Opinion
20 Civ. 18 (AT) (SLC)
03-08-2022
REDCELL CORP. and REDCELL SYSTEMS, LLC, Plaintiffs, v. A.J. TRUCCO, INC. and TRUCCONOVA, LLC., Defendants.
ORDER
ANALISA TORRES, UNITED STATES DISTRICT JUDGE:
Plaintiffs Redcell Corp. and Redcell Systems, LLC (together, “Redcell”) bring this action against Defendants A.J. Trucco, Inc. and Trucconova, LLC (together, “Trucco”) alleging a claim under the Defend Trade Secrets Act (the “DTSA”), 18 U.S.C. § 1836 et seq., and a claim for breach of contract. Compl., ECF No. 8. On May 28, 2021, Trucco moved for leave to amend its answer and file four counterclaims against Redcell for (1) violation of the Computer Fraud and Abuse Act (the “CFAA”), 18 U.S.C. § 1030; (2) unjust enrichment; (3) violation of the DTSA; and (4) copyright infringement. Defs. Mot., ECF No. 57. On July 20, 2021, the Honorable Sarah L. Cave issued a report and recommendation (the “R&R”) recommending that this Court deny Trucco's motion on the ground of futility. R&R at 30, ECF No. 65. Trucco and Redcell both filed objections to the R&R. Defs. Obj., ECF No. 69; Pls. Opp'n., ECF No. 71.
Having considered the objections raised by the parties, for the reasons stated below, the Court REJECTS that portion of the R&R addressing Trucco's proposed CFAA counterclaim, but DENIES Trucco's motion for leave to file such a counterclaim based on a de novo review of Trucco's arguments. The Court ADOPTS the remainder of the R&R in its entirety. Trucco's motion to file counterclaims against Redcell is, therefore, DENIED.
The Court presumes familiarity with the facts and procedural history of this matter, which are set forth in the R&R, and briefly summarizes them here. See R&R at 2-13. The facts are taken from the proposed counterclaims, and are presumed true for purposes of determining this motion, without prejudice to both parties' ability to contest their truth later in this litigation. See Fin. Guar. Ins. Co. v. Putnam Advisory Co., 783 F.3d 395, 398 (2d Cir. 2015).
Trucco is an importer of produce, and distributes its products in both interstate and foreign commerce. Counterclaim ¶ 2, ECF No. 57-3 at 11-20. It has facilities in New York and New Jersey. Id. ¶ 1. Redcell is a technology company that develops computer software and provides IT services. Id. ¶ 3. From 2008 to 2019, Redcell provided Trucco with software development, IT support maintenance, and logistics services. Id. ¶ 5.
Redcell and Trucco collaborated on the development of the “IMP software system.” Id. ¶ 6. On July 28, 2008, Redcell and Trucco entered into a software development agreement (“SDA”), which stated that Redcell would own the copyrights to the code for the software until Trucco made its final payment to Redcell, whereupon Redcell would transfer the copyrights to Trucco. Id. ¶¶ 7-8. Trucco paid Redcell, and claims that it is “the sole owner of all copyrights for the software that was developed” under the SDA “as well as for all derivative works created based on that software.” Id. ¶ 9. However, Redcell “has asserted ownership of the software and its underlying intellectual property.” Id. ¶ 10. And, Redcell has “admitted to copying the software and copyrights and making derivative works based on them.” Id. ¶ 11.
Trucco alleges that its cloud servers host documents “relating to its financials and confidential business strategies, including sensitive economic data and forecasts and information relating to Trucco's profits and losses.” Id. ¶ 24. Trucco “strictly limits access to this information to the highest executives at Trucco, ” and imposes “security controls that preclude other individuals from accessing this information.” Id. ¶ 25-26. Redcell “was given access to sensitive trade secret and other confidential and proprietary information of Trucco, including private financial information, business strategies . . . Trucco's tax returns and other profit and loss information, ” although Trucco does not specifically allege whether Redcell was given access to the cloud server in its entirety, or whether Redcell's access was limited to certain confidential information on the server. Id. ¶ 12. Trucco notes that Redcell characterizes the cloud server as a “joint database that was accessible to both Trucco and Redcell.” Id. ¶ 17 (quotation marks omitted). But, Trucco asserts that Redcell “was not authorized to access Trucco's . . . information in any way not related to the maintenance of software.” Id. ¶ 31. During the parties' relationship, Redcell backed up Trucco's computer data “when necessary, ” in compliance with industry standards, but also “surreptitiously undertook the backup of [Trucco's] data without Trucco's knowledge.” Id. ¶ 13.
