Beta Technology, Inc. v. Meyers et al
Filing
29
MEMORANDUM AND ORDER Denying 11 MOTION to Dismiss 1 Complaint for Lack of Subject Matter Jurisdiction (Signed by Judge Ewing Werlein, Jr) Parties notified.(rosaldana, 4) (Main Document 29 replaced on 10/11/2013) (rosaldana, 4).
IN THE UNITED STATES DISTRICT COURT
FOR THE SOUTHERN DISTRICT OF TEXAS
HOUSTON DIVISION
BETA TECHNOLOGY, INC.,
§
§
§
§
§
§
§
§
§
§
§
§
Plaintiff,
v.
LEIGH A. MEYERS, SONJA C.
GARCIA, ENCORE INDUSTRIAL
SUPPLY, LLC and ENCORE
INDUSTRIAL PRODUCTS, LLC,
Defendants.
CIVIL ACTION NO. H-13-1282
MEMORANDUM AND ORDER
Pending is Defendants' Motion to Dismiss for Lack of Subject
Matter Jurisdiction
(Document No.
After considering the
11).
motion, response, reply, and applicable law, the Court concludes as
follows.l
I.
Beta Technology,
Inc.
Background
("Plaintiff")
company engaged in marketing,
chemicals
("Meyers"),
and
a
related
promoting,
equipment. 2
shareholder
is a specialty chemical
and selling specialty
Defendant
in Plaintiff,
Leigh
worked as
Meyers
Plaintiff's
1
Plaintiff filed its First Amended Complaint, which is
currently the live pleading in this case, on the same day that it
filed its Response to Defendants' Motion to Dismiss. See Document
No. 14 (1st Am. Complt.).
Defendant's Reply in support of its
motion cites Plaintiff's First Amended Complaint.
The Court
therefore considers Defendants' motion, as the parties have done,
as now addressed to the First Amended Complaint.
2
Document No. 14
~
8.
director and president until he resigned in June 2012. 3
Defendant
Sonja Garcia ("Garcia") worked for Plaintiff as an Account Manager
until her resignation in December 2012.4
When Garcia began her employment with Plaintiff, she entered
into an Account Manager Employment Agreement and an Employment
Terms
and
Conditions
Agreement
("the
Employment
Agreements")
stating that she would not compete against Plaintiff or solicit its
clients in six Texas counties for a two-year period following her
separation from the company, and that she would not disclose Plaintiff's confidential or proprietary information. 5
Meyers,
were signed by Garcia.
These agreements
as president of Plaintiff,
signed Garcia's Employment Agreements. 6
Additionally,
also
Plaintiff
has an Internet, Intranet, Electronic Mail and Computer Use Policy
("the Computer Use Policy") that it alleges Meyers helped to draft
during
his
employment. 7
The
policy
"inappropriate conduct"
to use
engage
personal
in
private
or
provides
Id. ~ 9.
4 Id. ~ 10.
5
Id. ~~ 11-12.
6
Id. ~ 14.
7
Id. ~ 15
8
it
is
Plaintiff's computer systems to
business
activities,
unauthorized copies of data, or to delete data. 8
3
that
Id.
2
to
make
Plaintiff alleges that it provided one of its computers to
Meyers during his employment, and that " [b]efore or at the time of
his
resignation,"
he
downloaded
Plaintiff's
confidential
and
proprietary information and deleted all stored information from the
computer. 9
Plaintiff further alleges that both before and after
Meyers used this confidential and proprietary
his resignation,
information to compete against Plaintiff and solicit its customers
and employees. 10
After
ending
his
employment
with
Plaintiff,
Meyers
began
working as president and CEO of newly formed competing companies of
which he and his wife are alleged to be the sole owners, Defendants
Encore Industrial Supply, LLC and Encore Industrial Products, LLC
( collectively,
"Defendants")
"Encore,
.11
II
and
together
with Meyers
and Garcia,
Plaintiff alleges that Meyers is working in the
same territory in which he previously worked for Plaintiff and that
he has solicited several of Plaintiff's customers. 12
Plaintiff
further alleges that Meyers solicited Garcia to work for Encore,
and that Garcia is currently working in the same territory in which
she previously worked for Plaintiff and has solicited business from
9
Id. ~~ 17-19.
