Symantec Corp. v. McAfee Assocs., Inc.
Symantec Corp. v. McAfee Assocs., Inc.
1998 WL 740798 (N.D. Cal. 1998)
June 9, 1998
Fogel, Jeremy D., United States District Judge
Summary
The Court found that Symantec had failed to adequately allege the existence of an enterprise and a pattern of racketeering activity, and noted that ESI was important to the case. Symantec had alleged that McAfee had copied portions of Symantec's CrashGuard software and SymKrnl DLL into McAfee products for interstate distribution. The Court granted McAfee's motion to dismiss the eleventh and twelfth causes of action for violation of RICO and conspiracy to violate RICO, with leave to amend.
SYMANTEC CORPORATION, Plaintiff,
v.
McAFEE ASSOCIATES, INC., a.k.a. NETWORK ASSOCIATES, INC.1, Defendant
v.
McAFEE ASSOCIATES, INC., a.k.a. NETWORK ASSOCIATES, INC.1, Defendant
No. C–97–20367–JF(EAI)
United States District Court, N.D. California
June 09, 1998
Fogel, Jeremy D., United States District Judge
ORDER2 GRANTING SYMANTEC'S MOTION FOR PRELIMINARY INJUNCTION; GRANTING McAFEE'S MOTION TO DISMISS THE EIGHTH CAUSE OF ACTION WITHOUT LEAVE TO AMEND; AND GRANTING McAFEE'S MOTION TO DISMISS THE ELEVENTH AND TWELFTH CAUSES OF ACTION WITH LEAVE TO AMEND [Docket Nos. 96, 112 and 142]
*1 Plaintiff's motion for preliminary injunction, defendant's motion to dismiss the eighth cause of action[3], and defendant's motion to dismiss the eleventh and twelfth causes of action were heard on June 8, 1998. For the reasons discussed below, plaintiff's motion for preliminary injunction is granted, defendant's motion to dismiss the eighth cause of action is granted without leave to amend, and defendant's motion to dismiss the eleventh and twelfth causes of action is granted with leave to amend.
I. BACKGROUND
Both plaintiff Symantec Corporation (“Symantec”) and defendant McAfee Associates, Inc. (“McAfee”) are in the business of developing, marketing and manufacturing computer software products. This action arises primarily from Symantec's allegations that McAfee infringed two of Symantec's copyrights by copying codes contained in Symantec's products and incorporating those codes into McAfee's own products. Specifically, Symantec claims that McAfee “reverse engineered” one of Symantec's most successful products, CrashGuard, and incorporated portions of the CrashGuard program (“First Code Block”) into its own product, PC Medic 97. Symantec also claims that McAfee obtained from a former Symantec employee one of Symantec's Dynamically Linked Library (“DLL”) files[4], the SymKrnl DLL, and incorporated portions of that DLL (“Second Code Block”) into several of McAfee's own products, including PC Medic 97 and VirusScan Network products. Symantec additionally claims that McAfee obtained Symantec's private customer sales information from one of Symantec's former sales representatives. This former sales representative allegedly misappropriated two diskettes containing customer names, telephone numbers, addresses, sales histories, terms of purchase, license agreements, and site licenses of Symantec. Symantec asserts that McAfee used this information, which Symantec characterizes as trade secrets, in efforts to woo Symantec's customers and convince them to buy McAfee products.
Based upon McAfee's alleged conduct, Symantec filed suit in this Court on April 23, 1997. Symantec's operative Third Amended Complaint asserts fourteen causes of action against McAfee for: copyright infringement (first through sixth causes of action); trade secret misappropriation (seventh and ninth causes of action); unfair competition (eighth and tenth causes of action); violation of, and conspiracy to violate, the Racketeer Influenced and Corrupt Organizations Act (“RICO”) (eleventh and twelfth causes of action); interference with prospective economic advantage (thirteenth cause of action); and interference with contractual relations (fourteenth cause of action). The Third Amended Complaint requests money damages and injunctive relief.