Trucco claims that “any past consent” given to Redcell to access Trucco's “confidential and proprietary information . . . obviously ceased when their business relationship ended” in 2019. Id. ¶ 22. Redcell brought this lawsuit in early 2020. Id. ¶¶ 14-15. Trucco states that “Redcell continued to access Trucco's computer system . . . after the parties' relationship ended in 2019.” Id. ¶ 16. Trucco bases this allegation on Redcell's actions and statements in prosecuting this litigation. For instance, in deposition testimony, Redcell's president allegedly “acknowledged that Redcell has wrongfully accessed a vast amount of Trucco's confidential and proprietary data and trade secrets” stored on Trucco's cloud server, and that Redcell was able to do so “because Redcell still has the access codes to review and retrieve such data.” Id. ¶ 20 (emphasis in original). Similarly, during this litigation, Redcell's counsel said that he possessed a “massive data drop” which included “sensitive financial documents.” Id. ¶ 15. Redcell's counsel also stated that he and Redcell are in possession of Trucco's tax returns, id. ¶ 18, and that, during a deposition in this litigation, Redcell's counsel used a confidential settlement document from another matter “that was obtained . . . from Trucco's [c]loud [server], ” id. ¶¶ 19, 23. As a result of Redcell's alleged intrusions into the server, Trucco claims that it has incurred losses in excess of $5,000, including “money spent investigating Redcell's data breach and to secure its database to prevent further access by Redcell.” Id. ¶ 36.
DISCUSSION
I. Legal Standard
A. Standard of Review
A district court “may accept, reject, or modify, in whole or in part, the findings or recommendations made by the magistrate judge.” 28 U.S.C. § 636(b)(1)(C). When a party makes specific objections, the court reviews de novo those portions of the report and recommendation to which objection is made. Id.; Fed.R.Civ.P. 72(b)(3). However, “when a party makes only conclusory or general objections, or simply reiterates his original arguments, ” the court reviews the report and recommendation strictly for clear error. Wallace v. Superintendent of Clinton Corr. Facility, No. 13 Civ. 3989, 2014 WL 2854631, at *1 (S.D.N.Y. June 20, 2014). Objections “must be specific and clearly aimed at particular findings in the magistrate judge's proposal.” McDonaugh v. Astrue, 672 F.Supp.2d 542, 547 (S.D.N.Y. 2009) (quotation marks and citation omitted); see also Bailey v. U.S. Citizenship & Immigration Servs., No. 13 Civ. 1064, 2014 WL 2855041, at *1 (S.D.N.Y. June 20, 2014) (“[O]bjections that are not clearly aimed at particular findings in the [report and recommendation] do not trigger de novo review.”). The court may adopt those portions of the report and recommendation to which no objection is made “as long as no clear error is apparent from the face of the record.” Oquendo v. Colvin, No. 12 Civ. 4527, 2014 WL 4160222, at *2 (S.D.N.Y. Aug. 19, 2014) (quotation marks and citation omitted).
B. Motion to Amend
Courts should “freely give leave” to amend a pleading “when justice so requires.” Fed.R.Civ.P. 15(a)(2). However, a court may deny a motion to amend where the amendment would be futile, among other reasons. See Williams v. Citigroup Inc., 659 F.3d 208, 213-14 (2d Cir. 2011) (per curiam). An amendment to a pleading is futile if the proposed claim could not withstand a motion to dismiss pursuant to Rule 12(b)(6) under the Federal Rules of Civil Procedure. Lucente v. Int'l Bus. Mach. Corp., 310 F.3d 243, 258 (2d Cir. 2002).
