Hernandez v. Path, Inc.
Filing
91
ORDER GRANTING IN PART AND DENYING IN PART DEFENDANTS' MOTIONS TO DISMISS by Judge Jon S. Tigar in case 3:12-cv-01529-JST; granting in part and denying in part (393) Motion to Dismiss; granting in part and denying in part (394) Motion to Dismiss; granting in part and denying in part (395) Motion to Dismiss; granting in part and denying in part (396) Motion to Dismiss in case 3:13-cv-00453-JST. (wsn, COURT STAFF) (Filed on 5/14/2014)
1
2
3
UNITED STATES DISTRICT COURT
4
NORTHERN DISTRICT OF CALIFORNIA
5
6
7
MARC OPPERMAN, et al.,
Case No. 13-cv-00453-JST
Plaintiffs,
8
v.
9
10
PATH, INC., et al.,
Defendants.
United States District Court
Northern District of California
11
12
13
14
ORDER GRANTING IN PART AND DENYING IN PART
DEFENDANTS’ MOTIONS TO DISMISS
Re: ECF Nos. 393, 394, 395, 396
15
16
17
18
19
20
21
22
23
24
25
26
27
28
THIS DOCUMENT RELATES TO ALL CASES
1
2
I.
Background ........................................................................................................................... 1
3
A.
The App Store ........................................................................................................... 3
4
B.
The Subject Apps ...................................................................................................... 5
5
C.
Apple’s Representations ............................................................................................ 7
II.
Legal Standards ..................................................................................................................... 8
III.
6
Apple’s Motion to Dismiss ................................................................................................. 10
7
A.
Article III Standing.................................................................................................. 10
B.
Communications Decency Act ................................................................................ 18
9
C.
Misrepresentation Claims ........................................................................................ 23
10
D.
California Comprehensive Computer Data Access and Fraud Act ......................... 34
11
E.
Strict Products Liability: Design Defect and Failure to Warn ................................ 36
F.
Negligence ............................................................................................................... 37
G.
RICO ....................................................................................................................... 37
H.
Aiding and Abetting ................................................................................................ 37
United States District Court
Northern District of California
8
12
13
14
IV.
App Defendants’ Motions to Dismiss ................................................................................. 38
15
A.
Article III Standing.................................................................................................. 38
16
B.
Plaintiffs' UCL Claims ............................................................................................ 41
17
C.
Invasion of Privacy: Intrusion Upon Seclusion....................................................... 41
D.
Invasion of Privacy: Public Disclosure of Private Facts ......................................... 47
E.
CDAFA and Computer Fraud and Abuse Act ........................................................ 48
F.
Electronic Communications Privacy Act ................................................................ 48
G.
Texas and California Wiretap Statutes .................................................................... 49
21
H.
Texas Theft Liability Act ........................................................................................ 50
22
I.
RICO and Vicarious Liability ................................................................................. 50
18
19
20
23
V.
Facebook and Gowalla’s Motion to Dismiss ...................................................................... 50
A.
26
27
28
VI.
Successor Liability .................................................................................................. 53
C.
25
Uniform Fraudulent Transfer Act............................................................................ 51
B.
24
Aiding and Abetting ................................................................................................ 54
Conclusion ........................................................................................................................... 55
Before the Court are four motions to dismiss filed by Defendants in this action. The
1
2
operative Consolidated Amended Class Action Complaint (“CAC”), ECF No. 362, collects the
3
claims of fifteen plaintiffs1 in four related actions against a total of fifteen Defendants. Defendant
4
Apple Inc. designs and manufactures the iPhone, the iPod touch, and the iPad, (“iDevices”), each
5
of which is a mobile device that can wirelessly access the Internet. Since 2008, those devices have
6
included an App Store, which enables users to download software, or apps, to their devices created
7
by third parties. Each Defendant except for Apple is an app developer2 (collectively, “App
8
Defendants”). Plaintiffs allege that the App Defendants’ apps have been surreptitiously stealing
9
and disseminating the contact information stored by customers on Apple devices. CAC ¶ 7.
10
I.
BACKGROUND
United States District Court
Northern District of California
11
Plaintiffs bring this action on their own behalf, on behalf of an “iDevice Class,” composed
12
of all purchasers of Apple’s iDevices between July 10, 2008 and the present who downloaded the
13
App Defendants’ apps, and on behalf of three subclasses: the “Malware Subclass,” the “Address
14
Book Subclass,” and the “Texas Subclass.” CAC ¶ 48. The Malware Subclass comprises those
15
who downloaded the subject apps. The Address Book Subclass comprises those in the Malware
16
Subclass whose iDevice, without requesting prior approval, “transmitted, disclosed, and/or
17
disseminated the iDevice’s mobile address book (or substantial portions thereof) over the Internet
18
and/or to third-parties” due to the subject apps.
The CAC asserts several overlapping claims against different Defendants on behalf of
19
20
different Plaintiffs. In total, the CAC asserts the following statutory claims: violation of
21
California’s Unfair Competition Law (“UCL”), Cal. Bus. & Prof.s Code § 17200, et seq.; violation
22
23
24
25
26
27
28
1
The sixteenth Plaintiff, Haig Arabian, has voluntarily dismissed his claims. ECF No. 426. The
remaining Plaintiffs are Alan Beuershasen, Giuli Biondi, Lauren Carter, Steve Dean, Stephanie
Dennis-Cooley, Jason Green, Claire Hodgins, Gentry Hoffman, Rachelle King, Nirali
Mandaywala, Claire Moses, Judy Paul, Maria Pirozzi, Theda Sandiford and Greg Varner.
2
The App Defendants are: Chillingo Ltd. (Angry Birds and Cut the Rope), Electronic Arts, Inc.,
Facebook, Inc., Foodspotting, Inc., Foursquare Labs, Inc., Gowalla, Inc., Hipster, Inc., Instagram,
Inc., Kik Interactive, Inc., Path, Inc., Rovio Entertainment, Ltd. (Angry Birds Classic), Twitter,
Inc., Yelp!, Inc., and ZeptoLab UK Ltd. (Cut the Rope).
1
1
of California’s False and Misleading Advertising Law (“FAL”), Cal. Bus. & Prof.s Code § 17500,
2
et seq.; violation of California’s Consumer Legal Remedies Act (“CLRA”), Cal. Civ. Code §
3
1750, et seq.; violation of the California Comprehensive Computer Data Access and Fraud Act
4
(“CDAFA”), Cal. Pen. Code § 502; violation of California’s Wiretap / Invasion of Privacy Act,
5
Cal. Pen. Code § 630, et seq.; violation of the Uniform Fraudulent Transfer Act, Cal. Civ. Code §
6
3439; violation of the Texas Wiretap Acts, Tex. Code Crim. P. art. 18.20, § 1(3) and Tex. Pen.
7
Code § 16.02(a); violation of the Texas Theft Liability Act, Tex. Pen. Code § 31.03; violation of
8
the federal Computer Fraud & Abuse Act, 18 U.S.C. § 1030; violation of the Electronic
9
Communications Privacy Act (“ECPA”), 18 U.S.C. § 2510; and violation of Racketeer Influenced
and Corrupt Organizations Act (“RICO”), 18 U.S.C. § 1961–1964. In addition, Plaintiffs assert
11
United States District Court
Northern District of California
10
common law claims for negligent misrepresentation, invasion of privacy (intrusion upon seclusion
12
and public disclosure of private facts), conversion, trespass to personal property and/or chattel,
13
misappropriation, strict product liability (design defect and failure to warn), negligence, and
14
secondary and vicarious liability.3
The following chart shows which claims each Plaintiff asserts against each Defendant:
15
16
17
18
19
20
21
22
23
1
2
3
Cause of Action
UCL
UCL
UCL
4
5
6
7
8
9
FAL
FAL
CLRA
CLRA
Negligent Misrepresentation
Negligent Misrepresentation
On Behalf of
All Plaintiffs
Opperman Plaintiffs
Plaintiffs Except
Pirozzi
All Plaintiffs
Opperman Plaintiffs
All Plaintiffs
Opperman Plaintiffs
All Plaintiffs
Opperman Plaintiffs
Against
Apple
Apple
App Defendants
Apple
Apple
Apple
Apple
Apple
Apple
24
25
26
27
28
3
Plaintiffs, Apple, and the App Defendants discuss California and Texas common law
interchangeably without explanation, often pointing out that both states’ common law is identical
with respect to the issues presented by Defendants’ motions to dismiss. The Court has not
identified any differences between Texas and California common law on the issues addressed in
this Order, and therefore, for the sake of convenience, discusses only California law.
2
1
2
Cause of Action
10 CDAFA
3
11 CFAA
4
12 ECPA
5
13 Wiretap/Invasion of Privacy Act
6
7
8
9
10
United States District Court
Northern District of California
11
12
13
14
15
16
17
14
15
16
17
Trespass to Property
Texas Theft Liability Act
Misappropriation
Strict Products Liability: Design
Defect
22 Strict Products Liability: Failure to
Warn
23 Negligence
18
19
20
21
24 Uniform Fraudulent Transfer Act
25 RICO
26 Secondary and Vicarious Liability
Texas Plaintiffs5
Opperman Plaintiffs
Opperman Plaintiffs
Plaintiffs Except
Pirozzi
Opperman Plaintiffs
Texas Plaintiffs
Opperman Plaintiffs
Opperman Plaintiffs
Against
All Defendants
App Defendants
App Defendants
Foodspotting, Instagram, Path,
Twitter, and Yelp
App Defendants
App Defendants
App Defendants
All Defendants
All Defendants
App Defendants
App Defendants
Apple
Opperman Plaintiffs
Apple
Plaintiffs Except
Pirozzi
Gowalla Plaintiffs
Opperman Plaintiffs
Opperman Plaintiffs
All Defendants
Gowalla and Facebook
All Defendants
All Defendants
The following summary of Plaintiffs’ allegations is taken from the complaint. As it must,
18
19
Texas Wiretap Acts
Intrusion Upon Seclusion
Public Disclosure of Private Facts
Conversion
On Behalf of
Plaintiffs Except
Pirozzi
Plaintiffs Except
Pirozzi
Plaintiffs Except
Pirozzi
CAD Plaintiffs4
the Court accepts the CAC’s allegations as true for purposes of this motion.
20
A.
The App Store
21
Apple launched the App Store in 2008, and heavily promoted it in conjunction with its
22
iDevices. CAC ¶ 57. The promotion was successful: the App Store today has over 700,000 apps
23
for iPhone and iPod touch, and 275,000 apps for the iPad. Since 2008, customers have
24
downloaded over forty billion apps. Id.
Apple maintains “exclusive domain” and “ultimate control” over the App Store’s
25
26
4
27
“CAD” Plaintiffs are those who downloaded apps from Foodspotting, Instagram, Path, Twitter,
and Yelp.
28
5
The Texas Plaintiffs are Beuershasen, Biondi, Dean, Hodgins, Hoffman, King, and Varner.
3
1
offerings. iDevices are designed only to accept apps from the App Store, and Apple decides
2
which apps will be offered, and which will not. CAC ¶ 60. iDevices also come with pre-
3
programmed apps built into the device’s operating system. Among those apps is Apple’s
4
“Contacts” app — a virtual address book. The App Store is another one. CAC ¶ 61. Neither of
5
these built-in apps can be removed by the user.
6
“Apple claims to review each application before offering it to its users, purports to have
implemented apps privacy standards, and claims to have created a strong privacy protection for its
8
customers.” CAC ¶ 62. However, some apps offered on the App Store are alleged to have
9
accessed and uploaded information from customers’ iDevices without their knowledge, including
10
contact information. Plaintiffs allege that Apple has failed to safeguard the App Store from such
11
United States District Court
Northern District of California
7
apps, while representing to the public that Apple’s products are “safe and secure.” CAC ¶ 64.
12
Apple is “notorious for complete control over its products.” CAC ¶ 87. App developers
13
must submit their apps to Apple for review, and Apple decides whether to offer them on the App
14
Store. To be eligible for inclusion, third-party app developers must register with Apple and agree
15
to the iOS Developer Agreement (“IDA”) and the Program License Agreement (“PLA”), as well
16
as pay a yearly registration fee. CAC ¶ 87–89. Apple reserves the right to reject apps for any
17
reason, and has explicitly reserved the right to reject apps that breach the licensing agreements,
18
provide Apple with inaccurate documents or information, or violate, misappropriate, or infringe
19
the rights of a third party. CAC ¶ 90. After joining the program, app developers use Apple’s
20
software development kit (“SDK”), which provides guidelines and tools for app development.
21
CAC ¶ 91.
22
The App Store Review Guidelines prohibit the transmission of user data without prior
23
permission. CAC ¶¶ 101, 104. However, Plaintiffs allege that Apple’s “iOS Human Interface
24
Guidelines” encourage data theft. The guidelines are meant to guide developers as they create
25
apps for the App Store. Apple tells developers, “don’t force people to give you information you
26
can easily find for yourself, such as their contacts or calendar information,” and “[i]f possible,
27
avoid requiring users to indicate their agreement to your [end user license agreement] when they
28
first start your application. Without an agreement displayed, users can enjoy your application
4
1
2
without delay.” CAC ¶ 212 (emphasis omitted).
Plaintiffs allege that “Apple taught Program registrants’ to incorporate forbidden data
3
harvesting functionalities — even for private “contacts” — into their Apps and encouraged
4
Program registrants to design those functions to operate in non-discernible manners that would not
5
be noticed by the iDevice owner. These App Defendants, apparently in accord with Apple’s
6
instructions, did just that with their identified Apps.” CAC ¶ 214.
7
Similarly, Plaintiffs allege: “Apple’s Program tutorials and developer sites [] teach
8
Program registrants how to code and build apps that non-consensually access, manipulate, alter,
9
use and upload the mobile address books maintained on Apple iDevices.” CAC ¶ 190.
B.
11
United States District Court
Northern District of California
10
Plaintiffs allege that each of the App Defendants developed an app that copied iDevice
The Subject Apps
12
users’ contact information without the user’s consent. In February 2012, it was revealed that App
13
Defendant Path’s app, also called “Path,” was uploading users’ contacts and calendar information
14
to its servers without users’ knowledge. Path’s CEO publicly apologized after the practice was
15
made public. CAC ¶ 110.
16
Plaintiffs allege that several popular apps, including those designed by each App
17
Defendant, have accessed and uploaded user data without consent. In some of these cases, the
18
apps accessed user data without any prompt at all. See CAC ¶¶ 112, 136. Path is one such app.
19
In other cases, the apps “surreptitiously accessed and uploaded information from users’ Contacts
20
app through a ‘Find Friends’ feature without disclosing to users that the feature would leave their
21
private information vulnerable to unauthorized download by the third-party app manufacturer.”
22
CAC ¶ 108.
23
The public revelations concerning third parties’ access to users’ private information led
24
Congressmen Waxman and Butterfield to write to Apple and to thirty-four app publishers in
25
February and March of 2012, asking for more information about the practice. CAC ¶¶ 115–17
26
The February letter to Apple noted that Apple’s website at that time represented that
27
iDevice apps “have access to a device’s global data such as contacts in the Address Book,” while
28
Apple’s review guidelines required app developers to gain users’ permission prior to transmitting
5
1
data about a user. CAC ¶ 115. The letter continues:
2
In spite of this guidance, claims have been made that “there’s a quiet
understanding among many iOS app developers that it is acceptable
to send a user’s entire address book, without their permission, to
remote servers and then store it for future reference. It’s common
practice, and many companies likely have your address book stored
in their database.” One blogger claims to have conducted a survey
of developers of popular iOS apps and found that 13 of 15 had a
“contacts database with millions of records” — with one claiming to
have a database containing “Mark Zuckerberg’s cell phone number,
Larry Ellison’s home phone number and Bill Gates’ cell phone
number.
3
4
5
6
7
8
9
Id. In March 2012, Senator Schumer called for an investigation by the Federal Trade
Commission. CAC ¶ 118. In September 2012, Apple released iOS 6, which updated privacy
11
settings on iDevices in a manner that discloses which apps access users’ contacts, calendars,
12
reminders, photos, and other personal information, and allows users a way to prevent certain apps
13
from accessing certain information. CAC ¶ 120.
14
15
The following chart outlines the apps each Plaintiff alleges he or she downloaded and
deployed:
16
28
Yelp!
