FINDINGS OF FACTS, RULINGS OF LAW, AND ORDER FOR JUDGMENT
WILLIAM G. YOUNG, District Judge.
I. INTRODUCTION
On July 17, 2018 the chemical company T.H. Glennon ("Glennon"), which manufactures mulch coloring, commenced this action in the Massachusetts Superior Court sitting in and for the county of Essex, suing their former employee Shonn Monday for breach of contract, misappropriation of trade secrets under Massachusetts Law, interstate misappropriation of trade secrets under the Federal Trade Secret Protection Act, and conversion. Pl.'s Compl. ("Original Complaint"), ECF No. 24. On July 25, 2018, Monday removed the action to this Court. See generally Notice Removal, ECF No. 1.
Nearly a year later, on June 5, 2019 with trial fast approaching, Glennon amended its complaint, adding six new defendants: Shonn Monday's wife Debra Monday; their company TMG Green, LLC; Ulderic Boisvert; Greenwood Farms, LLC; H.U.R.B. Landscaping, Inc.; and Pat Does 1-5, a collection of unknown individuals and corporations. Am. Compl. ("Compl.") ¶¶ 2-8, ECF No. 59. Count I, against Monday only, is for breach of contract. The remaining causes of action were raised against all defendants: violation of the Computer Fraud and Abuse Act (Count II); interstate misappropriation of trade secrets under the Federal Trade Secret Protection Act (Count III); Racketeer Influenced and Corrupt Organizations Act ("RICO") conspiracy (Count IV); misappropriation of trade secrets under Massachusetts Law (Count V); unfair competition (Count VII);1 copyright violation (Count VIII); unfair and deceptive trade practices under Massachusetts Law (Count IX); tortious interference with a contractual relationship (Count X); and diversion/usurpation of corporate opportunity (Count XI).
At a motion session on September 24, 2019, this Court considered two Motions to Dismiss, one filed by Shonn Monday, Defs.' Sup. Mot. Dismiss, ECF No. 97, and one filed by Debra Monday and TMG Green. Mem. Supp. TMG's Mot. Dismiss Pl.'s Am. Compl., ECF No. 106. This Court granted the Motion to Dismiss as to the RICO claim (Count IV), the Copyright Violation claim (Count VIII) and the Unfair and Deceptive Trade Practices claim (Count IX). Electronic Clerk's Notes, ECF No. 122. It then ordered a trial for Shonn Monday only, holding the cases against the other defendants in abeyance pending the outcome of that trial. Id.
This Court held a three-day bench trial on the remaining counts against Monday on October 21-24 2019. See Electronic Clerk's Notes, ECF Nos. 134, 135, 136, 129. The Court heard testimony from six witnesses. Glennon called Steven Presser, a forensic computer expert; Kathleen Shea, the marketing director of Glennon; Helen Bacon, the treasurer of Glennon; Patty Jean "Rocky" Berry, vice president of Glennon; Shonn Monday as an adverse witness; and Brian Shea, president of Glennon. See Exhibit Witness List, ECF No. 137. Monday took the stand in his own defense. Electronic Clerk's Notes, ECF No. 136.
Following the trial, this Court issued an Order enjoining Shonn Monday, Debra Monday, and TMG Green from engaging in the mulch coloring business for two years, and from using the TMG Green name or logo. Order 2, ECF No. 133. The Order also required them to return any iteration of Glennon's proprietary Filemaker Database, which Monday had illicitly copied, and to refrain from entering into any contractual relationship with any person or entity listed in the database. Id. at 2-3.
As to the case against Monday, this Court now makes the following findings of fact and rulings of law.
II. FINDINGS OF FACT
A. Monday's Employment with T.H. Glennon
Glennon is a private chemical company that specializes in manufacturing water-based adhesives, and is involved in the businesses of green waste recycling and mulch-based colorants. Glennon manufactures both dry and wet mulch colorants, and sells a machine called the "Mulch ColorJet," a wet mulch coloring system.
Shonn Monday joined T.H. Glennon on September 16, 2009 as a salesman. As part of the employment process, Monday signed a Confidentiality Agreement (also called a "Non-Disclosure Agreement" or "NDA"). This agreement included language indicating that, "In consideration of and as a condition of the Employer employing the Employee and the Employer providing Confidential Information to the Employee" the Employee would undertake certain actions. Trial Ex. 7, Confidentiality Agreement ¶ 1. These actions include keeping information confidential, id. at ¶¶ 1-5, refraining from taking advantage of any business opportunity "relating to or similar to the Employer's current or anticipated business opportunities," id. at ¶ 6, and refraining from competing during employment or within two years of termination "with a business which is in direction competition" in the Employee's subject area. Id. at ¶¶ 9-10. The NDA also required the return of any confidential information upon the Employee's termination, including any computers, documents, or storage devices potentially containing confidential information. Id. at ¶ 16.
Glennon provided Monday a computer, phone, and iPad pursuant to his duties as a salesman. His compensation from the company consisted of a yearly salary as well as commissions on equipment sold, and he was responsible for maintaining contact with existing customers as well as reaching out to new clients. He was primarily responsible for sales in the Northeast portion of the country.
On April 21, 2016, while employed with Glennon, Monday registered the corporation TMG Green, LLC, listing himself as the Resident Agent and his wife Debra Monday as the manager. See Mass. Sec. of the Commonwealth, Corporations Division, Business Entity Summary, TMG Green LLC, available at http://corp.sec.state.ma.us/CorpWeb/CorpSearch/CorpSummary.aspx?FEIN=001220017&SEARCH_TYPE=1. Monday states he created this company to allow people to advertise and sell their used equipment, and provided consulting on equipment safety. Trial Ex. 13, Monday Deposition 15:15-19-:12. Therefore, TMG Green maintained a website with images and sales options for multiple types of recycling equipment, including the "ColorCritter." Tr. Ex. 6, Screenshots 19-31.
Though Monday was successful as a salesman during his first years at Glennon, his performance eventually declined. Kathleen Shea testified that his percentage of overall sales revenue within the company dropped from 48% in 2010 to only 36% in 2018, and that his revenue was declining in 2018 even as other members of the sales team saw continued growth. Monday stated he was the top salesman "except for the last three years." Monday Deposition 71:18. By 2018 the company was concerned about Monday's sales performance, customer service, following of directions, and general performance. Trial Ex. 12, Shea Deposition 39:23-44:12. As a result, the company reduced his sales commission and cut his territorial responsibilities, before ultimately firing him on June 25, 2018. Shea Deposition 39:23-40:8; 45:15-45:24.
B. Monday's Firing and Subsequent Investigation
Monday returned his computer, phone, and iPad to Glennon on July 9, 2018, approximately two weeks after his firing. All three were completely wiped of data, with the iPad and iPhone reset to their factory settings. When "Rocky" Berry, the Glennon vice president, asked him to return the remaining data, Monday refused. Concerned, Kathleen Shea logged onto Filemaker, Glennon's database of customer contacts, and saw that Monday had sent multiple emails to himself and to his wife, including one with Glennon's yearly financial revenue and customer order information. Shea then discovered the TMG Green site by searching for Monday's name on the Commonwealth's business registry.
Investigating further, Shea the other executives of Glennon discovered that Monday had deleted many of his work emails, though their IT team was able to recover some of them. Among the deleted emails were two between Monday and customers directing them to the TMG Green website to find recycling equipment, with Monday specifically recommending the ColorCritter machine to one of these customers. Tr. Ex. 3, Two Emails with Attachments, Nov. 2, 2017 email from Shonn Monday to Jeff Moulton; Id., March 26, 2018 email from Shonn Monday to clinkln@hotmail.com.
The executives at Glennon were particularly concerned about ensuring their Filemaker system of customer contacts was secure. This system contained the contact information and records for over 4,000 customers. Glennon had developed this database from a list of several hundred names that the national sales manager, Kriem Michel brought to the company from Bayer when she joined in 2001. Employees were required to use a username and password to access Filemaker, and their use was restricted; for example, Monday could only access contacts for the twelve states he covered as a salesman. See Tr. Ex. 14, Filemaker Directive. Only five people in the company, three of them executives, had access to the entire database.
