error logs, configuration files, and event logs–hinders biomeds’ and ISOs’ ability to diagnose faults and errors in the operation of a system. 106 This prevents them from accessing Level 0 or other functions that are undisputedly essential for servicing the machines.107 V. Defendants’ Access to and Service of Philips’ Products Is Authorized Philips claims to use its “IST” technology to control a user’s access level to Philips’ CSIP 101 Ex. 43, ¶¶ 4–8. Ex. 48–50. 103 Ex. 51 (from ISO Frontier Imaging Services). 104 Ex. 52, at 5; id. at 9. 105 Ex. 53, at Philips_TEC0108969, Philips_TEC0108974. 106 Ex. 57, 307:2–13 (explaining that for Transtate engineers to determine what part is needed they must service the machine which sometimes includes “reviewing the customer’s inner logs”). 107 Ex. 39, ¶¶ 1011; Ex. 44, ¶ 9. 102 22 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 22 of 34 and that it sometimes prevents customers and ISOs from accessing menu options above their CSIP levels.108 Defendants contend that access to the actual system files, however, is not protected, and anyone with a rudimentary understanding of the Windows XP operating system can view the files.109 Defendants further argue that, “due to pernicious issues accessing Level 0 CSIP materials (and other required AIAT information),” Andy Wheeler, President of both TEC and Transtate, developed the FD_Service software tool through proper reverse-engineering of Philips’ used equipment TEC owned.110 According to Defendants, the FD_Service software tool makes available the necessary service functions on Allura cath labs that Philips fails to make readily available.111 Defendants further assert that, contrary to Philips’ contentions, FD_Service does not provide access to any Philips software code or other copyrighted work to which Defendants do not already have access.112 FD_Service merely makes available for use service functions from the field service framework (“FSF”) service menus on the systems that are not otherwise visible to a user.113 Defendant argues that although Philips states that FD_Service modifies numerous files, it actually only temporarily modifies one file (a 4-line functional Configuration Parameters file), which it changes to refer to a substitute XML configuration file created by FD_Service. 114 108 Defs. Br. 5 ¶ 13. Ex. 58; Pl. Br., at Ex. L at ¶¶ 44–50. 110 Defs. Br. 8 ¶ 26. 111 Defs. Br. 8 ¶ 26. 112 Pl. Br. 7; Ex. 57, 37:18–21, 53:21–54:2 (Explaining that FD_Service only provides access to AIAT functions. 113 Defs. Br. 8 ¶ 26. 114 Ex. 58, 127:17–128:7; Pl. Br., Ex. AD at ¶¶ 32–34; Ex. 59, 55:1–17. No other file is modified. Ex. 59, 55:1–23. 109 23 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 23 of 34 Defendants argue that these changes are not made to allow access to the Allura software, which indisputably Defendants already can access, and no other file is modified.115 A. Philips’ Interferes with Third-Party Repairs Defendants have presented evidence that Philips monitored hospitals’ equipment and ISOs’ use of equipment, constituting an “unauthorized service in the field” even though it knew the hospitals’ contracts allow them to grant full access to third-party servicers.116 According to Defendants, if Philips detects that a biomed or ISO conducted a repair, it will delay service to the hospital.117 Defendants further assert that Philips also monitors heavy use periods in hospitals, leveraging it to extract supra-competitive revenues on part sales.118 Further, Philips hinders noncontract customers by making unauthorized and unnecessary repairs to machines. For example, Philips conducted firmware upgrades on equipment owned outright by two medical facilities— for which Philips provided no warranty, no service, and no support—which allegedly prevented those medical facilities from servicing their own equipment.119 B. Philips Deceived Customers and Disparaged ISO Services Finally, Defendants contend that Philips has disparaged Transtate and TEC’s services, resulting in lost income and several customers.120 Philips sabotaged its own systems to falsely (Ex. 57, 77:22–23 (“FD Service, it’s my understanding FD Service doesn’t modify files.”). Ex. 60; Ex. 85, 118:22–121:1, and at Ex. 18. 117 Ex. 9, 142:18–150:25 (explaining that service engineers were instructed by Philips to not provide same day service for customers that did not have service contracts with Philips; “If they don't have a contract, they'd have to suffer.”); Ex. 43, ¶ 12. 118 See Ex. 23, at Philips_TEC1335643. 119 Ex. 61, ¶¶ 23, 30) 120 Pl. Br., at Ex. A ¶¶ 80–119; Ex. 3, 39:13–58:8; Pl. Br., at Ex. AK at 41:7–12 (Renovo, Iasis, Health First, and Regional Medical Center at least partially ceased Transtate’s services after interacting with Philips representatives). 