Full opinion text
OPINION AND ORDER LEISURE, District Judge: Table of Contents BACKGROUND I. Anonymous E-mails........................................................385 II. Investigation Into Authorship of Anonymous E-mails...........................386 III. Salyards’ Defense and “IP Spoofing” Theory...................................387 IV. Chris Collier’s Confession to Sending April 13 E-mail and “Spoofing” Salyards’ IP Address..............................................................388 V. Expert Testimony Regarding IP Spoofing.....................................390 VI. Evidentiary Hearing in January 2010 .........................................392 DISCUSSION I. Fraud on the Court.........................................................393 A. Legal Standard........................................................393 B. Application............................................................394 1. 2FA Misstates the Fraud on the Court Standard........................394 2. Passlogix has Failed to Establish that Salyards Committed a Fraud on the Court.....................................................395 a. Expert Testimony by Obuchowski.................................396 b. April 13 E-mail.................................................397 i. Evidence Presented by Passlogix.............................398 ii. Evidence Rebutted by 2FA..................................399 iii. Passlogix Fails to Present Clear and Convincing Evidence that Salyards Authored the April 13 E-mail..................401 c. September 3 E-mail.............................................403 i. Evidence Presented by Passlogix.............................403 ii. Evidence Rebutted by 2FA..................................404 iii. Passlogix Fails to Present Clear and Convincing Evidence that Salyards authored the September 3 Email...............406 3. 2FA has Failed to Establish that Passlogix Committed a Fraud on the Court...........................................................406 4. 2FA’s Request to Amend Its Complaint to Assert a Claim for Malicious Institution of Civil Proceedings is Denied...................407 II. Spoliation of Evidence......................................................408 A. Legal Standard........................................................409 1. Duty to Preserve...................................................409 2. Culpable State of Mind..............................................410 3. Relevance .........................................................411 B. Application............................................................412 1. June/July Anonymous E-mail ........................................412 a. Duty..........................................................413 b. Culpable State of Mind..........................................413 c. Relevance......................................................414 2. Written Communications between Collier and Salyards..................415 a. Duty..........................................................416 b. Culpable State of Mind..........................................417 c. Relevance......................................................417 3. 2FA’s Computer and Network Logs from Cuttill’s Investigation ..........417 a. Duty..........................................................418 b. Culpable State of Mind..........................................419 c. Relevance......................................................419 C. Remedy for 2FA’s Spoliation of Evidence..................................420 1. Adverse Inference..................................................420 2. Evidence Preclusion ................................................421 3. Costs .............................................................421 4. Monetary Fine.....................................................422 CONCLUSION Plaintiff, Passlogix, Inc. (“Passlogix”), brings this fraud on the court allegation against defendants Gregory Salyards, 2FA Technology, LLC, and 2FA, Inc. for creating and sending an anonymous e-mail in an effort to expand discovery, cause Passlogix competitive harm, and garner a favorable settlement. As a remedial measure, Passlogix asks the Court to dismiss 2FA’s pleadings and award Passlogix costs and attorneys’ fee. Passlogix also alleges that 2FA engaged in spoliation of evidence and asks for an adverse inference, preclusion, and costs. 2FA eounter-alleges that Passlogix committed its own fraud on the court by bringing its erroneous fraud on the court allegation to delay adjudication on the merits. The Court held a five-day evidentiary hearing on the issues of fraud on the court and spoliation of evidence and asked the parties to submit post-hearing memoranda. For the reasons set forth below, the Court holds that neither Passlogix nor 2FA has established by clear and convincing evidence that a fraud on the court was committed. The Court also holds that 2FA’s failure to preserve certain documents led to the destruction of evidence in this case, requiring imposition of a $10,000 monetary fine. BACKGROUND Both Passlogix and 2FA Technology, LLC and 2FA, Inc. (collectively, “2FA”) are in the business of developing and selling security-related software for managing access to restricted computerized systems. (PI. Passlogix’s Post-Hearing Mem. (“Mem.”) 1.) The instant dispute arises out of Passlogix’s lawsuit against 2FA, and 2FA’s principals, Gregory Salyards (“Sal-yards”) and Shaun Cuttill (“Cuttill”), for breach of a licensing agreement in which 2FA purportedly agreed to develop identity-authentication software for Passlogix. Passlogix seeks (1) money damages against 2FA for breach of contract and tortious interference with business relations, and (2) a declaration that (a) it did not breach the licensing agreement or any other duties owed to 2FA or its employees, including Salyards and Cuttill, (b) 2FA has no valid grounds to terminate the licensing agreement and is obligated to continue abiding by the agreement, (c) Passlogix has not impermissibly used any confidential information or intellectual property of 2FA, and (d) Passlogix does not owe 2FA any money. (Am. Compl. ¶¶ 20-32.) In its Answer, 2FA asserts counterclaims against Passlogix for breach of contract, breach of the covenant of good faith and fair dealing, unfair competition, misappropriation of 2FA’s intellectual property, and tortious interference with business relations. (Answer & Countercl. ¶¶ 32-46.) In addition to the fraud on the court and spoliation allegations addressed in this decision, also pending before the Court is 2FA’s motion to reverse Magistrate Judge Dolinger’s denial of its motion to compel discovery and 2FA’s motion for a preliminary injunction against Passlogix. These motions will be addressed in subsequent decisions. I. Anonymous E-mails The instant dispute was triggered by an anonymous e-mail sent on September 3, 2009, 4:00 p.m. Central Daylight Time (“CDT”) from “passlogix-vgo-saw@ hushmaiLme” (the “September 3 e-mail”). The September 3 e-mail was sent to Passlogix’s President and CEO, Marc Boroditsky, Passlogix’s Chief Technology Officer, Marc Manza, two executives at a non-party business entity, Imprivata, Inc. (“Imprivata”), and Salyards and Cuttill. (Passlogix Exhibit (“PX”) 1.) The anonymous author, who purports to have “more than 15 years of development experience” and to have transitioned to Passlogix “earlier this year,” asserts that Passlogix issued a “recent mandate to utilise Imprivat[a] and 2FA