Approximately September 2018 Glennon hired the firm Black Swan Digital Forensics to conduct a forensic analysis of the three wiped computers. Black Swan was able to recover many of the deleted files, primarily from Monday's laptop, and produced mirrors of this data. Black Swan was also able to recover a significant amount of data from a partially-deleted external hard drive belonging to Monday. This hard drive, which Glennon obtained during the course of this litigation, reflected a back-up of Monday's company-issued laptop, some of which has been introduced at trial as Exhibit 2. See generally Tr. Ex. 2, Second Data Dump Documents ("Data Dump"). Many of these files included meta-data indicating their origin, creator, and time of last save.
According to Glennon's expert Presser, the information provided to him by Black Swan—not introduced at trial because it is hearsay, see Fed. R. Evid. 70, provided a sufficient basis for him to draw conclusions at trial. Presser testified that 6,000 files were deleted from Monday's external hard drive. Additionally, based on the metadata of the files recovered from the external hard drive, Presser also was able to conclude that they originated on Monday's computer. See, e.g., Data Dump 2-57, Good Morning Wyman; Data Dump 2-60, Shonn Monday Resume. This Court draws the inference that the documents on the external hard drive were originally Monday's, and that Presser's testimony is reliable.
C. Documents on Monday's External Hard Drive and other Evidence pertaining to TMG Green
The documents recovered from Monday's external hard drive indicate that he had gained access to all of Glennon's Filemaker client contacts, that he was working on the design of the ColorCritter dry mulch coloring machine, and that he had been working with Glennon's competitors during the course of his employment.
Kathleen Shea testified at trial that, while digging through the first data dump, she found a file labelled "coustemer list 2015." After gaining access to Monday's external hard drive in the second data dump, she was able to open the file, and found an excel spreadsheet containing information on 3,600 of Glennon's customers. She also testified that the formatting of the file matched the Filemaker database. While reviewing the second data dump, she further found files from 2016, 2017 and 2018 containing information on, respectively, 3,700, 3,800, and over 4,000 customers, representing the entirety of Glennon's customer list for those years. Additionally, Presser testified at trial that one of the recovered emails that Monday sent to himself from the Glennon email server included an attachment that Shea has identified as a screenshot from the Filemaker database. Data Dump 2-12, Filemaker Screenshot.
Another set of documents recovered from the external hard drive concern the ColorCritter machine. ColorCritter is a patented dry mulch coloring machine. The patent is owned by Uderic Boisvert of Greenwood Farms and H.U.R.B. Landscaping, a former Glennon customer (collectively "H.U.R.B."). See Tr. Mot. Dismiss Hearing 5, ECF No. 120. Monday himself testified that he was working on the ColorCritter during this time period, arguing that doing so did not constitute a breach of his contract with Glennon because the ColorCritter was not in competition with Glennon (using dry powder instead of wet paint) and because the contract was invalid.
Presser testified that he found multiple engineering sketches in the second data dump, which in context depict the ColorCritter. Several of these pictures are diagrams of a machine that includes a color hopper, conveyer belt, spinning blades, and notes on technical requirements. See Data Dump 2-68, IMG_0830; Data Dump 2-71, IMG_0847; Data Dump 2-77, IMG_0849, Data Dump 2-80, IMG_0852. The coordinates from the meta-data for these pictures indicate they were taken at the house belonging to the Monday family, and that they were taken in 2016 and 2017. See Data Dump 2-69, Meta data IMG_0830; Data Dump 2-72, Meta Data IMG_0847; Data Dump 2-78, Meta Data IMG_0849, Data Dump 2-81, Meta Data IMG_0852. The data dump also included a screenshot of a hand-written advertisement for the ColorCritter, Data Dump 2-15, Hand-Drawn ColorCritter Ad, as well as typed advertising copy for the ColorCritter with meta data tags indicating it was created on an account belonging to Debra Monday. Data Dump 2-49, 2-50, Soil and Mulch Ad; Data Dump 2-51, Meta Data for Soil and Mulch ad. Additionally, there was an invoice located on the hard drive, with Greenwood Farms as the customer and Design Corp of Hoshen, IN as the issuer. Data Dump 2-94, Terex Bill. The descriptions lists a price of $862.00 for work consisting of "drafting changes," and states "Changes approved by Shonn." Id.
Another document found on the hard drive is a draft business plan for TMG Green dated February 2016. Data dump 2-95-99, TMG Green Business Plan. This business plan, written by Debra Monday, included language stating that a patent for the ColorCritter "Has already been purchased" and that the company's income would be supported by "Current income from an employer." Id. at 99. It also lists sales prices for the Mini ColorCritter, the ColorCritter, and the Color Drum, while indicating that other income would derive from a brokerage commission or consulting. Id. The data dump also included income and expense projections for the "Powder Critter" for 2016 and 2017. Data Dump 2-52, 2-53, Financial Forecast. While neither Shonn Monday nor TMG Green are named in the documents, it appears the forecasts were written on their behalf, given the existence of the business plan, and other coordination with H.U.R.B. For example, the expenses column for 2016 mention "50% of sales to invested partner," loan payments of $312.00, and that 50% of initial build cost of prototype would be covered by Greenwood Farms (the H.U.R.B. affiliate). Data Dump 2-52.
The hard drive contains further evidence of coordination with H.U.R.B. On the hard drive there is advertising copy for the "Mulch Color Drum" from Greenwood Farms, which lists Greenwood Farms and TMG Green as points of contact. Data Dump 2-55, Color Drum Ad. There is also a draft email signed by Monday, and created by Debra Monday, titled "Good Morning Wyman," that requests the building of "a new color pump machine frame for us." Data Dump 2-56, Good Morning Wyman; Data Dump 2-57, Meta Data Good Morning Wyman. This appears to refer to the Mulch Color Drum, because photographs of the color drum found on the ColorCritter website that match photographs from Monday's hard drive. Data Dump 2-61, 2-62, Index of Images from ColorCritter Website. This same website had, as its banner atop the page, the same claw symbol that also appears on the ColorCritter. Screenshots 19, 22, 23.
Finally, Glennon introduced in evidence summaries of two bank loans granted by Bank of America to Monday, one in his name with a balance of approximately $71,000 as of November 2017, and one with a balance of approximately $24,000 as of October 2019 under the name TMG Green. See generally Tr. Ex. 9, Bank Records. Monday testified at trial that his personal bank loan was for a Maserati, but that the loan to TMG Green was to enable the company to buy a 2016 Toyota Tundra. Monday must therefore have indicated to Bank of America that TMG Green had some form of revenue or assets in order to secure the loan in its name.
III. RULINGS OF LAW
A. Count I: Breach of Contract
To state a claim for breach of contract, a plaintiff must allege that there was a valid contract, the defendant breached its contractual duties, and that breach caused the plaintiff damage. Linton v. New York Life Ins. Corp., 392 F.Supp.2d 39, 41 (D. Mass. 2005) (Zobel, J.) (quoting Michelson v. Digital Fin. Servs., 167 F.3d 715, 720 (1st Cir. 1999)). A breach occurs when one of the parties fails to perform the terms of a contract without a valid legal excuse. See Guckenberger v. Boston Univ., 957 F.Supp. 306, 316 (D. Mass. 1997) (Saris, J.). Absent some excuse, Monday has violated the following clauses of the signed Non-Disclosure Agreement: (i) disclosure of Glennon's confidential information in violation of the Confidential Obligations clause; (ii) failure to return that information; (ii) direct competition with Glennon in violation of the Non-Competition clause; (iii) soliciting Glennon's customers in violation of the Non-Solicitation clause; and failure to return confidential information at the end of his employment, in violation of the Return of Confidential Information clause. Compl. ¶¶ 57-60.
In his defense, Glennon argues that the contract is unenforceable because the terms of his employment substantially changed after he signed the contract, because it is a contract of adhesion, and because there was no mutual assent to the contract due to the fact that both Monday and Brian Shea had dyslexia and were thus unable mutually to assent to its terms. Tr. Closing Statements 6-9, ECF No. 129. Glennon also argued that he never directly competed with Glennon in his work with the ColorCritter because it used a dry system instead of Glennon's wet mulch system.