10
Id. ~ 20.
11
Id. ~ 21.
12
Id. ~ 22.
3
several
of
Plaintiff's
customers,
all
in
violation
of
the
Employment Agreements. 13
Plaintiff alleges the following claims:
breach of contract
against Garcia; breach of fiduciary duty and misappropriation of
confidential
Garcia;
information and
aiding
and
tortious
Encore;
abetting
trade
breach
interference
secrets
of
with
against
fiduciary
business
Meyers
duty
and
against
relationships,
defamation, and violation of the Texas Deceptive Trade Practices
Act against all Defendants; and violation of the Computer Fraud and
Abuse Act
("CFAA")
against Meyers. 14
Plaintiff asserts that its
CFAA claim provides the Court with subj ect matter jurisdiction
pursuant to 28 U.S.C.
§
1331. 15
Defendants move to dismiss for lack
of subject matter jurisdiction, contending that Plaintiff has not
stated a claim under the CFAA upon which relief can be granted. 16
II.
Legal Standard
Defendants attack subject matter jurisdiction on the grounds
that Plaintiffs fail to state a claim under the CFAA, which is the
sole basis for federal jurisdiction over the instant case. 17
~
Given
13
Id.
23.
14
Document No. 14.
15
Document No. 15 at 4.
16
Document No. 11 at 1.
17
It is uncontroverted that complete diversity is lacking.
4
that
Defendants'
arguments
go
principally
to
the
merits
of
Plaintiffs' CFAA claim, which does not appear to be immaterial or
frivolous, the proper disposition of Defendants' motion to dismiss
See Williamson
is under Rule 12(b) (6) rather than Rule 12(b) (1).
v.
Tucker,
defendant's
645
F.2d
challenge
404,
to
415
the
(5th
Cir.
court's
1981)
("Where
jurisdiction
is
the
also
a
challenge to the existence of a federal cause of action, the proper
course
of
action
for
the
district
court
(assuming
that
the
plaintiff's federal claim is not immaterial and made solely for the
purpose of obtaining federal jurisdiction and is not insubstantial
and frivolous)
is to find that jurisdiction exists and deal with
the objection as a direct attack on the merits of the plaintiff's
case."); Herrera v. NBS, INC., 759 F. Supp. 2d 858, 863 (W.D. Tex.
2010)
(finding
motion
to
dismiss
for
lack
of
subject
matter
jurisdiction was really an attack on the merits of the claim, and
construing it as a motion to dismiss for failure to state a claim
under Rule 12(b) (6)).
Rule 12 (b) (6) provides for dismissal of an action for "failure
to state a claim upon which relief can be granted."
12(b)(6).
When a
district court reviews
FED. R. CIV. P.
the sufficiency of a
complaint before it receives any evidence either by affidavit or
admission, its task is inevitably a limited one.
Rhodes, 94 S. Ct. 1683, 1686 (1974).
5
See Scheuer v.
The issue is not whether the
plaintiff ultimately will prevail,
but whether the plaintiff is
entitled to offer evidence to support the claims.
Id.
In considering a motion to dismiss under Rule 12(b) (6), the
district
court must
construe
the
allegations
in
the
complaint
favorably to the pleader and must accept as true all well-pleaded
facts
117
in
the
F.3d
complaint.
242,
247
Lowrey v.
See
(5th Cir.
Tex.
To
1997).
A&M Uni v .
survive
Sys . ,
dismissal,
a
complaint must plead "enough facts to state a claim to relief that
is plausible on its face."
1955,
1974
(2007).
Bell Atl. Corp. v. Twombly, 127 S. Ct.
"A claim has
facial plausibility when the
plaintiff pleads factual content that allows the court to draw the
reasonable
inference
misconduct alleged."
(2009) .
While
allegations . .
a
that
the
defendant
Ashcroft v.
complaint
"does
not
liable
129 S.
Iqbal,
is
Ct.
need
for
1937,
detailed
the
1949
factual
[the] allegations must be enough to raise a right
to relief above the speculative level, on the assumption that all
the allegations in the complaint are true
fact)."