information that clearly oversteps ... contractual and ethical obligations.” (Id.) The anonymous author claims to be “appalled by the unprofessionalism and unethical behavior undertaken by the Passlogix engineering management organisation” and to “have been treated like a second-class citizen.” (Id.) The September 3 email also includes two attachments that contain specifications to Passlogix software under development. (See id.); (Evidentiary Hr’g Tr. (“Tr.”) 44:23-45:5.) One attachment is titled “Master Func Spec v-GO SAW vl.5” and the other is titled “SAW Func Spec Iteration 2 vl.5.” (PX 1; Tr. 45:3-5.) Passlogix claims that the September 3 email was not the first time that it received an anonymous e-mail from a hushmail.com e-mail address, and that on April 13, 2009, 3:59 p.m. CDT, Boroditsky and Mark Gillespie, a Passlogix employee, received an e-mail from “concernedatpasslogix@ hushmail.com” (the “April 13 e-mail”). (PX 2.) The April 13 e-mail expresses concern about Passlogix losing “the Wal-Mart deal” and discloses Salyards’ close relationship with “Adnan,” a principal consultant at Deloitte & Touche who was brokering a deal with Wal-Mart for 2FA. (PX 2; Tr. 417:12^419:6, 542:15-20.) Cuttill testified that this e-mail was “detrimental to 2FA” because it “expose [d] a key relationship that [2FA][was] pursuing to win the Wal-Mart deal,” which “was the only way” for a small company like 2FA to get “in front of Wal-Mart,” and “exposing that [relationship], in essence, killed [2FA’s] opportunity at WalMart.” (Tr. 542:3-14.) In fact, Cuttill testified that after April 13, Adnan would not return Cuttill’s e-mails. (Tr. 542:15-20.) By letter dated September 14, 2009, counsel to 2FA wrote to Magistrate Judge Dolinger about the anonymous September 3 e-mail “because of the seriousness of the allegations set forth in the email, especially in light of 2FA’s present Motion for Preliminary Injunction, filed on the basis of Passlogix’s misappropriation of 2FA’s intellectual property.” (PX 30 at 2.) In a separate letter dated October 27, 2009, Passlogix alleged that Salyards committed a fraud on the Court by authoring and transmitting the September 3 and April 13 e-mails. (PX 33.) Passlogix alleges that Salyards created and sent these e-mails to expand discovery, cause Passlogix competitive harm, and garner a favorable settlement — all of which constitute a fraud on this Court. (Mem. 6.) II. Investigation Into Authorship of Anonymous E-mails Within days of receiving the September 3 e-mail, Passlogix retained outside counsel to conduct an internal investigation into the sender of that e-mail and any evidence supporting the allegations set forth in that e-mail. (Tr. 24:25-25:12, 35:10-36:3; PX 34.) A report following the internal investigation concluded that the claims in the September 3 e-mail were false and that no individual at Passlogix identified any inappropriate request to utilize intellectual property from third parties. (PX 34 & 35; Tr. 36:17-22.) In addition to its internal inquiry, Passlogix subpoenaed Hushmail.com (“Hush”), the Canadian e-mail service provider through which the September 3 and April 13 e-mails were sent. (Tr. 38:5-21.) Hush provided Passlogix with the Internet Protocol (“IP”) address logs for the Hush accounts from which the anonymous emails were sent (“Hush logs”). (PX 48 & 49.) “An IP address is a set of numbers ... assigned to a computer in order for it to communicate on a network, which also includes communicating to the outside world; internet, web pages, e-mail as an example.” (Tr. 146:20-23.) “An IP log is a log that many companies use to capture the source IP address of the network or computer that’s connecting to the service____” (Tr. 154:3-5.) The Hush logs reveal that both the September 3 and April 13 e-mails were sent from the IP address 70.114.246.62. (PX 48 & 49.) After the April 13 e-mail was sent, Hush captured additional log-ins from the IP addresses 70.114.246.202 and 64.186.161.2. (PX 49.) According to records that Passlogix obtained from Time Warner, the IP address 70.114.246.62 is registered to Sal-yards at 2FA’s office location while the IP address 70.114.204.202 is registered to Sal-yards’ wife, at their home address. (PX 40; Tr. 41:1-23, 156:9-20.) The final IP address — 64.186.161.2—appears related to the Mark Hopkins Hotel in San Francisco, where Salyards and Cuttill were staying for a work conference from April 19-April 24, 2009. (PX 37, 38, 49; Tr. 42:14-43:21.) In addition to the Hush logs, Passlogix points to circumstantial evidence that Sal-yards authored both anonymous emails. Passlogix contends that the timing of each of the anonymous e-mails is suspect because the April 13 e-mail was sent during the course of a dispute regarding third party discovery subpoenas and the September 3 e-mail was sent one day after Passlogix filed its brief in opposition to 2FA’s motion for a preliminary injunction. (Def.’s Ex. (“DX”) 1 (Passlogix Ltr. 11/6/09 at 1-2).) Additionally, Passlogix contends that because the September 3 e-mail was sent less than two weeks prior to the parties’ settlement conference before Judge Dolinger, Salyards sent the e-mail to procure a more favorable settlement from Passlogix. (Mem. 6.) Salyards admits that he referenced the September 3 email in settlement conversations with Boroditsky in the days following the September 3 e-mail. (See PX 29 (“We have a proposal for you that we feel best serves all concerned” (September 5, 2009); “Our attorney plans on raising the [September 3 e-mail] with the court this week, ... I’m in NYC this weekend and would be willing to meet in the event you have a change of heart concerning our recent proposal” (September 12, 2009)); Tr. 338:20-339:13.) Passlogix further asserts that Salyards has admitted to receiving the confidential information attached to the September 3 email from another anonymous e-mail purportedly sent to him from a Hush e-mail address in late June or early July 2009. (PX 33 at 4 n. 1.) Also, Passlogix claims that Salyards may have received the attachments to the September 3 e-mail from a source within Passlogix. (DX 1 (Passlogix Ltr. 11/6/09 at 3).) Cuttill testified about his own investigation into the origin of the anonymous emails. During the second or third week of September 2009, Cuttill and Salyards visited Hush “to find out what Hushmail was all about.” (Tr. 576:22-577:16.) In late October or early November 2009 — after Passlogix wrote this Court alleging that Salyards was the author of both anonymous emails' — Cuttill interviewed 2FA employees that he thought would have had access to 2FA’s computer network in April and September and checked all of 2FA’s computers for evidence of the attachments to the September 3 e-mail, but found no evidence that anyone at 2FA sent the emails. (Tr. 572:16-575:5.) Cuttill did not take notes during his investigation, nor did he memorialize his findings in writing. (Tr. 573:15-16.) III. Salyards’ Defense and “IP Spoofing” Theory Salyards testified under oath at his October 23, 2009 deposition and during the evidentiary hearing in January 2010 that he was not involved in the transmission of either e-mail. (Tr. 384:25-385:4.) He refutes Passlogix’s claim that the confidential attachments to the September 3 e-mail were available to him or to 2FA. (DX 1 (2FA Ltr. 10/29/09 at 3-4 & 2FA Ltr. 11/9/09 at 3).) He also maintains that the mere content of the April 13 e-mail, which discloses a business opportunity with WalMart that 2FA was pursuing as a competitor to Passlogix, eliminates any motive that Salyards would have in sending that e-mail. (DX 1 (2FA Ltr. 10/29/09 at 2-3).) In arguing that no one at 2FA sent the September 3 e-mail, Salyards points to the use of the letter “s” in the spelling of words such as “organisation” and “utilise” in the e-mail, indicating British or Canadian authorship. (DX 1 (2FA Ltr. 11/9/09) at 3.) Salyards notes that the IP address linked to the September 3 e-mail is not assigned to him specifically, but rather to 2FA’s office location and is used by every computer sending e-mails from that location. (DX 1 (2FA Ltr. 10/29/09 at 2).) Moreover, Salyards contends that he was out with his family and friends at the time the September 3 e-mail was sent at 4:00 p.m. CDT, and submitted affidavits from three individuals, two of whom specifically state that Salyards was with them from approximately 3:15 p.m. until 4:30 or 4:45 p.m. on September 3. (Id. at 4 & Ex. 2.) 