1. Enforceability of the Confidentiality Agreement
Despite Monday's protestations, the NDA is enforceable because it was valid when signed, and there was no material change in his employment during the period of alleged breach.
A contract is valid from its inception when there is a "meeting of the minds" regarding the contract terms, as manifested by mutual assent to those terms. Situation Mgmt. Sys. v. Malouf, Inc., 430 Mass. 875, 878, 748 N.E.2d 699 (2000). A party's signature represents assent to all terms of a contract, regardless of their subjective understanding or knowledge of the contract's terms, unless those terms are unreasonable. Restatement (Second) of Contracts § 211. Restrictive covenants of non-competition and non-solicitation are reasonable when supported by consideration, necessary to an employer's business interest, reasonably limited, and otherwise consonant with public policy. Lycos, Inc. v. Jackson, 2004-3009, 2004 Mass. Super. LEXIS 348 at *9 (Mass. Super. Ct. Aug. 24, 2004) (Houston, J.) (citing All Stainless, Inc, v. Colby, 364 Mass. 773, 777-78, 308 N.E.2d 481 (1974)).
Here, Monday had an opportunity to read over a physical copy of the NDA prior to its signing, but chose not to due to his learning disability. See Monday Deposition 5:11-6:15. He did not request that anyone read it to him, did not show it to a lawyer, did not ask for more time to understand it, and did not request an explanation, but has offered no evidence that Glennon would have prevented him from doing any of these actions. Id. at 6:9-6:13. Under these circumstances, Monday manifested acceptance, which is enough for the contract to be valid. Cf. Bekele v. Lyft, Inc., 199 F.Supp.3d 284, 295 (D. Mass. 2016) (Saylor J.) (noting that "clickwrap" agreements—boxes on a website allowing users to accept a contract by checking a box without reading the terms—are generally enforceable.) Meanwhile, the argument that the contract is invalid because Brian Shea did not himself read it is unavailing; this theory would imply that people cannot hire lawyers to write complex contracts on their behalf, but must independently review and consider every term. Cf. Restatement (Second) of Contracts § 24 (defining an offer as a "manifestation of willingness to enter into a bargain").
Monday has not challenged the reasonableness of the non-competition and or solicitation terms, and such restrictive covenants are generally acceptable in Massachusetts during the course of employment. See generally F. A. Bartlett Tree Expert Co. v. Barrington, 353 Mass. 585 (1968). Under state law, however, "each time an employee's employment relationship with the employer changes materially such that they have entered into a new employment relationship a new restrictive covenant must be signed." Lycos, Inc., 2004 Mass. Super. LEXIS 348 at *9; F. A. Bartlett 353 Mass. at 587. Courts have found a material change to exist when an employer substantially changed a salesman's territory and compensation, F. A. Bartlett, 353 Mass. at 586, when an employee gained new job titles, responsibility, and increased compensation, Lycos, 2004 Mass. Super. LEXIS 348 at *10, and when an employee was fired. Intepros, Inc. v. Athy, MICV2013-00214-F, 2013 Mass. Super. LEXIS 48 at *10 (Mass. Super. Ct. May 5, 2013) (Curran, J.). Massachusetts Courts have found an employer's request to sign a new non-compete agreement to be particularly compelling evidence of a material change. See Iron Mt. Info. Mgmt. v. Taddeo, 455 F.Supp.2d 124, 133 (E.D.N.Y. 2006) (citing AFC Cable Sys. v. Clisham, 62 F.Supp.2d 167, 173 (D. Mass. 1999) (Stearns, J.) (applying and analyzing Massachusetts law); Lycos, 2004 Mass. Super. LEXIS 348 at *10.
The evidence here demonstrates that any changes to Monday's employment were not "material" during the time when the breaches occurred. Monday's original compensation letter indicated that his base salary at the time of hiring in 2009 was $52,000 per year plus commissions. Shea Deposition, Ex. 6, Aug. 28, 2009 email from Kriem Michel to Shonn Monday. In 2012 his compensation was essentially the same — $57,200 per year plus commission. Shea Deposition, Ex. 7, March 15, 2012 email from Kriem Michel to Shonn Monday. Up until June 11, 2018, Monday's territory expanded and contracted with the needs of the business without major changes to his underlying job responsibilities. Shea Deposition, Ex. 4, Response to Shonn Monday's Request for Admission. These facts are thus distinguishable from the line of cases beginning with F. A. Bartlett, 353 Mass. at 586, because, while there were some changes in territory, they were in line with Monday's original job proposal, and his compensation and responsibilities changed little during most of the term of his employment.
It was only in the last month of Monday's employment, June 11, 2018, that Monday's commission rate was cut in half, a factor that may indicate a material breach in the agreement by Glennon. See Mancuso-Norwak Ins. Agency, Inc. v. Rogowski-Verrette Ins. Agency, LLC, WOCV2012-01054 C, 2012 Mass. Super. LEXIS 310, at *15 (Mass. Super. Ct. Nov. 8, 2012) (Ferrara, J.). Even were this Court to consider the June 2018 reduction in commission rate to be a material change invalidating the restrictive covenants in the agreement, none of the alleged instances of competition or solicitation took place during the period between June 11 and Monday's firing on June 28, so any invalidation of the restrictive covenants would not be material to the contract claim. The requirements carefully to handle and return confidential information, Confidentiality Agreement ¶ 16, are not a restrictive covenant akin to a non-competition agreement, and thus would not be invalidated. See Gallant v. Boston Exec. Search Assocs., No. 13-12081-FDS, 2015 U.S. Dist. LEXIS 76387 at *24 (D. Mass. 2015) (Saylor, J.) ("[N]o Massachusetts court appears to have ever applied F.A. Bartlett outside the context of a restrictive covenant . . ."). The Court therefore rules that the NDA was binding during the applicable time period.
2. Breaches of the Confidentiality Agreement
Glennon has shown by a preponderance of the evidence that Glennon breached his contract by failing to return confidential information, by engaging in competition while during employment, and by soliciting business in his own interest.
Glennon has not proven by a preponderance of the evidence at trial that Monday actually shared the client data from Filemaker.2 See Confidentiality Agreement ¶¶ 1-5. While Glennon has also alleged that Monday shared confidential information consisting of its proprietary formula for the creation of colorant, see Compl. ¶ 29, there was not sufficient evidence at trial to support this claim.
The Confidentiality Agreement does require the return of any "documents, disks, or other computer media" either containing confidential information or connected to his employment. Id. ¶ 16. Monday breached the contract by wiping all data from his devices prior to returning them, data that included both confidential information such as the Filemaker documents and information connected to his employment, including photographs and client contacts. This breach falls under the directive in paragraph 16.a requiring the return of information that "may contain or be derived from ideas, concepts, creations, or trade secrets and other proprietary and Confidential information."
Monday does not deny that he worked with H.U.R.B. during his employment with Glennon, but instead contests whether his actions constitute competition. The relevant clause in the NDA states that the employee: "may not . . . be directly or indirectly involved with a business which is in direct competition with the particular business line of the Employer . . ." Monday's work on the ColorCritter put him in direct competition with Glennon. As Kathleen Shea explained in her testimony, while Glennon sells the Mulch Colorjet, colorants, adhesives, and powders, 85 percent of Glennon's revenue is related to the Mulch Colorjet, which is a machine that colors mulch—the same function performed by Greenwood Farm's ColorCritter, even if the mechanism (wet v. dry) differs. Monday's paid work on the ColorCritter, as evidenced by the 2016 invoice, was in direct competition with Glennon, and thus in violation of the contract. See Terex Bill. Glennon also attempted to solicit customers away from Glennon, though this evidence is limited.3 In the email of March 26, 2018, he directed a customer to TMG Green or Apollo Equipment for mulch coloring, a product carried by Glennon. Two Emails with Attachments, March 26, 2018 email. In the second email, Monday directs a customer to the TMG Green site and the ColorCritter machine. Id., Nov. 2, 2017 email. In both cases, the evidence supports an inference that Monday was engaged in some level of competition in violation of the NDA.