27
X
Twitter
26
X
X
Path
25
Kik Messenger
24
X
Instagram
23
X
Hipster
22
Gowalla
21
X
X
Foursquare
20
Plaintiff
Alan Beuershasen
Giuli Biondi
Lauren Carter
Steve Dean
Stephanie Dennis-Cooley
Jason Green
Claire Hodgins
Gentry Hoffman
Rachelle King
Nirali Mandaywala
Claire Moses
Judy Paul
Maria Pirozzi
Theda Sandiford
Greg Varner
Foodspotting
19
Cut The Rope
18
Angry Birds
Classic
17
Angry Birds
United States District Court
Northern District of California
10
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
6
X
X
X
X
X
X
X
X
1
2
3
4
5
C.
Apple’s Representations
Plaintiffs allege that “Apple has repeatedly represented that Apple’s products are safe and
secure, and that private information could not be accessed by third-party apps without the user’s
express consent.” CAC ¶ 64. Throughout the CAC, Plaintiffs identify representations Apple has
made on its website, in in-store advertisements, and otherwise, to the effect that iOS is “highly
secure,” sometimes in particular with respect to the accessing of data by apps from other apps.
6
See CAC ¶¶ 102–04, 121–123.
7
8
9
For example, when the App Store first launched, Apple’s former CEO Steve Jobs
explained, “[t]here are going to be some apps that we’re not going to distribute. Porn, malicious
apps, apps that invade your privacy.” CAC ¶ 92. Plaintiffs allege that Apple repeated this refrain
10
continuously during the launch of the App Store, and publicly took action consistent with these
United States District Court
Northern District of California
11
12
goals. See CAC ¶¶ 93–98. In October 2007, Jobs stated: “It will take until February to release an
SDK because we’re trying to do two diametrically opposed things at once — provide an advanced
13
and open platform to developers while at the same time protect iPhone users from viruses,
14
malware, privacy attacks, etc. As our phones become more powerful, these malicious programs
15
16
17
18
19
will become more dangerous.” CAC ¶ 94. At an SDK press conference on March 6, 2008, Jobs
repeated that Apple would place limitations on third party apps for “malicious” and “illegal”
content in order to address “privacy” concerns. CAC ¶ 93. Apple also “famously refused to
integrate Adobe Flash technology” despite user demands. Jobs explained in April 2010 that this
decision was made “because of reliability, security, and performance concerns.” CAC ¶ 97. “In
20
sum, Apple has attempted to cultivate a perception that its products are safe and that Apple strives
21
22
23
24
25
26
27
to protect users.” CAC ¶ 99.
In September 2011, Apple’s website stated that “iOS 4 is highly secure from the moment
you turn on your iPhone. All apps run in a safe environment, so a website or app can’t access data
from other apps.” CAC ¶ 102. Apple also assured consumers that, for data-security purposes,
“Applications on the device are ‘sandboxed’ so they cannot access data stored by other
applications.” CAC ¶ 209.
Apple’s “customer privacy policy” states that Apple takes “precautions — including
28
7
1
administrative, technical, and physical measures — to safeguard your personal information against
2
loss, theft, and misuse, as well as against unauthorized access, disclosure, alteration, and
3
destruction.” CAC ¶ 122.
Plaintiffs further allege that “[f]rom 2008 to the present, the highest levels of Apple (from
4
5
its founder to its current CEO to its corporate spokespersons) have so consistently expressed
6
publicly that Apple protects its customers’ and iDevice owners’ security and privacy that —
7
though inaccurate — it is ingrained into the image of Apple’s culture, products and offerings as
8
well as in the minds of customers.” CAC ¶ 211.
Plaintiffs allege they saw and relied on Apple’s website, in-store advertisements, and
9
television advertising in purchasing their iDevices, and that they would have paid less for their
11
United States District Court
Northern District of California
10
devices, or not purchased them at all, had they known they were vulnerable to privacy attacks.
12
See CAC ¶ 125–26.
13
II.
LEGAL STANDARDS
On a motion to dismiss, the Court accepts the material facts alleged in the complaint,
14
15
together with all reasonable inferences to be drawn from those facts, as true. Navarro v. Block,
16
250 F.3d 729, 732 (9th Cir. 2001). However, “the tenet that a court must accept a complaint’s
17
allegations as true is inapplicable to threadbare recitals of a cause of action’s elements, supported
18
by mere conclusory statements.” Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009). To be entitled to
19
the presumption of truth, a complaint’s allegations “must contain sufficient allegations of
20
underlying facts to give fair notice and to enable the opposing party to defend itself effectively.”
21
Starr v. Baca, 652 F.3d 1202, 1216 (9th Cir. 2011), cert. den’d, --- U.S. ----, 132 S.Ct. 2101
22
(2012).
23
To survive a motion to dismiss, a plaintiff must plead “enough facts to state a claim to
24
relief that is plausible on its face.” Bell Atlantic Corp. v. Twombly, 550 U.S. 544, 570 (2007).
25
Plausibility does not mean probability, but it requires “more than a sheer possibility that a
26
defendant has acted unlawfully.” Iqbal, 556 U.S. at 687. “A claim has facial plausibility when the
27
plaintiff pleads factual content that allows the court to draw the reasonable inference that the
28
defendant is liable for the misconduct alleged.” Id. In the Ninth Circuit, “[i]f there are two
8
1
alternative explanations, one advanced by defendant and the other advanced by plaintiff, both of
2
which are plausible, plaintiff’s complaint survives a motion to dismiss under Rule 12(b)(6).
3
Plaintiff’s complaint may be dismissed only when defendant’s plausible alternative explanation is
4
so convincing that plaintiff’s explanation is implausible.” Starr, 652 F.3d at 1216 (original
5
emphasis).
6
In addition, fraud claims are subject to a heightened pleading standard. “In alleging fraud
7
or mistake, a party must state with particularity the circumstances constituting fraud or mistake.”
8
Fed. R. Civ. P. 9(b). The allegations must be specific enough to give a defendant notice of the
9
particular misconduct alleged to constitute the fraud such that the defendant may defend against
the charge. Semegen v. Weidner, 780 F.2d 727, 731 (9th Cir. 1985). In general, allegations
11
United States District Court
Northern District of California
10
sounding in fraud must contain “an account of the time, place, and specific content of the false
12
representations as well as the identities of the parties to the misrepresentations.” Swartz v. KPMG
13
LLP, 476 F.3d 756, 765 (9th Cir. 2007). However, “[m]alice, intent, knowledge, and other
14
conditions of a person's mind may be alleged generally.” Fed. R. Civ. P. 9(b).
15
Finally, a “Rule 12(b)(1) jurisdictional attack may be facial or factual. In a facial attack,
16
the challenger asserts that the allegations contained in a complaint are insufficient on their face to
17
invoke federal jurisdiction. By contrast, in a factual attack, the challenger disputes the truth of the
18
allegations that, by themselves, would otherwise invoke federal jurisdiction.” Safe Air for
19
Everyone v. Meyer, 373 F.3d 1035, 1039 (9th Cir. 2004) (citation omitted). In resolving a facial
20
attack, courts assume that the allegations are true, and draw all reasonable inferences in the
21
plaintiff’s favor. Wolfe v. Strankman, 392 F.3d 358, 362 (9th Cir. 2004) (citations omitted). “In
22
resolving a factual attack on jurisdiction, the district court may review evidence beyond the
23
complaint without converting the motion to dismiss into a motion for summary judgment. The
24
court need not presume the truthfulness of the plaintiff’s allegations. Once the moving party has
25
converted the motion to dismiss into a factual motion by presenting affidavits or other evidence
26
properly brought before the court, the party opposing the motion must furnish affidavits or other
27
evidence necessary to satisfy its burden of establishing subject matter jurisdiction.” Safe Air, 373
28
F.3d at 1039 (citations omitted).
9
1
2
III.
APPLE’S MOTION TO DISMISS
Apple moves to dismiss all of Plaintiffs’ claims on Article III standing grounds, as well as
each of Plaintiffs’ substantive claims for failure to state a claim upon which relief can be granted.
3
Because Article III standing is a threshold jurisdictional question, the Court will first address
4
Apple’s Rule 12(b)(1) motion to dismiss on the grounds that Plaintiffs lack Article III standing.
5
See Steel Co. v. Citizens for a Better Env., 523 U.S. 83, 94 (1998).
6
7
A.
Article III Standing
1.
8
Legal Standards
To establish Article III standing, a plaintiff in federal court must meet three requirements.
9
First, the plaintiff must have suffered an “injury in fact” — an invasion of a legally protected
10
interest which is (a) concrete and particularized and (b) actual or imminent, not conjectural or
11
United States District Court
Northern District of California
hypothetical. Second, there must be a causal connection between the injury and the conduct
12
complained of — the injury has to be fairly traceable to the challenged action of the defendant,
13
and not the result of the independent action of some third party not before the court. Third, it must
14
be likely, as opposed to merely speculative, that the injury will be redressed by a favorable
15
decision. Lujan v. Defenders of Wildlife, 504 U.S. 555, 560–61 (1992).
16
The standing requirements are not pleading requirements. Rather, “each element must be
17
supported in the same way as any other matter on which the plaintiff bears the burden of proof,
18
19
20
i.e., with the manner and degree of evidence required at the successive stages of the litigation.” Id.
at 561. Nevertheless, “[a]t the pleading stage, general factual allegations of injury resulting from
the defendant’s conduct may suffice.” Id. A “court’s obligation to take a plaintiff at its word at
21
that stage in connection with Article III standing issues is primarily directed at the injury in fact
22
23
and causation issues, not redressability.” Levine v. Vilsack, 587 F.3d 986, 996–97 (9th Cir. 2009)
(citing Lujan, 504 U.S. at 561). “[I]t is within the trial court's power to allow or to require the
24
plaintiff to supply, by amendment to the complaint or by affidavits, further particularized
25
allegations of fact deemed supportive of plaintiff's standing.” Warth v. Seldin, 422 U.S. 490, 501–
26
02 (1975).
27
In addition, even when a plaintiff is able to establish Article III standing, prudential
28
10
1
considerations may preclude the exercise of federal jurisdiction. A plaintiff’s claim must fall
2
within the “zone of interests” sought to be protected by the statute or constitutional provision in
3
question. Bond v. United States, ___ U.S. ____, 131 S. Ct. 2355, 2366–67 (2011). That claim
4
must be based on the plaintiff’s own legal rights and interests rather than the legal rights or
5
interests of third parties. Elk Grove Unified School Dist. v. Newdow, 542 US 1, 15 n.7 (2004).
6
And the injury must be individualized, or confined to a discrete group; courts will not adjudicate
7
“‘abstract questions of wide public significance’” amounting only to “‘generalized grievances.’”
8
Valley Forge Christian College v. Americans United for Separation of Church & State, Inc., 454
9
U.S. 464, 474–75 (1982) (quoting Warth, 422 U.S. at 499–50).
Finally, in a class action, it is not sufficient for any named plaintiff to rely on the injuries
11
United States District Court
Northern District of California
10
suffered by the class to satisfy Article III standing requirements; each named plaintiff must meet
12
the standing requirements, including satisfactorily alleging that each named plaintiff suffered
13
“non-speculative injury.” Lierboe v. State Farm Mut. Auto. Ins. Co., 350 F.3d 1018, 1022 (9th
14
Cir. 2003).
15
2.
Injury-in-Fact and Causation
Despite the presence of fifteen named Plaintiffs and fifteen Defendants, and the assertion
16
17
of twenty-six causes of action, Plaintiffs’ case is rather simple. Plaintiffs allege that Apple sold
18
them devices that made it possible for third parties to access and copy Plaintiffs’ address books
19
without their knowledge. Plaintiffs allege, with respect to Apple, that they suffered injury in the
20
form of having overpaid for their iDevices, because they would have paid less for their devices, or
21
not purchased them at all, if Apple had disclosed that it had failed adequately to secure the devices
22
from the alleged intrusion.
In denying Apple’s second motion to dismiss Plaintiff Pirozzi’s6 claims on standing
23
24
grounds, this Court observed that her alleged overpayment injury satisfied Article III’s injury-in-
25
fact requirement because “palpable economic injuries have long been recognized as sufficient to
26
lay the basis for standing.” Sierra Club v. Morton, 405 U.S. 727, 733–34 (1972); see also Comm.
27
6
28
Pirozzi’s action was related to the above-captioned action, and her claims are now grouped in the
CAC with the claims of the other fourteen Plaintiffs.
11
1
v. Reno, 98 F.3d 1121, 1130 (9th Cir. 1996) (“Economic injury is clearly a sufficient basis for
2
standing.”). See Pirozzi v. Apple, Inc., No. 12-cv-01529-JST, ___ F. Supp. 2d ____, 2013 WL
3
4029067, at *4 (N.D. Cal. Aug. 5, 2013) (“Pirozzi II”). Judge Gonzalez Rogers previously
4
reached the same conclusion. See Pirozzi v. Apple, Inc., No. 12-cv-1529-YGR, 913 F. Supp. 2d
5
840, 847 (N.D. Cal. Dec. 20, 2012) (“Pirozzi I”) (“Apple's arguments misconstrue the nature of
6
Plaintiff's allegations . . . . Overpaying for goods or purchasing goods a person otherwise would
7
not have purchased based upon alleged misrepresentations by the manufacturer would satisfy the
8
injury-in-fact and causation requirements for Article III standing.”).
9
Nevertheless, Apple argues that Plaintiffs have not satisfied the causation requirement
because no Plaintiff has identified the specific representations made by Apple that form the basis
11
United States District Court
Northern District of California
10
of their overpayment theory of liability. The CAC makes the following allegations concerning
12
Apple’s alleged misrepresentations and Plaintiffs’ reliance:
13
[E]ach Plaintiff viewed Apple’s online, in-store, and/or television
advertisements. In addition, each Plaintiff relied on Apple’s
reputation for safety, cultivated through Apple’s extensive
marketing and advertising campaigns. Each Plaintiff purchased an
iDevice with the expectation that (i) it would come with a fully
functioning App Store, and (ii) that Plaintiff would be able to utilize
the “Contacts” function and iDevice apps from the App Store
without compromising the security, safety, or control of Plaintiff’s
iDevice, mobile address book, or other personal and private
information. Indeed, each Plaintiff purchased an iDevice with the
expectation that he or she would maintain a mobile address book
and receive and use additional add-on apps on his or her iDevice.
Had any Plaintiff known that iDevices lacked promised features or
that Apple designed the iDevices with known vulnerabilities to
unauthorized operations from Apple-issued [third-party] apps,
Plaintiffs would not have accepted add-on apps from Apple or the
App Store and would have paid less for his or her iDevice. At no
time prior to the purchase of Plaintiffs’ iDevice did Apple warn any
Plaintiff that the iDevice and its data — particularly the Contacts
feature and mobile address book — were vulnerable to unauthorized
control and dissemination by third-parties.
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
CAC ¶ 32.
Apple’s standing argument fails to appreciate that “the threshold question of whether
plaintiff has standing (and the court has jurisdiction) is distinct from the merits of his claim.
12
Rather, ‘[t]he jurisdictional question of standing precedes, and does not require, analysis of the
2
merits.’” Maya v. Centex Corp., 658 F.3d 1060, 1068 (9th Cir. 2011) (quoting Equity Lifestyle
3
Props., Inc. v. Cnty. of San Luis Obispo, 548 F.3d 1184, 1189 n.10 (9th Cir. 2008)). In other
4
words, it is possible that Plaintiffs may file a civil action “‘without suffering dismissal for want of
5
standing to sue,’” even though they are “[un]able to assert a cause of action successfully.”7 In re
6
Facebook Privacy Litig., 791 F. Supp. 2d 705, 712 n.5 (N.D. Cal. 2011) (quoting Doe v. Chao,
7
540 U.S. 614, 624–25 (2004)). See also Warth, 422 U.S. at 500 (standing “in no way depends on
8
the merits of the [ ] contention that particular conduct is illegal.”); Catholic League for Religious
9
and Civil Rights v. City & Cnty. of San Francisco, 624 F.3d 1043, 1049 (9th Cir. 2010) (en banc)
10
(standing analysis may not “be used to disguise merits analysis, which determines whether a claim
11
United States District Court
Northern District of California
1
is one for which relief can be granted if factually true.”).