2FA also notes that the anonymous e-mails are not evidence and, notwithstanding the fact that 2FA could have used the allegations in the September 3 e-mail in its reply brief in support of its motion for a preliminary injunction, it did not do so. (DX 1 (2FA Ltr. 11/9/09 at 2).) Salyards proffers the affirmative defense of IP spoofing, stating that a Passlogix employee may have “spoofed” his IP address in an effort to impersonate him on the internet. (DX 1 (2FA Ltr. 10/29/09 at 1-2).) IP address spoofing is a practice whereby a person can make his true IP address appear to be any address he chooses. (Id. at 1.) 2FA asserts that IP spoofing can be accomplished from anywhere, as long as the impersonator knows a user’s IP address. (Id. at 1; see also Tr. 391:22-25 (Salyards defining IP spoofing as “concealing your ... IP address ... and perpetrating to be something else when you’re out on the Internet”).) Sal-yards claims that, based on a decade of specialized training in computer security, including hacking and spoofing IP addresses to conduct “penetration testing” of security solutions, he knows how to conceal his IP address and that had he endeavored to create a fictitious e-mail, he would have ensured that it could not be traced back to him personally or to 2FA. (Tr. 389:3-11, 390:13-393:21; DX 1 (2FA Ltr. 10/29/09 at 2).) IV. Chris Collier’s Confession to Sending the April 13 E-mail and “Spoofing” Salyards’ IP Address Chris Collier, a former Passlogix employee who has over ten years of experience in the computer security industry, confessed under oath during a December 2, 2009 deposition that he wrote and sent the April 13 e-mail. (Collier Dep. 5:18-6:23, 8:11-14, 61:3-62:5.) Collier testified that he sent the April 13 e-mail from his personal laptop computer while he was at 2FA’s office without the knowledge of 2FA. (Collier Dep. 60:11-62:11, 76:15-19, 83:11-14.) Because he sent the April 13 email from a wireless access point in 2FA’s conference room, Collier did not need to spoof 2FA’s IP address to make it appear that the e-mail was sent from 2FA. (Id. 62:4-8, 84:6-8.) After the initial e-mail was sent from 2FA’s office, Collier said that he spoofed 2FA’s IP address “[s]ix, maybe seven times” to check whether he received any responses to the April 13 email from the e-mail recipients — Boroditsky or Gillespie. (Id. 86:2-4.) During his subsequent log-ins to Hush, Collier said that he concealed his IP address by substituting his IP address with “an IP address from the e-mail headers from Greg [Sal-yards],” by using software downloaded from the internet. (Id. 64:22-25, 70:12-21, 86:11-25.) When asked what program he used to spoof Salyards’ IP address, Collier responded, “I can’t be sure. Probably Mac IP Change, which is one that I’ve used many times before. That’s the one I used.” (Id. 86:23-25.) Collier also testified that the source of the content of the April 13 e-mail came from Cuttill, who disclosed to Collier 2FA’s efforts to land the Wal-Mart deal during Collier’s April 13 visit to 2FA’s office. (Id. 108:15-110:15.) Collier no longer has the laptop that he used to send the April 13 e-mail because he “decommissioned” it and gave it to a friend in need. (Id. 108:11-14; PX 45 at CC-000A ¶ 1.) Cuttill corroborates Collier’s account of visiting 2FA’s office on April 13. Cuttill recalls being in the office on April 13 because he was preparing for a work conference (“RSA conference”) in California the following week. (Tr. 532:14-533:8.) Cut-till states that Salyards was not in the office because he was watching his children that week since his wife was going to watch them the following week while Sal-yards was at the RSA conference. (Tr. 533:9-19.) Cuttill states that Collier arrived at 2FA’s offices on April 13 “somewhere around 3:00, give or take maybe 15 minutes” to do work on “Oberthur cards.” (Tr. 594:9-595:1; 585:13-19.) After Collier arrived, he and Cuttill “chatted for a little bit,” “definitely less than ten minutes, probably less than five minutes,” about the Wal-Mart deal. (Tr. 585:20-586:1.594:12-25.) Then Cuttill set up Collier with internet in a conference room while Cuttill went to prepare for a 4 p.m. call. (Tr. 585:14-19; 595:1-11.) After Cuttill’s 4 p.m. call was over, he and Collier worked on the Oberthur cards until 6 or 6:30 p.m. (Tr. 595:9-23.) Collier testified that he did not send the September 3 e-mail. (Collier Dep. 65:8-17.) He did state, however, that in June 2009, he had a conversation with another Passlogix employee, Joseph Robinson, who expressed concerns similar to those stated in the September 3 e-mail. (Id. 65:18-67:4, 77:17-78:24, 79:7-18.) Collier states that he suggested to Robinson to raise the issue with Boroditsky or, alternatively, send an e-mail through Hush since “[t]hey won’t know who you are.” (Id. 68:7-16, 98:19-99:21.) Collier says that he told Robinson that he used Salyards’ IP address when he sent his own anonymous email, though he did not tell Robinson what that IP address was. (Id. 98:14-18.) Salyards asserts that Robinson fits the profile of the author of the September 3 email because Robinson lives in Canada, transitioned to Passlogix in April 2009 from a firm bought by Imprivata, the company mentioned in and copied on the September 3 e-mail, had fifteen years of technology experience, and was terminated by Passlogix in October 2009 for unexcused absences. (DX 19; Tr. 80:7-81:5; PX 53 at 2.) Passlogix states that Collier’s confession to sending the April 13 e-mail is unreliable since Collier admitted to lying about his role in the creation of the e-mail when Passlogix interviewed him as part of its internal investigation. (DX 4 at 2.) Passlogix underscores the secretive business ties Collier had with Salyards and Cuttill, evidenced by the fact that Collier testified that Cuttill provided him with the information used to write the April 13 e-mail. (Id.; Collier Dep. 53:21-54:2, 114:13-115:8, 118:13-19.) Passlogix also points to inaccuracies in Collier’s testimony regarding when and where he created the April 13 email account, his Hush account password, and the extent of his communications with Salyards. (DX 4 at 2.) Collier testified that he set up the Hush account “a few days before the e-mail was sent.” (Collier Dep. 84:10-12; 85:20-86:1.) However, the Hush logs indicate that the account was set up on April 13, 2009 — the same day the e-mail was sent, just twenty-seven minutes before it was transmitted. (PX 49; PX 44 ¶ 6.) Collier also