(even if doubtful in
Twombly, 127 S. Ct. at 1964-65.
III.
Analysis
The CFAA is principally a criminal statute that proscribes
various fraudulent and related activities committed in connection
wi th the use of computers.
See
18 U.S.C.
§
1030.
Subsection
1030(g), however, also provides a civil remedy for the recovery of
6
damages and injunctive relief against one who violates
§
whose
subsection
conduct
involves
1030(c) (4) (A) (i) (I-V)
any
factor
set
forth
in
1030 and
Plaintiff alleges that Meyers violated
.18
substantive provisions of subsection 1030 (a) (4) and (5), and caused
loss of more than $5,000 in a one-year period,
subsection 1030(c) (4) (A) (i) (I)
A.
§
in violation of
.19
1030 (a) (4)
Subsection 1030(a) (4) establishes liability for one who:
knowingly and with intent to defraud,
accesses a
protected computer without authorization, or exceeds
authorized access, and by means of such conduct furthers
the intended fraud and obtains anything of value, unless
the object of the fraud and the thing obtained consists
18
These are:
(I)
loss to 1 or more persons during any I-year period .
aggregating at least $5,000 in value;
(II) the modification or impairment, or potential modification
or impairment, of the medical examination, diagnosis,
treatment, or care of 1 or more individuals;
(III)physical injury to any person;
(IV) a threat to public health or safety;
(V)
damage affecting a computer used by or for an entity of
the United states Government in furtherance of the
administration of justice, national defense, or national
security .
18 U.S.C.
19
§
1030 (c) (4) (A) (i) (I-V) .
Document No. 14
~~
51-55.
7
only of the use of the computer and the value of such use
is not more than $5,000 in any I-year period;
18 U.S.C.
The CFAA defines
1030 (a) (4) .
§
"exceeds authorized
access" as meaning "to access a computer with authorization and to
use such access to obtain or alter information in the computer that
the
§
accesser
is
not
entitled
so
to
obtain
or
alter."
Id.
1030 (e) (6) .
Defendants contend that Meyers's computer was provided to him
by Plaintiff, and thus he did not access the files on it "without
authorization. ,,20
Defendants also argue that Meyers's subsequent
misuse of Plaintiff's confidential information did not "exceed[]
authorized access.
,,21
Plaintiff has adequately alleged that Meyers exceeded his
authorization
to
recognized that
access
the
"[a] ccess
computer.
to a
The
Fifth
computer and data
Circuit
that
has
can be
obtained from that access may be exceeded if the purposes for which
access has been given are exceeded."
F.3d 263,
272
(5th Cir.
2010).
united States v. John,
In John,
597
the defendant was an
account manager at Citigroup who was authorized to access customer
account
information.
Id.
at
269.
She
accessed
and
printed
information related to seventy-six customer accounts and provided
it
to
her
half-brother,
who
20
Document No. 11 at 5.
21
used
Id ..
8
the
information
to
incur
fraudulent charges.
Id.
The defendant was criminally convicted
under the CFAA, but appealed her conviction on the grounds that the
CFAA does not prohibit the unlawful use of materials that she was
permitted to access.
Id. at 271.
The Fifth Circuit found that the
defendant exceeded her authority to access Citigroup's information,
because her authority to access the information was limited by
Citigroup's
official
policy,
which
confidential customer information.
Like the defendant in John,
prohibited
misuse
of
Id. at 272.22
Meyers's authorization to use
Plaintiff's computer system and the data contained therein was
circumscribed by company policy.
Plaintiff alleges that Meyers
himself helped draft the Computer Use Policy adopted by Plaintiff,
which defined "inappropriate conduct" to include:
22 In John, the Fifth Circuit observed that merely violating
an employer's confidentiality agreement may not be sufficient to
constitute a violation of the CFAA.
597 F.3d at 272.
However,
Meyers did not just violate a confidentiality agreement, he also
violated the Computer Use Policy, which explicitly prohibited
making unauthorized copies of company data. Defendants cite to two
Southern District of Texas cases in support of the proposition that
misuse of information that one is authorized to access does not
qualify as exceeding that authorization.