That said, Glennon's evidence does not establish that Monday engaged in sufficient actual competition to make damages more than speculative. Most of Monday's work for TMG Green did not constitute a breach of his contract as he appears—outside the limited areas above—to have been preparing to compete, rather than actually engaging in competition. An employee may prepare to go into competition with an employer, and may even take active steps to do so while employed. Augat, Inc. v. Aegis, Inc., 409 Mass. 165, 172, 565 N.E.2d 415 (1991). In Brooks Automation, Inc. v. BlueShift Techs., Inc., the Massachusetts Appeals Court confirmed a jury's decision that a former employee who developed a business plan, incorporated a business, and submitted a provisional patent was merely preparing to compete, rather than violating a non-compete agreement. 06-P-1063, 2007 Mass. App. Unpub. LEXIS 1 at *5 (Mass. App. Ct. June 14, 2007). Though Glennon demonstrated at trial that Monday, through TMG Green, had been coordinating with H.U.R.B., had set up a website, was developing a business plan, and had enough working capital to take out a bank loan, Glennon appears to have blocked Monday from actually carrying out his competitive plans by its timely request for a Temporary Restraining Order. See Emergency Request Temporary Restraining Order T.H. Glennon, ECF No. 9; Order Grant Mot. TRO, ECF No. 17; Order, ECF No. 34.4
In conclusion, the equitable relief that Glennon has already received is here a sufficient remedy.
B. Count II: Violation of the Computer Fraud and Abuse Act
Although the Computer Fraud and Abuse Act (CFAA) is primarily a criminal statute, a person may bring a civil action so long as the person has suffered "damage or loss by reason of a violation" of the CFAA. 18 U.S.C. § 1030(g). See also EF Cultural Travel BV v. Explorica, Inc., 274 F.3d 577, 584 (1st Cir. 2001). A claim under the CFAA requires a plaintiff to prove that the defendant has "intentionally accessed a computer without authorization or exceeds authorized access, and thereby obtain[ed] . . . information from any protected computer." 18 U.S.C. § 1030(a)(2)(C). The CFAA further provides that it is a violation to:
knowingly and with intent to defraud, access[] a protected computer without authorization, or exceed[] authorized access, and by means of such conduct [to] further[] the intended fraud and obtain[] anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period."
18 U.S.C. § 1030(a)(4).
Thus, Glennon must show the following elements: That there was access without authorization or that exceeded authorization, with intent, of a protected computer, to further the intended fraud and obtain something of value. The value of what was obtained must be at least $5,000.
Glennon argues that Monday violated the CFAA through his acquisition of its entire proprietary client database, hosted on Apple's Filemaker network, through the circumvention of the database's technical protections to exceed his authorized access. Compl. ¶¶ 61-87.
Monday argues that the CFAA does not apply to his conduct because he never hampered the workings of Filemaker in the Cloud, and his deletion of files on his computer are not covered by the Act. Tr. Closing Statements 4-5. Monday also argues that he never actually exceeded his access, and that any expenses sustained by Glennon are not losses for the purpose of the act. Def.'s Trial Brief Legal Issues 8-9.
1. CFAA — Legal Standard
A "protected computer" is defined as a computer "which is used in or affecting interstate or foreign commerce or communication." 18 U.S.C. § 1030(e)1(B). Any computer with internet access is covered by the statute because "the internet is an instrumentality of interstate commerce." United States v. Trotter, 478 F.3d 918, 921 (8th Cir. 2007) (citing United States v. MacEwan, 445 F.3d 237, 245 (3rd Cir. 2006)). See also Philips Med. Sys. P.R. v. Alpha Biomedical & Diagnostic Corp., Civ 19-1488CCC, 2020 U.S. Dist. LEXIS 16351 at *7 (D. P.R. Jan. 29, 2020) (finding a Magnetic Resonance Imagery machine to be covered by the CFAA because it connects to the internet). Whether the alleged harm occurred via interstate means is irrelevant because "the statute does not ask whether the person who caused the damage acted in interstate commerce; it protects computers (and computerized communication systems) used in such commerce, no matter how the harm is inflicted . . ." United States v. Mitra, 405 F.3d 492, 496 (7th Cir. 2005).
The term "further the intended fraud and obtain anything of value" is defined broadly to include the actions that resulted in the acquisition of any kind of proprietary, useful data, including confidential information. See EF Cultural Travel, 274 F.3d at 581; Viken Detection Corp. v. Videray Tech. Inc., 384 F.Supp.3d 168, 178 (D. Mass. 2019) (Gorton, J.). But see United States v. Czubinski, 106 F.3d 1069, 1076 (1st Cir. 1997) (holding that accessing information merely to satisfy curiosity was not cognizable under the statute).
The CFAA applies whether an individual accesses data in a manner that "exceeds authorized access" or "without authorization." 18 U.S.C. § 1030(a)(4). To "exceed authorized access" is to access a computer with authorization and to use such access to obtain or alter information in the computer that the accessor is not entitled so to obtain or alter. 18 U.S.C. § 1030(e)(6). The term "without authorization" is not defined. Courts have explained the distinction as follows: A user "exceeds authorized access" when that user is authorized to access a computer system for certain purposes but goes beyond those limits, but accesses "without authorization" when that user has no permission to access the computer system at all. See Pulte Homes, Inc. v. Laborers' Int'l Union of N. Am., 648 F.3d 295, 304 (6th Cir. 2011), LVRC Holdings LLC v. Brekka, 581 F.3d 1127, 1133 (9th Cir. 2009); United States v. Nosal, 676 F.3d 854, 859 (9th Cir. 2012) (distinguishing between "outside" and "inside" hackers).
There is no allegation that Monday accessed the Filemaker database "without authorization," but there is a significant circuit split between a broad interpretation of the phrase "exceeds authorized access" that would read it to cover violations of a contract or terms of service, and a narrow interpretation that would require harmful intent, fraudulent conduct, or the circumvention of technical protections. See Sandvig v. Sessions, 315 F.Supp.3d 1, 22n9 (D. D.C. 2018) (examining the different conclusions reached by courts throughout the country regarding whether a mere contractual violation could violate the statute). See also Jonathan Mayer, The "Narrow" Interpretation of the Computer Fraud and Abuse Act: A User Guide for Applying United States v. Nosal, 84 G.W. Law Review 1645, 1646 (2016).
Pointing to EF Cultural Travel, 274 F.3d at 577, one court in this Circuit adopted a broad interpretation, reading CFAA liability to "include an employee who accesses his employer's computer, without the employer's knowledge, to acquire an interest adverse to his employer." Viken Detection, 384 F. Supp. 3d at 178; see also Guest-Tek Interactive Entm't, Inc. v. Pullen, 665 F.Supp.2d 42, 45 (D. Mass. 2009) (Gorton, J.). Conversely, in Advanced Micro Devices, Inc. v. Feldstein, another session of this Court adopted a narrower interpretation, holding that an individual has exceeded authorization only when he circumvents some technical barrier that would otherwise prevent him from gaining access, or achieves access through fraud or deception. 951 F.Supp.2d 212, 217-219 (D. Mass. 2013) (Hillman, J.). See also Enargy Power Co. v. Xiaolong Wang, No. 13-11348-DJC, 2013 U.S. Dist. LEXIS 170193 at *9-18 (D. Mass. Dec. 3, 2013) (Casper, J.) (holding that an employee exceeded his authorization when he encrypted files belonging to his employer to render them inaccessible because he utilized deception in doing so).
As explained in Advanced Micro Devices, 951 F. Supp. 2d at 219, the case of EF Cultural Travel, 274 F.3d at 577, is not entirely clear on whether mere violation of a confidentiality agreement is enough to impose liability under the CFAA, since in that case the defendant both had breached a confidentiality agreement by sharing his employer's proprietary information, and had assisted a competitor in logging into his employer's website using false credentials. The trend in CFAA jurisprudence in recent years has been towards the narrower interpretation. See Mayer, The "Narrow" Intepretation at 1646. The leading case espousing this interpretation is United States v. Nosal, which held that an employee who absconded with his employer's confidential data was not guilty of a criminal CFAA violation, because he never accessed the systems in manner for which he lacked authorization, but instead misused the information itself. 676 F.3d at 858. As the Nosal court explained, the CFAA was originally written to combat hacking, and an interpretation that imposes liability only when someone employs hacking or deceit prevents the language of the Act from covering "minor dalliances," such as employees using company computers to play games, shop, or watch sports. 676 F.3d at 860. The Nosal court concludes, "[b]asing criminal liability on violations of private computer use polices can transform whole categories of otherwise innocuous behavior into federal crimes simply because a computer is involved." Id.