For the Court to have jurisdiction over Plaintiffs’ claims, their alleged injury must be
12
13
“‘fairly traceable’” to Apple, and not the result of the “‘independent action of some third party not
14
before the court.’” Lujan v. Defenders of Wildlife, 504 U.S. 555, 560–61 (1992) (quoting Simon
15
v. Eastern Ky. Welfare Rights Organization, 426 U.S. 26, 41–42 (1976)). Plaintiffs’ claims meet
16
that requirement: Plaintiffs allege that Apple misled them through its advertising and failed to
17
disclose material information, that each Plaintiff relied on these misrepresentations or non-
18
disclosures, and that each Plaintiff overpayed for Apple’s products. The requirements to allege
19
standing are not the same as the requirements to plead injury under the substantive law. See Low
20
v. LinkedIn Corp., 900 F. Supp. 2d 1010, 1027 (N.D. Cal. 2012) (holding plaintiffs satisfied
21
Article III standing even though they had failed to allege reliance on particular representations,
22
23
24
25
26
27
28
7
Apple’s reliance on In re iPhone Application Litig. (“iPhone III”), No. 11-md-2250-LHK, ___ F.
Supp. 2d ____, 2013 WL 6212591, at *8 (N.D. Cal. Nov. 25, 2013), underlines the importance of
accounting for the stage of litigation at which the Court engages in the standing analysis. After
sustaining the plaintiffs’ claims and finding they did not lack standing at the pleading stage, the
court in iPhone III granted summary judgment on standing grounds because Apple adduced
“specific facts” through discovery that established a lack of evidence of causation, fatally
undermining the plaintiffs’ Article III standing. Here, Plaintiffs’ allegations are, at the pleading
stage, sufficient to establish standing. That development of the factual record may one day dictate
a different result does not alter the Court’s analysis now.
13
1
and even though their FAL claims were dismissed with prejudice on that basis).8
2
Plaintiffs are also independently able to establish standing through their statutory claims
3
because “[t]he injury required by Article III can exist solely by virtue of ‘statutes creating legal
4
rights, the invasion of which creates standing.’” Edwards v. First Am. Corp., 610 F.3d 514, 517
5
(9th Cir. 2010) (quoting Fulfillment Servs. Inc. v. United Parcel Serv., Inc., 528 F.3d 614, 618
6
(9th Cir. 2008)). See also Robins v. Spokeo, Inc., No. 11-56843, ___ F.3d ____, 2014 WL
7
407366, at *2–3 (9th Cir. Feb. 4, 2014) (“[T]he violation of a statutory right is usually a sufficient
8
injury in fact to confer standing.”). “The scope of the cause of action determines the scope of the
9
implied statutory right . . . . When, as here, the statutory cause of action does not require proof of
actual damages, a plaintiff can suffer a violation of the statutory right without suffering actual
11
United States District Court
Northern District of California
10
damages.” Id. (citation omitted). Apple does not respond to this argument, other than to argue
12
that Plaintiffs cannot establish those substantive claims.
Apple makes several more arguments concerning the merits of Plaintiffs’ claims, including
13
14
that Plaintiffs have failed to allege their address books were actually uploaded,9 and that Apple is
15
not responsible for the App Defendants’ conduct. None of these arguments affect the Court’s
16
standing analysis and are better left to the question of whether Plaintiffs have failed to state a
17
claim upon which relief can be granted.
18
19
20
21
22
23
24
8
There is further support in the CAC for Plaintiffs’ standing. Plaintiffs allege that Apple
contributed to the theft of address books through its review of App Store submissions, its App
Store review guidelines, its software development kit, other sources of guidance Apple makes
available to app developers, and through its failure to catch the offending features contained in the
apps implicated in this suit. Plaintiffs also assert product liability claims against Apple for its
design of iDevices, and for its failure to warn consumers of their alleged defects. Again, the Court
notes that the question of whether these allegations suffice to establish any of Plaintiffs’ claims
against Apple is separate from the question of whether these allegations are sufficient to invoke
the Court’s subject matter jurisdiction.
9
25
26
27
28
In fact, the CAC alleges that apps designed by each App Defendant were downloaded by at least
one Plaintiff, and that each of those apps has been shown to upload users’ address books without
consent after a known set of steps is taken by the user. That Plaintiffs do not allege that their
information was, in fact, uploaded is not surprising, since only discovery will reveal whether and
how the allegedly widespread practice affected each Plaintiff. But Plaintiffs plausibly allege that
they “unwittingly took those steps . . . needed to unwittingly trigger the unnoticeable transmission
of their mobile address books.” CAC ¶ 139.
14
1
Finally, relying on In re LinkedIn User Privacy Litig., 932 F. Supp. 2d 1089, 1094 (N.D.
2
Cal. 2013), Apple argues that an overpayment claim cannot survive without an allegation of
3
“something more” than overpaying for a defective product, such as an allegation that the address
4
books were actually stolen. In LinkedIn, the court held that, “in cases where the alleged wrong
5
stems from allegations about insufficient performance or how a product functions, courts have
6
required plaintiffs to allege ‘something more’ than ‘overpaying for a “defective” product.’” In re
7
LinkedIn User Privacy Litig., 932 F. Supp. 2d 1089, 1094 (N.D. Cal. 2013) (citing In re Toyota
8
Motor Corp., 790 F.Supp.2d 1152, 1165 n. 11 (C.D.Cal.2011)).
9
Apple misreads LinkedIn and the cases upon which the LinkedIn court relied. The
deficiency in the LinkedIn plaintiffs’ standing was that they were pleading only a difference
11
United States District Court
Northern District of California
10
between what they had been promised by LinkedIn and what they had received, i.e., a breach of
12
contract. In re LinkedIn User Privacy Litig., 932 F. Supp. 2d 1089, 1094 (N.D. Cal. 2013)
13
(“Plaintiffs cannot rely solely on the ‘benefit of the bargain’ theory of economic harm to
14
sufficiently meet the requirements for Article III standing”). They did not allege that they had
15
suffered any other separate injury.
16
More relevant here is the decision in In re Toyota Motor Corp., 790 F. Supp. 2d 1152,
17
1165 (C.D. Cal. 2011), on which the LinkedIn court relied. There, the plaintiffs alleged that they
18
relied on Toyota’s “advertisements for Toyota vehicles on television, in magazines, on billboards,
19
in brochures at the dealership, on the Internet, in newspapers, and on banners in front of the
20
dealership,” throughout which “safety and reliability” were a “consistent theme.” Id. at 1161. The
21
plaintiffs also alleged that, had Toyota disclosed the safety defect in its vehicles of which they
22
complained, they would not have purchased their vehicles, or would have paid less for them.
23
Relatedly, they alleged that their vehicles were worth less in the used car market as a consequence
24
of the public revelations concerning the safety defect. The Toyota Motors court rejected many of
25
the same standing arguments Apple advances here because “once the safety defect is sufficiently
26
and plausibly pled by all Plaintiffs, the economic losses resulting from the defect are readily
27
established: defective cars are simply not worth as much.” Id. at 1163. This was so even though
28
the defect had not manifested in all of the plaintiffs’ vehicles. As the Toyota Motors court
15
1
2
3
4
5
6
7
explained,
When the economic loss is predicated solely on how a product
functions, and the product has not malfunctioned, the Court agrees
that something more is required than simply alleging an
overpayment for a “defective” product . . . . [T]hat “something
more” could be allegations based on market forces. It could also be
based on sufficiently detailed, non-conclusory allegations of the
product defect.
Id. at 1165 n.11.
Here, the Court finds that Plaintiffs’ allegations concerning the offending feature of the
8
product — design that enables third parties to take address book information without consent —
9
supply the “something more” that is required. Whether Plaintiffs’ product liability claims state a
10
claim upon which relief can be granted is a separate question the Court addresses below.
United States District Court
Northern District of California
11
Separately, Plaintiffs allege injury-in-fact to their property rights in their address books, as
12
distinct from the economic injury of overpayment for their iDevices, as support for their common
13
law conversion and trespass claims. The Court discusses this allegation in connection with the
14
App Defendants’ motion to dismiss in more detail infra, Part IV.A. For the reasons discussed in
15
that section, the Court finds that Plaintiffs lack Article III standing based on any injury to their
16
property rights in their address books. For this reason, the Court will dismiss Plaintiffs’ common
17
law claims against Apple for conversion and trespass.
18
3.
Non-Resident Plaintiffs
19
Apple also argues that the non-resident Plaintiffs lack standing to assert California
20
statutory claims. That argument “conflate[s] two issues: the extraterritorial application of
21
California consumer protection laws (or the ability of a nonresident plaintiff to assert a claim
22
under California law), and choice-of-law analysis . . . .” Forcellati v. Hyland’s, Inc., 876 F. Supp.
23
2d 1155, 1160 (C.D. Cal. 2012). “Whether a nonresident plaintiff can assert a claim under
24
California law is a constitutional question based on whether California has sufficiently significant
25
contacts with the plaintiff's claims.” Id. (citing Mazza v. American Honda Motor Co., 666 F.3d
26
581, 589 (9th Cir. 2012)). In Mazza, for example, “California ha[d] a constitutionally sufficient
27
aggregation of contacts to the claims of each putative class member . . . because Honda's corporate
28
headquarters, the advertising agency that produced the allegedly fraudulent misrepresentations,
16
1
and one fifth of the proposed class members [were] located in California.” Mazza, 666 F.3d at
2
589. In Forcellati, the fact that the defendant was alleged to be headquartered in Los Angeles led
3
the court to conclude that “application of California law poses no constitutional concerns.”
4
Forcellati, 876 F. Supp. 2d at 1160.
Apple’s arguments here were recently rejected by Judge Wilken in another case arising out
6
of Apple’s marketing activities. See In re iPhone 4S Consumer Litig., No. 12-cv-1127-CW, 2013
7
WL 3829653, at *7–8 (N.D. Cal. July 23, 2013). There, the plaintiffs “alleged that their injuries
8
were caused by Apple's wrongful conduct in false advertising that originated in California.” Id. at
9
*7. Judge Wilken noted that the presumption against the extraterritoriality of California law does
10
not apply where the misconduct occurs in California. See Wershba v. Apple Computer, Inc., 91
11
United States District Court
Northern District of California
5
Cal. App. 4th 224, 243 (2001) (California statutes apply to “non-California members of a
12
nationwide class where the defendant is a California corporation and some or all of the challenged
13
conduct emanates from California.”). Judge Wilken also distinguished In re Apple & AT&T iPad
14
Unlimited Data Plan Litig., 802 F. Supp. 2d 1070, 1076 (N.D. Cal. 2011), upon which Apple also
15
relies here, because in that case, unlike here, a contractual choice-of-law clause selected the law of
16
each customer’s state of residence. The Court agrees with Judge Wilken’s careful analysis in the
17
iPhone 4S decision.
18
Apple relies heavily on Sullivan v. Oracle Corp., 51 Cal. 4th 1191, 1209 (2011), for
19
support. Sullivan concerned an overtime claim asserted under the unlawful prong of the UCL, the
20
predicate offense for which was a violation of the federal Fair Labor Standards Act (“FLSA”).10
21
The plaintiffs alleged that the employer had made the decision to mis-classify workers in
22
California. Noting that “the UCL reaches any unlawful business act or practice committed in
23
California,” the court found that “for an employer to adopt an erroneous classification policy is not
24
unlawful in the abstract.” Id. at 1208. Consequently, the court held that the UCL “does not apply
25
to overtime work performed outside California for a California-based employer by out-of-state
26
plaintiffs in the circumstances of this case based solely on the employer's failure to comply with
27
28
10
The Ninth Circuit had certified the question for the California Supreme Court to answer.
17
1
the overtime provisions of the FLSA.” Id. Thus, the California Supreme Court’s holding (1) did
2
not undermine the established presumption that nonresident plaintiffs may assert California claims
3
to address unlawful conduct committed in California by a California resident; and (2) was limited
4
to the FLSA overtime pay context because the work is “performed outside California.” Other
5
courts have come to the conclusion, as this Court does, that Sullivan provides no support for the
6
argument that a national class cannot assert California fraud claims against a California
7
corporation for its misleading marketing. See, e.g., Gross v. Symantec Corp., No. 12-cv-154-
8
CRB, 2012 WL 3116158, at *7 n.10 (N.D. Cal. July 31, 2012); Parkinson v. Hyundai Motor
9
America, 258 F.R.D. 580, 598 (C.D. Cal. 2008).
10
The Court notes that Apple has not argued that the Court should apply the law of each
United States District Court
Northern District of California
11
plaintiff’s home state to her claims, and the Court does not reach the question of whether it should.
12
The Court only concludes that it is constitutional for the nonresident Plaintiffs to assert California
13
statutory claims against Apple based on Apple’s conduct in California. For this reason, Apple’s
14
reliance on the choice-of-law analysis in In re Sony Gaming Networks & Customer Data Sec.
15
Breach Litig., 903 F. Supp. 2d 942 (S.D. Cal. 2012), and Frezza v. Google, Inc., No. 12-cv-237-
16
RMW, 2013 WL 1736788, at *5 (N.D. Cal. Apr. 22, 2013), is misplaced. The question of whether
17
the CAC presents a certifiable class under Mazza, and in particular, how a choice-of-law analysis
18
would affect class certification, is a question for another day.
19
B.
20
Apple moves to dismiss all of Plaintiffs’ claims against it, except those premised on
Communications Decency Act
21
Apple’s alleged misrepresentations, on the ground that the Communications Decency Act
22
(“CDA”), 47 U.S.C. § 230, bars Plaintiffs’ claims. Section 230(c)(1) provides: “No provider or
23
user of an interactive computer service shall be treated as the publisher or speaker of any
24
information provided by another information content provider.” Section 230(c)(2) provides:
25
26
27
28
No provider or user of an interactive computer service shall be held
liable on account of-(A) any action voluntarily taken in good faith to restrict access to or
availability of material that the provider or user considers to be
obscene, lewd, lascivious, filthy, excessively violent, harassing, or
18
1
2
3
4
5
6
7
8
9
10
United States District Court
Northern District of California
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
otherwise objectionable, whether or not
constitutionally protected; or
such material
is
(B) any action taken to enable or make available to information
content providers or others the technical means to restrict access to
material described in [section 230(c)(1)].
Pursuant to the Act, an “interactive computer service” is “any information service, system,
or access software provider that provides or enables computer access by multiple users to a
computer server, including specifically a service or system that provides access to the Internet and
such systems operated or services offered by libraries or educational institutions.” 47 U.S.C. §
230(f)(2). An “information content provider” is “any person or entity that is responsible, in whole
or in part, for the creation or development of information provided through the Internet or any
other interactive computer service.” 47 U.S.C. § 230(f)(3).
Congress enacted these provisions as part of the Communications Decency Act of 1996
“for two basic policy reasons: to promote the free exchange of information and ideas over the
Internet and to encourage voluntary monitoring for offensive or obscene material. Carafano v.
Metrosplash.com, Inc., 339 F.3d 1119, 1122 (9th Cir. 2003). “In light of these concerns,
reviewing courts have treated § 230(c) immunity as quite robust, adopting a relatively expansive
definition of ‘interactive computer service’ and a relatively restrictive definition of ‘information
content provider.’ Under the statutory scheme, an ‘interactive computer service’ qualifies for
immunity so long as it does not also function as an ‘information content provider’ for the portion
of the statement or publication at issue.” Id. at 1123 (footnotes omitted).
Nevertheless, neither section 230(c) nor any other subsection in the CDA “declares a
general immunity from liability deriving from third-party content.” Barnes v. Yahoo!, Inc., 570
F.3d 1096, 1100 (9th Cir. 2009). Instead, to determine whether the CDA operates as a bar to civil
liability, courts must determine whether “a plaintiff's theory of liability would treat a defendant as
a publisher or speaker of third-party content.” Id. at 1101. “[W]hat matters is not the name of the
cause of action — defamation versus negligence versus intentional infliction of emotional distress
— what matters is whether the cause of action inherently requires the court to treat the defendant
as the ‘publisher or speaker’ of content provided by another. To put it another way, courts must
28
19
1
ask whether the duty that the plaintiff alleges the defendant violated derives from the defendant's
2
status or conduct as a ‘publisher or speaker.’ If it does, section 230(c)(1) precludes liability.” Id.
3
at 1101–02.
4
Determining whether a defendant is a “publisher” requires further definition of that term.
5
The Ninth Circuit has held that “publication involves reviewing, editing, and deciding whether to
6
publish or to withdraw from publication third-party content.” Id. at 1102. “[A] publisher reviews
7
material submitted for publication, perhaps edits it for style or technical fluency, and then decides
8
whether to publish it.” Id. Despite Plaintiffs’ arguments to the contrary,11 “it is immaterial
9
whether this decision comes in the form of deciding what to publish in the first place or what to
remove among the published material. This is particularly so in the context of the internet, where
11
United States District Court
Northern District of California
10
material can be ‘posted’ and ‘unposted’ with ease.” Id. at 1102 n.8 (citing Batzel v. Smith, 333
12
F.3d 1018, 1032 (9th Cir. 2003)). Cf. Batzel v. Smith, 333 F.3d 1018, 1032 (9th Cir. 2003) (“A
13
distinction between removing an item once it has appeared on the Internet and screening before
14
publication cannot fly [].”).