Additionally, Symantec has filed a motion for preliminary injunction, seeking to enjoin McAfee from distributing or using any of Symantec's customer sales information, and to require retrieval by McAfee of any customer sales information it has disseminated to others.[5] McAfee denies that it acted improperly with respect to any private customer sales information. Accordingly, McAfee does not oppose Symantec's motion. However, McAfee's statement of non-opposition stipulates to more limited injunctive relief than that requested by Symantec.
*2 McAfee has filed motions to dismiss Symantec's causes of action for unfair competition (eighth cause of action), violation of RICO (eleventh cause of action), and conspiracy to violate RICO (twelfth cause of action) on the basis of failure to state a claim. Symantec opposes these motions.
II. DISCUSSION
A. Motion For Preliminary Injunction
As a general rule, a party seeking a preliminary injunction must show either (1) a likelihood of success on the merits and the possibility of irreparable injury, or (2) the existence of serious questions going to the merits and the balance of hardships tipping in the movant's favor. See Roe v. Anderson, 134 F.3d 1400, 1401–02 (9th Cir.1998); Apple Computer, Inc. v. Formula Int'l, Inc., 725 F.2d 521, 523 (9th Cir.1984). These formulations represent two points on a sliding scale in which the required degree of irreparable harm increases as the probability of success decreases.[6]See Roe, 134 F.3d at 1402.
In support of its motion, Symantec introduces the declaration of one of its Vice Presidents, Keith Robinson. Mr. Robinson states that one of Symantec's former sales representatives, Mark Middleton, admitted to taking two diskettes containing Symantec's customer sales information (names, telephone numbers, sales histories, etc.). See Declaration of Keith Robinson, ¶ 2. According to Mr. Robinson, Mr. Middleton also admitted to giving the diskettes to McAfee sales representatives for the purpose of obtaining customer leads. See id., ¶¶ 3–4. Mr. Robinson characterizes the customer sales information as trade secrets, and states that Symantec's revenues will be impaired if McAfee is allowed to use the information to target Symantec's customers. See id., ¶ 5.
Symantec also introduces deposition testimony of Frank Pinello, one of McAfee's sales representatives. Mr. Pinello states that in April 1997, he received an e-mail from another McAfee sales representative along with an attachment containing Symantec's customer sales information. See Deposition of Francis Pinello, p. 77. Mr. Pinello states that he forwarded the customer sales information to McAfee's New Jersey sales department. See id. Mr. Pinello further states that the customer sales information recently was removed from the McAfee sales representatives' computers by means of “delete and scrub utilities.” See id., pp. 84–85. Symantec argues that McAfee's “delete and scrub” activities constituted an effort to destroy evidence of misappropriation, and states that it will be seeking leave to file a Fourth Amended Complaint in order to add claims for spoliation of evidence.[7]
McAfee disputes Symantec's characterization of its actions, and specifically denies that it destroyed evidence. In particular, McAfee asserts that the disputed customer information was removed from its sales representatives' computers in response to Symantec's claim that the information constituted trade secrets, and that copies were made of all removed information. However, in order to avoid further disputes with respect to the customer information, McAfee agrees to the issuance of a preliminary injunction.
*3 In light of the above, it appears that Symantec has presented evidence[8] raising serious questions going to the merits of Symantec's trade secrets claim based upon misappropriation of the customer sales information, and that issuing a preliminary injunction would not impose any hardship upon McAfee. The Court notes, however, that McAfee's statement of non-opposition suggests an injunction narrower in scope than the one requested by Symantec. Symantec requests an injunction:
(a) enjoining direct or indirect distribution in any manner and by any means of any originals, copies, facsimiles or duplicates of any Symantec customer sales information database or any portion thereof;
(b) directing recall from all in-house sales representatives, outside sales representatives, and all others known to McAfee of any originals, copies, facsimiles, or duplicates of any Symantec customer sales information database or any portion thereof;
(c) directing delivery upon oath, to be impounded during the pendency of this action, and for destruction pursuant to judgment herein, of all originals, copies, facsimiles or duplicates of any Symantec customer sales information database or any portion thereof;
(d) enjoining any unauthorized use of any Symantec customer sales information database, or any portion thereof, or any information derived from it; and
(e) directing filing with the Court and service on Symantec within thirty (30) days after service of the Court's order a report, in writing and under oath, setting forth in detail the manner and form in which McAfee complied with the Court's order.
