Davis v. Meta Platforms, Inc.

Filing 37

ORDER. I THEREFORE ORDER that Meta's motion to dismiss (ECF No. 18 ) is GRANTED. I FURTHER ORDER that Meta's request for judicial notice (ECF No. 19 ) is DENIED. I FURTHER ORDER that Meta's requests for leave to file supplemental au thority (ECF Nos. 30 , 36 ) are GRANTED. I FURTHER ORDER that plaintiff Matthew Davis may file an amended complaint by July 31, 2024, if facts exist to do so. Failure to file an amended complaint by that date will result in Davis's claims being dismissed with prejudice. Amended Complaint deadline: 7/31/2024. Signed by Judge Andrew P. Gordon on 7/3/2024. (Copies have been distributed pursuant to the NEF - RJDG)

Download PDF
1 UNITED STATES DISTRICT COURT 2 DISTRICT OF NEVADA 3 MATTHEW DAVIS, 4 Plaintiff 5 v. 6 META PLATFORMS, INC., 7 8 Defendant Case No.: 2:23-cv-01352-APG-BNW Order Granting Meta’s Motion to Dismiss; Denying Meta’s Request for Judicial Notice; and Granting Meta’s Motions for Leave to File Supplemental Authority [ECF Nos. 18, 19, 30, 36] Matthew Davis sues Meta Platforms, Inc. for violating the Drivers Privacy Protection Act 9 (DPPA) on behalf of himself and a putative class of similarly situated individuals. The DPPA 10 makes it “unlawful for any person knowingly to obtain or disclose personal information, from a 11 motor vehicle record, for any use not permitted under the [statute].” 18 U.S.C. § 2722(a). Davis 12 alleges that Meta violated the DPPA by collecting his personal information from the Nevada 13 Department of Motor Vehicles (DMV) website, which Davis alleges is a motor vehicle record 14 under the DPPA. Meta moves to dismiss, arguing that Davis does not plausibly allege that the 15 Nevada DMV website is a motor vehicle record, nor that the information Meta collected came 16 from the Nevada DMV website. I grant Meta’s motion to dismiss because Davis does not 17 plausibly allege that the Nevada DMV website is a motor vehicle record as defined by the DPPA 18 nor that the information Meta collected came from the Nevada DMV’s website. 19 Meta also requests I take judicial notice of its Terms of Service, Privacy Policy, Cookies 20 Policy, and Business Tools Terms, which can be found online. I deny this request because the 21 links Meta provided for these items are their current web addresses and I cannot accurately and 22 readily determine that these online policies have remained the same since the time of Davis’s 23 alleged injury. I also deny Meta’s request that I consider its Cookies Policy to be incorporated 1 by reference into the complaint because its Cookies Policy does not form the basis of Davis’s 2 allegations. 3 Finally, Meta moves for leave to file two opinions from similar cases as supplemental 4 authority. I grant Meta leave to file these opinions as supplemental authority because there is 5 good cause as the plaintiffs in those cases brought similar DPPA claims against Meta. 6 7 I. Background Davis visited the Nevada DMV website between 2022 and 2023 “to book appointments 8 and conduct other private business with the Nevada DMV.” ECF No. 1 at 16. Davis used the 9 same web browser to access the Nevada DMV website as he had used to access his personal 10 Facebook account. Id. Davis alleges that when he “was navigating the Nevada DMV website, 11 Meta obtained and used his personal information” by collecting both event data and cookies. Id. 12 According to the complaint, Meta collected three kinds of event data: (1) PageView, 13 (2) Microdata, and (3) Button Click. Id. at 7. PageView data allegedly “tells Meta which specific 14 website URL [Davis] navigated to.” Id. at 8. Microdata allegedly tells Meta the title of the 15 webpage Davis navigated to and provides Meta with a brief description of what is contained on 16 that page. Id. Button Click data allegedly “tells Meta if and exactly when [Davis] click[ed] on a 17 particular button on a webpage, along with the text of that button.” Id. 18 According to the complaint, Meta collected two different first-party cookies when Davis 19 visited the Nevada DMV website. Id. at 16. First, Meta allegedly collected the “c_user” cookie. 20 Id. “The c_user cookie . . . contains a consumer’s unencrypted Facebook ID.” Id. at 11-12. 21 Davis alleges that “[a] Facebook ID allows anybody—not just Facebook—to identify the 22 individual driver with a Facebook account” because if someone “types 23 www.facebook.com/[FacebookID] . . . into a web browser, it will load that individual’s 2 1 Facebook page.” Id. at 12. Second, Meta allegedly collected the “fr cookie.” Id. at 16. “The fr 2 cookie contains, at least, an encrypted Facebook ID and browser identifier.” Id. at 13. Davis 3 defines a first-party cookie as one that “is created by the website the user is visiting—i.e., 4 https://dmv.nv.gov/platesdisabled.htm.” Id. at 13 (quotation omitted). 5 Davis alleges that Meta receives the event data and cookies through the Meta Tracking 6 Pixel. Id. at 7, 11-13. Davis defines the Meta Tracking Pixel as a “tracking code” that 7 automatically collects user data and sends it to Meta. Id. at 2, 6. He alleges that when he visited 8 the Nevada DMV website “the DMV [was] host[ing] the Meta Tracking Pixel,” and he alleges 9 that the Meta Tracking Pixel was integrated directly into the Nevada DMV website. Id. at 2, 6-7. 10 He also alleges that the Meta Tracking Pixel is “surreptitiously install[ed]” on users’ web 11 browsers when they visit Facebook.com, and that the Meta Tracking Pixel stays on the users’ 12 browser for 90 days. Id. at 2. 