Motions to amend are also governed by Federal Rule of Civil Procedure 16(b), which states that a court-ordered schedule “may be modified only for good cause and with the judge's consent.” Fed.R.Civ.P. 16(b)(4). Where, as here, a motion to amend is not “timely filed under [the] scheduling order in place in th[e] action, ” in addition to meeting the requirements of Rule 15, the moving party “must also show good cause for the amendment under Rule 16.” Soroof Trading Dev. Co. v. GE Microgen, Inc., 283 F.R.D. 142, 147 (S.D.N.Y. 2012).
II. Redcell's Objection
Redcell objects to the R&R's conclusion that Trucco's motion for leave to amend was timely made pursuant to Rule 15 of the Federal Rules of Civil Procedure. Pls. Opp'n at 14-15. Because Redcell raised this objection for the first time over a month after service of the R&R, it is untimely. See Fed.R.Civ.P. 72 (requiring a party's objections to be filed within fourteen days after service of the R&R). The Court is not required to review de novo any portion of a magistrate judge's order that is not the subject of a timely objection. Carling v. Peters, 760 F.Supp.2d 400, 401 (S.D.N.Y. 2011). And, even if the Court were to consider Redcell's objection on the merits, it is merely a restatement of its original argument before Judge Cave-that granting Trucco leave to assert counterclaims would be untimely and cause Redcell undue prejudice. Compare ECF No. 60, at 6, 8-9 with Pls. Opp'n at 14-15. When a party “reiterates his original arguments, ” the Court reviews the report and recommendation strictly for clear error. Wallace, 2014 WL 2854631, at *1 (S.D.N.Y. June 20, 2014). The Court has done so here, and finds no clear error in Judge Cave's thorough and well-reasoned findings. Accordingly, Redcell's objection is OVERRULED.
III. Trucco's Objections
Trucco objects to the R&R's analysis and conclusions as to its proposed counterclaims under the CFAA and the DTSA, as well as its proposed counterclaim for copyright infringement. The Court reviews de novo each portion of the R&R that is the subject of specific objections, and addresses each in turn.
A. CFAA Counterclaim
The CFAA is “principally a criminal statute” with a limited private cause of action. LivePerson Inc. v. 24/7 Customer, Inc., 83 F.Supp.3d 501, 511 (S.D.N.Y. 2015). To state a claim under the CFAA's private cause of action, Trucco must plead that Redcell “(1) accessed a ‘protected computer'; (2) ‘without any authorization or exceeding its authorized access'; and (3) caused “loss” in excess of $5,000.” Id. (citing 18 U.S.C. § 1030(g)). The R&R concluded that Trucco failed to adequately plead each of these elements. R&R at 20-22. Trucco argues that the R&R applied a heightened pleading standard inconsistent with this Circuit's precedents, and failed to adequately credit certain of its factual allegations. Defs. Obj. at 5-8.
As to the first prong, the CFAA defines a “protected computer” as a computer “which is used in or affecting interstate or foreign commerce or communication.” 18 U.S.C. § 1030(e)(2)(B). Trucco must, therefore, allege that the relevant server was engaged in interstate commerce, or at minimum, that the “computer was used for the business and the business operated in two different states.” Dedalus Found. v. Banach, No. 09 Civ. 2842, 2009 WL 3398595, at *2 (S.D.N.Y. Oct. 16, 2009) (citing Patrick Patterson Custom Homes, Inc. v. Bach, 586 F.Supp.2d 1026, 1033-34 (N.D. Ill. 2008)); see also LivePerson, Inc., 83 F.Supp.3d at 512. Here, Trucco alleges only that its business operates across multiple states and that it distributes products in interstate commerce. Counterclaim ¶¶ 1-2. It does not allege that the server at issue-rather than Trucco's overall business-was engaged in interstate commerce or was used for the business. See id. In its objections, Trucco raises for the first time that the server “involve[s] management of Trucco's business, and therefore necessarily involve[s] interstate commerce, ” Defs. Obj. at 7. But, “new . . . factual assertions cannot properly be raised for the first time in objections to the [R&R].” Razzoli v. Fed. Bur. of Prisons, No. 12 Civ. 3774, 2014 WL 2440771, at *5 (S.D.N.Y. May 30, 2014). Trucco fails, therefore, to properly plead the first element of its CFAA claim.