However, both cases
predate the Fifth Circuit's ruling in John. See Joe N. Pratt Ins.
v. Doane, civ. A. No. V-07-07, 2009 WL 3157337, at *2 (S.D. Tex.
Sept. 25, 2009) ("Pratt's complaint is that Doane and Turner misused
the business information they gathered from Pratt's system, which
they were undoubtedly authorized to access.
The Court concludes
that such a theory cannot support a claim under the CFAA.") i Bridal
Expo, Inc. v. van Florestein, Civ. A. No. 4:08-cv-0377, 2009 WL
255862, at *10 (S.D. Tex. Feb. 3, 2009) (declining to find that an
employee exceeds her authorization under the CFAA when she has
authorization to access the files but later uses them to harm the
employer) .
9
•
Engaging
in
private
or
personal
business
activities, including use of instant messaging and
chat rooms;
•
Accessing networks, servers, drives, folders, or
files to which the employee has not been granted
access;
•
Making unauthorized
other Company data;
•
Destroying,
deleting,
erasing,
or
concealing
Company files or other Company data, or otherwise
making
such
files
or
data
unavailable
or
inaccessible to the Company. 23
Plaintiff
alleges
that
Meyers
copies
of
violated
Company
this
files
policy
or
by making
unauthorized copies of Plaintiff's confidential information and
then deleting stored information from the computer. 24
Furthermore,
Meyers allegedly did so to compete against Plaintiff and to solicit
Plaintiff's customers, violating the policy's prohibition against
using Plaintiff's computer system for his own 'private or personal
business activities.,25
Accordingly, Plaintiff's allegations are
that Meyers's actions exceeded his authorized access.
See Meats by
Linz, Inc. v. Dear, Civ. A. No. 3:10-CV-1511-D, 2011 WL 1515028, at
*3
(N.D. Tex. April 20, 2011)
(Fitzwater,
J.)
(holding plaintiff
stated a claim under the CFAA where it alleged facts allowing the
court to draw the reasonable inference that defendant accessed
plaintiff's computer system and data and used it, in violation of
23 Document No. 14
24 Id.
~~
25 Id.
~
~
15.
17-19.
20.
10
the
restrictive
covenant
agreement,
to
plaintiff and solicit its customers)
compete
directly
(citing John,
with
597 F. 3d at
271-72) .
Defendants further contend that Plaintiff has failed to state
a
claim under
subsection
(a) (4)
because
he
did not
"obtain []
anything of value" when he deleted data from the computer.
u.s.C.
§
alleges
1030 (a) (4)
that
.26
Meyers
18
However, Plaintiff's First Amended Complaint
downloaded
"confidential
information" before deleting the files,
that he obtained something of value.
27
and
proprietary
which sufficiently alleges
Accordingly, Plaintiff has
stated a claim under subsection (a) (4) of the CFAA.
B.
§
1030 (a) (5)
Subsection 1030(a) (5) establishes liability for anyone who:
(A) knowingly causes the transmission of a program,
information, code, or command, and as a result of such
conduct,
intentionally
causes
damage
without
authorization, to a protected computer;
(B) intentionally accesses a protected computer without
authorization,
and as a
result of such conduct,
recklessly causes damage; or
(C) intentionally accesses a protected computer without
authorization, and as a result of such conduct, causes
damage and loss.
26
Document No. 11 at 7.
27
Document No. 14
~
19.
11
18 U.S.C.
§
1030(a) (5).
Plaintiff asserts violations by tracking
the proscriptive language of subsection 1030(a) (5) (A)
Plaintiff has successfully stated a
and (C)
.28
claim under subsection
1030(a) (5) (A).
This subsection forbids damaging computers without
authorization.
Hewlett-Packard Co. v. Byd:Sign, Inc., No. 6:05-CV-
456, 2007 WL 275476, at *13 (E.D. Tex. Jan. 25, 2007)
.29
Subsection
1030(e) (8) defines "damage" as "any impairment to the integrity or
availability
of
data,
a
program,
a
system,
or
information.