This Court considers the reasoning in Nosal convincing. Under the broad interpretation, any internet user who violates a web site's terms of service could technically be liable for criminal sanction provided the data they accessed is valued at over $5,000, subject only to the government's discretion. This would "criminalize a broad range of day-to-day activity." Nosal, 676 F.3d 854 at 862 (quoting United States v. Kozminski, 487 U.S. 931, 949 (1988)). Such a reading of the act violates the rule against lenity, which requires ambiguous criminal laws be interpreted in favor of the defendant. See United States v. Gray, 780 F.3d 458, 468 (1st Cir. 2015) (citing United States v. Santos, 553 U.S. 507, 514, (2008).
The CFAA's definition of "exceeds authorized access" is the same in both criminal and civil contexts, so in this civil case the Court reads the Act to impose liability only insofar as Monday has overcome some sort of technical barrier or engaged in deception in accessing information.
2. Breach of the CFAA
In acquiring the complete Filemaker database, Monday intentionally exceeded his authorization, through interactions with a protected computer, to obtain something of value worth at least $5,000. Monday's actions thus meet all the elements requisite to impose liability under the CFAA.
Kathleen Shea testified at trial that she found, in Black Swan's data dump of Monday's hard drive, Excel spreadsheets that bore identifying information showing they had been copied from the Filemaker database for the years 2015-2018. Monday himself would not have had access to these entire lists. The Filemaker database was password protected, and Monday had access only to the database for his own territory. While Glennon has not shown the mechanism by which Monday gained access to this database, there was evidence presented at trial that Glennon had sent emails with photos from Filemaker to himself, which may answer the question of how they came to be on his machine. Regardless, a showing of Monday's exact methodology is not required because the CFAA covers any kind of unauthorized access of information on a computer, whether through technical, social, or other means. Cf. Enargy Power Co. 2013 U.S. Dist. LEXIS 170193 at *3 (finding that convincing an assistant to encrypt devices was exceeding authorization through fraud). The presence of the files on his computer speak for themselves.
Monday's deletion of the files is indicative of consciousness of guilt. This is further confirmed by Presser's testimony that Monday's back-up hard drive showed evidence of deletion, including files pertaining to Filemaker and his work on the ColorCritter.
The third element of the offense is access to a protected computer. All three devices owned by Glennon—the iPhone, iPad, and Lenovo computer—were network-connected computers. Glennon's Filemaker documents were stored in the "Cloud," an internet-based network.
The fourth element of the offense is that the action was intended to obtain something of value of over $5,000. This element is met by Monday's access of the Filemaker documents, which Glennon values at $72,000,000. This is doubtless an exaggeration, but this Court concludes the files are worth more than $5,000.
This Court does not believe that Monday could incur liability for the taking of other potentially confidential information such as revenue reports or chemical formulae, as Glennon has not proved he exceeded his authorization in so doing. See Compl. ¶ 73. Similarly, Monday's intentional deletion of the files and emails on his computer are best understood as constituting part of the Filemaker violation, rather than the basis for independent liability, because he did not exceed his authorization through the deletions themselves. Cf. Enargy Power Co., 2013 U.S. Dist. LEXIS 170913 at *15.
3. Damage or Loss Under Section 10(g)
Under 18 U.S.C. § 1030(g), "[a]ny person who suffers damage or loss by reason of a violation of this section may maintain a civil action against the violator to obtain compensatory damages and injunctive relief or other equitable relief." The Act defines "damage" as "any impairment to the integrity or availability of data, a program, a system, or information." 18 U.S.C. § 1030(e)(8). "Loss" is defined as "any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service." 18 U.S.C. § 1030(e)(11). The only monetary compensation available for this type of civil violation of the Act is economic damages. U.S.C. 18 § 1030(g).
Monday's actions caused both damage and loss. Monday's access and copying of confidential information caused damage by compromising the "integrity" of that information. EF Cultural Travel, 274 F.3d at 585 (citing Shurgard Storage Centers v. Safeguard Self Storage, Inc., 119 F.Supp.2d 1121 (W.D. Wa. 2000)). Glennon has certainly incurred losses in dealing with the aftermath of Monday's breach, though defining the extent of "revenue lost, cost incurred, or other consequential damages" requires some interpretation. 18 U.S.C. § 1030(g). These measures are all methods of ascertaining the economic damages allowable under the statute. See Creative Computing v. GetLoaded.com LLC, 38 F.3d 930 (9th Cir. 2004). Here, the evidence best supports the "loss" measure.
In determining the extent of this loss, Monday argues that this Court cannot award damages based on the value of the data, Def.'s Post Trial Brief 8 (citing Nexans Wires S.A. et al. v. SARK-USA, Inc.et al., 319 F.Supp.2d 468 (S.D.N.Y. 2006)), or the cost of investigating the breach, because that investigation occurred pursuant to this litigation. Id. at 8-9 (citing Jarosch v American Family Mut. Ins. Co., 837 F.Supp.2d 980 (E.D. Wis. 2011)).
Glennon advances three potential models to use in calculating economic damages from the CFAA, naturally arguing for the most favorable of these models. Pl.'s Post Trial Brief 7-13. The first model would provide an award equivalent to the value that Glennon places on the stolen information, which in this case would be $72,000,000, the alleged value of all of Glennon's revenue for the applicable time period. Id. at 7 (citing Four Seasons Hotels & Resorts BV v. Consorcio Barr, SA, 267 F.Supp.2d 1268, 1323-1324 (S.D. Fla. 2003) rv'd in part without opinion, 138 F. App'x 297 (11th Cir. 2005)). The second model would award economic damages equivalent to loss of business and goodwill attributable to the breach, which Glennon argues amount to $4,100,000. Id. at 8 (citing GetLoaded.com, 38 F.3d at 935). The third and most conservative model would award damages only for the direct losses Glennon incurred from the breach, including the costs of recovering and interpreting the deleted data, which Glennon pegs at $42,100 to $250,000. Id. at 12-13 (citing NexansWires, 166 F. App'x at 562-63). Glennon argues that there is always some element of imprecision in estimating damages, and that this Court ought not let the difficulty of ascertaining the exact dollar figure of damages prevent it from determining an appropriate award. Pl.'s Post Trial Brief at 13-14 (citing Agoos Leather Co. v. American & Foreign Insur. Co., 342 Mass. 603, 608, 174 N.E.2d 652 (1961)).
Which model to use in determining loss has not been decided in the First Circuit. See EF Cultural Travel, 274 F.3d at 585 (noting that "the value to the victim of what has been stolen and the victim's costs in shoring up its security features" are relevant factors). The district court in that case, however, had considered "loss" to include loss of business, goodwill, and the cost of diagnostic measures, so the First Circuit's confirmation of the matter implies that these are appropriate factors to consider. Id. at 580.
Glennon's point about the difficulty of estimating a dollar figure is well taken, but this Court finds that any measure of loss except the actual cost of repairing the damage from the data breach is here simply too speculative to provide reasonable compensation. There is no precedent in the First Circuit for awarding the entire alleged value of the Filemaker data as damages, and Glennon's valuation of that data as being equivalent to 100% of the firm's revenue during the applicable period appears somewhat inflated. Pl.'s Post Trial Brief at 11. Glennon itself focuses its arguments on the revenue lost due Monday's lack of productivity as he worked on his TMG Green side business, a loss it values at $4,100,000. Id. at 12. Alternatively, it asks for damages based on Monday's projected revenue from TMG Green—a value it serendipitously marks as $4,200,000. Id. This Court is unconvinced. It is not at all clear that there is a direct nexus between the stolen Filemaker data and Monday's lost productivity, nor has Glennon shown that the ambitious plans for TMG Green had a high probability of reaping success, or that the Filemaker data would play a significant part in the expected success. Glennon also has not shown either that Monday's contacts with H.U.R.B. or any other potential competitor came about as a result of this data breach.
Instead, this Court determines that an appropriate award of loss is the $22,100 that Glennon spent on its expert Mr. Presser, and the $20,000 that it spent on Black Swan—total damages of $42,100.