By contrast, the CDA does not bar claims against “information content providers.” An
15
16
entity “that is responsible, in whole or in part, for the creation or development” of the allegedly
17
offending information is not entitled to the CDA’s protection. “Development” refers “not merely
18
to augmenting the content generally, but to materially contributing to its alleged unlawfulness.”
19
Fair Hous. Council of San Fernando Valley v. Roommates.Com, LLC, 521 F.3d 1157, 1167–68
20
(9th Cir. 2008). Thus, “providing neutral tools to carry out what may be unlawful or illicit
21
searches does not amount to ‘development’ for purposes of the immunity exception.” Id. at 1169.
22
Nor does inoffensive editing for spelling errors, removing obscenity, or trimming for length.
23
However, “a website operator who edits in a manner that contributes to the alleged illegality —
24
such as by removing the word ‘not’ from a user's message reading ‘[Name] did not steal the
25
artwork’ in order to transform an innocent message into a libelous one — is directly involved in
26
the alleged illegality and thus not immune.” Id.
27
11
28
Plaintiffs argue that the CDA protects only an interactive computer service’s decision to exclude
offensive content.
20
Prior to the relation of Plaintiff Pirozzi’s action against Apple to the above-captioned
1
2
Opperman action, Apple moved to dismiss Pirozzi’s claims pursuant to the same provisions of the
3
CDA. Judge Gonzalez Rogers denied Apple’s motion on two bases. First, she found that
4
Pirozzi’s fraud and misrepresentation claims against Apple arising out of Apple’s conduct or
5
failure to disclose were “not predicated solely upon Apple's approving and distributing Apps via
6
its online App Store.” Pirozzi v. Apple Inc., 913 F. Supp. 2d 840, 849 (N.D. Cal. 2012). Thus,
7
the CDA did not bar those claims. Second, the court held that it was premature to consider the
8
application of the CDA at the pleading stage based on the “scant record” then before the court
9
because “if Apple is responsible for the ‘creation or development of [the] information’ at issue,
10
then Apple functions as an ‘information content provider’ unprotected by the CDA.” Id.
Here, Apple expressly excludes from its CDA argument any application to Plaintiffs’ fraud
United States District Court
Northern District of California
11
12
and misrepresentation claims, in recognition of Judge Gonzalez Rogers’ first conclusion. With
13
respect to her second conclusion, Apple argues that the CAC, which reproduces many of the
14
allegations in Pirozzi and supplements them with others, contains sufficient allegations from
15
which the Court can now conclude that the CDA bars the remainder of Plaintiffs’ claims against
16
Apple. Plaintiffs again maintain that resolution of the CDA issue must await a later stage of the
17
case.
18
The cases do not describe a one-size-fits all rule for when to apply the CDA. In some
19
cases the applicability of the CDA is “apparent from the face of the complaint”; in others, it is not.
20
Evans v. Hewlett-Packard Co., No. 13-cv-02477-WHA, 2013 WL 5594717, at *3 (N.D. Cal. Oct.
21
10, 2013) (quoting Goddard v. Google, Inc., 640 F. Supp. 2d 1193, 1200 n.5 (N.D. Cal. 2009)).
22
Here, the Court need not await further discovery before addressing Apple’s CDA argument,
23
because the CAC already pleads sufficient conduct to classify Apple as an “information content
24
provider” whose conduct is not protected by the CDA.
25
For example, Plaintiffs allege that Apple’s “iOS Human Interface Guidelines” encourage
26
data theft. The guidelines are meant to guide developers as they create apps for the App Store.
27
Among the guidelines are several suggestions that do, on their face, appear to encourage the
28
practices Plaintiffs complain of in this case. For example, Apple tells developers, “don’t force
21
people to give you information you can easily find for yourself, such as their contacts or calendar
2
information,” and “[i]f possible, avoid requiring users to indicate their agreement to your [end user
3
license agreement] when they first start your application. Without an agreement displayed, users
4
can enjoy your application without delay.” CAC ¶ 212 (emphasis omitted). Based on these
5
passages from the guidelines, Plaintiffs allege: “Apple taught Program registrants’ to incorporate
6
forbidden data harvesting functionalities — even for private “contacts” — into their Apps and
7
encouraged Program registrants to design those functions to operate in non-discernible manners
8
that would not be noticed by the iDevice owner. These App Defendants, apparently in accord with
9
Apple’s instructions, did just that with their identified Apps.” CAC ¶ 214. Similarly, Plaintiffs
10
allege: “Apple’s Program tutorials and developer sites [] teach Program registrants how to code
11
United States District Court
Northern District of California
1
and build apps that non-consensually access, manipulate, alter, use and upload the mobile address
12
books maintained on Apple iDevices.” CAC ¶ 190.
These allegations target conduct that goes beyond the traditional editorial functions of a
13
14
publisher, and beyond providing “neutral tools to carry out what may be unlawful or illicit”
15
conduct.12 Apple’s alleged conduct potentially constitutes contribution to the alleged illegality in
16
12
17
18
19
20
21
22
23
24
25
26
27
28
It is worth noting that not all of Plaintiffs’ allegations concerning Apple’s conduct fall outside
the CDA. For example, Plaintiffs’ assertion that Apple “provides third-party developers with
review guidelines, and conducts a review of all applications submitted for inclusion in the App
Store for compliance with these documents,” CAC ¶ 89, is identical to an allegation regarding the
app distributor in Evans, which that court found insufficient to support the plaintiff’s claim that
the distributor was also a co-creator. See Evans, 2013 WL 5594717, at *4 (“plaintiffs allege that
defendants ‘[m]andated specific “Application Content Criteria” for all content of the App,’
‘[m]andated “App Naming Guidelines” for the App,’ and ‘[m]andated technical criteria for the
App’”).
Apple’s role as an app publisher, including its promulgation of review guidelines, its review of all
apps submitted to the App Store, and its enforcement of its guidelines, is fundamental “publisher”
activity protected by the CDA. Plaintiffs’ allegations that Apple has failed to remove offending
apps from the App Store, CAC ¶ 90, and that it encourages consumers to download third-party
apps and advertises third-party apps in order to sell its devices are similarly subject to the CDA’s
protections.
Plaintiffs’ allegations concerning the software development kit also fall under the CDA, because
the kit is alleged to be nothing more than a “neutral tool” which app developers can use either
lawfully or unlawfully. Nothing in the CAC suggests that the kit itself contributes to the practice
of taking contact databases without consent. The kit, technologically speaking, makes that
22
1
a manner that invokes the “information content provider” exception to the CDA’s protections. See
2
Roommates.Com, 521 F.3d at 1167–68. At this juncture, the Court therefore cannot conclude that
3
Plaintiffs’ theories of liability deriving from Apple’s encouragement of the harvesting of contact
4
information without obtaining consent from the user are not barred by the CDA. See, e.g., Swift
5
v. Zynga Game Network, Inc., No. 09-cv-05443-SBA, 2010 WL 4569889, at *4–6 (N.D. Cal.
6
Nov. 3, 2010) (allegation that video game developer encouraged the creation of and consumption
7
of special offer “scams” were sufficient at pleading stage).
8
C.
9
Apple groups as “misrepresentation claims” Plaintiffs’ UCL, FAL, CLRA, and negligent
Misrepresentation Claims
misrepresentation claims. Apple argues that each claim fails as a matter of law because, according
11
United States District Court
Northern District of California
10
to Apple, “not once in the 166-page pleading does a single Plaintiff identify any specific
12
misrepresentation that he or she actually saw and relied upon in purchasing an Apple device.”
13
ECF No. 395 at 23.
Plaintiffs’ misrepresentation claims are subject to Rule 9(b)’s requirement that fraud
14
15
claims be pleaded with particularity.13 Plaintiffs’ allegations must therefore include “an account
16
of the time, place, and specific content of the false representations as well as the identities of the
17
parties to the misrepresentations.” Swartz v. KPMG LLP, 476 F.3d 756, 765 (9th Cir. 2007). The
18
purpose of this requirement is to provide the defendant with adequate notice of the claims against
19
it; plaintiffs must allege “‘what is false or misleading about a statement, and why it is false.’”
20
Vess v. Ciba-Geigy Corp. USA, 317 F.3d 1097, 1106 (9th Cir. 2003) (quoting In re GlenFed, Inc.
21
Sec. Litig., 42 F.3d 1541, 1548 (9th Cir. 1994)).
22
Plaintiffs must also adequately plead injury and causation. To have standing under the
23
UCL, a plaintiff must have suffered an injury in fact and “lost money or property as a result of
24
25
26
practice possible, but it also allows for developers to ask for permission first, rendering the tool
“neutral” in nature.
27
13
28
Rule 9(b) does not apply to Plaintiffs’ UCL claims for “unlawful” business practices to the
extent these claims are grounded on something other than fraud.
23
1
such unfair competition.” Hall v. Time Inc., 158 Cal. App. 4th 847, 849 (2008). The standing
2
requirement is substantially similar in this context for Plaintiff’s CLRA and FAL claims.14 See
3
Kwikset Corp. v. Super. Ct., 51 Cal. 4th 310, 322 (2011) (a plaintiff must “establish a loss or
4
deprivation of money or property sufficient to qualify as injury-in-fact” under the UCL and FAL);
5
Meyer v. Sprint Spectrum L.P., 45 Cal. 4th 634, 646 (2009) (“[I]n order to bring a CLRA action,
6
not only must a consumer be exposed to an unlawful practice, but some kind of damage must
7
result.”). And for negligent misrepresentation claims, a plaintiff must establish detrimental
8
reliance. For all of Plaintiffs’ misrepresentation claims, the parties agree that “[w]ithout such
9
reliance, there is no recovery.” Bily v. Arthur Young & Co., 3 Cal. 4th 370, 413 (1992).
Nevertheless, “[w]hile a plaintiff must show that the misrepresentation was an immediate
11
United States District Court
Northern District of California
10
cause of the injury-producing conduct, the plaintiff need not demonstrate it was the only cause.”
12
In re Tobacco II Cases, 46 Cal. 4th 298, 326 (2009). “Moreover, a presumption, or at least an
13
inference, of reliance arises wherever there is a showing that a misrepresentation was material.”
14
Engalla v. Permanente Med. Grp., Inc., 15 Cal. 4th 951, 977 (1997). A misrepresentation is
15
material if a reasonable person “would attach importance to its existence or nonexistence in
16
determining his choice of action in the transaction in question”; materiality is therefore ordinarily
17
a question of fact unless the “fact misrepresented is so obviously unimportant that the jury could
18
not reasonably find that a reasonable man would have been influenced by it.” Id. (quotations and
19
citations omitted).
20
1.
Specific Representations
21
In many consumer fraud cases, courts require a plaintiff to identify and describe the
22
specific alleged misrepresentations that each plaintiff saw or heard, and upon which each plaintiff
23
relied. Indeed, in granting Apple’s first motion to dismiss Plaintiff Pirozzi’s complaint, Judge
24
Gonzalez Rogers held that Pirozzi’s failure to “provide the particulars of her own experience
25
26
27
28
14
Whether a party has Article III standing to bring a cause of action in federal court is a different
analysis than whether the plaintiff has adequately established statutory standing under California's
UCL, CLRA, or FAL. Two Jinn, Inc. v. Gov't Payment Serv., Inc., No. 09-CV-2701-JLS, 2010
WL 1329077, at *3 (S.D. Cal. Apr. 1, 2010).
24
1
reviewing or relying upon any” of the misrepresentations identified in her complaint was fatal to
2
her claims. Pirozzi I, 913 F. Supp. 2d at 850. This Court denied Apple’s second motion to
3
dismiss based on Pirozzi’s identification of the specific representations she saw and relied upon,
4
which representations are also alleged here. Pirozzi II, 2013 WL 4029067, at *6–7. Apple now
5
argues that the Court’s prior order was based on a misreading of Pirozzi’s allegations and renews
6
its motion to dismiss.
7
Having again examined Pirozzi’s allegations, the Court now concludes that its prior
8
decision regarding reliance was in error. In her Second Amended Complaint, Pirozzi alleged that
9
Apple’s website contained the same representations discussed here, including the representation
that “[a]ll apps run in a safe environment, so a website or app can’t access data from other apps.”15
11
United States District Court
Northern District of California
10
Pirozzi II, 2013 WL 4029067, at *7. In its Order, the Court stated: “Plaintiff also alleges that she
12
relied on that statement in making her purchasing decision.” Id. In actuality, however, Pirozzi did
13
not allege that she relied on the statement; rather, she alleged only that she “visited Apple’s
14
website,” not that she read the particular representations she alleged were misleading. Pirozzi v.
15
Apple Inc., No. 12-cv-1529-JST, ECF No. 29 ¶ 10 (filed Jan. 22, 2013). Therefore, Pirozzi’s
16
allegations of reliance were inadequate.
17
The CAC suffers from the same defect. It repeats the identical allegations made in
18
Pirozzi’s Second Amended Complaint, and repeats the allegation that Pirozzi “viewed the Apple
19
website.” CAC ¶¶ 121–25. In the next paragraph, the CAC further alleges: “Likewise, each of the
20
other Plaintiffs visited Apple’s website . . . .” What the CAC fails to do is connect any specific
21
Plaintiff to any specific representation. The Court now concludes, even reading the complaint in
22
the light most favorable to Plaintiffs, that Plaintiffs have failed to allege that any one of them saw
23
any particular representation.
24
25
26
27
28
15
The Court rejects Apple’s argument that this statement is not actionable because it is literally
true. The CAC alleges that, although it comes pre-loaded on iDevices, the Contacts app is an app
like any other.
25
2.
1
Pleading a Long-Term and Extensive Advertising Campaign
Recognizing that the few specific representations relied upon by this Court in denying
2
Apple’s second motion to dismiss Pirozzi’s complaint form a narrow basis upon which to base this
3
action, Plaintiffs now largely rest their misrepresentation claims on a different basis: that Apple
4
allegedly engaged in a long-standing, widespread advertising campaign that created a reputation
5
for safety and reliability. In re Tobacco II, 46 Cal. 4th at 328 (“where, as here, a plaintiff alleges
6
exposure to a long-term advertising campaign, the plaintiff is not required to plead with an
7
unrealistic degree of specificity that the plaintiff relied on particular advertisements or
8
statements”).
9
The named plaintiffs in In re Tobacco II alleged that the tobacco industry defendants
10
conducted “a decades-long campaign of deceptive advertising and misleading statements about the
11
United States District Court
Northern District of California
addictive nature of nicotine and the relationship between tobacco use and disease.” Id. at 306. In
12
concluding that the plaintiffs did not need to identify the specific statements upon which they
13
relied, the California Supreme Court relied in part on a similar decision in Whiteley v. Philip
14
Morris Inc., 117 Cal. App. 4th 635, 680–82 (2004).
15
In Whiteley, the California Court of Appeal affirmed a jury verdict in favor of the plaintiff,
16
the husband of a woman who was a smoker and died of lung cancer. The tobacco industry
17
defendants argued on appeal that the plaintiff had failed to present sufficient evidence of reliance
18
to support the verdict. In particular, the defendants argued, as Apple does here, “that the evidence
19
did not show that Whiteley heard any specific misrepresentation or false promise made by either
20
defendant.” They further argued: “‘it is not enough that the plaintiff heard the alleged
21
misrepresentation at some unidentified time from some unidentified source. Instead, the plaintiff
22
must identify a specific misrepresentation that was actually communicated to the plaintiff (directly
23
or indirectly).’” Id. at 680. The Whiteley court expressly rejected that argument and held that the
24
plaintiff “did not have to prove that she saw or heard any specific misrepresentations of fact or
25
false promises that defendants made or that she heard them directly from defendants or their
26
agents. It was sufficient that the statements were issued to the public with the intent that they
27
reach smokers and potential smokers and that Whiteley, as a member of the intended target
28
26
1
2
population, heard them.” Id. at 680–81.