Second, Trucco must allege that Redcell's access was “without any authorization or exceeding its authorized access.” LivePerson, 83 F.Supp.3d at 511 (citation omitted). The R&R concluded that Trucco's failure to plead “the means by which [Redcell] allegedly gained access to Trucco's servers” precludes a finding that Redcell “either lacked or exceeded its authorization within the meaning of the CFAA.” R&R at 21 (emphasis omitted) (alterations in original). Trucco objects that this finding imposes a “heightened pleading standard” that runs contrary to the weight of precedent in this Circuit. Defs. Obj. at 5-7.
The CFAA, by its plain language, prohibits improper “access” to a protected computer, “not misuse or misappropriation.” University Sports Pub. Co. v. Playmakers Media Co., 725 F.Supp.2d 378, 383, (S.D.N.Y. 2010). An entity acts “without authorization” when it “accesses a computer without permission to do so, ” and “exceeds authorized access” when it “has permission to access certain information on a computer, but access[es] other information as to which [it] lacks permission.” JBC Holdings NY, LLC v. Pakter, 931 F.Supp.2d 514, 523 (S.D.N.Y. 2013) (citation omitted). The CFAA does not, however, cover circumstances where an entity “has permission to access certain information and then uses that information for an improper purpose.” Id. at 523-25.
On this basis, Trucco does not plausibly allege a violation of the CFAA. First, Trucco fails to describe the scope of Redcell's access to the server during the parties' business relationship. Trucco pleads only that Redcell “was given access” to its confidential and proprietary information. Counterclaim ¶ 12. Trucco does not actually allege that Redcell was authorized to access the cloud server that these documents were stored on, nor does it clearly state the extent of Redcell's access to the server-for instance, whether Redcell was granted access to the server in its entirety, or whether Redcell was explicitly authorized only to access certain files and documents. This distinction is critical to determining whether Redcell's later actions constituted unauthorized access or exceeded its authorized access to the server, which are actionable under the CFAA, or whether these actions amounted to mere misuse of the server's information, which is not.
Second, some of Trucco's more specific factual allegations establish only that Redcell allegedly misused or misappropriated information it was otherwise authorized to access. For example, Trucco alleges that during the parties' relationship, Redcell not only backed up Trucco's computer data “when necessary” as required to comply with industry standards-an action presumably within the scope of Redcell's access to the server-but that it also “surreptitiously undertook” backups of such data for its own benefit. Id. ¶ 13. But, if Trucco authorized Redcell to access its data to create backups for compliance purposes, Trucco cannot state a claim under the CFAA for additional backups of this data Redcell undertook for its own purposes. See Pakter, 931 F.Supp.2d at 523.
Similarly, Trucco states that Redcell “was not authorized to access Trucco's confidential information in any way not related to the maintenance of software.” Counterclaim ¶ 31. But, where an entity is granted access to a server for one purpose, subsequent access for an improper purpose is not actionable under the CFAA. See University Sports, 725 F.Supp.2d at 384-86 (concluding that where employee was authorized to access entire database for limited administrative role, no CFAA liability existed where employee acted outside job duties by analyzing and downloading substantive documents for competitor). Thus, if Redcell was granted access to the server and information stored on it for software maintenance, “subsequent misuse of the information [for other purposes] . . . is not sufficient to violate the CFAA.” Apple Mortgage Corp. v. Barenblatt, 162 F.Supp.3d 270, 286 (S.D.N.Y. 2016).
