The Utah Supreme Court recently issued a significant decision laying out a presumption of harm evidentiary standard in trade secret cases, which will be very useful for plaintiffs seeking injunctive relief in cases involving trade secret and breach of non-disclosure claims. InnoSys v. Mercer, 2015 UT 80 (August 28, 2015).

The trade secret battle involved a defense industry-focused technology company, InnoSys, Inc., and its former engineer, Amanda Mercer.

InnoSys alleged that Mercer violated a non-disclosure agreement she signed at the time of hire, which memorialized her promise not to copy or transmit any company-protected information. InnoSys further alleged that Mercer engaged in misappropriation of trade secrets when she sent company information and a confidential company business plan to her personal email account and downloaded it onto a personal thumb drive and used the information in an administrative unemployment hearing following her dismissal from InnoSys.

In district court, Mercer prevailed on her motion for summary judgment based on the determination that InnoSys had not met its burden of showing that Mercer’s acts amounted to actual, irreparable harm. As a result, InnoSys was slapped with sanctions under Federal Rule 11 and Mercer recovered her attorney’s fees under Utah state law.

The Utah Supreme Court reversed the district court in a 3-2 decision, asserting that “Mercer’s disclosures [of InnoSys’ confidential information] at least arguably sustain[ed] a presumption of harm to InnoSys.”

First, the Court reasoned that InnoSys “at least arguably” asserted a prima facie case of misappropriation of trade secrets under the Utah Uniform Trade Secret Act (UTSA). Under the UTSA, a prima facie case of misappropriation is established on the basis of two elements: 1) existence of a protectable trade secret by a plaintiff; and 2) demonstration of misappropriation by a defendant. Utah Code § 13-24-2. The Court found that the business plan and other confidential information indisputably were trade secrets because they derived independent economic value from not being generally known by others. In determining whether Mercer was entitled to judgment as a matter of law on this issue, the Court reasoned that InnoSys arguably made a prima facie showing of infringement under the UTSA and under its claim of breach of the non-disclosure agreement, which showing sustained a presumption of irreparable harm.

Second, the Court noted undisputed evidence of misappropriation on the summary judgment record, which included proof of unlawful disclosure and unlawful acquisition. Only a showing of one is necessary under the UTSA. Id. § 13-24-2(2)(a), (b). Mercer’s transmission of company information from the company system to a personal email account and thumb drive coupled with her subsequent use of that information in an administrative proceeding “at least arguably amount[ed] to misappropriation” under the UTSA, the Court concluded. Moreover, the UTSA provides no basis for a defense to the unauthorized disclosure of a trade secret, no matter the circumstances. Therefore, Mercer had no reasonable basis grounded in the UTSA to disclose company information in the way she did to the administrative body during her proceeding; such a lack of a defense further supported InnoSys’ prima facie showing.

The Court reasoned that InnoSys was able to withstand Mercer’s motion for summary judgment because its prima facie showing gave rise to a rebuttable presumption of irreparable harm, to which Mercer provided no rebuttal. The court further discussed the presumption of irreparable harm upon the showing of misappropriation, noting that trade secrets, as property rights, are protected by such a legal presumption. Any trespass on such a right is subject to injunctive relief to “vindicate that right and prevent future harm.” The Court emphasized that such a presumption is “rarely questioned,” and exists as strong precedent in trade secret law.

The Court later analyzed how Mercer failed to rebut the presumption of irreparable harm. The Court considered the possibility, given expert testimony supporting such a hypothesis, that Mercer kept other copies of the confidential information elsewhere, despite deleting some documents in the presence of her sister and attorney. If she did not harbor such information, injury to her upon the issuance of an injunction would harm her little; if she did harbor the information with the intention to further harm InnoSys, then the injunction would be priceless for InnoSys. In other words, issuing an injunction in favor of InnoSys at the very least would protect it from any fathomable future disclosure by Mercer, with little harm to her.

Even without the presumption, the Court stated that InnoSys provided actual evidence of threatened harm, which would allow its claim to survive summary judgment. This actual evidence included a showing of Mercer’s use of a web-based personal email account to access InnoSys’ trade secrets. Transmission of protected company information to an email server not bound to any confidentiality agreement nor capable of ever actually deleting a message, InnoSys argued, amounted to an ongoing threat of harmful disclosure. Further, the Court noted that Mercer could go and re-access her administrative hearing file, which contained the trade secret information at issue. Moreover, Mercer’s recurring inconsistent statements made throughout the history of the case undermined her credibility and introduced a “core genuine issue as to her supposed intent to reform and never again harm InnoSys.”

Regarding the breach of the non-disclosure agreement claim, the presumption of irreparable harm in and of itself, the Court noted, was enough to sustain InnoSys’ prima facie case. The court reversed the summary judgment on the breach of fiduciary duty claim and attorney’s fees as well for the reasons outlined above, and others. In sum, the Court held that because Mercer made no attempt to rebut the presumption of irreparable harm to InnoSys, the district court’s grant of summary judgment, Rule 11 sanctions, and attorney’s fees was improper.

The majority opinion, authored by Associate Chief Justice Lee (“ACJ Lee”), acknowledged the dissent’s arguments several times throughout the opinion. Perhaps most interestingly, the dissent asserted that Mercer was entitled to summary judgment because InnoSys failed to show an actual threat of future harm by Mercer. ACJ Lee directly addressed this argument, noting that it fell short on two grounds: 1) the issue it raised was not preserved; and 2) Mercer’s deletion of emails failed to rebut the presumption of irreparable harm. Regarding the former, ACJ Lee noted that Mercer’s entire argument was that InnoSys never produced evidence of actual or threatened harm; meaning, InnoSys never showed the economic impact following Mercer’s disclosures. Such failure to produce was not enough to affirm a summary judgment ruling, in the majority’s opinion. As to the latter issue, the ACJ recalled that a defendant’s claiming her voluntary compliance moots a case bears “a formidable burden of showing that it is absolutely clear the allegedly wrongful behavior could not be reasonably expected to occur.” The dissent argued that the fact that Mercer deleted all of the confidential information from her email was undisputed and that InnoSys failed to produce evidence that she would be a future threat of harm, but the majority disagreed because it assumed facts not made of record and gave the benefit of the doubt to the wrong party, the movant. The majority continued that Mercer failed to meet the aforementioned formidable burden because her acts of deletion could be construed as self-serving and not enough to defeat summary judgment.

Takeaways

This case provides a significant evidentiary tool to plaintiffs who have evidence of illicit data transfer despite claims by the defendant that the data has subsequently been deleted and/or that there has been no harm to the plaintiff. Additionally, the case underscores the importance for trade secret victims to conduct thorough computer forensic investigations to uncover evidence of data misuse to support their claims.