Turret Labs v. CargoSprint ( 2022 )

     21-952
Turret Labs v. CargoSprint
UNITED STATES COURT OF APPEALS
FOR THE SECOND CIRCUIT
SUMMARY ORDER
RULINGS BY SUMMARY ORDER DO NOT HAVE PRECEDENTIAL EFFECT. CITATION TO A
SUMMARY ORDER FILED ON OR AFTER JANUARY 1, 2007, IS PERMITTED AND IS GOVERNED BY
FEDERAL RULE OF APPELLATE PROCEDURE 32.1 AND THIS COURT=S LOCAL RULE 32.1.1.
WHEN CITING A SUMMARY ORDER IN A DOCUMENT FILED WITH THIS COURT, A PARTY MUST
CITE EITHER THE FEDERAL APPENDIX OR AN ELECTRONIC DATABASE (WITH THE NOTATION
“SUMMARY ORDER”). A PARTY CITING A SUMMARY ORDER MUST SERVE A COPY OF IT ON
ANY PARTY NOT REPRESENTED BY COUNSEL.
1           At a stated term of the United States Court of Appeals for the Second Circuit, held at the
2   Thurgood Marshall United States Courthouse, 40 Foley Square, in the City of New York, on the
3   9th day of March, two thousand twenty-two.
4
5   Present:
6               DEBRA ANN LIVINGSTON,
7                     Chief Judge,
8               AMALYA L. KEARSE,
9               EUNICE C. LEE,
10                     Circuit Judges.
11   _____________________________________
12
13   TURRET LABS USA, INC.,
14
15                            Plaintiff-Appellant,
16
17                    v.                                                    21-952
18
19   CARGOSPRINT, LLC, JOSHUA WOLF
20
21                     Defendants-Appellees.
22   _____________________________________
23
24   For Plaintiff-Appellant:                        Leslie R. Bennett (Leslie R. Bennett LLC), Melville,
25                                                   NY.
26
27   For Defendants-Appellees:                       R. Dale Grimes, Virginia M. Yetter, and Nicholas J.
28                                                   Goldin (Bass, Berry & Sims, PLC), Nashville, TN;
29                                                   Michael Dashefsky (Bass, Berry & Sims, PLC),
30                                                   Washington, D.C.; Joseph A. Matteo (Barnes &
31                                                   Thornburg LLP), New York, NY.
32
1          Appeal from a judgment of the United States District Court for the Eastern District of New
2   York (Komitee, J.).
3          UPON DUE CONSIDERATION, IT IS HEREBY ORDERED, ADJUDGED, AND
4   DECREED that the judgment of the district court is AFFIRMED.
5          Plaintiff-Appellant Turret Labs USA, Inc. (“Turret Labs”) appeals from the district court’s
6   March 22, 2021 judgment dismissing its second amended complaint (“SAC”) for failure to state a
7   claim pursuant to Federal Rule of Civil Procedure 12(b)(6).              Turret Labs USA, Inc. v.
8   CargoSprint, LLC, No. 19-CV-6793, 

, at *1 (E.D.N.Y. Feb. 12, 2021).              Turret
9   Labs alleges that Defendants-Appellees CargoSprint, LLC and its chief executive officer, Joshua
10   Wolf, improperly gained access to Turret Labs’ software, Dock EnRoll, and reverse engineered it
11   to create their own competing program. 1      Turret Labs claims misappropriation of a trade secret
12   under the Defend Trade Secrets Act (“DTSA”), 18 U.S.C § 1836(b), and common-law
13   misappropriation of a trade secret. 2   The district court dismissed these trade secret claims, ruling
14   that Turret Labs failed as a matter of law to plead that Dock EnRoll was a “trade secret” under the
15   DTSA and common law because the Plaintiff-Appellant did not adequately allege that it took
16   reasonable measures to keep its information secret from third parties. Turret Labs, 

   535217, at *4–6.      We assume the parties’ familiarity with the underlying facts, the procedural
1
Dock EnRoll is an “air cargo ground handling control application that allows for payment of
fees and scheduling of shipments based on synchronized real-time United States Customs release
notifications, [and] was the first software of its kind at the time.” SAC ¶ 17.
2
The SAC also brings claims for common-law unfair competition, conversion, and defamation,
as well as fraud in connection with computers under the Computer Fraud and Abuse Act
(“CFAA”), 

. The district court dismissed the unfair competition, conversion,
and CFAA claims, Turret Labs, 

, at *6–7, and the parties voluntarily agreed to
dismiss the defamation claim with prejudice shortly thereafter. Turret Labs does not pursue these
claims on appeal.
2
1   history of the case, and the issues on appeal.
2                                               *       *       *
3           We review de novo the district court’s dismissal of Turret Labs’ SAC pursuant to Rule
4   12(b)(6).   See Pettaway v. Nat’l Recovery Sols., LLC, 

, 304 (2d Cir. 2020).              To
5   survive a motion to dismiss brought under Rule 12(b)(6), a complaint “must contain sufficient
6   factual matter, accepted as true, to ‘state a claim to relief that is plausible on its face.’”   Ashcroft
7   v. Iqbal, 

