Order, Supreme Court, New York County (Shirley Werner Kornreich, J), entered August 15, 2013, which, to the extent appealed from, denied plaintiffs’ motion to compel defendant Axioma, Inc. to produce source code created after April 3, 2012, reversed, on the facts, without costs, and the motion granted.
Plaintiffs, MSCI Inc., Financial Engineering Associates, Inc., RiskMetrics Group, Inc., and RiskMetrics Solutions, Inc. (collectively, MSCI), serve as a provider of investment decision support tools, including indices, risk analytics, and corporate governance products. MSCI provides a multi-asset class (MAC) risk analytics software product called “RiskManager,” which contains several component technologies, including “Risk-Server,” “Plug and Price,” and “StructureTool.” MSCI asserts that each one of these technologies constitutes a confidential and proprietary trade secret. MSCI further asserts that because RiskManager leads the market in the risk analytics software field, the source code underlying these technologies is a trade secret that provides MSCI with a competitive advantage in the marketplace.
MSCI commenced this action in 2011, alleging that in January and February 2011, defendants Philip Jacob and John Does I through X, former senior-level employees at MSCI who had been intimately involved in the development of RiskManager, left MSCI to work for defendant Axioma, Inc., a direct competitor. According to MSCI, the individual defendants went to work for Axioma specifically for the purpose of creating a MAC product that would compete with MSCI’s RiskManager. Further, MSCI alleges, before the individual defendants resigned, they misappropriated the entire source code underlying RiskServer, Plug and Price, and StructureTool.
Because the trade secrets of both MSCI and Axioma, in the form of the source codes for their MAC software products, were the essential evidence in the case, the parties negotiated a confidentiality stipulation, and Supreme Court so-ordered the stipulation in September 2011. The confidentiality stipulation and order (CSO) provided that MSCI and Axioma would jointly retain a third-party neutral with whom they would deposit their [1073]*1073respective source codes and that only the parties’ experts and attorneys would receive or see the material. The CSO specified that the parties would not be allowed to view their adversaries’ source codes.
The CSO required the parties to “deliver to [the third-party neutral] two (2) full copies of the source code for each programs/ products/components at issue in this action . . . .’’It further provided, “The copies of each source code shall include all versions of such source code created from inception in buildable, runnable, native text format and in a file organization that retains the original directory structure of the code and any source code repository; and source code documentation.”1
During the litigation, defendants contended that MSCI had not sufficiently identified its alleged trade secrets and that the failure to do so rendered useless any attempt to analyze and compare the parties’ source codes for any evidence of misappropriation. Hence, defendants moved to compel MSCI to identify its trade secrets with sufficient particularity and for a protective order staying their obligation to deposit their source code until MSCI did so. In a compliance conference order entered March 30, 2012, the court ordered the parties to brief the issue whether MSCI had to affirmatively identify its trade secrets, and also ordered Axioma to deposit its source code with the third-party neutral. Accordingly, on April 4, 2012, Axioma deposited all versions of its source code created from February 24, 2011 through April 3, 2012 — a 14-month period that included four months preceding the action’s commencement and 10 months afterward. The deposited material contained 5,552 “unique source code revisions and even substantially more individual source code file versions.” After receiving briefing on the matter, by order entered April 23, 2012, the court ordered MSCI to identify the trade-secret components of its source code by June 8, 2012, and precluded it from seeking further discovery until it had done so.
By order entered on or about November 21, 2012, the court adopted the report of a court-appointed expert stating that MSCI had sufficiently identified the trade-secret components of its source code. As a result, MSCI was permitted to review Axioma’s source code.
[1074]*1074Upon reviewing the code with MSCI’s expert, MSCI’s counsel learned that Axioma had not deposited any versions of source code created or modified after April 3, 2012; as a result, counsel sought the versions of the source code created or modified after that date. Defendants state that they denied that request on the ground that nothing in the CSO or any other order mandated that Axioma continually update its source code information. Discovery then proceeded for the next several months, and on or about March 12, 2013, MSCI’s counsel again requested that Axioma deposit updated versions of its source code. Axioma, however, declined to provide any updated code.