II
Plaintiff has alleged that Meyers was not authorized to delete
company data,
and yet installed and used the ARO 2012 computer
program in an attempt "to permanently delete all of [Plaintiff's]
information
from
the
computer. 1130
Accordingly,
Plaintiff
has
stated a claim that Meyers violated subsection 1030(a) (5) (A).
See
Hewlett-Packard, 2007 WL 275476 at *13 (denying motion to dismiss
subsection 1030(a) (5) (A) claim where employees were not authorized
to damage plaintiff's computers by 'scrubbing' data).
Plaintiff
has
1030 (a) (5) (C) .
intentionally
also
Plaintiff
accessed
wi thout authorization,
28
stated
Document No. 14
a
alleges
that
[Plaintiff's]
claim
under
Meyers
protected
causing damage and loss,
~
subsection
"knowingly
computer
1131
and
system
which is the
54.
29
Hewlett-Packard cites an earlier,
but substantively
identical, provision of the CFAA.
2007 WL 275476 at *12-13.
30
Document No. 14
31
Id.
~
~~
15, 18.
54.
12
proscription of the statute, and that " [b]efore or at the time of
his resignation" Meyers "deleted all the stored information from
the computer. ,,32
Reading the First Amended Complaint in the light
most favorable to Plaintiff raises an inference that Meyers may
have accessed the computer at the time of his resignation after he
was no longer employed by Plaintiff,
and thereby accessed the
computer without authorization. 33
C.
§
1030(c) (4) (A) (i) (I)
Plaintiff alleges that Meyers can be held civilly liable for
his violations of the CFAA because he caused loss of more than
$5,000
32
in
1d.
a
one-year
period,
in
violation
of
subsection
~17.
Moreover, it has been held that one who breaches his duty
of loyalty to his employer cannot rely on the cloak of authority.
1nt'l Airport Ctrs., L.L.C. v. Citrin, 440 F.3d 418, 420-21 (7th
Cir. 2006) ("Citrin's breach of his duty of loyalty terminated his
agency relationship.
. and with it his authority to access the
laptop."). See also u.s. v. Phillips, 477 F.3d 215, 221 & n.5 (5th
Cir. 2007)
("[C]ourts have recognized that authorized access
typically arises only out of a contractual or agency relationship.") (citing Citrin, 440 F.3d 418).
Plaintiff's allegations
permit an inference that even before Meyers resigned his
employment, he had surreptitiously acted in breach of his duty of
loyalty to Plaintiff such as to cause the termination of his agency
relationship with Plaintiff along with all corresponding authority
he previously had enjoyed to access Plaintiff's protected computer
system.
But see United States v. Nosal, 676 F.3d 854, 862 (9th
Cir. 2012)
(rejecting Citrin's holding that the CFAA covers
violations of the duty of loyalty); WEC Carolina Energy Solutions
LLC v. Miller, 687 F.3d 199, 206 (4th Cir. 2012) ("[W]e reject any
interpretation that grounds CFAA liability on a cessation-of-agency
theory. ") .
33
13
1030(c) (4) (A) (i) (I).
18 U.S.C.
See
§
1030(g).
Plaintiff's First
Amended Complaint states that Plaintiff "incurred, and continues to
incur,
significant expenses in assessing and recovering the data
deleted from the computer," and that this has resulted in a loss
of
more
than
$5,000
in
Plaintiff
has
stated
a
1030 (c)
(A) (i) (I), and can be held civilly liable under the CFAA.
(4)
anyone-year
claim
IV.
that
period. 34
Meyers
Accordingly,
violated
subsection
Order
Accordingly, it is
ORDERED that Defendants Leigh A.
Encore Industrial Supply,
LLC,
Meyers,
and Encore
Sonja C.
Industrial
Garcia,
Products,
LLC's Motion to Dismiss for Lack of Subject Matter Jurisdiction
(Document No.
11)
is DENIED.
The Clerk will enter this Order,
providing a correct copy to all counsel of record.
SIGNED in Houston, Texas, this
~~
of October, 2013.
WERLEIN, JR.
ATES DISTRICT JUDGE
34
Id.
~
53.
14
---------"..
"'--"'~-"-------------------
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?