provided a password that he used for the Hush account, which Hush confirmed was inaccurate. (Collier Dep. 84:17-85:19; PX 41 & 44 ¶ 5.) Collier, however, noted that he could not “remember if that’s exactly the password [he] used, because [he had not] been [on the website] for months now.” (Collier Dep. 85:18-19.) Additionally, Collier testified that between April 13 and December 2, 2009, he spoke to Salyards “[p]robably 15 to 20 times,” while phone records from October 2009 alone show that they spoke over thirty times. (Id. 118:13-15; PX 45.) With respect to the September 3 e-mail, Passlogix states that Collier’s “suspicions” that Robinson sent that email are inadmissible and unreliable. (Mem. 11.) V. Expert Testimony Regarding IP Spoofing The Court qualified Passlogix’s expert in computer forensics and computer crime investigations, Andrew Obuchowski, Jr., during a preliminary hearing on November 9, 2009, based on Obuchowski’s twelve years of law enforcement experience in computer crime forensics and three years of experience in private computer forensics, including “tracing of e-mails” and “analysis of how a computer was used ... during the commission of an incident or crime.” (Prelim. Hr’g Tr. 33:6-34:20, 36:11-37:7.) Obuchowski has taught computer crime investigations to law enforcement officers and is an adjunct professor at a criminal justice college in Massachusetts. (Id. 33:23-34:5.) Obuchowski has testified in several court proceedings “regarding computer crime and computer forensics,” including IP spoofing. (Id. 34:6-35:10.) Obuchowski concludes that spoofing a public IP address assigned by an Internet Service Provider, such as Time Warner, “is not possible to the extent of being undetected” because “[t]he email message headers would show inconsistencies ... [that] were not present in the email headers” from the April 13 and September 3 emails. (PX 36 ¶ 15; see also Tr. 153:9-13, 170:15-18.) Obuchowski also concludes that the MAC IP Change program that Collier claimed he used to spoof Salyards’ IP address “does not have the technical capability of changing an IP address that’s assigned by Time Warner to make it appear that you are coming from 2FA’s network unless you were actually on 2FA’s network.” (Tr. 164:6-19.) Obuchowski explains that the MAC IP Change Program only “changes [the] IP address of the computer that you install the software program on,” and is not capable of “spoofing an Internet service provider.” (Tr. 242:5-11.) Additionally, Obuchowski concludes that he is not “aware of’ any “software on the market that can be used to spoof an Internet service provider” and that “any software program installed] on a local laptop computer ... would not change the IP address assigned by an Internet service provider, in the example of Time Warner, that would reflect any change in the Hush-mail logs.” (Tr. 242:12-16, 623:17-624:2.) Obuehowski explains that, to access a website on the internet, two computers or networks must be able to communicate with each other. (Tr. 146:20-23.) They do so by sending information back and forth to each other’s IP address (the same way a telephone number corresponds to a telephone, an IP address corresponds to a computer and/or network). (Tr. 146:20-147:3.) Thus, if someone tried to access Hush and conceal his own IP address by spoofing another IP address, Hush would respond by sending information to the computer/network associated with the “spoofed” IP address, not to the concealed IP address. (Mem. 10.) As a result, the spoofer would never be able to complete the process of logging into the Hush website or complete any other activity on the Hush website because he would not receive communication back from Hush, as it would instead be directed to the spoofed IP address. (Id.; see also Tr. 615:8-16.) Obuehowski acknowledges that if Collier sent the April 13 e-mail from 2FA’s network, as Collier claims, “then 2FA’s IP address would appear in the logs.” (Tr. 231:22-25.) However, Obuehowski states that Collier did not send the April 13 email because Collier was incorrect about when the April 13 Hush account was created and about the password he used to create it. (Tr. 165:4-166:25, 168:14-20; PX 41.) Obuehowski created his own Hushmail test account during the course of his investigation, even though he did not mention the test account in either one of his declarations. (Tr. 234:10-24; PX 36 & 40.) Obuehowski “walk[ed] through the same steps in creating an e-mail account as Mr. Collier claimed that he did” and sent a test e-mail to his work e-mail address. (Tr. 235:1-6.) Obuehowski only used the test account once to see what services Hush offers and what the e-mail headers look like when a Hush e-mail is received. (Tr. 235:12-19.) Obuehowski stated that the test e-mail he sent appeared just like the other e-mails sent from the April 13 and September 3 e-mail addresses, although he did not have a copy of, or a log from, the test e-mail. (Tr. 235:5-23.) When asked for his password to the Hush account at the evidentiary hearing on January 14, 2010, Obuehowski could not recall; nor could he recall the date that he created the account, but noted that it would have been before his first declaration, which was dated November 6, 2009. (Tr. 235:24-236:5.) 2FA does not proffer a computer forensics expert in rebuttal; instead, it relies on Salyards’ and Cuttill’s personal experiences to challenge Obuchowski’s conclusion about the unfeasibility of IP spoofing. Salyards testified that he has twelve years of experience in computer forensics and computer security, including hacking and spoofing, and has spoofed IP addresses to conduct “penetration testing” of security solutions as part of his work and that he knows how to conceal his IP address. (Tr. 388:19-389:11, 390:13-392:18.) Cuttill, 2FA’s Chief Technology Officer, has fourteen years of experience in strong authentication computer software. (Tr. 519:19-521:9.) Cuttill testified that he has spoofed IP addresses by concealing his own IP address and selecting an IP address that belonged to a company’s internal network. (Tr. 565:9-567:17.) Cuttill also said that, contrary to Obuchowski’s conclusions, he has spoofed a public IP address that has been assigned by an Internet Service Provider, such as Time Warner, as part of security analysis projects. (Tr. 589:25-591:20.) He said he typically spoofs “by hand” but has used software that helps with encryption matters. (Tr. 591:5-9.) Although he has never used the MAC IP Change program to spoof an IP address, Cuttill noted that there are “a number of programs that are called very similar to that.” (Tr. 591:21-592:11.) Cuttill and Salyards also contend that the Hush logs exonerate Salyards because the Mark Hopkins Hotel, where they stayed from April 19 to April 24, 2009, never assigned Salyards an IP address ending in “.2” — the IP address that the Hush logs captured. (Def.’s Opp’n to PI. Passlogix’s Post-Hearing Mem. (“Opp’n Mem.”) 18.) The Hush logs captured two log-ins to Hush from the IP address 64.186.161. 2 — the first on April 20 at 10:30 a.m. Pacific Daylight Time (“PDT”) and the second on April 23 at 10:15 p.m. PDT. (PX 49 (emphasis added).) The Mark Hopkins Hotel records indicate that Sal-yards purchased a higher level of service ($15.95) at the time of the first log in. (PX 49 at IHG 3.) This higher level of service, which was purchased from Salyards’ computer (MAC Address 00:21:70:A9:54:51), assigned Salyards’ computer an IP address of 64.186.161. 