115 116 24 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 24 of 34 blame Transtate and interfere with its service contracts.121 Philips also disparaged ISOs generally, and deceived customers by saying only Philips-trained technicians could service its systems (while denying ISO training). III. STANDARD OF REVIEW Summary judgment shall be granted “if the movant shows that there is no genuine dispute as to any material fact and the movant is entitled to judgment as a matter of law.” FED. R. CIV. P. 56(a). A factual dispute is genuine “if the evidence is such that a reasonable jury could return a verdict for the nonmoving party.” Anderson v. Liberty Lobby, Inc., 477 U.S. 242, 248 (1986). A fact is material only if it might affect the outcome of the suit under governing law. Id. The movant has the “initial responsibility of informing the district court of the basis for its motion, and identifying those portions of the pleadings, depositions, answers to interrogatories, and admissions on file, together with the affidavits, if any, which it believes demonstrate the absence of a genuine issue of material fact.” Celotex Corp. v. Catrett, 477 U.S. 317, 323 (1986) (internal citations omitted). Once this initial burden is met, the burden shifts to the nonmoving party. The nonmoving party “must set forth specific facts showing that there is a genuine issue for trial.” Id. at 322 n.3. The nonmoving party may not rely upon mere allegations or denials of allegations in his pleadings to defeat a motion for summary judgment. Id. at 324. The nonmoving party must present sufficient evidence from which “a reasonable jury could return a verdict for the nonmoving party.” Anderson, 477 U.S. at 248; accord Sylvia Dev. Corp. v. Calvert Cnty., Md., 48 F.3d 810, 818 (4th Cir. 1995). 121 Ex. 9, 164:23–166:3; Ex. 3, 41:7-52:6; Pl. Br., at Ex. AK at 51:5-55:13 (Philips serviced system installed by Transtate and blamed Transtate when system crashed; Transtate lost the business). 25 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 25 of 34 When ruling on a summary judgment motion, a court must view the evidence and any inferences from the evidence in the light most favorable to the nonmoving party. Anderson, 477 U.S. at 255. “‘Where the record taken as a whole could not lead a rational trier of fact to find for the nonmoving party, there is no genuine issue for trial.’” Ricci v. DeStefano, 129 S. Ct. 2658, 2677 (2009) (quoting Matsushita v. Zenith Radio Corp., 475 U.S. 574, 587 (1986)). IV. DISCUSSION A. Summary of the Parties’ Arguments Although the claims are numerous and the arguments are highly technical, the parties’ arguments are boiled down to this: Defendants contend that “Philips unjustifiably asserts alleged intellectual property rights over a broad set of materials—which is required to be, and in the past has been, readily available to independent service organizations (“ISOs”), such as Transtate—in an attempt to foreclose competition in the after-market for servicing vital medical equipment owned by healthcare providers.” Specifically, Defendants argue that Plaintiff is attempting to gain or maintain a monopoly by creating security levels on its machines to prevent ISOs from performing maintenance on the machines. Lastly, Defendants contend that they merely figured out a way to legally reverse engineer the security controls and that nothing they have done violates any of Plaintiff’s trade secrets or copyrights. Justifying their actions, Defendants emphasize that Plaintiff’s anti-competitive strategies pose risks to patients’ health and safety. On the other hand, Plaintiff has portrayed Defendants as unscrupulous and deceitful thieves who brazenly stole Plaintiff’s highly valuable trade secrets and its copyrights, and who poached some of Plaintiff’s employees with the purpose of stealing Plaintiff’s intellectual property. In short, each party has painted the other as a despicable villain. The parties have submitted briefs amounting to hundreds of pages and thousands of additional documents attached 26 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 26 of 34 as exhibits. The parties have also flooded the Court with numerous discovery disputes. The Court will not recite every fact asserted and argument made in the parties’ briefs in addressing their respective summary judgment motions. The Court does make the following findings on the parties’ respective summary judgment motions: B. Plaintiff is Entitled to Summary Judgement that Defendants Violated the DMCA Section 1201(a)(1) of the DMCA provides that “[n]o person shall circumvent a technological measure that effectively controls access to a work protected under this title.” 