, 678 (2009) (quoting Bell Atl. Corp. v. Twombly, 

, 570 (2007)).
8   We are “required to accept all well-pleaded factual allegations in the complaint as true” and
9   “construe all reasonable inferences that can be drawn from the complaint in the light most
10   favorable to the plaintiff,” but we need not credit conclusory allegations. Lynch v. City of New

 F.3d 67, 74–75 (2d Cir. 2020) (internal quotation marks and citations omitted).
12           Under Section 1836 of the DTSA, the owner of a “trade secret that is misappropriated may
13   bring a civil action . . . if the trade secret is related to a product or service used in, or intended for
14   use in, interstate or foreign commerce.”         § 1836(b)(1).    For “financial, business, scientific,
15   technical, economic, or engineering information” to constitute a “trade secret,” two factors must
16   be satisfied:   (A) the owner must have “taken reasonable measures to keep such information
17   secret”; and (B) the information must “derive[] independent economic value, actual or potential,
18   from not being generally known to, and not being readily ascertainable through proper means by,
19   another person who can obtain economic value from the disclosure or use of the information . . . .”
20   

(3), (3)(A)–(B).       Turret Labs argues that the district court erred in concluding
21   that it failed adequately to allege that it took reasonable measures to protect Dock EnRoll’s secrecy.
22   For the following reasons, we disagree.
23           Turret Labs alleges that after developing Dock EnRoll, it entered into a joint venture
3
1   agreement and an exclusive licensing agreement with Lufthansa Cargo Americas (“Lufthansa”),
2   which authorized Lufthansa to manage Dock EnRoll and grant access to other users. SAC ¶ 21(f)
3   (“User Access for Dock EnRoll is managed by Lufthansa only[] and no other party has access
4   without Lufthansa’s authority”); SAC ¶ 21(j) (pleading that Turret Labs “assign[ed] to Lufthansa
5   the right to vet users and grant access”).     The SAC alleges that Defendants-Appellees gained
6   unfettered access to Dock EnRoll by falsely presenting themselves as freight forwarders to
7   Lufthansa. 3   It is not clear from the SAC, however, whether such unfettered access was granted
8   by Lufthansa, or if Defendants-Appellees used other wrongful means to expand their access after
9   initially receiving login information. 4   Turret Labs pleads, without explanation, that Defendants-
10   Appellees were “given unfettered access to all corners of the Dock EnRoll platform that, based on
11   Lufthansa’s protocols, no freight forwarder or other user would have been granted access to, and
12   it was only due to Defendants’ wrongful actions that they were able to obtain such greater access
13   to the platform.” 5   SAC ¶ 31.      Such “expansive unauthorized access to [Dock EnRoll] and
14   confidential information contained therein allowed [Defendants-Appellees] to reverse engineer the
3
“Freight forwarders” are “the entities that arrange for the storage and shipping of merchandise
on behalf of shippers.” SAC ¶ 16.
4
Turret Labs alternatively alleges that Defendants-Appellees gained access by “[u]sing a pre-
approved access through Damco or other authorized freight forwarders [to] log[] in to the
system . . . .” SAC ¶ 24(b). Turret Labs alleges nothing further regarding “Damco,” however,
or how access to an approved freight forwarder’s login information was used to obtain unfettered
access “above and beyond what authorized [freight forwarders] would be entitled to access . . . .”
See SAC ¶ 35.
5
Turret Labs alleges that a freight forwarder’s access to Dock EnRoll would generally “allow
such forwarder to be able to see information for airway bills assigned to that [particular]
forwarder,” SAC ¶ 32, but that Defendants-Appellees were “able to gain access to the airway bill
information of multiple freight forwarders,” providing them information such as the name of the
shipper, consignee name, nature of the goods, weight, volume and customs release information,
“which is proprietary information for the specific freight forwarder,” SAC ¶ 33.
4
1   software,” SAC ¶ 34, and create a program that is “identical to Dock EnRoll, particularly the
2   scheduling system,” SAC ¶ 35.
3          The DTSA gives scant guidance on what constitutes “reasonable measures” to keep
4   information secret.    But given that trade secrets may appear in a wide variety of “forms and
5   types,” § 1839(3), “[w]hat measures are ‘reasonable’ must depend in significant part on the nature
6   of the trade secret at issue,” see Exec. Trim Constr., Inc. v. Gross, 

, 380
7   (N.D.N.Y. 2021).      We agree with the district court that where an alleged trade secret consists
8   “primarily, if not entirely,” of a computer software’s functionality—“functionality that is made
9   apparent to all users of the program”—the reasonableness analysis will often focus on who is given
10   access, and on the importance of confidentiality and nondisclosure agreements to maintaining
11   secrecy.   Turret Labs, 

, at *4; see also Mason v. Amtrust Fin. Servs., Inc., 848
12   F. App’x 447, 450 (2d Cir. 2021) (holding that plaintiff’s failure to “execut[e] a nondisclosure or
13   licensing agreement or . . . stipulate[e] in his employment contract that the [software] was his
14   proprietary information” evidenced that he “had not taken reasonable measures to protect his
15   information”); Inv. Sci., LLC v. Oath Holdings Inc., No. 20 Civ. 8159, 