Third, Trucco's factual allegations contain contradictions as to the kinds of documents on the server Redcell was authorized to access, and may have subsequently misused-versus documents it was never authorized to access. For instance, Trucco cites its tax returns as an example of documents obtained by Redcell through its “unauthorized access” to the cloud server. Counterclaim ¶ 23. But, Trucco also explicitly acknowledges that Redcell was “given access” to Trucco's tax returns during the course of their business relationship. Id. ¶ 12. Similarly, Trucco states that it maintains on its servers “confidential business strategies . . . sensitive economic data . . . [and] information relating to Trucco's profits and losses, ” that Trucco “strictly limits access to this information” to its highest executives, and Redcell's access to such information was “unauthorized.” Id. ¶¶ 24-25, 33. But, these are all categories of information Trucco gave Redcell access to during the parties' relationship. Id. ¶ 12. Although the Court must take Trucco's well-pleaded factual allegations as true, it need not do so when such allegations are internally inconsistent or contradictory. See Spiteri v. Russo, No. 12 Civ. 2780, 2013 WL 4806960, at *8 (E.D.N.Y. Sept. 7, 2013), aff'd sub nom Spiteri v. Camacho, 622 Fed.Appx. 9 (2d Cir. 2015). Trucco, therefore, provides no basis for the Court to infer that Redcell's access to and alleged improper use of these documents provides a basis for CFAA liability, because its factual allegations do not support anything beyond a finding that Redcell merely misappropriated or misused data it was legitimately authorized to access.
Trucco argues that its factual allegations support liability under the CFAA to the extent that they demonstrate that Redcell continued to access the server without authorization after the end of the parties' business relationship in 2019. Defs. Obj. at 6-7. As Trucco correctly notes, in the context of an employer-employee relationship, courts in this district have concluded that where an employee previously had access to a computer or system, but is then terminated or resigns, subsequent access may be construed as unauthorized within the meaning of the CFAA. E.g., Poller v. BioScrip, Inc., 974 F.Supp.2d 204, 233 (S.D.N.Y. 2013). And, drawing all inferences in Trucco's favor, certain of its factual allegations could potentially support CFAA liability on this basis. Trucco alleges, for instance, that during a deposition in this action, Redcell used a confidential settlement document from another litigation that Redcell was never given permission to access. Counterclaim ¶ 19. Trucco also alleges that Redcell's president “acknowledged” in deposition testimony that Redcell has accessed data on the server as part of its prosecution efforts in this litigation, and “did so because Redcell still has the access codes to review and retrieve such data.” Id. ¶ 20.
But, Trucco merely pleads in a conclusory manner, that “any past consent” given by Redcell to Trucco to access its “confidential and proprietary information . . . obviously ceased when their business relationship ended in 2019.” Id. ¶ 22. Trucco does not allege that it took measures to terminate Redcell's access to the server, or even that Trucco notified Redcell that it was no longer permitted to access the server. Indeed, Redcell appears to have maintained access to the server by using the same codes that were valid during the parties' relationship, Defs. Obj. at 10, and Trucco does not allege that it revoked Redcell's permission to these codes. A conclusory allegation that any authorization “obviously ceased” when the parties' business relationship ended is insufficient to demonstrate unauthorized access within the meaning of the CFAA, particularly when, as Trucco concedes, Redcell characterizes the server as a “joint database” to which both Trucco and Redcell still maintain access. Counterclaim ¶ 17.
Finally, Trucco contends that because it “specifically pleads it has incurred at least $5,000 in losses in investigating [Redcell's] data breach and taking actions to secure its systems, ” the R&R erred by concluding that Trucco failed to establish compensable losses under the CFAA. Defs. Obj. at 7-8. The R&R determined that “costs not related to computer impairment or computer damages are not compensable under the CFAA, ” and, therefore, found that Trucco's failure to plead that its “computer, servers, or databases have been impaired or otherwise damaged, ” rendered its claim deficient. R&R at 22.