17 U.S.C. § 1201(a)(1)(A). “A technological measure ‘effectively controls access to a work’ if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.” Id. § 1201(a)(3)(B). “To ‘circumvent a technological measure’ means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner.” Id. § 1201(a)(3)(A). Here, it is undisputed that Defendants modified files on Plaintiff’s Allura systems to bypass Plaintiff’s security and permit access to Level 1 and higher CSIP without a Level 1 or higher IST key and password. Because Defendants have admitted to using software they developed to bypass Plaintiff’s security, there can be no dispute that they have circumvented Plaintiff’s technological measures under the plain terms of the DMCA. The Court therefore grants summary judgment of liability in Plaintiff’s favor as to the DMCA claim. See 17 U.S.C. § 1201(a)(3)(A); see also Disney Enters. v. Vidangel, Inc., 371 F. Supp. 3d 708, 714 (C.D. Cal. 2019) (granting summary judgment to plaintiff on liability because defendant admitted to using software to decrypt plaintiff’s encryption access controls). The issue remains for trial, however, what damages Plaintiff has occurred as a result. 27 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 27 of 34 In opposing Plaintiff’s summary judgment motion, Defendants argue that the availability of and access to Plaintiff’s CSIP materials is a significant problem, and that it justifies their circumvention of Plaintiff’s technological measures. As Defendants note correctly, Plaintiff is required by law to provide “adequate” access to information for the assembly, installation, adjustment and testing (“AIAT”) of its cath lab systems and other radiation emitting devices, to third parties, including ISOs that perform essential services on the machines, in order to meet federal performance and compatibility standards.122 Defendants contend, among other things, however, that Philips’ Level 0 CSIP materials do not include access to all materials the law authorizes Defendants to access and use, including those identified in Philips’ own AIAT manuals. Defendants further contend that Philips uses technological protective measures to hinder the ability of ISOs to properly service its machines. Defendants also contend that Philips actively interferes with third party repairs by delaying important services to hospitals. Even assuming Defendants’ assertions are true, the Court’s hands are tied as to the DMCA claim. That is, DMCA claims are not preempted by the AIAT regulation, as this Court cannot usurp the FDA’s authority to interpret the AIAT regulations. Moreover, there is no evidence in the record of any FDA determination that affects the elements of Philips’ claims. In other words, the existence of the AIAT regulation does not prevent Plaintiff from asserting their intellectual property claims against Defendants. To the extent the AIAT regulations do not adequately protect ISOs, such as Defendants, this is a matter for the parties to take up with Congress or the FDA. The Court does agree with Defendants, however, that this case exemplifies problems with the DMCA and the right to repair. Whereas the DMCA was originally enacted to protect 122 Defs. Br. 3, at ¶ 4; Pl. Br. 8. 28 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 28 of 34 copyright owners from digital piracy (such as illegally downloading and sharing music, video games, and movies), powerful corporations are now putting digital locks on their products as a tool to capture and retain a huge market share over the repair industry, reducing consumer choice and raising repair costs.123 Issues of third-party rights to repair not only affect the medical imaging industry, but they extend further to extremely problematic areas for consumers. Indeed, under the literal and very broad language of the DMCA, car owners may be prevented from repairing their own vehicles or from sending their vehicles to third parties for repairs. Imagine the company you bought your vehicle from telling you that you may only get your vehicle repaired at the dealership. This cannot be what Congress intended when it passed the DMCA. As the parties note, the Copyright Office does allow people to request so-called ‘Section 1201 exemptions’ of the DMCA every three years. To this end, in October 2021 the Library of Congress issued a DMCA exemption allowing ISOs to access the software medical systems to service and repair those medical systems. Specifically, in October 2021, in response to a petition filed by Defendants in this case, the Copyright Office recommended, and the Library of Congress adopted a DMCA exemption recognizing that repair and maintenance activities on medical devices and systems, such as the ones at issue in this case, meet the criteria of “fair use” as set forth in the Copyright Act and exempting “circumventions” under the DMCA. However, Plaintiff contends that the exemption is not as broad as Defendants contend, noting that rather than granting ISOs an “unfettered” right to diagnose and repair medical imaging machines, the exemption merely recognizes an exemption for medical devices where “where “circumvention is a necessary step to allow the diagnosis, maintenance, or repair of [a lawfully acquired medical 123 Of course, the Court recognizes that maintaining strict controls on medical imaging machine repairs is vital since it affects patient safety. 