McAfee's statement of non-opposition agrees to most of the items set forth in Symantec's proposed injunction. However, the statement of non-opposition does not agree specifically to the provision requiring McAfee to recover customer sales information from anyone other than McAfee's sales representatives (Symantec wants and order directing Symantec to recover the information from “all others” who may have it), and does not agree to the provision requiring delivery of the sales information to Symantec. McAfee argues that there is no reason to believe that customer information was given to anyone other than its sales representatives.
Given McAfee's position that the customer information was not disseminated to anyone other than its sales representatives, imposing a requirement that McAfee recover such information from both its sales representatives and “all others” should not impose any hardship. Additionally, in light of McAfee's agreement to a condition prohibiting any “unauthorized use” of the customer information, there does not appear to be any reason why McAfee should not be ordered to deliver the customer information to Symantec pending disposition of the action. Accordingly, Symantec's motion for preliminary injunction will be granted, and the form of the injunction will be that proposed by Symantec.
B. Motions To Dismiss[9]
*4 For purposes of a motion to dismiss, the plaintiff's allegations are taken as true, and the Court must liberally construe the complaint in the light most favorable to the plaintiff. See Jenkins v. McKeithen, 395 U.S. 411, 421, 89 S.Ct. 1843, 1849, 23 L.Ed.2d 404 (1969); Argabright v. United States, 35 F.3d 472, 474 (9th Cir.1994). Leave to amend must be granted unless it is clear that the complaint's deficiencies cannot be cured by amendment. See Lucas v.. Dep't of Corrections, 66 F.3d 245, 248 (9th Cir.1995). However, where amendment would be futile, dismissal may be ordered with prejudice. See Albrecht v. Lund, 845 F.2d 193, 195–96 (9th Cir.1988); Beezley v. Fremont Indemnity Co., 804 F.2d 530, 531 (9th Cir.1986); see also Dumas v. Kipp, 90 F.3d 386, 393 (9th Cir.1996)(holding that dismissal without leave to amend was appropriate where the plaintiff had filed four complaints and yet continued to allege insufficient facts).
1. Unfair Competition Claim (Eighth Cause Of Action)
In its eighth cause of action, Symantec alleges that McAfee obtained a copy of Symantec's CrashGuard software in order to reverse engineer portions of the program and create competing products. Symantec further alleges that this reverse engineering violated a licensing agreement governing use of the software by purchasers and users. Symantec asserts that McAfee's acquisition of the CrashGuard software for reverse engineering purposes constituted unfair business competition in violation of California Business and Professions Code §§ 17200 et seq., which prohibit “unlawful, unfair or fraudulent business act[s] or practice[s] and unfair, deceptive, untrue or misleading advertising.” See Cal. Bus. & Prof.Code §§ 17200 et seq.
McAfee contends that this cause of action fails to state a claim because: (a) it is preempted by federal copyright laws; and (b) an unfair competition claim cannot be based solely upon a breach of a licensing agreement.
The Court concludes that Symantec's eighth cause of action is preempted by federal copyright laws.
Section 301 of the Copyright Act provides that:
[A]ll legal or equitable rights that are equivalent to any of the exclusive rights within the general scope of copyright as specified by section 106 in works of authorship that are fixed in a tangible medium of expression and come within the subject matter of copyright specified by sections 102 and 103 ... are governed exclusively by this title. Thereafter, no person is entitled to any such right or equivalent right in any such work under the common law or statutes of any State.