Relying on section 533 of the Restatement Second of Torts, the court held that the trial
3
court had correctly instructed the jury on this question as follows: “One who makes a
4
misrepresentation or false promise or conceals a material fact is subject to liability if he or she
5
intends that the misrepresentation or false promise or concealment of a material fact will be passed
6
on to another person and influence such person's conduct in the transaction involved . . . . One
7
who makes a misrepresentation or false promise or conceals a material fact with the intent to
8
defraud the public or a particular class of persons is deemed to have intended to defraud every
9
individual in that category who is actually misled thereby.” Id. at 681. The Whiteley court
10
affirmed the jury’s verdict in favor of the plaintiff because the tobacco defendants’ statements
United States District Court
Northern District of California
11
were intended to reassure smokers and potential smokers about the
health hazards of smoking and to convey that safety message. That
was exactly the message Whiteley received. Defendants' and their
agents' multifarious misrepresentations regarding the unsettled state
of knowledge and the unreliability of any link between cigarette
smoking and serious disease were made with the intention and
expectation that these misrepresentations would circulate among and
influence the conduct of all smokers and prospective smokers. They
were heard by or passeasd on to Whitel[e]y, who believed them.
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Id. at 681–82.
While several courts have considered whether to apply Tobacco II so as to relieve an
individual plaintiff of the need to plead that she viewed and relied on a specific misrepresentation,
the cases in the aggregate do not define any bright line rules. A review of the jurisprudence,
however, has led the Court to identify the following factors in determining whether to apply
Tobacco II.
First, to state the obvious, a plaintiff must allege that she actually saw or heard the
defendant’s advertising campaign. See, e.g., Pfizer Inc. v. Super. Ct., 182 Cal. App. 4th 622, 632
(2010) (“[A]lthough Pfizer ran four different television commercials with the ‘as effective as
floss’ campaign, the commercials did not run continuously and there is no evidence that a majority
of Listerine consumers viewed any of those commercials.”); Herrington, 2010 WL 3448531, at *8
(“Plaintiffs have not plead that they viewed any of Defendants' advertising, let alone a ‘long-term
27
1
advertising campaign’ by Defendants”); Delacruz v. Cytosport, Inc., No. 11-cv-3532-CW, 2012
2
WL 2563857, at *9 (N.D. Cal. June 28, 2012) (“Cytosport II”) (“Plaintiff has not alleged reliance
3
in connection with the advertising campaign because she has not claimed that she saw and relied
4
on any of the advertising, apart from the product websites and television ads”).
Second, the advertising campaign at issue should be sufficiently lengthy in duration, and
5
6
widespread in dissemination, that it would be unrealistic to require the plaintiff to plead each
7
misrepresentation she saw and relied upon. Compare Tobacco II, 46 Cal. 4th at 306 (plaintiffs
8
excused from pleading specific reliance where advertising campaign lasted for “decades”); Comm.
9
On Children's Television, Inc. v. Gen. Foods Corp., 35 Cal. 3d 197, 205–07 (1983) (superseded on
other grounds) (advertising campaign was on television daily and lasted four years),16 with In re
11
United States District Court
Northern District of California
10
iPhone 4S, 2013 WL 3829653, at *12 (“The campaign was only about six months old when the
12
CCAC was filed . . . . Plaintiffs have not alleged that the campaign here was comparable to that at
13
issue in Tobacco II.); Delacruz v. Cytosport, Inc., No. 11-cv-3532-CW, 2012 WL 1215243, at *8
14
(N.D. Cal. Apr. 11, 2012) (“Cytosport I”) (“Plaintiff has failed to allege that Defendant's
15
advertising campaign approached the longevity and pervasiveness of the marketing at issue in
16
Tobacco II”); Cytosport II, 2012 WL 2563857, at *9 (“The additional allegations regarding the
17
scope of the advertising campaign do not establish that the advertising campaign was as lengthy or
18
pervasive as the tobacco campaign”); In re Yasmin & Yaz (Drospirenone) Mktg., Sales Practices
19
& Products Liab. Litig., No. 09-md-02100-DRH, 2012 WL 865041, at *9 n.20 (S.D. Ill. Mar. 13,
20
2012) (in class certification context, distinguishing Tobacco II because advertising campaign
21
lasted only eighteen months and involved two advertisements and one corrective advertisement
22
that may have been viewed by class members). How long and how extensive the advertising
23
campaign must be is a fact-intensive inquiry; some campaigns will be too short, such as the six-
24
25
26
27
28
16
Children’s Television was decided before Tobacco II, but is included here because it employs a
similar analysis. The court there found that in light of defendants’ “large scale program of
deceptive advertising in which the specific advertisements change constantly,” it would be
impractical to require plaintiffs to plead the specifics of each advertisement. Children's
Television, 35 Cal. 3d at 214.
28
1
month campaign in iPhone 4S, and others will be insufficiently extensive, such as the two
2
advertisements in In re Yasmin & Yaz, published over the course of eighteen months.
3
Third, a plaintiff seeking to take advantage of the exception should describe in the
4
complaint, and preferably attach to it, a “representative sample” of the advertisements at issue in
5
order adequately to notify the defendant of the precise nature of the misrepresentation claim —
6
that is, what, in particular, the defendant is alleged to have said, and how it was misleading. For
7
example, in Children's Television, 35 Cal. 3d at 205–07, the court held that a trial court “could
8
reasonably require plaintiffs to set out or attach a representative selection of advertisements, to
9
state the misrepresentations made by those advertisements, and to indicate the language or images
upon which any implied misrepresentations are based.” Id. at 218. In the California Supreme
11
United States District Court
Northern District of California
10
Court’s view, that requirement “represents a reasonable accommodation between defendants' right
12
to a pleading sufficiently specific ‘that the court can ascertain for itself if the representations . . .
13
were in fact material, and of an actionable nature,’ and the importance of avoiding pleading
14
requirements so burdensome as to preclude relief in cases involving multiple misrepresentations.”
15
Id. (citation omitted).
Fourth, the degree to which the alleged misrepresentations contained within the advertising
16
17
campaign are similar to each other, or even identical, is also an important factor.17 For example,
18
in Ticketmaster L.L.C. v. RMG Technologies, No. 07-cv-2534-ABC, 2007 WL 2989504, at *3
19
(C.D. Cal. Oct. 12, 2007), Ticketmaster alleged that the defendant had marketed and sold an
20
application that enabled customers to violate the Terms of Use and circumvent the security
21
measures on Ticketmaster’s website by purchasing large quantities of tickets. Because the
22
complaint adequately alleged that the defendant aided and abetted its customers’ “same false
23
promise” thousands of times, the court held it was not necessary for the plaintiff to identify “each
24
instance of this alleged fraud, or each and every individual involved.” Instead, it was sufficient to
25
identify “to the extent possible the persons involved . . . and set out a time frame for the repeated
26
misrepresentations.” Id. Although Ticketmaster did not arise in the advertising context, it
27
17
28
This does not mean that the representations must be identical. In both Children’s Television and
Tobacco II, the advertisements at issue were “similar by category.”
29
1
nevertheless provides helpful guidance for the Court in determining the circumstances that may
2
allow a plaintiff to exercise the advertising campaign exception recognized in In re Tobacco II.
3
Indeed, the decision in In re Tobacco II, itself, yields the rule that if a plaintiff alleges a long-term
4
advertising campaign, the advertisements at issue should be similar enough to be considered as
5
part of one campaign, or the delivery of a single message or set of messages, rather than a
6
disparate set of advertising content published in the ordinary course of commerce.
7
Fifth, in the absence of specific misrepresentations, a complaint subject to Rule 9(b)’s
8
requirements should plead with particularity, and separately, when and how each named plaintiff
9
was exposed to the advertising campaign. It is not sufficient to plead as a group, nor is it
sufficient simply to allege general exposure without more detail. The facts in In re Tobacco II
11
United States District Court
Northern District of California
10
contained such detail. So too in Morgan v. AT&T Wireless Servs., Inc., 177 Cal. App. 4th 1235,
12
1257–58 (2009), where the plaintiffs alleged that when considering purchasing T68i mobile
13
phones from AT&T Wireless, “they each conducted research in which they encountered AT&T
14
advertisements and press releases explaining the advanced features of the T68i and the
15
improvements AT&T was making and was going to make to its GMS/GPRS network.” They also
16
alleged they were exposed to similar representations at the AT&T store when they purchased their
17
phones and service plans, “and that they relied upon their research (including information from the
18
AT&T advertisements and press releases, and the in-store representations) in deciding to purchase
19
the T68i from AT&T.” Id. Within a “relatively short period of time” after purchasing their
20
phones, and despite AT&T’s marketing concerning the upgrades to its network, AT&T performed
21
upgrades on the network that it knew would render the T68i phones “essentially useless.”
22
AT&T moved to dismiss because the plaintiffs had failed to identify specific
23
misrepresentations. The court held that the allegations supported the plaintiffs’ various
24
misrepresentation claims, including the UCL, CLRA, FAL, and common law fraud, because the
25
plaintiffs
26
27
28
were not required, as AT&T asserts, to plead the specific
advertisements or representations they relied upon in making their
decisions to purchase the T68i . . . . Although the advertising
campaign alleged in this case was not as long-term a campaign as
the tobacco companies' campaign discussed in Tobacco II, it is
30
alleged to have taken place over many months, in several different
media, in which AT&T consistently promoted its GMS/GPRS
network as reliable, improving, and expanding.
1
2
3
4
5
6
7
8
9
10
United States District Court
Northern District of California
11
12
13
14
15
Id. In the context of the common law fraud claim, the court again observed: “where a fraud claim
is based upon numerous misrepresentations, such as an advertising campaign that is alleged to be
misleading, plaintiffs need not allege the specific advertisements the individual plaintiffs relied
upon; it is sufficient for the plaintiff to provide a representative selection of the advertisements or
other statements to indicate the language upon which the implied misrepresentations are based.”
Id. at 1262.
The detail the Court requires here ensures that the advertisements at issue are
representations that consumers were likely to have viewed, as opposed to representations that were
isolated or more narrowly disseminated, such as statements buried on a rarely-viewed webpage, or
made on an investor phone conference. Certainly, such representations could be part of an
advertising campaign, but the complaint should describe the mechanism of dissemination for all
identified representations.
Sixth, the court must be able to determine when a plaintiff made her purchase or otherwise
16
relied in relation to a defendant’s advertising campaign, so as to determine which portion of that
17
campaign is relevant. Representations made prior to purchase are relevant to a plaintiff’s claim;
18
19
20
21
22
23
24
25
26
27
ones made after are not. Consequently, a plaintiff should describe, to the best of her ability, (1)
when the product was purchased, (2) the timeframe of the advertisements at issue, and (3) when
the plaintiff was exposed to the advertisements.
These factors are merely one court’s attempt to harmonize the developing jurisprudence of
false advertising claims. Future decisions from the California state and federal courts may reveal
additional factors, or demonstrate that some of those just listed are not helpful. Nevertheless,
these are the factors the Court has been able to identify.
Applying them here, the Court finds that Plaintiffs have not adequately alleged a long-term
advertising campaign of the kind that would excuse them from pleading specific reliance.
Although Plaintiffs allege a long-term advertising campaign, they fail to do so with the level of
28
31
1
2
3
4
detail that has led other courts to allow such claims to proceed.
First, as set forth above, it is not clear that any of the plaintiffs were actually exposed to
Apple’s advertising campaign.
Second, although the CAC alleges with sufficient specificity the length of the advertising
5
campaign at issue — it alleges that the campaign began at least by 2008 and continued up through
6
the filing of the CAC — it does not contain sufficient detail concerning the extent of the
7
advertising. It is unclear from the CAC how often the advertisements were published, or in which
8
media. Without more detail, the Court cannot conclude that it would be “unrealistic” to require
9
Plaintiffs to plead with specificity their exposure to each alleged misrepresentation.
Third, and relatedly, Plaintiffs have not attached or described a “representative sample” of
11
United States District Court
Northern District of California
10
the advertisements at issue. Instead of cursory allegations that Apple “repeatedly represented that
12
Apple’s products are safe and secure, and that private information could not be accessed by third-
13
party apps without the user’s express consent,” CAC ¶ 64, Plaintiffs should describe in detail, or
14
attach, advertisements that they contend are typical of the advertising campaign at issue. The
15
Court is mindful that Plaintiffs have identified some specific representations contained on Apple’s
16
website, or made by Apple’s employees, including its former and current CEOs. But it is not
17
enough. After reading the complaint asserted against it, a defendant should be able to understand
18
which advertising is alleged to be misleading, and how it is misleading, so that it may prepare a
19
defense and identify in discovery the remainder of the advertising at issue — and just as
20
importantly, that advertising which is not at issue. It is only through this process that the parties
21
will be able to cabin, and then narrow, the scope of the litigation in succeeding stages. Because
22
Plaintiffs have failed to allege in sufficient detail the nature of the advertisements, the Court finds
23
that the CAC does not adequately notify Apple of the precise nature of the misrepresentation
24
claims asserted against it.
25
Fourth, because there is insufficient detail with respect to the advertising at issue, the Court
26
cannot conclude that the alleged misrepresentations are sufficiently similar to each other to
27
constitute a single campaign, message, or set of messages susceptible to uniform treatment.
28
Fifth, Plaintiffs do not separately allege in any detail how they were exposed to Apple’s
32
1
advertising campaign. It is not enough merely to allege that Plaintiffs “viewed Apple’s website,
2
saw in-store advertisements, and/or [were] aware of Apple’s representations regarding the safety
3
and security of the iDevices prior to purchasing their own iDevices.” CAC ¶ 126.
4
Finally, without engaging Apple’s attempts to develop a factual record at the pleading
5
stage, the Court is mindful of the fact that Plaintiffs have not alleged when they purchased their
6
devices, other than to allege they were all purchased prior to February 2012. Consequently, even
7
if Plaintiffs adequately address the other deficiencies in the CAC, it would still be difficult for the
8
Court to conclude that Plaintiffs were exposed to the advertising at issue prior to purchasing their
9
iDevices without more detailed allegations concerning the chronology of events for each Plaintiff
10
United States District Court
Northern District of California
11
12
in this case.
3.
Failure to Disclose
Plaintiffs argue in the alternative that their misrepresentation claims are viable because
13
Apple had an affirmative duty to disclose material facts of which it had exclusive knowledge, i.e.,
14
the vulnerability of Plaintiffs’ iDevices to the theft of their address books by third party apps,
15
rendering it unnecessary for Plaintiffs to identify any misrepresentations.
16
“As the Ninth Circuit has recently cautioned, in the context of product defect claims,
17
‘California courts have generally rejected a broad duty to disclose.’” Donohue v. Apple, Inc., 871
18
F. Supp. 2d 913, 925 (N.D. Cal. 2012) (citing Wilson v. Hewlett-Packard Co., 3d 1136, 1141 (9th
19
Cir. 2012). Nondisclosure or concealment constitutes actionable fraud in only four circumstances:
20
“(1) when the defendant is in a fiduciary relationship with the plaintiff; (2) when the defendant had
21
exclusive knowledge of material facts not known to the plaintiff; (3) when the defendant actively
22
conceals a material fact from the plaintiff; and (4) when the defendant makes partial
23
representations but also suppresses some material facts.” LiMandri v. Judkins, 52 Cal. App. 4th
24
326, 336 (1997).
25
Plaintiffs argue that their non-disclosure claims fit into each of the last three categories.
26
Because the Court has already determined above that Plaintiffs do not adequately identify Apple’s
27
alleged misrepresentations, only the second and third categories are at issue.
28
But Plaintiffs’ failure to disclose claims have a separate problem: “‘[a] manufacturer's
33
1
duty to consumers is limited to its warranty obligations absent either an affirmative
2
misrepresentation or a safety issue.’” Donohue, 871 F. Supp. 2d at 925(quoting Oestreicher v.
3
Alienware Corp., 322 F. App'x 489, 493 (9th Cir. 2009)).18 Here, Plaintiffs fail to allege when
4
they purchased their iDevices, when the alleged defects arose, what kind of warranty Apple
5
provided, the terms of the warranty, and the warranty's duration. Consequently, the Court is
6
unable to conclude whether the alleged defect manifested within the warranty period, and
7
therefore cannot sustain Plaintiffs’ claims.
Because Plaintiffs have failed to plead with particularity the specific representations upon
8
9
which they relied, have failed adequately to plead a long-term and extensive advertising campaign,
and have failed to satisfy the requirements for a pure nondisclosure or concealment claim, the
11
United States District Court
Northern District of California
10
Court will grant Apple’s motion to dismiss Plaintiffs’ UCL, FAL, CLRA, and negligent
12
misrepresentation claims, with leave to amend.
13
D.