29 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 29 of 34 device or system].”124 Plaintiff further contends that the Register’s Recommendation stipulates further limits–characterized as “narrow proposed uses and additional limitations” on the exemption’s scope–that clearly exclude what Philips describes as Defendants’ “unlawful hacking.” (Doc. No. 514 at 4). Regardless of the scope of this new exemption, both parties agree it is inapplicable here, because the exemption is not retroactive. (Doc. No. 501 at 4; Doc. No. 514 at 3). Thus, the recently recognized exemption does not help Defendants. In sum, Defendants have violated the DMCA. Therefore, Plaintiff is entitled to summary judgment on this claim. The issue of damages remains for trial. What damages, if any, including nominal damages, will be up to the jury to determine. C. Plaintiff is Entitled to Summary Judgment that Defendants Violated the CFAA A person violates the CFAA by “intentionally access[ing] a computer without authorization or exceed[ing] authorized access, and thereby obtain[ing] . . . information from any protected computer.” 18 U.S.C. § 1030(a)(2)(C). Here, the undisputed facts show that Defendants intentionally accessed a “protected computer,” which is defined as one used in or affecting interstate or foreign commerce or communication. See 18 U.S.C. § 1030(e)(2). A computer with Internet access generally satisfies this requirement under the CFAA. See United States v. Yucel, 97 F. Supp. 3d 413, 417–18 (S.D.N.Y. 2015); United States v. Nosal, 676 F.3d 854, 859 (9th Cir. 2012). Philips’ Allura systems are generally connected through hospital networks to the Internet, so they are protected computers.125 124 (Ex. B, at 59640 § 15; see also Ex. D (NTIA Letter), at 75–76 (recommending against the “unfettered” exemption requested by Transtate)). 125 Ex. AK (Wheeler 6/3 Tr.) 24:11–25:18 (explaining that Defendants remotely collect logs from Philips systems via FTP), 34:2–6. 30 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 30 of 34 The undisputed evidence further shows that Defendants intended to access Philips’ Level 1 and higher CSIP software on Allura systems in excess of Defendants’ level of access authorized by Philips. The requisite intent is “the intent to obtain unauthorized access of a protected computer,” and does not require proof that the defendant “had the intent to defraud in obtaining the information or that the information was used to any particular ends.” United States v. Willis, 476 F.3d 1121, 1125 (10th Cir. 2007) (citation omitted). Here, Defendants knew that Philips only authorized them to have Level 0 access to Philips’ CSIP materials.126 It is undisputed that Philips did not authorize Defendants to access Level 1 or higher CSIP.127 Defendants acquired unauthorized access to Philips’ Level 1 and higher CSIP software on Allura systems by creating and using software to bypass Philips’ security software.128 The Supreme Court recently confirmed that an individual “exceeds authorized access” under the CFAA when he accesses a computer with authorization but then obtains information located in areas of the computer “that are off limits to him.” Van Buren v. United States, 141 S. Ct. 1648, 1662 (2021). Even if owners of specific Philips Allura systems authorized Defendants to access and service those systems, Defendants were not authorized to access Philips’ Level 1 and higher proprietary service materials residing on those systems. Defendants’ technical expert 126 Ex. K (Wheeler 5/13 Tr.) 17:17–20:2; Ex. Q (Froman Tr.) 79:10–13. Ex. K (Wheeler 5/13 Tr.) 23:23–24:25. 128 Ex. K (Wheeler 5/13 Tr.) 37:18–39:8, 52:22–55:21; Ex. Y (Griswold Tr.) 42:11–44:19; Ex. Q (Froman Tr.) 69:13–70:1, 74:19–75:11; Ex. R (Astrachan Tr.) 66:14–23; 81:11–83:22, 89:13–23, 198:3–199:8. Defendants’ technical expert, Mr. Fenn, analyzed log files produced in this case and concluded that Defendants accessed Philips’ Level 1 and higher CSIP software thousands of times (Ex. L (Fenn Rpt.) at p. 45–46 (showing Defendants issued 307 “CSIP Level 1” commands, 2,323 “Additional AIAT Commands” and 688 “Likely Additional AIAT Commands”); Ex. X (Fenn Tr.) 306:19–308:7 (explaining that “AIAT commands” in Fenn’s expert report refers to IST Level 2 or higher commands that Defendants can only access by modifying Allura systems, but that Defendants contend are AIAT), 308:8–21). 127 31 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 31 of 34 even opined that Philips’ security software specifically locks Defendants out of accessing Philips Level 1 and higher software.129 By running FD_Service to bypass the security on Philips Allura system and then using Philips Level 1 and higher tools, Defendants intentionally accessed a protected computer and exceeded their authorized level of access. 