17 U.S.C. § 301. Accordingly, a state law claim is preempted if: (1) the work to be protected comes within the subject matter of copyright; and (2) the state-created right forming the basis of the state law claim is equivalent to any of the exclusive rights within the general scope of copyright as specified by § 106 of the Copyright Act. See Del Madera Properties v. Rhodes and Garner, Inc. ., 820 F.2d 973, 976–78 (9th Cir.1987). A right is “equivalent” to an exclusive right within the general scope of copyright if it is infringed by “the mere act of reproduction, performance, distribution or display.” Trenton v. Infinity Broadcasting Corp., 865 F.Supp. 1416, 1428 (C.D.Cal.1994) (quoting 1 M. Nimmer, Nimmer on Copyright, § 101[B][1] at 1–14–15 (1993)). The fact that the state-created right is either broader or narrower than its federal counterpart will not save it from preemption. See id. But, if other qualitative elements in addition to the acts of reproduction, performance, distribution or display are required for the state law claim, the right does not lie within the scope of copyright and there is no preemption. See id. Examples of claims which contain additional qualitative elements include unfair competition claims based upon breach of confidential relationships, reverse palming off, and interference with contract. See Summit Mach. Tools Mfg. Corp. v. Victor CNC Systems, Inc., 7 F.3d 1434, 1441–42 (9th Cir.1993).
*5 Applying the above standards to the allegations in Symantec's Third Amended Complaint, it appears that Symantec's unfair competition claim is preempted. The work at issue is Symantec's CrashGuard software, a copyrighted computer program which clearly is within “the subject matter of copyright.” See Johnson Controls, Inc. v. Phoenix Control Systems, Inc., 886 F.2d 1173, 1175 (9th Cir.1989)(holding that computer software is subject to copyright protection). The conduct at issue is McAfee's alleged reverse engineering of the CrashGuard program for the purpose of copying code contained therein into competing products. This conduct—reproducing and distributing protected material—falls squarely within the Copyright Act.
Symantec contends that its claim contains additional qualitative elements which make it more than a mere copyright infringement action. As an illustration of these additional elements, Symantec asserts that the McAfee employee who copied portions of the CrashGuard code into McAfee's products first “obtained a copy of CrashGuard, agreed to the terms of its license agreement, and then violated the license agreement.” See Symantec's Memorandum of Points and Authorities in Opposition To McAfee's Motion to Dismiss, p. 8. Symantec also asserts that the reverse engineering of the CrashGuard software did not, itself, infringe upon its copyright, and thus asserts that the reverse engineering constitutes an additional element.
The Court understands Symantec to be arguing that the existence of the licensing agreement, and the McAfee employee's knowledge of it, somehow changed the character of the employee's conduct from an act of copyright infringement into something more. Symantec also seems to be arguing that, because the particular method by which McAfee allegedly obtained protected code—reverse engineering—is not specifically mentioned in the Copyright Act, the McAfee employee engaged in something more than mere copyright infringement. The conduct to which Symantec points, however, does not constitute the type of conduct which other courts have found sufficient to meet the additional element test, for example, conduct breaching a fiduciary duty or interfering with contract. See Summit Mach. Tools Mfg. Corp., 7 F.3d at 1441–42. Symantec has not cited, and the Court has not discovered, any cases indicating that conduct such as that described by Symantec is sufficient to add an additional element to what essentially is a copyright infringement claim. The Court would expect to see such cases if the alleged conduct were sufficient to transform an infringement claim into something more, because virtually all computer software programs are governed by licensing agreements, and reverse engineering is a common method of obtaining protected code. Consequently, the Court finds that Symantec's unfair competition claim is subject to dismissal without leave to amend on the ground that it is preempted by federal copyright laws.[10]
2. RICO Claims (Eleventh And Twelfth Causes Of Action)
*6 Symantec's eleventh causes of action alleges that the conduct of McAfee, its employees, and third parties violated RICO, 18 U.S.C. §§ 1961 et seq. The twelfth cause of action alleges a conspiracy to commit RICO violations.
In order to maintain a civil RICO action, a plaintiff must allege: (1) the conduct (2) of an enterprise (3) through a pattern (4) of racketeering activity. See 18 U.S.C. § 1962(c); Sedima, S.P.R.L. v. Imrex Co., Inc., 473 U.S. 479, 496, 105 S.Ct. 3275, 3285, 87 L.Ed.2d 346 (1985). Similarly, these elements must be sufficiently alleged in order for a plaintiff to maintain a cause of action for conspiracy to commit RICO violations. See Neibel v. Trans World Assurance Co., 108 F.3d 1123, 1127 (9th Cir.1997).