MSCI moved for an order compelling Axioma to produce to the third-party neutral all versions of its relevant source codes and the underlying source code files and for a protective order staying discovery until Axioma had complied. On the motion, MSCI submitted an affidavit by an expert who stated that it was not possible to evaluate MSCI’s misappropriation claims without the updated code, since it was possible that Axioma’s later versions of the code underlying its MAC product had been altered to hide or eliminate improper use. Thus, the expert concluded, the post-April 3, 2012 versions were necessary to determine, among other things, whether Axioma’s MAC product was created using MSCI’s trade secrets. Relying on its expert’s opinion, MSCI asserted that it would not be able to prove a claim of misappropriation if it were not permitted to see the updated version of Axioma’s code.2 Hence, it concluded, defendants had an ongoing obligation to disclose and update the source code as the software was developed.
In opposition, defendants relied on the opinion of an expert who stated that he had seen no evidence to support the theory that Axioma could have used MSCI’s source code as a starting point and then altered the code to disguise any misuse. The expert opined that it would not be practical for defendants to disguise any alteration so that it was not detectable. Further, the expert stated, his initial analysis of the source code that Axioma had deposited indicated that it was a complete and usable source code repository created in the normal course of the actual software development at Axioma.
At oral argument, the motion court noted that it had not ordered production of the ongoing version of Axioma’s source code. On the contrary, the court stated, MSCI was entitled simply to learn whether defendants had misappropriated its [1075]*1075code, and it was able to make that determination with the 14 months of code that defendants had already deposited with the third-party neutral. The motion court therefore held that defendants had satisfied their obligation by disclosing 5,552 versions of its source code for the 14-month period. We disagree.
New York strongly encourages open and full disclosure as a matter of policy (see Andon v 302-304 Mott St. Assoc., 94 NY2d 740, 745 [2000]).
Free access — add to your briefcase to read the full text and ask questions with AI
Order, Supreme Court, New York County (Shirley Werner Kornreich, J), entered August 15, 2013, which, to the extent appealed from, denied plaintiffs’ motion to compel defendant Axioma, Inc. to produce source code created after April 3, 2012, reversed, on the facts, without costs, and the motion granted.
Plaintiffs, MSCI Inc., Financial Engineering Associates, Inc., RiskMetrics Group, Inc., and RiskMetrics Solutions, Inc. (collectively, MSCI), serve as a provider of investment decision support tools, including indices, risk analytics, and corporate governance products. MSCI provides a multi-asset class (MAC) risk analytics software product called “RiskManager,” which contains several component technologies, including “Risk-Server,” “Plug and Price,” and “StructureTool.” MSCI asserts that each one of these technologies constitutes a confidential and proprietary trade secret. MSCI further asserts that because RiskManager leads the market in the risk analytics software field, the source code underlying these technologies is a trade secret that provides MSCI with a competitive advantage in the marketplace.
MSCI commenced this action in 2011, alleging that in January and February 2011, defendants Philip Jacob and John Does I through X, former senior-level employees at MSCI who had been intimately involved in the development of RiskManager, left MSCI to work for defendant Axioma, Inc., a direct competitor. According to MSCI, the individual defendants went to work for Axioma specifically for the purpose of creating a MAC product that would compete with MSCI’s RiskManager. Further, MSCI alleges, before the individual defendants resigned, they misappropriated the entire source code underlying RiskServer, Plug and Price, and StructureTool.
Because the trade secrets of both MSCI and Axioma, in the form of the source codes for their MAC software products, were the essential evidence in the case, the parties negotiated a confidentiality stipulation, and Supreme Court so-ordered the stipulation in September 2011. The confidentiality stipulation and order (CSO) provided that MSCI and Axioma would jointly retain a third-party neutral with whom they would deposit their [1073]*1073respective source codes and that only the parties’ experts and attorneys would receive or see the material. The CSO specified that the parties would not be allowed to view their adversaries’ source codes.