As the R&R correctly notes, “loss” under the CFAA is construed narrowly. Int'l Chauffered Serv., Inc. v. Fast Operating Corp., No. 11 Civ. 2662, 2012 WL 1279825, at *3 (S.D.N.Y. Apr. 16, 2012). But, “physical damage to a computer is not necessary to allege damage or loss” under the CFAA. Bose v. Interclick, Inc., No. 10 Civ. 9183, 2011 WL 4343517, at *3 (S.D.N.Y. Aug. 17, 2011). And, the CFAA's provisions make clear that “loss” encompasses “the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense ....” LivePerson, 83 F.Supp.3d at 512 (citing 18 U.S.C. § 1030(e)(11)). On this basis, courts have concluded that, although costs associated with lost competitive advantages, profits or revenue are not compensable under the CFAA, losses with respect to “computer investigations or repairs” or “measures taken to prevent unauthorized access to the computer system in the future” are recoverable. Civic Ctr. Motors, Ltd. v. Mason St. Import Cars, Ltd., 387 F.Supp.2d 378, 38182 (S.D.N.Y. 2005); see also Nexans Wires S.A. v. Sark-USA, Inc., 319 F.Supp.2d 468, 475 (S.D.N.Y. 2004). Trucco's alleged losses related to “securing or remedying [its] systems in the wake of [Redcell's] alleged CFAA violations” would, therefore, count towards the CFAA's loss requirement. See In re DoubleClick Inc. Privacy Litig., 154 F.Supp.2d 497, 524 (S.D.N.Y. 2001). The Court, accordingly, agrees with Trucco that its factual allegations are sufficient to establish “loss” under the CFAA.
Having reviewed the matter de novo, the Court concludes that, because Trucco has failed to adequately plead two of the three prongs of the claim, its claim cannot survive a motion to dismiss. Accordingly, the Court REJECTS that portion of the R&R addressing Trucco's proposed CFAA counterclaim, but DENIES Trucco's motion for leave to file such a counterclaim, on the ground of futility.
B. Copyright Infringement
The R&R concluded that Trucco's copyright counterclaim was futile on the ground that Trucco failed to identify with sufficient specificity either the copyrighted software at issue, or the elements of the software Redcell copied or incorporated into derivative software. R&R at 26-30. Trucco objects on the ground that first, the R&R “reli[ed] on Redcell's complaint” for the facts supporting the counterclaim, instead of assuming the truth of Trucco's allegations; and second, that because Trucco alleged Redcell copied “the entire IMP software without permission, ” Trucco identified the copyrighted software at issue with sufficient specificity to state a claim of copyright infringement. Defs. Obj. at 12-13.
A copyright owner holds exclusive rights to, among other things, reproduce the copyrighted work, and prepare derivatives of it. New London Assocs., LLC v. Kinetic Soc. LLC, 384 F.Supp.3d 392, 406 (S.D.N.Y. 2019) (citation omitted). To state a claim for copyright infringement, a plaintiff must allege “(1) which specific original works are the subject of the copyright claim; (2) that the plaintiff owns the copyright in those works; (3) that the copyrights have been registered in accordance with the statute; and (4) by what acts [and] during what time defendant infringed the copyright.” Gayle v. Hearst Commc'ns, Inc., No. 19 Civ. 4699, 2021 WL 293237, at *2 (S.D.N.Y. Jan. 28, 2011) (citation omitted). The R&R concluded that Trucco's copyright infringement claim was deficient because Trucco failed to identify the copyrighted works with sufficient specificity, and further failed to explain which elements of the copyrighted works Redcell copied or incorporated into derivative software. R&R at 12-13. The Court agrees.
First, contrary to Trucco's assertions, the R&R's conclusions are based on an assessment of Trucco's factual allegations in the counterclaim, rather than Redcell's allegations in the complaint. Trucco alleges that it owns “all copyrights relating to the software that was created” by the SDA and that Redcell has “made unauthorized copies and derivative works from the copyrights software owned by Trucco.” Counterclaim ¶¶ 51-52. The R&R correctly concludes that Trucco's reference to the “software that was created” pursuant to the SDA does not define with sufficient specificity what this software entails, or include any examples of which software Redcell copied without authorization. R&R at 28-29.