14
The California Comprehensive Computer Data Access and Fraud Act (“CDAFA”), Cal.
California Comprehensive Computer Data Access and Fraud Act
15
Penal Code § 502, “expand[s] the degree of protection afforded to individuals, businesses, and
16
governmental agencies from tampering, interference, damage, and unauthorized access to lawfully
17
created computer data and computer systems.” Id. § 502(a). Every Plaintiff except Pirozzi asserts
18
a claim against Apple for violation of the CDAFA. The CDAFA imposes liability, inter alia, on
19
any person who
(1) Knowingly accesses and without permission alters, damages,
deletes, destroys, or otherwise uses any data, computer, computer
system, or computer network in order to either (A) devise or execute
any scheme or artifice to defraud, deceive, or extort, or (B)
wrongfully control or obtain money, property, or data.
20
21
22
23
(2) Knowingly accesses and without permission takes, copies, or
makes use of any data from a computer, computer system, or
computer network, or takes or copies any supporting documentation,
whether existing or residing internal or external to a computer,
computer system, or computer network . . . .
24
25
26
27
28
18
Once the warranty expires, a manufacturer does not have an affirmative duty to disclose a latent
defect unless it poses an “unreasonable safety hazard.” See Donohue, 871 F. Supp. 2d at 926;
Wilson, 668 F.3d at 1141–43.
34
1
2
(6) Knowingly and without permission provides or assists in
providing a means of accessing a computer, computer system, or
computer network in violation of this section.
3
4
5
6
7
8
9
10
United States District Court
Northern District of California
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
(7) Knowingly and without permission accesses or causes to be
accessed any computer, computer system, or computer network.
(8) Knowingly introduces any computer contaminant into any
computer, computer system, or computer network.
Id. § 502(c)(1),(2),(6)–(8). The CDAFA authorizes the owner of the computer “who suffers
damage or loss by reason of a violation of any of the provisions of subdivision (c) [to] bring a civil
action against the violator for compensatory damages and injunctive relief or other equitable
relief.” Id. § 502(e)(1).
Apple moves to dismiss on several grounds. As an initial matter, the Court notes that, to
the extent Plaintiffs’ theories of liability under the CDAFA derive from Apple’s “reviewing,
editing, and deciding whether to” make available to its users the offending apps, those claims are
barred by the Communications Decency Act, as discussed above.
To the extent Plaintiffs assert a CDAFA claim based on Apple’s encouragement of the
development of the offending features of the subject apps, those allegations are insufficiently
pleaded. Each subsection of the statute Plaintiffs assert incorporates expressly or by reference a
requirement that the defendant acted “without permission.” See Cal. Pen. Code § 502(b)(10)
(defining “computer contaminant”). Courts in this district have interpreted “without permission”
to mean “in a manner that circumvents technical or code based barriers in place to restrict or bar a
user's access.” Facebook, Inc. v. Power Ventures, Inc., 844 F. Supp. 2d 1025, 1036 (N.D. Cal.
2012). See also In re Google Android Consumer Privacy Litig., No. 11-mc-02264-JSW, 2013 WL
1283236, at *12 (N.D. Cal. Mar. 26, 2013); In re iPhone Application Litig. (“iPhone I”), No. 11md-02250-LHK, 2011 WL 4403963, at *12–13 (N.D. Cal. Sept. 20, 2011).
Plaintiffs argue that their CDAFA claim is viable because they “did not know that the apps
contained the malicious code at issue here.” ECF No. 421 at 42. Other courts in this district have
already persuasively rejected this argument. See iPhone I, 2011 WL 4403963, at *12 (“On
Plaintiffs' own allegations, the iOS and third party apps — which contain the alleged ‘surreptitious
35
1
code’ — were all installed or updated voluntarily by Plaintiffs.”); In re Google Android Consumer
2
Privacy Litig., 2013 WL 1283236, at *12 (“Plaintiffs, however, have not included any facts that
3
show — or lead to a reasonable inference — that the tracking codes have been designed in such a
4
way to render ineffective any barriers the Plaintiffs might wish to use to prevent access to their
5
PII.”).
Plaintiffs’ allegations are materially indistinguishable from the allegations in iPhone I and
6
7
In re Google Android Consumer Privacy. Although Plaintiffs allege they did not grant permission
8
to the apps to copy their address books, there is no suggestion that the apps overcame “technical or
9
code based barriers in place to restrict or bar a user's access.” According to the CAC, the apps in
10
question had open access to Plaintiffs' address books.19
United States District Court
Northern District of California
11
Plaintiffs’ CDAFA claims against Apple will be dismissed.
12
E.
13
The Opperman Plaintiffs assert design defect and failure to warn strict products liability
14
claims against Apple. “‘A manufacturer is strictly liable in tort when an article he places on the
15
market, knowing that it is to be used without inspection for defects, proves to have a defect that
16
causes injury to a human being.’” Anderson v. Owens-Corning Fiberglas Corp., 53 Cal. 3d 987,
17
994 (1991) (quoting Greenman v. Yuba Power Products, Inc., 59 Cal. 2d 57, 62 (1963)).
Strict Products Liability: Design Defect and Failure to Warn
18
Importantly, “recovery under the doctrine of strict liability is limited solely to ‘physical
19
harm to person or property.’” Jimenez v. Superior Court, 29 Cal. 4th 473, 482 (2002) (quoting
20
Seely v. White Motor Co., 63 Cal. 2d 9, 18 (1965)). “Damages available under strict products
21
liability do not include economic loss, which includes damages for inadequate value, costs of
22
repair and replacement of the defective product or consequent loss of profits — without any claim
23
24
25
26
27
28
19
The Court recognizes there is a split of authority in this district concerning the appropriate scope
of the “without permission” language in the CDAFA. Weingand v. Harland Fin. Solutions, Inc.,
No. 11-cv-3109-EMC, 2012 WL 2327660, at *5 (N.D. Cal. June 19, 2012). Even Weingand,
however, still requires that Defendants have circumvented “restrictions on access” of some kind.
The CAC does not allege that the subject apps circumvented any restrictions at all. Instead, it
alleges that Apple failed to implement any such restriction, thereby enabling the App Defendants
to copy Plaintiffs’ address books. Under either approach to the CDAFA, Plaintiffs fail to state a
viable claim.
36
1
of personal injury or damages to other property” Id. (quotation marks and citations omitted). By
2
contrast, “[t]he law of contractual warranty governs damage to the product itself.” Id. at 483.
Plaintiffs do not explain what injury they allege that satisfies the economic loss rule. The
3
4
CAC alleges only that “Plaintiffs suffered personal injuries as a result of the defective design,
5
including invasions of their privacy and damages to their properties (the mobile address books).”
6
CAC ¶ 694. Those injuries are not “physical harm to person or property” and cannot support a
7
products liability claim. For this reason, the Court will dismiss Plaintiffs’ strict products liability
8
claim.
9
F.
Negligence
Plaintiffs' negligence claims are barred by the economic loss rule discussed in the
11
United States District Court
Northern District of California
10
immediately previous section. "Purely economic damages to a plaintiff which stem from
12
disappointed expectations from a commercial transaction must be addressed through contract law;
13
negligence is not a viable cause of action for such claims." iPhone II, 844 F. Supp. 2d at 1064.
14
The Court will dismiss Plaintiffs’ negligence claim against all Defendants.
15
G.
16
Plaintiffs state that they “elect not to prosecute [the RICO] claim at this time and have no
RICO
17
objection to its dismissal without prejudice as to” Apple. ECF No. 421 at 50. The Court construes
18
Plaintiffs’ statement as a Rule 41(a)(1)(A)(i) notice of voluntary dismissal, which is self-
19
executing.
20
H.
21
In response to Apple’s argument that aiding and abetting is not a stand-alone cause of
Aiding and Abetting
22
action in California, Plaintiffs respond: “The fact that Plaintiffs’ aiding and abetting allegations are
23
set out in a separate claim merely provides clarity to the complaint by specifying that Plaintiffs
24
contend that Apple is liable not just for its own actions but for those of the App Defendants.” ECF
25
No. 421 at 49. Far from providing clarity, the separate aiding and abetting count casts in doubt
26
which claims that, facially, are asserted only against the App Defendants are also meant to apply
27
to Apple as well. The Court cannot discern from the CAC what additional liability, other than the
28
claims Plaintiffs explicitly assert against Apple, Plaintiffs attempt to impose on Apple by virtue of
37
1
the aiding and abetting count. For this reason, the Court will dismiss the claim. Plaintiffs are
2
advised that each claim in the complaint should clearly set forth against which Defendants it is
3
meant to be asserted.
4
IV.
Like Apple, the App Defendants move to dismiss all of Plaintiffs’ claims against them on
5
6
APP DEFENDANTS’ MOTIONS TO DISMISS
Article III standing grounds, as well as pursuant to Rule 12(b)(6).20
7
A.
8
The Article III standing analysis as applied to Plaintiffs’ claims against the App
Article III Standing
Defendants differs from the analysis regarding Plaintiffs’ claims against Apple. In particular, the
10
App Defendants argue that Plaintiffs have failed to identify an injury-in-fact sufficient to establish
11
United States District Court
Northern District of California
9
standing.
In evaluating Path’s motion to dismiss the Hernandez complaint prior to the relation of that
12
13
action to the above-captioned action, Judge Gonzalez Rogers evaluated the alleged injury of
14
“diminished mobile device resources, such as storage, battery life, and bandwidth."21 Hernandez
15
v. Path, Inc., No. 12-cv-01515-YGR, 2012 WL 5194120, at *1–2 (N.D. Cal. Oct. 19, 2012). She
16
found that the diminished mobile device resources injury was de minimis. Id. The allegations in
17
the CAC provide no further detail concerning this alleged injury, but instead recast it similar
18
terms. See, e.g., CAC ¶ 147 (“For instance, the unauthorized transmissions and operations used
19
iDevice resources, battery life, energy and cellular time at a cost to Plaintiffs and caused loss of
20
use and enjoyment of some portion of each iDevice’s useful life.”). There is no indication, for
21
example, that battery resources were depleted as in iPhone II. Because Plaintiffs have not
22
quantified or otherwise articulated the alleged resource usage, they fail to allege an injury that can
23
serve as the basis of standing. See, e.g., In re Google, Inc. Privacy Policy Litig., No. 12-cv-01382-
24
20
25
26
The App Defendants also repeat some of the arguments Apple makes, for example that those
Plaintiffs who are not from California cannot sue under California law. See ECF No. 393 at 7.
Where the Court has already addressed an identical argument in the section on Apple's motion to
dismiss, it does not do so again here.
27
21
28
Judge Gonzalez Rogers also evaluated two other types of alleged injury that Plaintiffs no longer
allege and that are not germane to this Order.
38
1
PSG, 2013 WL 6248499 (N.D. Cal. Dec. 3, 2013) (distinguishing Hernandez because resource
2
usage was significant and “systemic rather than episodic”).
3
In addition, however, Plaintiffs present four new theories of injury-in-fact not present in
4
Hernandez. First, Plaintiffs argue that their claim for injunctive relief is sufficient to confer
5
standing. “To have standing to assert a claim for prospective injunctive relief, a plaintiff must
6
demonstrate ‘that he is realistically threatened by a repetition of [the violation].’” Melendres v.
7
Arpaio, 695 F.3d 990, 997 (9th Cir. 2012) (quoting City of Los Angeles v. Lyons, 461 U.S. 95,
8
109 (1983)). Here, Plaintiffs allege that the App Defendants all discontinued their practices when
9
the practice of transmitting user address books was made public. Moreover, Plaintiffs allege that
Apple has instituted additional privacy controls that enable users to control which apps have
11
United States District Court
Northern District of California
10
access to their address books. Because there is no realistic threat of repetition, Plaintiffs cannot
12
establish standing through their prayer for injunctive relief.
13
Second, Plaintiffs argue that the App Defendants interfered with their property rights in
14
their address books, conferring standing on Plaintiffs to sue. “[D]istrict courts have been reluctant
15
to find standing based solely on a theory that the value of a plaintiff's [personal information] has
16
been diminished.” Yunker v. Pandora Media, Inc., No. 11-cv-03113-JSW, 2013 WL 1282980
17
(N.D. Cal. Mar. 26, 2013). “[I]njury-in-fact in this context requires more than an allegation that a
18
defendant profited from a plaintiff's personal identification information. Rather, a plaintiff must
19
allege how the defendant's use of the information deprived the plaintiff of the information's
20
economic value. Put another way, a plaintiff must do more than point to the dollars in a
21
defendant's pocket; he must sufficiently allege that in the process he lost dollars of his own.” In re
22
Google, Inc. Privacy Policy Litig., 2013 WL 6248499, at *5. See also In re Google Android
23
Consumer Privacy Litig., 2013 WL 1283236, at *4 (“Similarly, although Plaintiffs allege that a
24
market exists that could provide them the opportunity to sell their PII, none of the Plaintiffs
25
specifically tie those allegations to them. Plaintiffs also do not allege they attempted to sell their
26
personal information, that they would do so in the future, or that they were foreclosed from
27
entering into a value for value transaction relating to their PII, as a result of the Google
28
39
1
Defendants' conduct.”).22
Plaintiffs here have failed to allege any details concerning their argument that their address
2
3
books’ value was diminished by the App Defendants’ conduct. Instead, Plaintiffs argue that
4
address books are distinct from the “automatically-generated computer data sets” at issue in the
5
multitude of cases in which courts have found allegations similar to Plaintiffs insufficient. The
6
distinction is one without a difference. Whether automatically-generated or generated by the user,
7
Plaintiffs must “tie” their allegations that their personal information has value to the alleged injury
8
they suffered. Here, Plaintiffs have failed to do so. Consequently, Plaintiffs do not have Article
9
III standing based on injury to their property rights.
However, Plaintiffs’ two remaining theories of injury are sufficient to confer standing.
10
United States District Court
Northern District of California
11
First, as observed above, Plaintiffs are able to establish standing through their statutory claims,
12
because “[t]he injury required by Article III can exist solely by virtue of ‘statutes creating legal
13
rights, the invasion of which creates standing.’” Edwards v. First Am. Corp., 610 F.3d 514, 517
14
(9th Cir. 2010) (quoting Fulfillment Servs. Inc. v. United Parcel Serv., Inc., 528 F.3d 614, 618
15
(9th Cir. 2008)). See In re Google, Inc. Privacy Policy Litig., 2013 WL 6248499, at *8
16
(“Although Article III always requires an injury, the alleged violation of a statutory right that does
17
not otherwise require a showing of damages is an injury sufficient to establish Article III
18
standing.”).
Second, Plaintiffs assert a common law claim for invasion of privacy. Regardless of the
19
20
merits of that claim, the Court finds Plaintiffs’ allegations sufficient on this point. The essence of
21
the standing inquiry is to determine whether the plaintiff has “alleged such a personal stake in the
22
outcome of the controversy as to assure that concrete adverseness which sharpens the presentation
23
of issues upon which the court so largely depends.” Baker v. Carr, 369 U.S. 186, 204 (1962). It is
24
22
25
26
27
28
The Court does not read these decisions to be holding that consumers do not have property
rights in their electronically stored private information, but that the copying of such information
without any meaningful economic injury to consumers is insufficient to establish standing on that
basis. Cf. FMC Corp. v. Capital Cities/ABC, Inc., 915 F.2d 300, 303–04 (7th Cir. 1990) (applying
California law; noting that “[i]n cases where the alleged converter has only a copy of the owner's
property and the owner still possesses the property itself, the owner is in no way being deprived of
the use of his property. The only rub is that someone else is using it as well.”).
40
1
beyond meaningful dispute that a plaintiff alleging invasion of privacy as Plaintiffs do here
2
presents a dispute the Court is permitted to adjudicate. See, e.g., Wright & Miller, 13A Fed. Prac.
3
& Proc. Juris. § 3531.4 (3d ed.); Ruiz v. Gap, Inc., 380 F. App'x 689, 691 (9th Cir. 2010)
4
(unpublished) (holding allegation that laptop theft put plaintiff at “greater risk of identity theft”
5
was sufficient injury, even where plaintiff had no UCL standing); Yunker, 2013 WL 1282980, at
6
*6 (finding Article III standing based on violation of constitutional privacy rights); Citizens for
7
Health v. Leavitt, 428 F.3d 167, 176 & n.9 (3d Cir. 2005), cert. den’d 127 S. Ct. 43 (2006)
8
(holding Plaintiffs had standing to challenge “Privacy Rule” that allowed medical providers to use
9
or disclose personal health information without patient consent because summary judgment
evidence showed “at least one individual plaintiff's health information has been, or will
11
United States District Court
Northern District of California
10
imminently be, disclosed without her consent by private health care providers and drugstore
12
chains”); Folgelstrom v. Lamps Plus, Inc., 195 Cal. App. 4th 986, 990 (2011) (discussing invasion
13
of privacy claims). The App Defendants do not respond to this theory of injury. The Court finds
14
it is sufficient to confer standing for those claims on which the injury bears — intrusion upon
15
seclusion and public disclosure of private facts.