The CSO required the parties to “deliver to [the third-party neutral] two (2) full copies of the source code for each programs/ products/components at issue in this action . . . .’’It further provided, “The copies of each source code shall include all versions of such source code created from inception in buildable, runnable, native text format and in a file organization that retains the original directory structure of the code and any source code repository; and source code documentation.”1
During the litigation, defendants contended that MSCI had not sufficiently identified its alleged trade secrets and that the failure to do so rendered useless any attempt to analyze and compare the parties’ source codes for any evidence of misappropriation. Hence, defendants moved to compel MSCI to identify its trade secrets with sufficient particularity and for a protective order staying their obligation to deposit their source code until MSCI did so. In a compliance conference order entered March 30, 2012, the court ordered the parties to brief the issue whether MSCI had to affirmatively identify its trade secrets, and also ordered Axioma to deposit its source code with the third-party neutral. Accordingly, on April 4, 2012, Axioma deposited all versions of its source code created from February 24, 2011 through April 3, 2012 — a 14-month period that included four months preceding the action’s commencement and 10 months afterward. The deposited material contained 5,552 “unique source code revisions and even substantially more individual source code file versions.” After receiving briefing on the matter, by order entered April 23, 2012, the court ordered MSCI to identify the trade-secret components of its source code by June 8, 2012, and precluded it from seeking further discovery until it had done so.
By order entered on or about November 21, 2012, the court adopted the report of a court-appointed expert stating that MSCI had sufficiently identified the trade-secret components of its source code. As a result, MSCI was permitted to review Axioma’s source code.
[1074]*1074Upon reviewing the code with MSCI’s expert, MSCI’s counsel learned that Axioma had not deposited any versions of source code created or modified after April 3, 2012; as a result, counsel sought the versions of the source code created or modified after that date. Defendants state that they denied that request on the ground that nothing in the CSO or any other order mandated that Axioma continually update its source code information. Discovery then proceeded for the next several months, and on or about March 12, 2013, MSCI’s counsel again requested that Axioma deposit updated versions of its source code. Axioma, however, declined to provide any updated code.
MSCI moved for an order compelling Axioma to produce to the third-party neutral all versions of its relevant source codes and the underlying source code files and for a protective order staying discovery until Axioma had complied. On the motion, MSCI submitted an affidavit by an expert who stated that it was not possible to evaluate MSCI’s misappropriation claims without the updated code, since it was possible that Axioma’s later versions of the code underlying its MAC product had been altered to hide or eliminate improper use. Thus, the expert concluded, the post-April 3, 2012 versions were necessary to determine, among other things, whether Axioma’s MAC product was created using MSCI’s trade secrets. Relying on its expert’s opinion, MSCI asserted that it would not be able to prove a claim of misappropriation if it were not permitted to see the updated version of Axioma’s code.2 Hence, it concluded, defendants had an ongoing obligation to disclose and update the source code as the software was developed.
In opposition, defendants relied on the opinion of an expert who stated that he had seen no evidence to support the theory that Axioma could have used MSCI’s source code as a starting point and then altered the code to disguise any misuse. The expert opined that it would not be practical for defendants to disguise any alteration so that it was not detectable. Further, the expert stated, his initial analysis of the source code that Axioma had deposited indicated that it was a complete and usable source code repository created in the normal course of the actual software development at Axioma.
At oral argument, the motion court noted that it had not ordered production of the ongoing version of Axioma’s source code. On the contrary, the court stated, MSCI was entitled simply to learn whether defendants had misappropriated its [1075]*1075code, and it was able to make that determination with the 14 months of code that defendants had already deposited with the third-party neutral. The motion court therefore held that defendants had satisfied their obligation by disclosing 5,552 versions of its source code for the 14-month period. We disagree.