Second, as the R&R accurately finds, Trucco “fails to explain what elements of [its] copyrighted work [Redcell] has copied or incorporated . . . or how [Redcell's software] is even similar to [Trucco's].” Gayle, 2021 WL 293237, at *2. In its objections, Trucco asserts-for the first time-that Redcell “has copied the entire IMP software without permission.” Defs. Obj. at 13 (emphasis omitted). But, “new . . . factual assertions cannot properly be raised for the first time in objections to the [R&R].” Razzoli, 2014WL 2440771 at *5. And, as the R&R correctly notes, in Trucco's counterclaims, it “alleges no facts about the allegedly infringing software that Redcell created.” R&R at 29. Therefore, the R&R appropriately found that Trucco's bare, conclusory factual allegations were insufficiently specific to state a valid claim for copyright infringement. R&R at 26-29. Accordingly, the Court OVERRULES Trucco's objections, and ADOPTS that portion of the R&R recommending that the Court deny Trucco's request to assert this counterclaim.
C. DTSA
“To state a claim for trade secret misappropriation under the DTSA, a plaintiff must plausibly allege that (1) it possessed a trade secret, and (2) the defendant misappropriated the trade secret.” Medidata Sols. Inc. v. Veeva Systems Inc., No. 17 Civ. 589, 2018 WL 6173349, at *3 (S.D.N.Y. Nov. 26, 2018). Under the DTSA, a trade secret encompasses “all forms and types of financial, business, scientific, technical, economic, or engineering information” if first, “the owner thereof has taken reasonable measures to keep such information secret”; and second, “the information derives independent economic value . . . from not being generally known to, and not being readily ascertainable through proper means by, another person who can obtain economic value from the disclosure or use of the information.” 18 U.S.C. § 1839(3). Although the Second Circuit has not expressly articulated a specificity requirement, “district courts in this Circuit routinely require that plaintiffs plead their trade secrets with sufficient specificity to inform the defendants of what they are alleged to have misappropriated.” Medidata Sols. Inc., 2018 WL 6173349 at *3; see also Big Vision Pvt. Ltd. v. E.I. DuPont DeNemours & Co., 1 F.Supp.3d 224, 258 (S.D.N.Y. 2014) (collecting cases).
The Court agrees with the R&R's conclusion that Trucco has failed to plead the trade secrets at issue with sufficient specificity. In its proposed counterclaim, Trucco identifies its tax returns and a confidential settlement as examples of documents Trucco allegedly accessed and misappropriated. Counterclaim ¶¶ 18-19. Trucco states that the documents Redcell accessed “include[] a multitude of other confidential and proprietary trade secret information, beyond just the referenced tax returns and confidential case settlement document.” Id. ¶ 23. Trucco similarly offers the vague assertion that “the documents and information misappropriated by Redcell included highly confidential, proprietary business strategy documents that contained competitively sensitive information.” Id. ¶ 45. Such general statements do not reasonably provide adequate notice to Redcell as to the basis of Trucco's misappropriation claim. Cf. Medidata, 2018 WL 6173349, at *3.
As for the only documents that Trucco identifies with specificity-its tax returns and a settlement document-Trucco does not plead that these documents derive independent economic value from being kept secret, or that Trucco took reasonable measures to keep them secret. Trucco asserts that access to these documents was “strictly . . . limited to the . . . highest executives” at Trucco, Counterclaim ¶ 46, but concedes that Redcell was given access to at least some of these documents-including, for instance, Trucco's tax returns-during the parties' relationship, id. ¶ 12. Trucco does not claim that it took steps to ensure Redcell would not disclose its trade secrets to others, such as requiring Redcell to execute a non-disclosure or confidentiality agreement. Cf. Oneida Grp. Inc. v. Steelite Int'l. U.S.A. Inc., No. 17 Civ. 0957, 2017 WL 6459464, at *7 (E.D.N.Y. Dec. 15, 2017). And, Trucco acknowledges that Redcell could continue accessing the server on which these documents were stored because Redcell's access codes remained valid even after the parties' business relationship ended-which hardly suggests “reasonable” security measures were in place to protect the confidentiality of the documents. Id. ¶ 20.