Glennon has requested up to $250,000 in total for expenses incurred, see Pl.'s Post Trial Brief at 12-13, but it has not shown this Court how to calculate or determinate these expenses, and this Court declines to award such speculative damages.
As to Monday's argument that this Court cannot award these losses because Glennon incurred them while preparing for litigation, the sole case he cites, Jarosch, held that costs related to repairing the damage to a computer or computer system are still cognizable as loss, and it is only non-repair costs that cannot be included. 837 F. Supp. 2d at 1022. Here, though Glennon was contemplating litigation, it bore all these costs in repairing or analyzing the damage Monday did to his devices while covering up the Filemaker breach. These losses are thus a direct consequence of that breach, and the exact type of loss contemplated by the CFAA. See 18 U.S.C. § 1030(e)(4)(11).
C. Count III and V: Misappropriation of Trade Secrets
A plaintiff may bring a misappropriation of trade secrets claim under the Defend Trade Secret Act ("DTSA") (Count III) so long as the alleged secret relates to "a product or service used in, or intended for use in, interstate or foreign commerce . .." 18 U.S.C. § 1836(b)(1), and so long as the secret's owner has: (i) "taken reasonable measures to keep such information secret," 18 U.S.C. § 1839(3)(A); and (ii) "the information derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable through proper means by, another person who can obtain economic value from the disclosure or use of the information." 18 U.S.C. § 1839(3)(B).
As to the misappropriation element, the DTSA defines the term as "disclosure or use of the trade secret of another without express or implied consent by a person who . . . at the time of disclosure or use, knew or had reason to know that the knowledge of the trade secret was . . . acquired under circumstances giving rise to a duty to maintain the secrecy of the trade secret or limit the use of the trade secret." 18 U.S.C. § 1839(5)(B). In Massachusetts ("count V"), one who misappropriates trade secrets is one who:
embezzles, steals or unlawfully takes, carries away, conceals, or copies, or by fraud or by deception obtains, from any person or corporation, with intent to convert to his own use, any trade secret, regardless of value, shall be liable in tort to such person or corporation for all damages resulting therefrom.
Massachusetts Gen. Laws Ch. 93 § 42 (2017), amended by 2018 Massachusetts Acts Chapter Ch. 228, § 70.5
Massachusetts and the DTSA both require a plaintiff to demonstrate: (i) the existence of a trade secret; (ii) that the plaintiff "took reasonable steps to protect" its confidentiality; and (iii) the defendant "used improper means, in breach of a confidential relationship, to acquire and use the trade secret." See Data Gen. Corp. v. Grumman Sys. Support Corp., 825 F.Supp. 340, 357 (D. Mass. 1993) (Skinner, J.). See also CardioNet, LLC v. InfoBionic, Inc., Civ. A. No. 15-11803-IT, 2017 WL 1115153, at *3 (D. Mass. March 24, 2017) (Talwani, J.).
Under the 2017 version of the Massachusetts law, taking a trade secret with mere intent to use it is sufficient to establish liability. See Mass. Gen. L. Ch. 93 § 42 (2017); Maine Pointe, LLC v. Collins, Civ. A. No. 18-12072-DJC, 2018 WL 5303038, at *6 (D. Mass. October 25, 2018) (Casper, J.); Ooyala, Inc. v. Dominguez, Civ. A. No. 17-10943-GAO, 2018 WL 3360759, at *5 (D. Mass. July 10, 2018) (O'Toole, J.); Advanced Micro Devices, 2013 WL 10944934, at *8.
Glennon argues that Monday's theft of the Filemaker database and proprietary technological information related to the ColorCritter constitute theft of trade secrets. Compl. ¶¶ 92-94. It argues that it is the owner of both the Filemaker Database and the ColorCritter designs, it took reasonable measures to protect their secrecy, that these secrets have value to Glennon in its competitive marketplace, and that Monday has misappropriated them. Pl.'s Proposed Rulings of Law 5-8, ECF No. 128.
Monday argues that Glennon is prevented from defending the Filemaker database due to the doctrine of unclean hands, as it originally obtained the list from the firm Bayer without its permission. Tr. Closing Statement 11. He also argues that Glennon has failed to prove it owned Monday's improvements to the ColorCritter, and that it has failed to show actual damages from the alleged theft of trade secrets.
On the whole, this Court finds that Glennon has succeeded in proving all elements of both Federal and Massachusetts Theft of Trade Secrets with respect to the Filemaker database, but not the improvements to the ColorCritter. Monday is correct, however, that Glennon has not shown actual damages resulting from this theft. Accordingly, this Court's previous order enjoining Shonn Monday, Debra Monday, and TMG Green from engaging in the mulch business for two years is an adequate and sufficient remedy for Monday's misconduct. See Order, ECF No. 133.
1. The Existence of Trade Secret Information
A trade secret is "anything tangible or intangible or electronically kept or stored, which constitutes, represents, evidences or records a secret scientific, technical, merchandising, production or management information, design, process, procedure, formula, invention or improvement." Mass. Gen. L. Ch. 266 § 30(4). "A trade secret may consist of any formula, pattern, device or compilation of information which is used in one's business, and which [provides] an opportunity to obtain an advantage over competitors who do not know or use it." J.T. Healy & Son, Inc. v. James A. Murphy & Son, Inc., 357 Mass. 728, 736, 260 N.E.2d 723 (1970). Any advantage that may be derived from such information, however minimal or short-term, is sufficient to satisfy the trade secret standard. Optos, Inc. v. Topcon Med. Sys., Inc., 777 F.Supp.2d 217, 238 (D. Mass. 2011) (Casper, J.). "The crucial issue to be determined in cases involving trade secrets . . . is whether the information is sought to be protected is, in fact and in law, confidential." Jet Spray Cooler, Inc. v. Crampton, 361 Mass. 835, 840 (1972)
In Massachusetts, there are six factors to consider in determining if information is secret:
(1) the extent to which the information is known outside of the business; (2) the extent to which it is known by employees and others involved in the business; (3) the extent of measures taken by the employer to guard the secrecy of the information; (4) the value of the information to the employer and to his competitors; (5) the amount of effort or money expended by the employer in developing the information; and (6) the ease or difficulty with which the information could be properly acquired or duplicated by others.
Id.6
Regarding Glennon's Filemaker database, customer lists in general often constitute trade secrets. See Optos, 777 F.Supp.2d at 239 (holding that client list was a trade secret even though company listed their clients on their website, as the list also included contact information, fees, and other records that would be difficult to acquire); Bruno International Ltd. V. Vicor Corporation, Civ. A. No. 14-10037-DPW, 2015 WL 5447652, at *12 (D. Mass. Sept. 16, 2015) (Woodlock, J.); C.R.T.R., Inc. v. Lao, 31 Mass. L. Rptr. 635, 2014 WL 938803, at *3 (Mass. Super. Ct. Jan. 27, 2014) (Moriarty, J.).
Looking now to the first Jet Spray Cooler factor, much of the information contained in the Filemaker Database was not known outside the business: it included internal records such as volume of sales, history of contacts, and potential leads, as well as hard-to-compile information such as the best contact information for each potential client. See Filemaker Directive 3.
For the second factor, Glennon's salespeople had access to the database only for their specific areas of geographic responsibility, and only five of the company's employees could access the entire list. This shows that even internally the company was concerned about keeping the database confidential. Much of the information in the database included internal records that another competitor could not have derived independently.
For the third factor, Glennon has shown, as is required by Massachusetts law, that it took "all proper and reasonable steps to keep it secret." J.T. Healy & Son, Inc., 357 Mass. at 730. At trial it presented internal documents—found on Monday's laptop—describing the information in Filemaker as "of the utmost confidentiality. Do not share this record with anyone." [bold in original]. Filemaker Directive 1. This language echoes the confidentiality agreement Glennon signed upon joining the company. Confidentiality Agreement ¶¶ 1-5. Employees could access Filemaker only by utilizing a password, and many were restricted to only a portion of the database. On this evidence, it is fair to say Glennon made reasonable attempts to guard the database's secrecy.
For the fourth factor, this Court need not necessarily follow Kathleen Shea's estimate that the value of the Filemaker database is equivalent to Glennon's total revenue. The records and contacts Filemaker contains are, however, certainly a significant contributor to that revenue.