16
17
For the foregoing reasons, the Court will dismiss Plaintiffs’ common law claims against
the App Defendants, except their invasion of privacy claims, on standing grounds.
18
B.
19
The Court will also dismiss Plaintiffs’ UCL claims against the App Defendants, because,
Plaintiffs' UCL Claims
20
in order to have standing to assert their UCL claims, Plaintiffs must show that they “lost money or
21
property,” and, as the Court concludes above, they have failed to make such a showing. See
22
Kwikset Corp. v. Super. Ct., 51 Cal. 4th 310, 325 (2011).
23
C.
24
The Opperman Plaintiffs assert the common law claim of intrusion upon seclusion against
Invasion of Privacy: Intrusion Upon Seclusion
25
the App Defendants. In particular, Plaintiffs allege that “[b]y surreptitiously obtaining, improperly
26
gaining knowledge, reviewing and retaining Plaintiffs’ private mobile address books (or
27
substantial portions thereof), the App Defendants intentionally intruded on and into each
28
respective Plaintiff’s solitude, seclusion or private affairs.” CAC ¶ 630. Plaintiffs allege the
41
1
intrusion was “highly offensive to a reasonable person,” as evidenced by the “myriad newspaper
2
articles, blogs, op eds., and investigative exposes’ [that] were written complaining and objecting
3
vehemently to these defendants’ practices.” CAC ¶ 631. Plaintiffs also allege that
4
“[c]ongressional inquiries were opened to investigate these practices and some defendants even
5
publicly apologized. The surreptitious manner in which the App Defendants’ conducted these
6
intrusions confirms their outrageous nature.” Id.
7
The Second Restatement of Torts provides: “One who intentionally intrudes, physically or
8
otherwise, upon the solitude or seclusion of another or his private affairs or concerns, is subject to
9
liability to the other for invasion of his privacy, if the intrusion would be highly offensive to a
reasonable person.” Rest. (2d) of Torts § 652B (1977). California courts recognize that “‘a
11
United States District Court
Northern District of California
10
measure of personal isolation and personal control over the conditions of its abandonment is of the
12
very essence of personal freedom and dignity, is part of what our culture means by these
13
concepts.’” Shulman v. Grp. W Prods., Inc., 18 Cal. 4th 200, 231 (1998) (quoting Bloustein,
14
Privacy as an Aspect of Human Dignity: An Answer to Dean Prosser, 39 N.Y.U. L.Rev. 962, 973–
15
974 (1964) (footnote omitted)).
16
An intrusion upon seclusion claim “does not depend upon any publicity given to the person
17
whose interest is invaded or to his affairs.” Rest. (2d) of Torts § 652B, Comment a. Nor must the
18
intrusion be physical:
19
20
21
22
23
24
25
it may be performed by the use of the defendant's senses, with or
without mechanical aids, to oversee or overhear the plaintiff's
private affairs, as by looking into his upstairs windows with
binoculars or tapping his telephone wires. It may be by some other
form of investigation or examination into his private concerns, as by
opening his private and personal mail, searching his safe or his
wallet, examining his private bank account, or compelling him by a
forged court order to permit an inspection of his personal
documents. The intrusion itself makes the defendant subject to
liability, even though there is no publication or other use of any kind
of the photograph or information outlined.
26
Id., Comment b. California has adopted the Restatement’s two-prong formulation of intrusion
27
upon seclusion claims: “(1) intrusion into a private place, conversation or matter, (2) in a manner
28
highly offensive to a reasonable person.” Shulman, 18 Cal. 4th at 231.
42
1
“The tort is proven only if the plaintiff had an objectively reasonable expectation of
2
seclusion or solitude in the place, conversation or data source.” Id. Whether a legally protected
3
privacy interest is at stake is a question of law; whether a plaintiff has a reasonable expectation of
4
privacy and whether the defendant’s conduct is a serious invasion of privacy are mixed questions
5
of law and fact. See Hill v. Nat'l Collegiate Athletic Assn., 7 Cal. 4th 1, 39–40 (1994) (discussing
6
California constitutional invasion of privacy). “If the undisputed material facts show no
7
reasonable expectation of privacy or an insubstantial impact on privacy interests, the question of
8
invasion may be adjudicated as a matter of law.” Id.
9
The Court does not read the App Defendants to be contesting that Plaintiffs have a legally
protectable privacy interest in their address books, nor do the App Defendants contest that the apps
11
United States District Court
Northern District of California
10
intruded upon that interest. Instead, the App Defendants argue that Plaintiffs did not have a
12
reasonable expectation of privacy in the information, and that the intrusion was not sufficiently
13
offensive to give rise to a claim for intrusion upon seclusion.
14
15
1.
Reasonable Expectation of Privacy
A claim for intrusion upon seclusion is not viable unless the plaintiff had an “objectively
16
reasonable expectation of seclusion or solitude in the place, conversation or data source.”
17
Shulman, 18 Cal. 4th at 231. Several factors affect a person’s reasonable expectation of privacy.
18
Advance notice of an impending action, customs, practices, and physical settings may “create or
19
inhibit reasonable expectations of privacy.” Hill, 7 Cal. 4th at 36. “Finally, the presence or
20
absence of opportunities to consent voluntarily to activities impacting privacy interests obviously
21
affects the expectations of the participant.” Id.
22
Here, there are two types of alleged intrusions at issue. Plaintiffs allege that some apps
23
copied Plaintiffs’ address books without consent or any prompt. The Court finds that Plaintiffs’
24
expectation of privacy in their address books contained on their iDevices in this circumstance was
25
reasonable. See, e.g., United States v. Zavala, 541 F.3d 562, 577 (5th Cir. 2008) (“[C]ell phones
26
contain a wealth of private information, including emails, text messages, call histories, address
27
books, and subscriber numbers. Zavala had a reasonable expectation of privacy regarding this
28
information.”); United States v. Cerna, No. 08-cv-0730-WHA, 2010 WL 5387694, at *6 (N.D.
43
1
Cal. Dec. 22, 2010) (citing Zavala) (“Luis Herrera had a reasonable expectation of privacy in the
2
contents of the seized phones as his physical possession of the cell phones created a reasonable
3
expectation of privacy in their contents.”); United States v. Chan, 830 F. Supp. 531, 534 (N.D.
4
Cal. 1993) (criminal defendant had expectation of privacy in contents of pager because “[t]he
5
expectation of privacy in an electronic repository for personal data is therefore analogous to that in
6
a personal address book or other repository for such information”).
7
Other apps, such as Gowalla and Instagram, copied address books only after they prompted
8
the user to “find friends” who use the same app by scanning Plaintiffs’ address books. See, e.g.,
9
CAC ¶¶ 238, 317. The menu prompts notified users that the app would scan their address books.
Although the prompts required Plaintiffs to consent, Plaintiffs' expectation of privacy in that
11
United States District Court
Northern District of California
10
circumstance was still reasonable. Plaintiffs allege that they would not have consented had they
12
known that their apps would not only scan their address books to determine whether their friends
13
were using the same app, but then upload the address books to the app developer for other
14
purposes. Plaintiffs allege that their consent was obtained by fraud, and that their consent was
15
therefore invalid. See Rest. (2d) of Torts § 892B (1979) (“If the person consenting to the conduct
16
of another is induced to consent by a substantial mistake concerning the nature of the invasion of
17
his interests or the extent of the harm to be expected from it and the mistake is known to the other
18
or is induced by the other's misrepresentation, the consent is not effective for the unexpected
19
invasion or harm.”); Sanchez-Scott v. Alza Pharm., 86 Cal. App. 4th 365, 377–78 (2001)
20
(sustaining intrusion upon seclusion claim where doctor obtained consent of patient to breast
21
examination in front of a drug salesperson without disclosing salesperson was not a medical
22
professional).
23
Here, Plaintiffs allege that the App Defendants obtained their consent by misrepresenting
24
their purpose. That is, they allege that the App Defendants intentionally represented that they
25
would only “scan” Plaintiffs’ address books for purposes of the “find friends” feature without
26
disclosing that, at the same time, the app would transmit a copy of the address book to Defendants
27
for their own use. Taking the allegations in the CAC as true, the Court concludes that Plaintiffs’
28
consent was invalid. Consequently, Plaintiffs had a reasonable expectation of privacy with respect
44
1
to the address books copied by each app at issue.
2
2.
The App Defendants’ primary argument in support of their motion to dismiss Plaintiffs’
3
4
Offensiveness
intrusion upon seclusion claim is that the intrusion at issue is not “highly offensive.”
Liability for intrusion upon seclusion will not lie “unless the interference with the
6
plaintiff's seclusion is a substantial one, of a kind that would be highly offensive to the ordinary
7
reasonable man, as the result of conduct to which the reasonable man would strongly object.”
8
Rest. (2d) of Torts § 652B, Comment d. “A court determining the existence of ‘offensiveness’
9
would consider the degree of intrusion, the context, conduct and circumstances surrounding the
10
intrusion as well as the intruder's motives and objectives, the setting into which he intrudes, and
11
United States District Court
Northern District of California
5
the expectations of those whose privacy is invaded.” Miller v. Nat'l Broad. Co., 187 Cal. App. 3d
12
1463, 1483–84 (1986).
In evaluating a claim for invasion of California’s constitutional right to privacy, the iPhone
13
14
II court held that the surreptitious tracking of personal data and geolocation information was not
15
an “egregious breach of social norms.” 844 F. Supp. 2d at 1063. In coming to that conclusion,
16
that court relied primarily on the decision in Folgelstrom v. Lamps Plus, Inc., 195 Cal. App. 4th
17
986, 992 (2011). In Folgelstrom, the plaintiff alleged that the defendant retailer routinely asked
18
for customers’ zip codes, asked a credit agency to match their zip codes and credit card numbers to
19
home mailing addresses, and then engaged in mail marketing using the addresses. The court first
20
concluded that the plaintiffs did not have a legally protected private interest in their mailing
21
addresses. The court also held that the retailer’s conduct was not egregious, but “routine
22
commercial behavior.” Id. at 992.
The decision in Folgelstrom is distinguishable.23 Here, Plaintiffs allege the theft of the
23
24
23
25
26
27
28
The App Defendants also argue that Folgelstrom limited intrusion upon seclusion claims to
conduct that involves a highly offensive use of the private information. See Folgelstrom, 195 Cal.
App. 4th at 993 (“[W]e have found no case which imposes liability based on the defendant
obtaining unwanted access to the plaintiff's private information which did not also allege that the
use of plaintiff's information was highly offensive.”).
That passage from Folgelstrom is dicta, and the Court has been unable to locate any other decision
45
1
information in their personal contact lists, which is more private than a person’s mailing address.
2
And while the Court recognizes that attitudes toward privacy are evolving in the age of the
3
Internet, smartphones, and social networks, the Court does not believe that the surreptitious theft
4
of personal contact information — which is what the CAC alleges — has come to be qualified as
5
“routine commercial behavior.” Indeed, Plaintiffs allege that consumers, the media, the Federal
6
Trade Commission, and Congress have closely scrutinized the practices at issue in this case
7
because of concerns that the practices were inappropriate.
8
9
10
The Court cannot conclude as a matter of law that Defendants’ copying of Plaintiffs’
address books was not “highly offensive.” That question is best left for a jury.
3.
Damages
United States District Court
Northern District of California
11
The App Defendants briefly argue that Plaintiffs have failed adequately to allege damages
12
from the alleged intrusion upon seclusion because they have failed to allege economic injury. No
13
such allegation is required. A plaintiff who prevails on an intrusion upon seclusion claim may
14
recover damages for “anxiety, embarrassment, humiliation, shame, depression, feelings of
15
powerlessness, anguish, etc.” Operating Engineers Local 3 v. Johnson, 110 Cal. App. 4th 180,
16
187 (2003) (quoting Miller v. National Broadcasting Co., 187 Cal. App. 3d 1463, 1485 (1986)).
17
18
For the foregoing reasons, the Court will deny the App Defendants’ motion to dismiss the
Opperman Plaintiffs’ claim for intrusion upon seclusion.
19
20
21
22
23
24
25
26
27
28
that has applied the limitation; it was not relied upon, for example, in iPhone II. Moreover, unlike
the Folgelstrom court, this Court has been able to locate cases which impose liability without an
allegation of highly offensive use. For example, in Sanchez-Scott v. Alza Pharm., 86 Cal. App.
4th 365, 377–78 (2001), a patient adequately stated an intrusion upon seclusion claim where her
doctor performed a breast examination in front of a pharmaceutical salesperson without revealing
that the salesperson was not a medical professional. In that case, no “highly offensive use” was at
issue, only the highly offensive manner in which the privacy interest was invaded.
The Restatement also expressly disavows any such limitation. See Rest. (2d) of Torts § 652B,
Comment b (“The intrusion itself makes the defendant subject to liability, even though there is no
publication or other use of any kind of the photograph or information outlined.”) (emphasis
added).
46
1
D.
Invasion of Privacy: Public Disclosure of Private Facts
The Opperman Plaintiffs also assert an invasion of privacy claim for public disclosure of
2
private facts.
3
The elements of a claim for public disclosure of private facts are: “(1) public disclosure,
4
(2) of a private fact, (3) which would be offensive and objectionable to the reasonable person, and
5
(4) which is not of legitimate public concern.” Taus v. Loftus, 40 Cal. 4th 683, 717 (2007)
6
(quotation omitted). Here, Plaintiffs have failed to allege a public disclosure.
7
The Restatement makes clear that Plaintiffs must allege disclosure to the public “at large”:
8
9
10
United States District Court
Northern District of California
11
12
13
14
“Publicity,” as it is used in this Section, differs from “publication,”
as that term is used in § 577 in connection with liability for
defamation. “Publication,” in that sense, is a word of art, which
includes any communication by the defendant to a third person.
“Publicity,” on the other hand, means that the matter is made public,
by communicating it to the public at large, or to so many persons
that the matter must be regarded as substantially certain to become
one of public knowledge. The difference is not one of the means of
communication, which may be oral, written or by any other means.
It is one of a communication that reaches, or is sure to reach, the
public.
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Thus it is not an invasion of the right of privacy, within the rule
stated in this Section, to communicate a fact concerning the
plaintiff's private life to a single person or even to a small group of
persons. On the other hand, any publication in a newspaper or a
magazine, even of small circulation, or in a handbill distributed to a
large number of persons, or any broadcast over the radio, or
statement made in an address to a large audience, is sufficient to
give publicity within the meaning of the term as it is used in this
Section. The distinction, in other words, is one between private and
public communication.
Rest. (2d) of Torts § 652D, Comment a (1977).
Plaintiffs argue that they satisfy this standard because their address books were transmitted
in an unencrypted manner, or over public WiFi, “making it publicly available to third parties as
well as service providers.” ECF No. 422 at 27. That argument fails to meet the disclosure
requirement for this claim. While Plaintiffs allege that their information could have been
intercepted by third parties, they do not allege that any interception occurred, nor do they allege
that it was “substantially certain” that their address books would become “public knowledge.” To
47
1
satisfy the requirement, more specific allegations establishing the extent of the disclosure are
2
required.
3
For this reason, the Court will dismiss the Opperman Plaintiffs’ public disclosure claim.
4
E.
5
The Court’s analysis supra, Part III.D, concerning the California Comprehensive
CDAFA and Computer Fraud and Abuse Act
6
Computer Data Access and Fraud Act (“CDAFA”), Cal. Penal Code § 502, applies equally to
7
Plaintiffs’ claims against the App Defendants. For the challenged conduct to qualify as “without
8
permission” under the CDAFA, the conduct must involve circumventing “restrictions on access”
9
of some kind. The CAC does not allege that the subject apps circumvented any restrictions.