McAfee contends that the eleventh cause of action for violation of RICO fails to state a claim because: (a) Symantec has failed to allege the existence of a valid enterprise; (b) Symantec has not alleged sufficient conduct by McAfee to trigger RICO liability; and (c) Symantec has not alleged a pattern of racketeering activity. McAfee further contends that, because the RICO claim is not adequately alleged, the twelfth cause of action for conspiracy to violate RICO fails as well.
The Court concludes that Symantec has failed to state a claim for violation of RICO or conspiracy to violate RICO. Symantec has failed to allege adequately the existence of an enterprise. In order to allege the existence of an enterprise, the plaintiff must allege the existence of an organization, either formal or informal, which has some sort of structure for making decisions and directing the organization's ongoing affairs. See Chang v. Chen, 80 F.3d 1293, 1299 (9th Cir.1996). Symantec has not alleged the existence of such an organization, its structure, or its method of operation. Symantec alleges only that McAfee, some employees, and some non-employees participated in the affairs of “an association-in-fact ‘enterprise” ’ within the meaning of the statute. See Third Amended Complaint, ¶ 111. This allegation is insufficient.
Additionally, Symantec has failed to allege a pattern of racketeering activity. “Racketeering activity” includes any criminal activity indictable under one of several statutes listed in the RICO provisions. See 18 U.S.C. § 1961(1). In order to allege the existence of a “pattern” of racketeering activity, the plaintiff must allege at least two predicate acts, or two instances of such activity. See Bowen v. Oistead, 125 F.3d 800, 806 (9th Cir.1997). Symantec asserts that McAfee and other members of the enterprise committed at least two acts in violation of the 18 U.S.C. §§ 2314 and 2315, which statutes are enumerated in the RICO provisions. See 18 U.S.C. § 1961(1). Sections 2314 and 2315 prohibit the interstate transportation, sale or receipt of stolen goods. See 18 U.S.C. §§ 2314, 2315. Symantec alleges that McAfee and other members of the enterprise violated these sections by copying portions of Symantec's CrashGuard software and SymKrnl DLL into McAfee products for interstate distribution. See Third Amended Complaint, ¶ 112. However, §§ 2314 and 2315 do not apply to the interstate transportation, sale or receipt of goods whose contraband character derives from copyright infringement. See Dowling v. United States, 473 U.S. 207, 228–29, 105 S.Ct. 3127, 3138–39, 87 L.Ed.2d 152 (1985). Accordingly, Symantec has failed to allege the requisite pattern of racketeering activity.
*7 Symantec does not dispute the fact that §§ 2314 and 2315 do not apply to the transportation, sale or receipt of goods whose contraband character derives solely from copyright infringement. However, Symantec argues that §§ 2314 and 2315 do apply to the transfer and receipt of physical property such as the two diskettes containing customer information, and the physical copy of the SymKrnl DLL. Symantec may be correct in its assertion. However, Symantec's eleventh cause of action for RICO violation is not based upon the transportation or receipt of physical property. The only activity mentioned in that cause of action is the incorporation of protected code into McAfee products for purposes of transportation, sale and receipt across state lines. See Third Amended Complaint, ¶ 112.
Based upon the above, the Court finds that the eleventh cause of action for violation of RICO is subject to dismissal. Because a valid RICO claim has not been alleged, the twelfth cause of action for conspiracy to violate RICO is subject to dismissal as well. In light of the parties' agreements at the Case Management Conference with respect to scheduling, Symantec's representation that discovery with respect to its potential RICO claims is ongoing, and the very liberal legal standard with respect to requests for leave to amend, leave to amend will be granted. The Court has substantial doubt, however, as to whether a sufficient factual basis for the elements of a viable RICO claim can be alleged in this case.
III. ORDER
Accordingly, the Court orders as follows:
(1) Symantec's motion for preliminary injunction is GRANTED as is described in II(A) of this Order;
(2) McAfee's motion to dismiss the eighth cause of action for unfair competition is GRANTED WITHOUT LEAVE TO AMEND; and
(3) McAfee's motion to dismiss the eleventh cause of action for violation of RICO and the twelfth cause of action for conspiracy to violate RICO is GRANTED WITH LEAVE TO AMEND.