New York strongly encourages open and full disclosure as a matter of policy (see Andon v 302-304 Mott St. Assoc., 94 NY2d 740, 745 [2000]). To that end, CPLR 3101 (a) provides that “[t]here shall be full disclosure of all matter material and necessary in the prosecution or defense of an action.”
A trial court is vested with broad discretion in its supervision of disclosure (148 Magnolia, LLC v Merrimack Mut. Fire Ins. Co., 62 AD3d 486 [1st Dept 2009]; Matter of American Home Prods. Corp. v Shainswit, 215 AD2d 317 [1st Dept 1995]). Indeed, “deference is afforded to the trial court’s discretionary determinations regarding disclosure” (Don Buchwald & Assoc. v Marber-Rich, 305 AD2d 338, 338 [1st Dept 2003] [internal quotation marks omitted]). However, “[t]his Court is vested with the power to substitute its own discretion for that of the motion court, even in the absence of abuse” (Estate of Ungar v Palestinian Auth., 44 AD3d 176, 179 [1st Dept 2007]). We have observed that we “rarely and reluctantly invoke” our power to substitute our own discretion for that of the motion court (id.). We find that this case presents one of those rare instances in which we are compelled to substitute our discretion for that of the motion court.
To begin, the CSO does not provide for merely a single production of source code to the third-party neutral. Rather, it provides that the parties will deposit “all versions” of the relevant source code “created from inception in buildable, runnable” format. Nothing in this language suggests that defendants’ obligation will be discharged by a single delivery of source code. Indeed, neither party disputes that counsel for both sides spent several months negotiating the CSO and that the document went through numerous drafts and revisions. Surely, had defendants wished to specify that they would make a single delivery of source code, they could have insisted upon a single delivery date. They did not do so; rather, they agreed to deliver “full copies” and “all versions” of the relevant source code.
In addition, MSCI’s expert stated that without versions of the code made after April 3, 2012, he could not provide a meaningful comparison of the parties’ respective source codes so as to determine misappropriation, because Axioma’s code as of April 3, 2012 was in a nascent state. The expert asserted that as a result he was limited as to the information he could glean [1076]*1076regarding the overall architecture and functionality of Axioma’s code. Thus, he stated, later versions of the code were crucial to his analysis, because they reflected a more complete and closer-to-final version of Axioma’s MAC product. Indeed, the dissent inaccurately characterizes the affidavits by MCSI’s expert. Far from suggesting that he is on a “fishing expedition,” the expert makes clear that post-April 3, 2012 versions of defendants’ source code are necessary for an accurate analysis of whether defendants misappropriated MSCI’s trade secrets. Similarly, the expert’s opinion is not based on mere speculation. Rather, he states that the versions of the source code already deposited “strongly suggest[ ] that the majority of development of Axioma’s MAC [p]roduct actually occurred in the versions of source code created or modified after April 3, 2012.”
The record provides no basis for summarily rejecting the expert’s assertions in that regard. Indeed, defendants’ expert affidavit merely stated in a conclusory fashion that MSCI’s expert could adequately analyze the misappropriation issue without the updated source code. Our conclusion that Axioma must produce post-April 3, 2012 code holds particularly true in light of the policies underlying discovery — namely, to give parties a reasonable opportunity to uncover any available evidence to support their claims (see Member Servs., Inc. v Security Mut. Life Ins., 2007 WL 2907520, *5, 2007 US Dist LEXIS 74047, *13-14 [ND NY, Oct. 3, 2007, Civ Action No. 3:06-CV-1164 (TJM/DEP)]).
Nonetheless, because we have the discretion to set reasonable parameters on discovery, there shall be disclosure of all versions of the source code created, modified, or maintained between April 3, 2012, and the date that Axioma’s MAC product is released to the market. Further, disclosure of the post-April 3, 2012 code shall be subject to the protections set forth in the CSO stating that the deposited source code materials are for attorneys’ and experts’ eyes only.
Concur — Moskowitz, Richter and Manzanet-Daniels, JJ.
Acosta, J.P., and Andrias, J., dissent in a memorandum