130 In fact, it is because Mr. Wheeler knew that Philips did not allow him to access Level 1 and higher CSIP materials that he developed FD Service to bypass Philips’ security and gain access to restricted CSIP information and tools.131 The Court further agrees with Plaintiff that Defendants’ conduct satisfies the “obtained information” element of a CFAA claim. “Obtain[ing] information from a computer” has been described as “‘includ[ing] mere observation of the data. Actual aspiration…need not be proved in order to establish a violation[.]’” United States v. Drew, 259 F.R.D. 449, 457 (C.D. Cal. 2009) (quotation omitted). Defendants’ own technical expert concedes that Defendants obtained and used information from Philips’ Level 1 and higher CSIP to service Allura systems thousands of times.132 The CFAA permits private parties to bring a cause of action if the violation caused a loss during any one-year period aggregating at least $5,000. A.V. ex rel. Vanderhye v. iParadigms, LLC, 562 F.3d 630, 645 (4th Cir. 2009); see also 18 U.S.C. §§ 1030(c)(4)(A)(i)(1) and 1030(g). “Loss” under the CFAA is a “broadly worded provision,” and encompasses “costs incurred as a part of the response to a CFAA violation, including the investigation of an offense.” Id. at 646. Here, Philips has presented sufficient evidence showing that it incurred at least $5,000 in per- 129 Ex. R (Astrachan Tr.) 66:14–23; 82:5-13, 83:14–22. Ex. Q (Froman Tr.), 92:10–20. 131 Ex. Q (Froman Tr.) 102:5–104:13; Ex. R (Astrachan Tr.) 198:3–199:8. 132 Ex. L (Fenn Rpt.) at 45–46 (showing thousands of instances where Defendants used Level 1 and higher CSIP after using FD Service to bypass security measures). 130 32 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 32 of 34 year costs investigating Defendants’ breach of Philips’ security.133 Therefore, Plaintiff has satisfied the threshold loss requirement of its CFAA claim. The Court therefore grants summary judgment of liability in Plaintiff’s favor as to the CFAA claim. D. Remaining Claims and Counterclaims While the Court finds that Plaintiff is entitled to summary judgment as to its DMCA and CFAA claims, the Court further concludes that there are genuine issues of disputed fact that preclude an award of summary judgment to either party on the remaining claims and counterclaims. These genuine issues of disputed facts include the following: The extent to which Plaintiff attempted to protect and did protect its trade secrets and whether the alleged trade secrets were already readily available (for purposes of the DTSA claim) The dates Plaintiff reasonably discovered or would have discovered Defendants’ misappropriation of trade secrets for statute of limitations purposes (for the DTSA claim) Defendants’ conduct related to Plaintiff’s tortious interference claims (e.g., whether Defendants schemed to hire away key employees of Plaintiff to steal Plaintiff’s trade secrets) Disputed issues of fact related to whether copying and using Philips’ copyrighted materials for Defendants’ own commercial gain constitutes “fair use” or is excluded from copyright infringement Plaintiff’s alleged conduct related to Defendants’ Sherman Act and North Carolina Unfair and Deceptive Trade Practices Act counterclaims 133 Ex. AL (Kennedy Rpt.) ¶¶ 202–05; Ex. AM (Philips_TEC1516513). 33 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 33 of 34 The parties’ disputed facts regarding the relevant market for purposes of Defendants’ Sherman Act counterclaim and whether Plaintiff has a monopoly or market power in the relevant market The parties’ disputed facts as to whether Plaintiff denied essential facilities or access to essential facilities in violation of the Sherman Act As to Plaintiff’s claims against Defendants under the Georgia Trade Secrets Act, only conduct that occurred in Georgia is actionable against Defendants. Thus, this case shall commence to trial for a liability finding on all claims and counterclaims except for Plaintiff’s DMCA and CFAA claims. On these two claims, trial shall proceed as to the issue of damages only. V. CONCLUSION For those reasons, the Court DENIES IN PART AND GRANTS IN PART Plaintiff’s summary judgment motion, and the Court DENIES Defendants’ summary judgment motion. ORDER IT IS, THEREFORE, ORDERED that the Motion for Partial Summary Judgment, (Doc. No. 379), filed by Plaintiff Philips Medical Systems, is DENIED in part and GRANTED in part, and the Motion for Summary Judgment, filed by Defendants, (Doc. No. 383) is DENIED. This action shall proceed to trial. Signed: January 17, 2023 34 Case 3:20-cv-00021-MOC-DCK Document 637 Filed 01/17/23 Page 34 of 34
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.