Footnotes
For the sake of consistency with previous proceedings, this Order refers to defendant as McAfee Associates, Inc., even though defendant now is known as Network Associates, Inc.
This disposition is not appropriate for publication and may not be cited.
The motion to dismiss the eighth cause of action originally was directed against plaintiff's Second Amended Complaint. While that motion was pending, plaintiff filed a Third Amended Complaint. Pursuant to the Court's March 9, 1998 Order, the motion to dismiss the eighth cause of action is now considered to be directed against the Third Amended Complaint.
According to plaintiff's Third Amended Complaint, DLL files contain subfunctions or subroutines which are commonly used in conjunction with a primary program. These subfunctions and subroutines are connected or “dynamically linked” with the software code for the primary program, so that when the computer user requests a primary program to be run, the program will load the software code for any necessary subfunctions or subroutines contained in the DLL at the same time that the primary program is being loaded. See Third Amended Complaint, ¶ 21.
The current motion is Symantec's third motion for preliminary injunction. In the first motion, Symantec sought to enjoin McAfee from continuing to sell, market, develop or manufacture PC Medic 97 or any other product infringing Symantec's copyrights in CrashGuard and SymKrnl. That motion was granted in part and denied in part on October 6, 1997. In the second motion, Symantec sought further injunctive relief with respect to its copyright in CrashGuard. That motion was denied on December 19, 1997.
Symantec contends that irreparable harm must be presumed if Symantec shows a likelihood of success on the merits. A showing of likely success on the merits does give rise to a presumption of irreparable harm in copyright and trademark cases. See Triad Systems Corp. v. Southeastern Express Co., 64 F.3d 1330, 1335 (9th Cir.1995); International Jenson, Inc. v. Metrosound U.S.A., Inc., 4 F.3d 819, 827 (9th Cir.1993). However, Symantec's motion for preliminary injunction is based upon McAfee's alleged use of trade secrets (customer sales information), not upon any alleged copyright or trademark infringement. The presumption of irreparable injury does not apply in trade secret cases. See, e.g., Campbell Soup v. Giles, 47 F.3d 467, 470 (1st Cir.1995)(applying the likelihood of success/showing of irreparable injury continuum to trade secret claim); Campbell Soup Co. v. ConAgra, Inc., 977 F.2d 86, 92–93 (3d Cir.1992)(refusing to apply a presumption of irreparable harm to trade secret claim and instead applying the likelihood of success/showing of irreparable injury continuum); Litton Systems, Inc. v. SunStrand Corp., 750 F.2d 952, 956 (Fed.Cir.1984) (applying the likelihood of success/showing of irreparable injury continuum to trade secret claim).
However, such an amendment appears to be precluded by the recent decision of the California Supreme Court in Cedars–Sinai Medical Center vs. Superior Court, S048596 (5/11/98).
There is some question whether the evidence contained in Mr. Robinson's declaration would be admissible at trial in its present form, because the declaration appears to contain hearsay statements. However, McAfee has not objected to the declaration, and in fact does not object to the issuance of a preliminary injunction. Because it appears that the evidence contained in the declaration could, if necessary, be converted into admissible evidence (for example, by means of deposing the McAfee sales representative who allegedly took the diskettes), and because McAfee does not object to the form of the evidence, the Court will consider the submitted declaration. Cf. Celotex Corp. v. Catrett, 477 U.S. 317, 324, 106 S.Ct. 2548, 2553, 91 L.Ed.2d 265 (1986)(nonmoving party need not oppose summary judgment with evidence in form that would be admissible at trial); McMillian v. Johnson, 88 F.3d 1573, 1584 (11th Cir.1996), aff'd, 520 U.S. 781, 117 S.Ct. 1734, 138 L.Ed.2d 1 (1997) (otherwise admissible evidence may be submitted in inadmissible form at summary judgment stage).
McAfee filed two separate motions to dismiss, one addressing the unfair competition claim (eighth cause of action), and one addressing the RICO violation and conspiracy claims (eleventh and twelfth causes of action).
In light of the Court's finding with respect to preemption, the Court need not address McAfee's additional argument that a breach of a licensing agreement cannot form the basis of an unfair competition claim.