10
Plaintiffs also assert a claim for violation of the federal Computer Fraud and Abuse Act
United States District Court
Northern District of California
11
(“CFAA”), 18 U.S.C. §§ 1030(a)(2)(C), (a)(5), & (g), against the App Defendants. Plaintiffs
12
concede that, like the CDAFA, the CFAA applies only to a defendant’s access to a computer
13
“without authorization,” and that this limitation must be interpreted similarly to the “without
14
permission” language in the CDAFA. See, e.g., iPhone I, 2011 WL 4403963, at *11 (“Where the
15
software that allegedly harmed the phone was voluntarily downloaded by the user, other courts in
16
this District and elsewhere have reasoned that users would have serious difficulty pleading a
17
CFAA violation.”).
18
Plaintiffs do not advance any new arguments concerning the “without authorization”
19
limitation in the CFAA, relying instead on their arguments concerning the CDAFA.
20
Consequently, the Court will dismiss both claims.
21
F.
22
The Federal Wiretap Act, or Electronic Communications Privacy Act (“ECPA”), 18 U.S.C.
23
§ 2510, prohibits “interception” of “wire, oral, or electronic communications.” Id. § 2511(1). The
24
Act provides a private right of action against any person who “intentionally intercepts, endeavors
25
to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or
26
electronic communication,” id. § 2511(1)(a), or who “intentionally uses, or endeavors to use, the
27
contents of any wire, oral, or electronic communication, knowing or having reason to know that
28
the information was obtained through the interception of a wire, oral, or electronic communication
Electronic Communications Privacy Act
48
1
in violation of [the Wiretap Act],” id. § 2511(1)(d). “Intercept” is defined as “the aural or other
2
acquisition of the contents of any wire, electronic, or oral communication through the use of any
3
electronic, mechanical, or other device.” Id. § 2510.
4
All Plaintiffs except Pirozzi assert an ECPA claim against the App Defendants. Judge
5
Gonzalez Rogers previously dismissed the ECPA claim in Hernandez for the same reason the App
6
Defendants seeks dismissal here: “The FAC fails to allege that Defendant intercepted any
7
communication contemporaneously with its transmission. Although Path allegedly transmitted the
8
Class Members' Contact Address Books from the Class Members' mobile devices to Path's servers,
9
Path did not ‘intercept’ a ‘communication’ to do so.” Hernandez, 2012 WL 5194120, at *3.
Similarly, the Ninth Circuit has noted that “interception” means “‘communication
11
United States District Court
Northern District of California
10
contemporaneous with transmission.’” Theofel v. Farey-Jones, 359 F.3d 1066, 1077 (9th Cir.
12
2004) (quoting Konop v. Hawaiian Airlines, Inc., 302 F.3d 868, 876 (9th Cir. 2002) (holding
13
unauthorized access to e-mail messages did not violate ECPA). “Specifically, Congress did not
14
intend for ‘intercept’ to apply to ‘electronic communications’ when those communications are in
15
‘electronic storage.’” Id. (internal quotation marks omitted) (quoting Konop, 302 F.3d at 876).
16
Plaintiffs simultaneously “preserv[e] their disagreement with this court-generated rule in
17
the event it is later overturned,” ECF No. 422 at 24, and also advance the tortured argument that
18
the contemporaneous interception requirement is met here because the apps in question caused
19
Plaintiffs’ iDevices to “send information from the user’s Contacts from the iDevice’s storage
20
memory to processors and active memory being used by the app” and then “simultaneously
21
intercept[ed] that transmission.” Id. The decisions in Konop and Theofel are dispositive. In those
22
cases, the “transmission” Plaintiffs describe here as being “intercepted” —the use of data by
23
different memory components of the same device — was insufficient to give rise to an ECPA
24
claim. The Court will dismiss Plaintiffs’ ECPA claim.
25
G.
26
Plaintiffs’ claims under the California Invasion of Privacy Act, Cal. Pen. Code § 630, and
Texas and California Wiretap Statutes
27
the Texas Wiretap Acts, Tex. Code Crim. Proc. Art. 18.20, § 1(3) & Tex. Pen. Code § 16.02(A),
28
state analogues to the ECPA, suffer from the same deficiency as their federal claim. Indeed,
49
1
Plaintiffs incorporate by reference their arguments concerning the ECPA with respect to those
2
claims, and do not present any other argument concerning the “interception” requirement in the
3
Texas and California statutes. The Court will dismiss those claims for the same reasons. See, e.g.,
4
Hernandez, 2012 WL 5194120, at *5.
5
H.
6
The Texas Plaintiffs assert a claim for violation of Texas Penal Code section 31.03(a),
Texas Theft Liability Act
7
which provides that a person commits theft: “if he unlawfully appropriates property with intent to
8
deprive the owner of property.” “Deprive” means “(A) to withhold property from the owner
9
permanently or for so extended a period of time that a major portion of the value or enjoyment of
the property is lost to the owner; (B) to restore property only upon payment of reward or other
11
United States District Court
Northern District of California
10
compensation; or (C) to dispose of property in a manner that makes recovery of the property by
12
the owner unlikely.” Tex. Pen. Code § 31.01(2)(A)–(C).
Plaintiffs cannot satisfy the definition of “deprive” for purposes of their Texas Theft
13
14
Liability Act claim. Even if Plaintiffs have a property right in their address books, there is no
15
allegation that the App Defendants withheld the address books from Plaintiffs “permanently or for
16
so extended a period of time that a major portion of the value or enjoyment of the property” was
17
lost. Nor do Plaintiffs allege that the App Defendants offered to restore the address books for
18
payment, because no restoration is possible; the address books were copied. For the same reason,
19
Plaintiffs have not alleged that the App Defendants disposed of the property. Consequently, the
20
Court will dismiss the Texas Plaintiffs’ Texas Theft Liability Act claim.
21
I.
22
Plaintiffs “elect not to prosecute [their RICO and vicarious liability] claims at this time and
RICO and Vicarious Liability
23
have no objection to their dismissal without prejudice as to” the App Defendants. As discussed
24
above with respect to Plaintiffs’ RICO claim against Apple, the Court construes Plaintiffs’
25
statement as a Rule 41(a)(1)(A)(i) notice of voluntary dismissal, which is self-executing.
26
V.
FACEBOOK AND GOWALLA’S MOTION TO DISMISS
27
App Defendants Facebook and Gowalla move to dismiss Plaintiffs’ claims against them
28
for violation of the Uniform Fraudulent Transfer Act (“UFTA”), Cal. Civ. Code § 3439, et seq.,
50
1
for common law aiding and abetting, and for successor liability (as against Facebook only).
Plaintiffs allege that “[i]n late 2011, Facebook conducted due diligence on Gowalla for a
2
3
contemplated business transaction with Gowalla and/or Gowalla’s owners. The contemplated
4
transaction involved transfer of all or substantially all of Gowalla’s assets, technology, know-how
5
or equity to Facebook.” CAC ¶ 414. According to the CAC, Facebook discovered that Gowalla’s
6
app had been copying users’ address books without consent and decided as a result to structure the
7
transaction differently. The resulting transaction transferred to Facebook Gowalla’s key
8
personnel, “technology” and “know-how.” CAC ¶ 416. “Facebook did not pay Gowalla
9
reasonably fair value for the Gowalla assets, technology, know-how or personnel. Facebook
instead paid Gowalla’s shareholders and management for the company’s assets. On information
11
United States District Court
Northern District of California
10
and belief, Facebook made payments of cash and/or Facebook pre-IPO stock to Gowalla’s
12
stockholders and management (instead of Gowalla) in consideration for this transaction.” CAC ¶
13
417. The transaction left Gowalla “effectively headless, lacking independent (or any) continuing
14
management, and insolvent” CAC ¶ 418.
The transaction was memorialized in a Release and Waiver Agreement submitted to the
15
16
Court under seal by Facebook and Gowalla.24 The Agreement demonstrates that Facebook
17
transferred a substantial amount of cash and pre-IPO shares to Gowalla, not to Gowalla’s
18
shareholders or owners. The Agreement also conveyed to Facebook a non-exclusive, royalty-free
19
license to Gowalla’s patents. It did not convey title to any of Gowalla’s intellectual property.
20
Finally, the Agreement permitted Gowalla to redistribute the shares Gowalla received under
21
certain conditions. Plaintiffs point out that the Agreement refers to several documents that are not
22
in the record, and that the Agreement does not provide the Court with any information concerning
23
how the contract was performed.
24
A.
25
“The [California] UFTA permits defrauded creditors to reach property in the hands of a
Uniform Fraudulent Transfer Act
26
27
28
24
Because the CAC depends on the transaction at issue, the Court hereby takes judicial notice of
the Agreement. See Swartz v. KPMG, LLP, 476 F.3d 756, 763 (9th Cir. 2007).
51
1
transferee.” Fid. Nat. Title Ins. Co. v. Schroeder, 179 Cal. App. 4th 834, 840–41 (2009). “A
2
fraudulent conveyance under the UFTA involves ‘a transfer by the debtor of property to a third
3
person undertaken with the intent to prevent a creditor from reaching that interest to satisfy its
4
claim.’” Filip v. Bucurenciu, 129 Cal. App. 4th 825, 829 (2005) (quoting Kirkeby v. Super. Ct.,
5
33 Cal. 4th 642, 648 (2004).
Under the California UFTA,25 a fraudulent transfer may be "actual" or "constructive." Cal.
6
Civ. Code § 3439.04(a). “In order for a fraudulent transfer to occur, among other things, there
8
must be a transfer of an asset as defined in the UFTA.” Schroeder, 179 Cal. App. 4th at 841
9
(emphasis in original). Under the Act, “transfer” is defined as “every mode, direct or indirect,
10
absolute or conditional, voluntary or involuntary, of disposing of or parting with an asset or an
11
United States District Court
Northern District of California
7
interest in an asset, and includes payment of money, release, lease, and creation of a lien or other
12
encumbrance.” Cal. Civ. Code § 3439.01(i). An “asset” is, in turn, defined by the term
13
“property,” which is defined as “anything that may be the subject of ownership.” Cal. Civ. Code §
14
3439.01(a), (h). A creditor cannot premise a UFTA claim on a transfer unless the “the transfer
15
puts beyond [the creditor’s] reach property [the creditor] otherwise would be able to subject to the
16
payment of [] debt.” Mehrtash v. Mehrtash, 93 Cal. App. 4th 75, 80 (2001).
17
In addition, to establish an “actual” fraudulent transfer claim under Civil Code §
18
3439.04(a)(1), Plaintiffs must plead that Gowalla made a transfer with “actual intent to hinder,
19
delay, or defraud any creditor of the debtor.” Cal. Civ. Code § 3439.04(a)(1). When pleading
20
these elements, Plaintiffs must meet the heightened standards mandated by Rule 9(b) of the
21
Federal Rules of Civil Procedure. See In re SCI Real Estate Investments, LLC, No. 2:11-BK-
22
15975-PC, 2013 WL 1829648 (Bankr. C.D. Cal. May 1, 2013).
23
24
25
26
25
Facebook and Gowalla argue that Plaintiffs do not have standing to assert a California UFTA
claim against them because they are not residents of California. The Court has already rejected
that argument with respect to Apple’s motion to dismiss. Plaintiffs have standing to assert a
California UFTA claim against Facebook and Gowalla, which are headquartered in California, for
conduct that occurred in California.
27
28
As for the choice-of-law analysis, the parties agree that the California and Texas UFTA statutes do
not conflict. Consequently, the Court will analyze California’s UFTA.
52
Here, Plaintiffs’ allegations do not establish that any transfer of assets occurred within the
2
meaning of the UFTA. Plaintiffs only describe generally what assets they assert were transferred:
3
personnel, “technology,” and “know-how.” Plaintiffs fail to address the requirement that the
4
transfer at issue put beyond Plaintiffs’ reach property they otherwise would be able to subject to
5
the payment of debt. There is no suggestion, for example, that Plaintiffs could not subject
6
Gowalla’s intellectual property, which Gowalla retained, to the payment of a future debt, or that
7
the license Gowalla conveyed to Facebook somehow impaired its ability to satisfy creditor claims.
8
Certainly Gowalla’s employees are not “assets” for purposes of the UFTA. The parties have cited
9
only one case to the Court on this point, Fink v. Advanced Logic Sys., Inc., A-5939-05T1, 2007
10
WL 3239222, at *7 (N.J. Super. Ct. App. Div. Nov. 5, 2007), and there, the court held that a non-
11
United States District Court
Northern District of California
1
exclusive license to copyrighted work was not an asset for purposes of a New Jersey fraudulent
12
transfer.26
Because Plaintiffs have failed to allege a transfer of assets within the meaning of the
13
14
UFTA, their UFTA claim will be dismissed.
15
B.
16
Each claim asserted against Gowalla in this case is also asserted against Facebook by
17
virtue of successor liability. Under California law, a corporation that purchases the assets of
18
another does not assume the liabilities of the selling corporation unless: “(1) there is an express or
19
implied agreement of assumption, (2) the transaction amounts to a consolidation or merger of the
20
two corporations, (3) the purchasing corporation is a mere continuation of the seller, or (4) the
21
transfer of assets to the purchaser is for the fraudulent purpose of escaping liability for the seller's
22
debts.” Ray v. Alad Corp., 19 Cal. 3d 22, 28 (1977). Plaintiffs’ allegations on this point are
23
materially deficient because they have not alleged that Facebook acquired Gowalla, and, as
24
discussed above, they have failed to allege a transfer of assets. Indeed, the CAC expressly alleges
25
the opposite: that Facebook acquired employees and intellectual property rights, but not Gowalla
Successor Liability
26
27
28
26
In briefing and at oral argument, Plaintiffs point to a Facebook securities filing and make other
arguments based on facts not contained in the CAC. The Court declines to consider these
arguments.
53
1
itself.
There is no successor liability where no acquisition or fraudulent transfer has occurred.
2
3
See, e.g., Gee v. Tenneco, Inc., 615 F.2d 857, 862 (9th Cir. 1980) (“It is the general rule that
4
where a corporation is not dissolved following a sale of assets or a reorganization, it remains liable
5
for debts and liabilities incurred by it, unless it is otherwise agreed between the corporation and its
6
creditors.”). Consequently, Plaintiffs have failed to plead any claims against Facebook by virtue
7
of successor liability.
C.
9
Facebook argues, and Plaintiffs do not contest, that Texas law applies to Plaintiffs’ claims
10
against it. ECF No. 394 at 6 n.6; ECF No. 434 at 2. Texas does not recognize a claim for “aiding
11
United States District Court
Northern District of California
8
and abetting” as alleged in the CAC.
Aiding and Abetting
In Juhl v. Airington, 936 S.W.2d 640, 643 (Tex. 1996), the Texas Supreme Court declined
12
13
to adopt section 876 of the Restatement (Second) of Torts, which sets out a “concerted action”
14
theory of liability, noting that whether concerted action liability is recognized in Texas would
15
remain an “open question.”27 No subsequent case, however, has ever allowed such a claim. See
16
Eckhardt v. Qualitest Pharm. Inc., 858 F. Supp. 2d 792, 802 (S.D. Tex. 2012) (“It is an ‘open
17
18
27
Section 876 of the Restatement provides:
19
20
21
22
23
24
25
26
For harm resulting to a third person from the tortious conduct of
another, one is subject to liability if he
(a) does a tortious act in concert with the other or pursuant to a
common design with him, or
(b) knows that the other's conduct constitutes a breach of duty and
gives substantial assistance or encouragement to the other so to
conduct himself, or
(c) gives substantial assistance to the other in accomplishing a
tortious result and his own conduct, separately considered,
constitutes a breach of duty to the third person.
27
28
Rest. (2d) of Torts, § 876 (1977).
54
1
question’ whether Texas law would even allow liability to be imposed based on § 876, and
2
Plaintiffs have not directed the Court to any Texas cases holding a defendant liable under § 876. It
3
is not the role of this Court, ‘Erie-bound,’ to expand Texas tort law.”).28
Plaintiffs’ aiding and abetting claim will be dismissed.
4
5
VI.
CONCLUSION
For the foregoing reasons, the Court hereby DISMISSES all of Plaintiffs’ claims against
6
7
all Defendants with leave to amend, with the exception of the Opperman Plaintiffs’ claim for
8
common law intrusion upon seclusion against the App Defendants. Plaintiffs have leave to file an
9
amended complaint within thirty days from the date of this Order.
IT IS SO ORDERED.
10
United States District Court
Northern District of California
11
Dated: May 14, 2014
______________________________________
JON S. TIGAR
United States District Judge
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
28
Plaintiffs argue that because there is no case expressly prohibiting such a claim, Facebook’s
motion to dismiss should be denied. This California federal court will decline Plaintiffs’ invitation
to create new causes of action under the state law of Texas.
55
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?