12. (PX 38 at IHG 3 (emphasis added).) Also during the time of the first log in, another room at the Mark Hopkins Hotel — which Salyards paid for-used a computer with a different MAC Address (00:21:9B:E1:BD:5F) to purchase a lower level of internet service ($12.95) that did not assign a specific IP address. (PX 38 at IHG 7.) The second log-in on April 23, 2009, 10:15 p.m. PDT, occurred when a lower level of service ($12.95) was purchased through Salyards’ computer (MAC Address 00:21:70:A9:54:51). (See PX 38 at IHG 4.) Obuchowski acknowledges that the IP address 64.186.161.12, which was assigned to Salyards when he purchased a higher level of internet service at the Mark Hopkins Hotel, is not reflected in the Hush logs. (Tr. 191:1-15.) He reconciles this discrepancy by explaining that, when a lower level of service is purchased, the Mark Hopkins Hotel assigns its own IP address through a public IP service; therefore, the .2 IP address reflected in the Hush logs must have been the public IP address that the Hotel assigned when the lower level of service was purchased by the non-Salyards MAC address on April 20 and by the Salyards MAC address on April 23. (Tr. 191:9-22, 240:17-241:16.) VI. Evidentiary Hearing in January 2010 The Court held an evidentiary hearing on January 13, 2010, intended to last no more than a day and a half, but which went on for five days. At the hearing, Passlogix proffered two arguments: (1) the Hush logs, Mark Hopkins Hotel records, and other circumstantial evidence establish that Salyards committed a fraud on the court by (a) transmitting the September 3 e-mail to procure a better settlement from Passlogix and cause Passlogix commercial harm, (b) transmitting the April 13 e-mail as pretext to obtain third party discovery, and (c) orchestrating Collier’s confession to writing the April 13 email; and (2) 2FA engaged in spoliation of evidence by failing to implement a litigation hold policy at the onset of this litigation, leading to the destruction of relevant documents. (Tr. 8:4-12:1.) In support of its position, Passlogix presented live testimony from Boroditsky, Manza, Scott Bonnell, and Salyards. It also presented live expert testimony from Obuchowski and Doug Brush, who the Court qualified on a limited basis as an expert in computer forensics. (Tr. 481:8-482:1.) As a remedy for Salyards’ alleged fraud on the court, Passlogix asks the Court to dismiss 2FA’s pleadings and award Passlogix costs for its investigation into the authorship of the emails. (Mem. 35.) Passlogix also requests an adverse inference, preclusion, and costs for 2FA’s alleged spoliation of evidence. (Id. 33-34.) 2FA asserts the following claims and affirmative defenses: (1) Collier’s admission to writing the April 13 e-mail and spoofing Salyards’ IP address subsequent to sending that e-mail vindicates Salyards; (2) there is circumstantial evidence pointing to Robinson as the author of the September 3 e-mail; (3) Passlogix, not 2FA, committed a fraud on the court by submitting both anonymous e-mails to the Court with a bad faith intent to delay adjudication on the merits; and (4) no spoliation of evidence occurred because the documents that Salyards did not preserve were not evidence when they were deleted and, even if they were evidence, they would have been helpful to 2FA, not Passlogix. (Opp’n Mem. 1, 5, 8, 29.) 2FA presented live testimony from Cuttill and Boroditsky, in addition to Dr. Alan Perlman, from whom the Court heard testimony but declined to qualify as an expert in linguistics. (Tr. 259:14-260:5, 261:1-8.) 2FA asks the Court to dismiss Passlogix’s claims with prejudice and award 2FA relief, including but not limited to reimbursement for the costs incurred to defend itself and Sal-yards, which, as of January 21, 2010, totaled approximately $200,000. (Opp’n Mem. 35; Tr. 569:10-18.) DISCUSSION The Court first addresses whether either party has established that its adversary committed a fraud on the court. Then the Court turns to Passlogix’s allegation that 2FA engaged in the spoliation of evidence. I. Fraud on the Court Passlogix fails to establish that Salyards committed a fraud on the court. Likewise, 2FA fails to establish that Passlogix committed a fraud on the court and, therefore, is not entitled to amend its counterclaims to assert a malicious prosecution claim against Passlogix. In reaching these conclusions, the Court first addresses the legal standard for fraud on the court. Then the Court explains why each party has failed to demonstrate that its adversary committed a fraud on the Court. A. Legal Standard A fraud on the court occurs where it is established by clear and convincing evidence “that a party has sentiently set in motion some unconscionable scheme calculated to interfere with the judicial system’s ability impartially to adjudicate a matter by ... unfairly hampering the presentation of the opposing party’s claim or defense.” McMunn v. Mem’l Sloan-Kettering Cancer Ctr., 191 F.Supp.2d 440, 445 (S.D.N.Y.2002) (quoting Aoude v. Mobil Oil Corp., 892 F.2d 1115, 1118 (1st Cir.1989)); see also Hargrove v. Riley, No. 04 Civ. 4587, 2007 WL 389003, at *11, 2007 U.S. Dist. LEXIS 6899, at *36 (E.D.N.Y. Jan. 31, 2007); Shangold v. Walt Disney Co., No. 03 Civ. 9522, 2006 WL 71672, at *4 (S.D.N.Y. Jan. 12, 2006); Intelli-Check, Inc. v. TriCom Card Techs., Inc., No. 03 Civ. 3706, 2005 WL 3533153, at *11 (E.D.N.Y. Dec. 22, 2005); Scholastic, Inc. v. Stouffer, 221 F.Supp.2d 425, 439 (S.D.N.Y.2002). The essence of fraud on the court is “when a party lies to the court and his adversary intentionally, repeatedly, and about issues that are central to the truth-finding process.” McMunn, 191 F.Supp.2d at 445. Fraud on the court, therefore, does not merely “embrace any conduct of an adverse party of which the court disapproves;” rather, it “embrace[s] only that species of fraud which does or attempts to, defile the court itself.” Kupferman v. Consol. Research & Mfg. Corp., 459 F.2d 1072, 1078 (2d Cir.1972) (Friendly, C.J.) (citation and internal quotation marks omitted) (discussing fraud on the court in the context of a Rule 60(b) motion). Consequently, “an isolated instance of perjury, standing along, will not constitute a fraud upon the court.” McMunn, 191 F.Supp.2d at 445; see also Jung v. Neschis, No. 01 Civ. 6993, 2009 WL 762835, at *21 (S.D.N.Y. Mar. 23, 2009); Skywark v. Isaacson, No. 96 Civ. 2815, 1999 WL 1489038, at *14 (S.D.N.Y. Oct. 14, 1999). “Rather, fraud upon the court ‘occurs where a party has acted knowingly in an attempt to hinder the fact finder’s fair adjudication of the case and his adversary’s defense of the action.’ ” McMunn, 191 F.Supp.2d at 445 (quoting Skywark, 1999 WL 1489038, at *14). The Court has inherent authority “to conduct an independent investigation in order to determine whether it has been the victim of fraud.” Chambers v. NASCO, Inc., 501 U.S. 32, 44, 111 S.Ct. 2123, 115 L.Ed.2d 27 (1991); see also Universal Oil Prods. Co. v. Root Ref. Co., 328 U.S. 575, 580, 66 S.Ct. 1176, 90 L.Ed. 1447 (1946). “Because of their very potency, inherent powers must be exercised with restraint and discretion.” Chambers, 501 U.S. at 44, 111 S.Ct. 2123. The Court’s inherent powers serve “to do whatever is reasonably necessary to deter abuse of the judicial process and assure a level playing field for all litigants.” Shangold, 2006 WL 71672, at *4. If it is shown by clear and convincing evidence that a party perpetrated a fraud on the Court, the Court may consider the following five factors in determining an appropriate sanction: (i) whether the misconduct was the product of intentional bad faith; (ii) whether and to what extent the misconduct prejudiced the injured party; (iii) whether there is a pattern of misbehavior rather than an isolated instance; (iv) whether and when the misconduct was corrected; and (v) whether further misconduct is likely to occur in the future. See Shangold, 2006 WL 71672, at *4; Intelli-Check, 2005 WL 3533153, at *11; Scholastic, 221 F.Supp.2d at 444; McMunn, 191 F.Supp.2d at 461. When faced with a fraud on the court, “[t]he available sanctions at a court’s disposal ... range from the issuance of a jury charge on falsehoods under oath, to the imposition of attorney’s fees occasioned by the conduct in question, and finally to the entry of judgment against the offending party.” Skywark, 1999 WL 1489038, at *14 (internal citations omitted). B. Application First, the Court explains the showing required to establish a fraud on the court claim. Next, the Court applies the fraud on the court standard in holding that neither Passlogix nor 2FA has demonstrated that its adversary committed a fraud on the court by its conduct in this litigation. 1. 2FA Misstates the Fraud on the Court Standard 2FA insists that “[i]t is essential — it is the foundation of fraud on the court — that the party accused first submits evidence, evidence that eventually is found to be fraudulent or fabricated. Otherwise there cannot possibly be fraud on the Court.” (Opp’n Mem. 4.) 2FA argues that although it wrote a letter to Magistrate Judge Dolinger dated September 14, 2009, bringing the anonymous misappropriation claims in the September 3 e-mail to Judge Doling-er’s attention, it never attached the September 3 e-mail and, thus, did not “submit” evidence. (Id.) Instead, 2FA states that it was Passlogix that “submitted” both anonymous e-mails by attaching them as exhibits to Passlogix’s October 27, 2009 letter to this Court. (Id. 1.) Moreover, 2FA asserts that neither anonymous email constitutes “evidence” under the Federal Rules of Evidence. (Id. 4.) Since Passlogix cannot make this threshold showing, 2FA insists that Passlogix’s fraud on the court allegation fails as a matter of law. (Id.) 2FA misinterprets the requirements necessary to establish a fraud on the court. 2FA provides the holdings of five fraud on the court cases, which, as 2FA states correctly, sanctioned parties for “submitting” actual “evidence” to the court. See Hargrove, 2007 WL 389003, at *3, *11, 2007 U.S. Dist. LEXIS 6899, at *11, *38 (dismissing plaintiffs claims with prejudice where plaintiff provided fraudulent documents to defendants during discovery and attached said documents as exhibits to his complaint and his affidavit in opposition to defendant’s motion for summary judgment); Shangold, 2006 WL 71672, at *5 (dismissing plaintiffs misappropriation case with prejudice and awarding costs and attorneys’ fees to defendants where plaintiffs “fabricated evidence and manipulated the judicial process”); Scholastic, 221 F.Supp.2d at 444 (granting plaintiffs motion for sanctions where defendant “perpetuated a fraud on the Court through her submission of fraudulent documents [as exhibits to her counterclaims] as well as her untruthful testimony”); McMunn, 191 F.Supp.2d at 452, 454, 462 (dismissing plaintiffs action with prejudice and awarding monetary sanctions where plaintiff perpetuated a fraud on the court by tampering with evidence and repeatedly providing false testimony); Cerruti 1881 S.A. v. Cerruti Inc., 169 F.R.D. 573, 574 (S.D.N.Y. 1996) (granting plaintiffs’ motion to strike defendants’ answer and all but one counterclaim and awarding plaintiffs costs and attorneys’ fees where defendants, through their principal, fabricated evidence and offered false testimony). As these cases demonstrate, submitting false evidence to a court may rise to the level of a fraud on the court; however, it is not the only way to commit a fraud on the court. A fraud on the court occurs where a party: (1) “improperly influence[es] the trier,” McMunn, 191 F.Supp.2d at 445 (citation and internal quotation marks omitted); (2) “unfairly hamper [s] the presentation of the opposing party’s claim or defense,” Id. (citation and internal quotation marks omitted); (3) “lies to the court and his adversary intentionally, repeatedly, and about issues that are central to the truth-finding process,” Id.; or (4) “knowingly submit[s] fraudulent documents to the Court,” Scholastic, 221 F.Supp.2d at 443. Given this clarification, the Court holds that even if the anonymous e-mails are not “evidence” under the Federal Rules of Evidence and 2FA did not “submit” the emails to the Court, these two facts do not obviate the need for the Court to determine whether 2FA engaged in an “unconscionable scheme” to interfere with the adjudication of this case by unfairly hampering Passlogix’s claims or defenses or by lying. to the court and Passlogix about issues central to the case. See Hargrove, 2007 WL 389003, at *11, 2007 U.S. Dist. LEXIS 6899, at *36; Scholastic, 221 F.Supp.2d at 439; McMunn, 191 F.Supp.2d at 445; Skywark, 1999 WL 1489038, at *14. Below, the Court analyzes whether a fraud on the court has been established. 2. Passlogix has Failed to Establish that Salyards Committed a Fraud on the Court Passlogix has failed to present clear and convincing evidence that Salyards authored the April 13 and September 3 emails and used them to commit a fraud on the Court. Below, the Court first addresses the testimony offered by Passlogix’s expert, Obuchowski, and determines to what extent to credit his conclusions. Then, the Court analyzes the evidence that Passlogix submits in support of its claim, and explains why, in totality, the evidence does not meet Passlogix’s burden of proof. a. Expert Testimony by Obuchowski “[A]n expert testifying on the basis of experience may form his conclusions by applying his extensive experience to the facts of the case.” In re Methyl Tertiary Butyl Ether Prods. Liab. Litig., No. M2188, 2008 WL 1971538, at *10 (S.D.N.Y. May 7, 2008); see also Kumho Tire Co., Ltd. v. Carmichael, 526 U.S. 137, 152, 119 S.Ct. 1167, 143 L.Ed.2d 238 (1999). Where, as here, an expert’s “qualifications and testimony rest on his ... experience and not on scientific, mathematical or social science studies or calculations, ... [the expert] must ... apply his experience to the facts using the same intellectual rigor a professional [in his field] would use in practice.” In re Methyl, 2008 WL 1971538, at *10; see also Kumho, 526 U.S. at 152, 119 S.Ct. 1167 (“[A]n expert, whether basing testimony upon professional studies or personal experience, employs in the courtroom the same level of intellectual rigor that characterizes the practice of an expert in the relevant field.”). Contentions that the expert’s “ ‘assumptions are unfounded go to the weight, not the admissibility, of the testimony.’ ” In re Methyl, 2008 WL 1971538, at *12 (quoting Boucher v. U.S. Suzuki Motor Corp., 73 F.3d 18, 21 (2d Cir.1996)); see also McCullock v. H.B. Fuller Co., 61 F.3d 1038, 1044 (2d Cir.1995) (McLaughlin, J.) (stating, with respect to a scientific expert, that “[disputes as to the strength of [the expert’s] credentials, faults in his use of ... [a particular] methodology, or lack of textual authority for his opinion, go to the weight, not the admissibility, of his testimony”). Where, as here, the Court acts as the trier of fact, it uses “the discretion given to it ... [to] parse and evaluate the evidence ... for its weight and worth.” United States v. Alcan Aluminum Corp., No. 03 Civ. 0765, 2006 WL 5278224, at *1, 2006 U.S. Dist. LEXIS 39042, at *4 (N.D.N.Y. June 9, 2006); see also New York v. Solvent Chem. Co., Inc., No. 83 Civ. 1401C, 2006 WL 2640647, at *1-2, 2006 U.S. Dist. LEXIS 65595, at *4 (W.D.N.Y. Sept. 14, 2006) (“[T]he concerns expressed in Daubert and Kumho Tire about the need for the trial court to guard against the admission of unreliable scientific or technical evidence are not implicated in a non-jury trial.”). Pursuant to its role as factfinder, the Court may credit an expert’s testimony in whole or in part, regardless of whether another expert is called in rebuttal. See Giles v. Rhodes, 171 F.Supp.2d 220, 226, 230 (S.D.N.Y.2001) (denying plaintiffs motion for a new trial where jury had the power to refuse to credit plaintiffs expert’s opinion, even though another expert was not called to rebut it); accord Leonard B. Sand, et al., 4 Modern Federal Jury Instructions-Civil ¶ 76-9 cmt. (“[E]xpert testimony is designed to assist the jury to reach an independent decision on the facts, and ... is not a substitute for the jury’s common sense evaluation of the evidence.” (emphasis in original)). While the Court credits much of Obuchowski’s expert testimony, it declines to credit some of his ultimate conclusions. The Court credits Obuchowski’s conclusions that, in his experience, (1) he has not come across software capable of doing the kind of IP spoofing that is alleged here, and (2) the MAC IP Change Program is incapable of doing the kind of IP spoofing that is alleged here. However, the Court declines to credit Obuchowski’s broader conclusion that spoofing an IP address assigned by an internet service provider (“ISP”) — the type of spoofing that is alleged to have been done here — is technologically impossible. (See Passlogix’s Post-Hearing Reply Mem. (“Reply Mem.”) 4 (“Obuchowski’s conclusions are unrebutted that ... IP address spoofing is not technologically feasible here .... ” (emphasis in original)).) This conclusion is contradicted by Obuchowski’s initial declaration, which states that “spooffing] the IP address in order for it to appear as 70.114.246.62 is extremely difficult and highly improbable,” rather than impossible. (PX 36 ¶ 14.) Similarly, at the preliminary hearing, Obuchowski equivocated about whether it is possible to spoof an IP address assigned by an ISP. (See Prelim. Hr’g Tr. 39:13-17 (“[B]ecause an IP address is already assigned by an Internet service provider to a company or to an individual, ... it’s very difficult, if at all, to spoof that because that IP address is assigned.” (emphasis added)).) Obuchowski’s more nuanced conclusion that “IP spoofing of an [ISP] IP address is not possible to the extent of being undetected ” also is problematic because Obuchowski does not explain what kind of “inconsistencies” would appear in the “email message headers.” (PX 36 ¶ 15 (emphasis added).) Obuchowski states that “jumps” in the email headers are “one attribute” that “would lead [one] to believe that ... potential IP spoofing existed”; however, he does not explain what a “jump” might look like in the e-mail headers here or whether there are other indicia of spoofing that he considered and concluded did not exist in the e-mail headers. (Prelim. Hr’g Tr. 40:12-14.) Also, there is personal experience testimony contradicting Obuchowski’s conclusion that spoofing an IP address assigned by an ISP is technologically impossible, albeit by interested lay parties. Both Salyards and Cuttill testified to having spoofed IP addresses in their personal experience and Cuttill specifically testified to spoofing a public IP address assigned by an ISP. (Tr. 389:3-11, 390:13-392:3, 565:9-567:17, 589:25-591:25.) The Court also finds Obuchowski’s conclusions regarding how the Mark Hopkins Hotel assigns and routes IP addresses inconclusive at best, as Obuchowski admits that his conclusions are not based on personal knowledge about the Hotel’s IP address routing practices. (See Tr. 213:20-21 (“How the hotel is assigning [its] IP addresses and their uses that they use them for, I do not know.”), 618:5-11 (stating that “Mark Hopkins did not supply information in the records” regarding its IP address routing practices and that he is “not sure exactly how Mark Hopkins is routing traffic”).) While the Court does not form its own judgment regarding whether spoofing an IP address assigned by an ISP is technologically feasible, it holds that Obuchowski’s equivocating statements and inconsistencies noted elsewhere in this decision lead the Court to decline to credit his conclusion that such spoofing is impossible. b. April 13 E-mail The substance of the April 13 e-mail primarily relates to Wal-Mart, a Passlogix customer with whom Passlogix was finalizing an agreement. (PX 2; Mem. 16.) The e-mail also references Oracle, as well as an executive, Adnan, from Deloitte & Touche — all companies that 2FA was seeking to subpoena in connection with the underlying litigation. (PX 2; Mem. 16.) The anonymous author of the April 13 email claims that Passlogix is in jeopardy of losing the Wal-Mart account because a certain Passlogix executive was leaking Passlogix’s information. (PX 2.) The email also references 2FA and claims that Adnan “has a lot of respect for [Salyards]” and states that “[h]opefully Passlogix’s legal issues will not spill over to [the WalMart] account.” (Id.) Passlogix considered the April 13 e-mail when investigating the September 3 e-mail because the April 13 email is “the only other anonymous, Hush email that Passlogix management has ever received.” (Mem. 3.) Passlogix’s stated purpose in introducing the April 13 e-mail “is to reveal a pattern of misconduct, and thereby corroborate Salyards’ culpability for the critical September 3 Email.” (Id. 15.) i. Evidence Presented by Passlogix Passlogix’s strongest evidence that Sal-yards authored the April 13 e-mail are the logs that Passlogix subpoenaed from Hush, which indicate that the April 13 e-mail was sent from 2FA’s office IP address. (See PX 49.) Passlogix contends that “the April 13 Hush Log reflects IP addresses that notably shift from Salyards’ office to his home in Austin; from Austin to a specific San Francisco hotel, where he stayed while attending a conference; and then back to Austin.” (Mem. 17.) Passlogix notes that each log-in to Hush syncs “precisely to Salyards’ moving whereabouts”: from work (April 13, 6:15 p.m. CDT), to home (April 13, 10:38 p.m. CDT), to work (April 14, 3:19 p.m. CDT), to work again (April 15, 8:58 p.m. CDT), to work again (April 16, 10:29 a.m. CDT), to work again (April 17, 10:31 a.m. CDT), to San Francisco (April 20, 10:30 a.m. PDT), to San Francisco again (April 23, 10:15 p.m. PDT), and back to work (April 27, 1:26 p.m. CDT). (Mem. 17-18; PX 49.) Passlogix insists that “the likelihood that a spoofer would be able to accurately capture the [se] different IP addresses ... is not credible.” (Mem. 18.) Passlogix points to timing and motive for corroboration, stating that Salyards sent the April 13 e-mail to Boroditsky and Gillespie to gain leverage in a discovery dispute in which 2FA sought to serve third-party subpoenas on business entities with whom Passlogix has commercial relationships. (See Mem. 15-16.) Passlogix contends that the unrebutted