, at *3
16   (S.D.N.Y. Aug. 11, 2021) (concluding that the plaintiff did not employ reasonable measures to
17   protect its claimed trade secrets because, among other reasons, the plaintiff “concede[d] that it did
18   not require [the defendant] to sign a confidentiality agreement before sharing the contents of the
19   [product]”); Exec. Trim, 525 F. Supp. 3d at 380; Charles Ramsey Co., Inc. v. Fabtech-NY LLC,
20   No. 1:18-CV-0546, 

, at *15 (N.D.N.Y. Jan. 21, 2020) (collecting cases); Mintz
21   v. Mktg. Cohorts, LLC, No. 18-CV-4159, 

, at *6 (E.D.N.Y. July 25, 2019)
22   (dismissing a DTSA claim because plaintiff “did not require defendants to sign a non-disclosure
23   agreement nor any sort of covenant to protect the passwords”).
5
1           This observation is consistent with those of our sister circuits.      See, e.g., Farmers Edge
2    Inc. v. Farmobile, LLC, 

, 1033 (8th Cir. 2020) (holding that under the DTSA, a
3    company that, “without a confidentiality agreement and without other policies or practices for
4    safeguarding secrets . . . shared the relevant information with a third-party who had no obligation
5    to keep it confidential . . . did not take reasonable steps to safeguard its trade secrets”); InteliClear,
6    LLC v. ETC Glob. Holdings, Inc., 

, 660 (9th Cir. 2020) (holding, under the DTSA,
7    that the plaintiff took “reasonable measures” by “encrypt[ing] and compil[ing] its source code and
8    requir[ing] licensees to agree to confidentiality,” as “[c]onfidentiality provisions constitute
9    reasonable steps to maintain secrecy”); VBS Distribution, Inc. v. Nutrivita Lab’ys, Inc., 

   App’x 1005, 1009 (9th Cir.), cert. denied, 

 (2020) (“Providing alleged
11   trade secrets to third parties does not undermine a trade-secret claim, so long as the information
12   was provided on an understanding of confidentiality.” (internal quotation marks and citation
13   omitted)).
14           Notably absent from Turret Labs’ SAC is any specific allegation that Lufthansa or any
15   other user of Dock EnRoll was required to keep Turret Labs’ information confidential.              Turret
16   Labs does not plead that it had confidentiality or nondisclosure agreements in place with Lufthansa
17   or other users of Dock EnRoll.     Nor does it allege that Lufthansa was obligated to limit access to
18   the software to freight forwarders that were themselves bound to respect the secrecy of Turret
19   Labs’ information.     Although the SAC alleges generally that Lufthansa’s internal guidelines
20   dictated the terms of use, there is no allegation that these guidelines contractually obligated users
21   to keep the software, its client-facing functionality, or its internal mechanics confidential.       And
22   without confidentiality or nondisclosure agreements in this context, it is not apparent from the
23   SAC that any user could not simply replicate the software after using it.
6
1          Turret Labs argues that, regardless, its extensive list of security measures for Dock EnRoll,
2   as pled in the SAC, plausibly constitutes “reasonable measures” to keep its information secret.
3   See § 1839(3)(A).    The SAC pleads, among other things, that Dock EnRoll’s physical servers
4   were kept in monitored cages within a data center with restricted access and that access to the
5   software was limited to those with usernames and passwords approved by Lufthansa. SAC ¶ 21.
6   But secured physical servers are largely irrelevant where users such as Defendants-Appellees
7   could simply be given access by Lufthansa and view and replicate Dock EnRoll’s functionality.
8   And, again, the SAC is silent regarding any obligation on Lufthansa’s part to protect proprietary
9   information by granting access only to legitimate freight forwarders bound by confidentiality
10   agreements. The SAC implies (but does not allege) that Defendants-Appellees hacked into the
11   software to obtain unfettered access to Dock EnRoll’s algorithms and other internal mechanics
12   after getting login information from Lufthansa. But Turret Labs has failed to plead how any of
13   its security measures might have prevented such an unwanted intrusion.
14          In the absence of nonconclusory allegations that it took reasonable measures to keep its
15   information secret, Turret Labs has not plausibly alleged that Defendants-Appellees
16   misappropriated a “trade secret” under the DTSA.      See § 1839(3)(A). Turret Labs’ common-
17   law misappropriation claim is inadequately pled for the same reason.    See Defiance Button Mach.
18   Co. v. C & C Metal Prod. Corp., 

, 1063 (2d Cir. 1985) (noting that under New York
19   common law, owner of a trade secret must take “reasonable measures to protect its secrecy”
20   (internal quotation marks omitted)); Mason, 848 F. App’x at 450–51. Accordingly, the district
21   court did not err in dismissing these claims.
22                                            *      *       *
23
7
1          We have considered Plaintiff-Appellant Turret Labs’ remaining arguments and find them
2   to be without merit. Accordingly, we AFFIRM the judgment of the district court.
3                                                       FOR THE COURT:
4                                                       Catherine O’Hagan Wolfe, Clerk of Court
8