Next, the R&R concludes that Trucco failed to state a claim for misappropriation under the DTSA because Trucco pleaded no facts from which to infer that Redcell breached its confidentiality obligations with respect to the relevant documents. R&R at 25. A party misappropriates a trade secret when it either acquires a trade secret by improper means, or discloses or uses the trade secret without consent. Medidata, 2018 WL 6173349 at *3; see also Elsevier Inc. v. Doctor Evid. LLC, No. 17 Civ. 5540, 2018 WL 557906, at *3 (S.D.N.Y. Jan. 23, 2018). Trucco argues that Redcell was not authorized to access the documents in the first place, and, therefore, its access to these documents could only have been through improper means, stating a claim under the DTSA. Defs. Obj. at 9-10. For the same reason, Trucco argues it was not required to plead Redcell's confidentiality obligations with respect to the documents; because Redcell was never authorized to access them, Trucco had no reason to impose a confidentiality requirement. Id.
Again, inconsistencies in Trucco's factual allegations preclude a finding that its proposed DTSA counterclaim is sufficiently pleaded. Trucco alleges that Redcell “was given access to sensitive trade secret and other confidential and proprietary information of Trucco, including private financial information, business strategies . . . tax returns and other profit and loss information, ” maintained on its cloud server. Counterclaim ¶ 12. This contradicts Trucco's assertion, in its factual allegations and objections, that Redcell was “never given access” to this information. See id. ¶¶ 15, 22-25. The Court, therefore, has no basis to infer that Redcell's access to these documents was through improper or wrongful means. And, as noted, the Court need not accept or attempt to reconcile inconsistent or contradictory factual allegations. Although the Court must generally accept the pleading party's factual allegations as true in evaluating a motion for leave to amend, it need not accept as true conflicting or contradictory factual assertions. Spiteri, 2013 WL 4806960 at *8.
Second, Trucco's allegations as to the details of Redcell's misappropriation are largely conclusory. See Counterclaim ¶ 47 (stating Redcell engaged in “corporate espionage and other wrongful acts to access, use, and possess” Trucco's trade secrets). As the R&R correctly notes, Trucco does not set forth “facts that describe how [Redcell's] use” of this information “amounts to a breach of secrecy.” Principia Partners LLC v. Swap Financial Grp. Inc., No. 18 Civ. 7998, 2019 WL 4688711, at *3 (S.D.N.Y. Sept. 26, 2019). That is, Trucco pleads no facts as to Redcell's confidentiality obligations for any documents on the server, how such obligations restrained use of this information, or how these obligations were violated by Redcell. See Id. The only specific factual allegations at issue-that Redcell possesses Trucco's tax returns and used a confidential settlement document during a deposition in this litigation, Counterclaim ¶¶ 18-19-do not support an inference that Redcell disclosed these documents to any third parties, or otherwise used them to gain a competitive advantage.
Finally, Trucco takes issue with the R&R's conclusion that misuse of the settlement document alone is insufficient to state a claim for misappropriation. Citing Dorset Industries, Inc. v. Unified Grocers, Inc., Trucco argues that misappropriation of a single document can, without more, support a trade secret claim. Defs. Obj. at 10-11 (citing Dorset Industries, Inc. v. Unified Grocers, Inc., 893 F.Supp.2d 395, 412 (E.D.N.Y. 2012)). But, the Dorset court found that the defendant had used that single document to “create[] a checkout program that utilized the same methods and procedures” as a program created by the plaintiff-that is, that the defendant misappropriated a single document to gain a competitive advantage over the plaintiff. Dorset, 893 F.Supp.2d at 412. Trucco has failed to make a similar showing here, and for that reason- not because only a single document was at issue-the R&R correctly concluded that Trucco's DTSA counterclaim was futile.
The Court, therefore, OVERRULES Trucco's objections, and ADOPTS that portion of the R&R recommending denial of Trucco's request to plead a counterclaim under the DTSA.
CONCLUSION
The Court has reviewed the remainder of Judge Cave's thorough and well-reasoned R&R for clear error, and finds none. Accordingly, for the reasons stated, the Court REJECTS that portion of the R&R addressing Trucco's proposed CFAA counterclaim, but DENIES Trucco's motion for leave to file such a counterclaim. The Court ADOPTS the remainder of the R&R in its entirety. Trucco's motion to file counterclaims against Redcell is, therefore, DENIED. The Clerk of Court is directed to terminate the motion pending at ECF No. 57.
SO ORDERED.