For the fifth factor, Glennon put significant effort into developing this client list, which contained several hundred names when Kriem Michel brought it to the company and had grown to over 4,000 by 2018. As shown by the instructions in the Filemaker Directive, a significant portion of the job of Glennon's salesforce was ensuring the database accurately reflected their efforts in the field. Filemaker Directive 1-3.
Finally, for the sixth factor, though some of the information in the Filemaker database was public, most of that public information would have been laborious to compile, and much of it contained internal records. See id; Optos, 777 F. Supp. 2d at 239. In conclusion, all six Jet Spray Cooler factors indicate the Filemaker Database was a trade secret.
Monday's argument that Glennon has "unclean hands" is unavailing. Under the doctrine of unclean hands a court must consider the extent to which the plaintiff has engaged in misconduct. Dr. Jose S. Belaval, Inc. v. Perez-Perdomo, 488 F.3d 11, 15 (1st Cir. 2007). This doctrine applies only if the inequitable conduct before the court affects "the equitable relations between the parties." See Texaco P.R., Inc. v. Dep't of Consumer Affairs, 60 F.3d 867, 880 (1st Cir. 1995) (quoting Keystone Driller Co. v. Gen. Excavator Co., 290 U.S. 240, 245 (1933). Even had Monday presented evidence that Glennon engaged in misconduct in acquiring its client list from Bayer—which he has not—this alleged conduct would not have affected the relationship between Glennon and Monday, so the unclean hands doctrine would not apply.
Turning now to the ColorCritter, Glennon's problem is that it has not presented sufficient evidence at trial to show that any of the technical improvements that Monday allegedly appropriated pursuant to his work on the ColorCritter were actually "secret" in the sense that they were unavailable to the rest of the industry, developed by Glennon, closely guarded, and so on. Jet Spray Cooler, 361 Mass. at 840. Additionally, in its pre-Trial Brief, Glennon's theory of relief vis-à-vis the ColorCritter appears to be that Monday utilized company resources in its development, but this is a breach of contract claim, not an issue of theft of trade secrets. See Pl.'s Proposed Ruling of Law at 6-8. His actions related to the ColorCritter therefore did not constitute theft of trade secrets.
2. Misappropriation
The final step in analysis is to consider whether Monday has (i) obtained trade secrets by improper means, in breach of a confidential relationship, and (ii) used the trade secrets or intended to use them.
"[A]n individual who breaches contractual duties to obtain trade secrets has used improper means." Optos, Inc., 777 F. Supp. 2d at 240 (citation omitted); see also Advanced Micro Devices, Inc., 2013 WL 10944934 at *9. Monday breached the Confidentiality Agreement by accessing and downloading the entirety of the Filemaker database over at least four consecutive years, particularly given the evidence that he had to circumvent password protection to access this information. See Confidentiality Agreement ¶¶ 1(a), 16.
The intent analysis builds on Monday's CFAA violation. see supra II.B.2. There is evidence that Monday was both intentional in accessing the database, and intentionally deleted files to cover his tracks. There is also significant evidence, including the TMG Green business plan and Monday's ongoing work with H.U.R.B. on the ColorCritter, that he intended directly to compete in the green waste industry. See TMG Green Business Plan; Nov. 2, 2017 email; Terex Bill. This Court thus infers that his intentional extraction of the Filemaker database was in support of his separate business venture.
Regarding remedies, under the federal Defend Trade Secrets Act this Court may award damages based on actual losses or unjust enrichment. 18 U.S.C. § 1836(b)(3)(B). Similarly, under Massachusetts Law, a tortfeasor is liable for "all damages" resulting from a violation, which typically consists of lost profits or unlawful gains. See Mass. Gen. L. Ch. 93 § 42 (2017); Jet Spray Cooler, 377 Mass. at 169. Due to Glennon's timely intervention in this case, it appears not to have sustained any actual losses from Monday's theft of the Filemaker data that have not already been covered by the analysis for the CFAA violations, supra Section II.B, nor has Monday yet been able to unjustly enrich himself. This Court need not award damages on these facts, and will not do so given the uncertainty surrounding the potential future profitability of TMG Green and the extent to which any profitability could be traced to this violation. See USM Corp. v. Marson Fastener Corp., 392 Mass. 334, 340 467 N.E.2d 1271 (1984) (awarding no damages when defendant accrued no profits from his trade secret violation).
D. Count VII: Common Law Unfair Competition
At common law in Massachusetts claim for unfair competition requires that the plaintiff show that a consumer is likely to confuse its product for the defendant's, or that the plaintiff's product is sufficiently distinctive to deserve protection. See Datacomm Interface, Inc. v. Computerworld, Inc., 396 Mass. 760, 769 (1986). "[T]he gravamen of an unfair competition claim is the likelihood of consumer confusion as to the source of the goods or services." Id. Whether unfair infringement has occurred is a question of fact, and the burden of proof is on the party alleging infringement. Planned Parenthood Federation of America v. Problem Pregnancy, 398 Mass. 480, 486 (1986).
Glennon argues that Monday is engaged in unfair competition due to the similarity of the name TMG Green to T.H. Glennon, combined with the similarity of its logo, leading to potential consumer confusion. Pl.'s Proposed Ruling of Law 9-10; Compl. ¶¶ 148-159. Monday argues that there was no evidence at trial indicating actual confusion on the part of the public, no evidence that Glennon's logo had assumed a "secondary meaning" deserving protection, and no evidence of damages. Def.'s Post Trial Br. 10. Both parties are essentially correct, and thus the existing equitable relief remains the appropriate remedy.7 See Order, ECF No. 133
Glennon has shown by a preponderance of the evidence that Monday's logo was designed in a manner likely to confuse customers into thinking they were dealing with Glennon, rather than Monday. A company need not show that its brand image has acquired a "secondary meaning" if it is "inherently distinctive," meaning that it is "fanciful or arbitrary." Wiley v. Am. Greetings Corp., 762 F.2d 139, 141 (1st Cir. 1985); Boston Beer Co., Ltd. P'ship v. Slesar Bros. Brewing Co., 9 F.3d 175, 180 (1st Cir. 1993). A company may also protect itself against unfair competition when there is a high risk of "palming off." See Summerfield Co. v. Prime Furniture Co., 242 Mass. 149, 155 (1922) ("The underlying principle, which is the foundation of equitable relief in this class of cases, is that one trader shall not compete with another for public patronage by adopting intentionally means adapted to deceive the public into thinking that it is trading with the latter when in fact dealing with the former, and thus palming off his goods as those of another.").
Read against the backdrop of Monday's other actions—his contract violations, CFAA violations, and theft of trade secrets, this Court finds that the marked similarities between the TMG Green logo and the Glennon logo evince an intent to deceive consumers. Comparing the Glennon logo, Data Dump 102, Ex. 2-102, with the TMG Green logo, Screenshots 19, both logos are dominated by capital letters: THG and TMG, respectively. Both logos also have a recycling symbol surrounding those capital letters, and the remainder of the name in much smaller letters. Id. There are visual differences between the two: Glennon uses multiple colors, while TMG uses only a red and green color scheme, but there are sufficient similarities to invite confusion upon a cursory glance, particularly when not viewing the two side by side.
Glennon argues that there is evidence that Monday's actions confused consumers trying to place orders, as well as evidence that Monday was trying to create the impression of an endorsement. Pl.'s Proposed Rulings Law 9-10. There is insufficient evidence in the record to support these theories of liability, but Glennon's logo was still "distinctive" enough for it to claim the benefits of common law protection. See Wiley, 762 F.2d at 141. As Kathleen Shea explained, the Glennon company is named after "Thomas Henry Glennon," its founder, and the main design elements are his initials. These initials are essentially "arbitrary" and thus "distinctive," unlike the kind of generic terms that do not receive protection. Cf. United Oil Heat, Inc. v. M.J. Meehan Excavating, Inc., 95 Mass.App.Ct. 579, 583 (2019) (finding no trademark protection for the website name "OrderMyOil.com" because it was a generic description). Certainly the arrows surrounding the Glennon logo are a common motif in the green waste industry, not themselves deserving of protection, but it is the combination of this visual element with the capital letters "THG" that make Glennon's logo distinctive. Because it is distinctive, it deserves protection.