testimony of its expert, Obuchowski, confirms that the Hush logs and the records from the Mark Hopkins Hotel provide dispositive evidence that Salyards authored the April 13 e-mail. (See Mem. 2-3; PX 36, 38, & 44; Tr. 153:9-13.) Passlogix also presents evidence contradicting Collier’s confession to sending the April 13 e-mail. Obuchowski states that Collier did not send the April 13 e-mail because Collier was incorrect about when the April 13 Hush account was created and about the password he used to create it. (Tr. 165:4-166:25, 168:14-20; PX 41.) Obuchowski also states that the MAC IP Change program that Collier recalled using to conceal his IP address “does not have that capability.” (Tr. 164:7-11.) Moreover, Obuchowski concludes “that there is no evidence of IP spoofing as being claimed” because the spoofing that 2FA alleges would have left evidence in the header of the April 13 e-mail, which is not present. (Tr. 153:9-13, 170:15-18; PX 36 ¶ 15.) To further discredit Collier’s admission, Passlogix points to Collier’s activities during the time period when the April 13 email was sent. First, Doug Brush, who the Court qualified on a limited basis as an expert in computer forensics (Tr. 481:8-482-1), testified that on April 13, 2009, between 3:25 p.m. and 4:55 p.m. CDT, when Collier claims to have been at 2FA’s office, there is evidence of computer user activity on Collier’s work laptop under his username, including a printer installation. (Tr. 482:17-21; PX 55.) Brush also found evidence of web browsing on Collier’s work laptop during this time period. (Tr. 483:19-484:4.) Second, Passlogix contends that Collier was e-mailing a Passlogix employee, Jennifer Kilmer, through his Passlogix e-mail account during the time that he claims to have been at 2FA’s office. (Tr. 49:16-51:11; PX 56.) Third, Passlogix argues that Collier’s phone records indicate that Collier was on a thirteen-minute phone call with Salyards on April 13 between 3:02 and 3:15 p.m. CDT, which contradicts Cuttill’s testimony that Collier arrived at 2FA’s office around 3:00 p.m. and that the two spoke for “about ten minutes or less.” (Tr. 594:9-25; PX 45 at CC10, Item 212.) Fourth, Passlogix argues that Collier would not have had enough time to set up the Hush account and send the email because Collier was on a sixteen-minute phone call with a Passlogix employee, Stephan Warded, during the time frame that the Hush account was being set up. (Tr. 167:1-168:13; PX 45 at CC10, Item 213.) ii. Evidence Rebutted by 2FA 2FA rebuts Passlogix’s evidence that Salyards authored the April 13 e-mail. First, 2FA maintains that the mere content of the April 13 e-mail, which discloses a business opportunity with Wal-Mart that 2FA was pursuing as a competitor to Passlogix, eliminates the possibility that Salyards — the President, CEO, and co-founder of 2FA — would have sent it to Passlogix. (Opp’n Mem. 9; Tr. 385:22-25.) Second, 2FA contends that Collier’s sworn confession to writing the April 13 email discredits any suggestion that Sal-yards authored it. (Opp’n Mem. 9.) Collier’s motive for sending the April 13 email supports this conclusion. Collier testified — and Cuttill confirmed — that he learned about 2FA competing for the WalMart opportunity from Cuttill during a visit to 2FA’s office. (Collier Dep. 108:15-110:15; Tr. 536:22-537:16.) Collier explained that, prior to his employment at Passlogix, he “spent and invested a lot of time and energy into the Wal-Mart account” and felt that the “deal was extremely important to the success of Passlogix,” especially after just transitioning from a company that went out of business, so he sent the e-mail to “warn [ ] Passlogix about threats at Wal-Mart.” (Collier Dep. 61:15-16, 76:20-77:13). Third, 2FA refutes Obuchowski’s conclusions regarding the implausibility of IP spoofing. Collier testified that he is familiar with Hush and IP spoofing. {See Collier Dep. 107:8-14 (stating that although he had “not used Hush in years” prior to sending the April 13 e-mail, he has used Hush “three or four times before ... to send secure e-mail.”).) Collier explained that he was aware that Hush tracks the IP addresses that interact with it [bjecause it’s kind of the second half of the equation.... [AJnyone in the security industry I hope would know that, an anonymous e-mail service with the big disclaimer that says it at the bottom of their home page before you log on, you have to know that you’re not truly anonymous unless you change that [IP] address. {Id. 107:22-108:10.) Collier testified that he did not spoof 2FA’s IP address when he sent the April 13 e-mail since he sent the e-mail from 2FA’s office network. (Collier Dep. 62:4-11, 76:15-19, 83:11-14, 84:6-8.) Obuehowski acknowledges that if Collier sent the April 13 e-mail from 2FA’s network, “then 2FA’s IP address would appear in the logs.” (Tr. 231:22-25.) To explain why the Hush logs appear to track Salyards’ movement from work, to home, to the Mark Hopkins Hotel, 2FA points to Collier’s testimony, which explains that in signing on to Hush following the April 13 e-mail, Collier used an IP address “from the e-mail header properties of an e-mail that [he] had from 2FA.” (Collier Dep. 87:16-18, 70:12-21.) When asked whether he used the same IP address every time he logged on to Hush, Collier responded that he “was less interested in the exact numbers than ... that it came from the same source, which would have been, unfortunately, Greg Salyards [ ] at the time.” {Id. 87:21-88:1.) Collier then reiterated that he used “the same IP address or range of IP addresses based upon a 2FA e-mail.” {Id. 88:18-89:1.) Collier’s only stated reason for using Salyards’ IP address was that he sent the April 13 e-mail from 2FA’s “IP address the first time and just to maintain ... the same thing. It wasn’t relevant. It didn’t seem relevant.” {Id. 88:2-12.) Cuttill also suggests that Collier may have had a typo when spoofing Salyards’ Mark Hopkins Hotel IP address ending in .12, resulting in the .2 IP address logged by Hush. (Tr. 602:16-603:2.) Moreover, Salyards challenges Passlogix’s assertion that the Hush logs track his “exact geographical location,” (Mem. 18), since Passlogix has not introduced evidence that Salyards actually was at home or at his office during the times captured by Hush. For instance, the Hush log from April 15, 8:58 p.m. CDT indicates that the account was accessed from Salyards’ work IP address at a time when, if compared to the other work entries captured by Hush, Salyards would have been at home. (PX 49.) With respect to' the gaps in Collier’s testimony, 2FA contends that Collier said that he did not remember if the Hush password he provided Passlogix was “exactly the password [he] used, because [he had not] been there for months now.” (Collier Dep. 85:18-19.) Collier also said that he “can’t be sure” that the MAC IP Change program was indeed the program he used to spoof Salyards’ IP address to log on to Hush after April 13. {Id. 86:23-25.) Collier does not have the laptop that he used to send the April 13 e-mail to corroborate his sending of the email because he “decommissioned” it and gave it “to a friend in need.” (PX 45 at CC-000A; see also Collier Dep. 108:11-14.) Fourth, 2FA insists that the Mark Hopkins Hotel records exonerate Salyards since they show a different IP address than the one indicated on the Hush logs. (Opp’n Mem. 18.) Specifically, the Mark Hopkins Hotel records indicate that, over the course of Salyards’