Monday argues, correctly that Glennon has not shown sufficient evidence at trial of any damages resulting from this confusion. For this reason, this Court does not provide damages for this violation, and Glennon's remedy remains the equitable relief already provided.
E. Counts X: Tortious Interference with a Contractual Relationship
In order to prevail on a claim for tortious interference with a contractual relationship, a plaintiff must prove that: "(1) he had a contract with a third party; (2) the defendant knowingly induced the third party to break that contract; (3) the defendant's interference, in addition to being intentional, was improper in motive or means; and (4) the plaintiff was harmed by the defendant's actions." Platten v. HG Bermuda Exempted Ltd., 437 F.3d 118, 130 (1st Cir. 2006) (citing G.S. Enters., Inc. v. Falmouth Marine, Inc., 410 Mass. 262, 571 N.E.2d 1363 (1991)).
The question, of course, is whether the plaintiff had a contract with the third party, not whether the defendant had such a contract. See G.S. Enterprises, 410 Mass. at 273.
Thus, theories based on Monday conducting intentional actions on behalf of another entity, whether H.U.R.B. or TMG Green, are inapplicable.
One theory that survives is that Monday knowingly induced H.U.R.B. and other clients to stop doing business with Glennon. See Pl.'s Proposed Rulings of Law at 11. At trial, however, Glennon failed to show a nexus between Monday's intentional actions and Glennon's loss of H.U.R.B. or any other clients. This Court does credit Brian Shea's testimony indicating that Glennon was doing a poor job at retaining and following up with clients, but Glennon has failed to show intentional interference, rather than mere distraction. Insofar as Glennon has alleged that Monday intentionally attempted to disparage it and lure away its contracted clients, see Compl. ¶¶ 186-187, it has not sufficiently developed evidence of this behavior at trial.
Another theory, analyzed more fully below, is that Glennon interfered with a potential future contractual relationship by attempting to divert an inquiry for business to TMG Green. As shown by the two emails to Jeff Moulton and "clinkln@hotmail.com," Monday attempted to steer potential customers to TMG Green instead of Glennon, see Two Emails with Attachments, an action that could potentially support a claim for tortious interference, as the tort protects prospective business relationships as well as current ones. See United Air Lines, Inc. v. Gregory, 716 F.Supp.2d 79, 87 (D. Mass. 2010) (citing Singh v. Blue Cross & Blue Shield of Mass., Inc., 182 F.Supp.2d 164, 178 (D. Mass. 2001)) (Gorton, J.). Even this theory fails on step four of the analysis, though, because Glennon has not shown at trial actual economic harm resulting from these attempts. See Bruno Int'l Ltd. v. Vicor Corp., Civ. A. No. 14-10037-DPW, 2015 U.S. Dist. LEXIS 123556 at *57 (D. Mass. Sep. 16, 2015) (Woodlock, J.).
In conclusion, Glennon has not shown that Monday tortuously interfered with any of its contracts, and has therefore failed to prove Count X.
F. Counts XI: Diversion/Usurpation of Corporate Opportunity
An individual with a fiduciary duty of loyalty to a corporation is prohibited, by the corporate opportunity doctrine, from "taking, for personal benefit, an opportunity or advantage that belongs to the corporation." Demoulas v. Demoulas Super Markets, Inc., 424 Mass. 501, 529 (1997). Here the burden of proof is on the individual who took advantage of the opportunity to show that his actions were "intrinsically fair" and did not result in harm to the corporation. Id. at 530. In asking whether these actions were intrinsically fair, courts look to whether the individual has fully disclosed "all material facts" concerning the opportunity. Id. at 531. A fiduciary is liable whether they benefit directly, or whether the benefits flow to a third party. Id. at 535 (citing Durfee v. Durfee Canning, Inc., 323 Mass. 187, 196, 80 N.E.2d 522 (1948).
Glennon alleges that Monday owed the corporation a duty of loyalty, and violated this duty of loyalty in two ways. First, it alleges he diverted potential clients by sending them to buy products from TMG Green, rather than Glennon. See Compl ¶¶ 194-195. Second, it alleges that Monday used company resources in his work on the ColorCritter, while failing to alert Glennon of the opportunities associated with the ColorCritter. Id. at ¶ 196-200.
A threshold question concerns whether Monday owed Glennon a duty of loyalty. An employee owes a fiduciary duty of loyalty to his employer when he is "occupying a position of trust and confidence." Chelsea Industries, Inc. v. Gaffney, 389 Mass. 1, 11, 449 N.E.2d 320 (1983). While executives and partners are invariably found to be "trusted employees," see Geller v. Allied-Lyons PLC, 42 Mass.App.Ct. 120, 123, 674 N.E.2d 1334 (1997), courts look closely at the level of confidential information to which junior employees have access pursuant to their duties. See Advanced Micro Devices, 951 F. Supp. 2d at 220. Access to in-depth proprietary client information and access to confidential business intellectual property are two important indicia of such "trust." See Id., Meehan v. Shaughnessy, 404 Mass. 419, 438, 535 N.E.2d 1255 (1989). Glennon had authorized access to all of the confidential Filemaker data for his geographic sales area, as well as access to Glennon's technical information, which shows that he occupied a position of "trust," and therefore a duty of loyalty.
Additionally, the Non-Disclosure Agreement that Monday signed explicitly creates a duty to avoid conflicts of opportunity. According to this Agreement, Monday could not pursue "any business opportunity relating to or similar to the Employer's current or anticipated business" without Glennon's written consent. See Confidentiality Agreement ¶ 6. He was also barred from joining with any other entity to compete with Glennon's lines of business. Id. at ¶ 7. This contract, along with Glennon's position of trust, shows that he had a duty to refrain from diverting corporate opportunities.
The evidence from the two emails indicates that Monday was attempting to divert a corporate opportunity for profit away from Glennon and towards TMG Green, an action that on its face would appear to violate both the NDA and his duty of loyalty. See Two Emails with Attachments. At trial, Monday did not provide an innocent explanation for these emails, and the context from the rest of his behavior leads this Court to infer that his actions constituted an intentional diversion. That said, there has been no evidence at trial indicating that Monday's diversion here caused economic damage to Glennon by successfully diverting this business, or gains for himself, so additional monetary relief is not appropriate. See McDermott v. Marcus, Errico, Emmers & Brooks, P.C., 911 F.Supp.2d 1, 99 (D. Mass. 2012) (Bowler, M.J.).
Similarly, there is sufficient evidence at trial to establish that Monday usurped a corporate opportunity through his work on the ColorCritter while employed with Glennon. Monday did advise Glennon of the opportunity to sell ColorCritters, as Brian Shea testified, and the company declined the opportunity. Monday did not, however, inform the company of the material fact that he himself had a potential financial interest in the ColorCritter or was working on the machine during his time with the company, which constitutes a per se violation of the corporate opportunity doctrine, as well as the language of the NDA. See In re Cumberland Farms, Inc., 284 F.3d 216, 227-228 (1st Cir. 2002).
There is, however, no evidence in the record to support Glennon's claims that Monday stole its proprietary technical formulas pursuant to his work on the ColorCritter, nor is there evidence in the record of any actual profits fairly attributable to this corporate opportunity other than the $862.00 that Monday received for his drafting work. See Terex Bill. For this reason, the Court declines to provide further monetary damages for these breaches, beyond the equitable relief already granted.
IV. CONCLUSION
For these reasons, the Court finds and rules that Monday is liable under Count I (breach of contract), Count II (CFAA violations), Count III (federal misappropriation of trade secrets), Count V (Massachusetts misappropriation of trade secrets), Count VIII (unfair competition) and Count XI (diversion of corporate opportunity). Monday is not liable under Count X (interference with contract).
For the foregoing reasons, this Court AWARDS Glennon damages in the amount of $42,500, in addition to the equitable relief previously ordered. See Order, ECF No. 133. While this opinion fully adjudicates the claims against Monday, no judgment can enter until the claims against the other defendants are adjudicated. Thus this case will remain administratively closed until restored to the trial list upon motion of any party.
SO ORDERED.