13 According to the complaint, when a user visits the Nevada DMV website, the c_user and 14 fr cookies identifying that user, as well as the user’s event data, are sent to Meta through the 15 Meta Tracking Pixel. Id. at 14. Davis alleges that Meta collects this data from the Nevada DMV 16 “to help it in its advertising efforts.” Id. at 17. Specifically, Davis alleges Meta uses this 17 information to “deliver targeted advertisements to drivers on its social media platforms.” Id. at 18 16. 19 Based on these allegations, Davis sues Meta for violating the DPPA. As explained in 20 more detail below, he alleges that (1) the c_user and fr cookies contain personal information as 21 defined by the DPPA, (2) the Nevada DMV website is a motor vehicle record as defined by the 22 DPPA, and (3) Meta obtains the c_user and fr cookies from the Nevada DMV website, so the 23 personal information they contain comes from a motor vehicle record. He brings the same claim 3 1 on behalf of a putative class of similarly situated individuals, defining the putative class as “all 2 persons in the United States who have Facebook and visited https://dmvnv.com/ or 3 https://dmv.nv.gov/ after August 30, 2019.” Id. at 17, 19. Meta moves to dismiss all claims 4 against it, arguing that Davis fails to state a claim or, in the alternative, that Meta collected the 5 data for a permissible purpose under the DPPA or did not possess the required mental state when 6 it collected the data. 7 8 9 II. Analysis a. Motion to Dismiss In considering a motion to dismiss, I take all well-pleaded allegations of material fact as 10 true and construe the allegations in the light most favorable to the non-moving party. Kwan v. 11 SanMedica Int’l, 854 F.3d 1088, 1096 (9th Cir. 2017). However, I do not assume the truth of 12 legal conclusions merely because they are cast in the form of factual allegations. Navajo Nation 13 v. Dep’t of the Interior, 876 F.3d 1144, 1163 (9th Cir. 2017). A plaintiff must make sufficient 14 factual allegations to establish a plausible entitlement to relief. Bell Atl. Corp. v. Twombly, 550 15 U.S. 544, 556 (2007). Such allegations must amount to “more than labels and conclusions, [or] a 16 formulaic recitation of the elements of a cause of action.” Id. at 555. Though I must generally 17 accept allegations in a complaint as true at the motion to dismiss stage, I do not need to accept 18 inconsistent allegations in a complaint as true. Jane Doe, also known as T.R.S., Plaintiff, v. 19 Wyndham Hotels and Resorts, 2:23-cv-01676-DAD-CSK, 2024 WL 3088722, *11 (E.D. Cal. 20 June 20, 2024) (collecting cases). 21 The DPPA makes it “unlawful for any person knowingly to obtain or disclose personal 22 information, from a motor vehicle record, for any use not permitted under the [statute].” 18 23 U.S.C. at § 2722(a). To state a DPPA claim, Davis must plausibly allege that “(1) [Meta] 4 1 knowingly obtained his personal information (2) from a motor vehicle record (3) for a 2 nonpermissible use.” Andrews v. Sirius XM Radio Inc., 932 F.3d 1253, 1259 (9th Cir. 2019). 3 4 i. Personal Information The DPPA defines “personal information” as “information that identifies an 5 individual, including an individual’s photograph, social security number, driver 6 identification number, name, address (but not the 5-digit zip code), telephone number, 7 and medical or disability information, but does not include information on vehicular 8 accidents, driving violations, and driver’s status.” 18 U.S.C. § 2725(3). Davis alleges 9 that “[a] Facebook ID is personally identifiable information” within the DPPA because it 10 is a “correlated number[] that identifies an individual, in the same way that social security 11 numbers, driver identification number, or telephone numbers identify individuals.” ECF 12 No. 1 at 13, 19 (quotation omitted). He alleges that Meta collects this personal 13 information through the c_user and fr cookies. In its motion to dismiss, Meta does not 14 dispute that the c_user and fr cookies contain the Facebook ID and that the Facebook ID 15 is personal information under the DPPA. 16 Davis has plausibly alleged that a Facebook ID number is “personal information” within 17 the DPPA’s definition of the term. Davis alleges that each Facebook ID number directly 18 identifies one Facebook profile which belongs to one person, making it similar to the examples 19 of personal information listed in the statute. 20 21 ii. Motor Vehicle Record The DPPA defines “motor vehicle record” as “any record that pertains to a motor vehicle 22 operator’s permit, motor vehicle title, motor vehicle registration, or identification card issued by 23 a department of motor vehicles.” 18 U.S.C. § 2725(1). “Congress intended the DPPA to reflect 5 1 the Privacy Act of 1974, . . . which defines a ‘record’ as ‘information about an individual that is 2 maintained by an agency.’” Andrews, 932 F.3d at 1260 (quotation omitted, emphasis in original). 3 Davis alleges that “[w]ebpages on the Nevada DMV webpages are a type of ‘motor vehicle 4 record’ within the ambit of the DPPA, because they [are] records that pertain to a motor vehicle 5 operator’s permit, motor vehicle title, motor vehicle registration, or identification cards issued by 6 the Nevada DMV.” ECF No. 1 at 19. 7 Meta argues that Davis has not plausibly alleged that the Nevada DMV website is a 8 motor vehicle record. First, Meta argues that the website is not a record because “[a] public9 facing webpage . . . does not contain any information about an individual.” ECF No. 18 at 12 10 (quotation omitted). Next, Meta argues that, even if the Nevada DMV website is a record, it is 11 not a motor vehicle record because it does not “‘pertain[] to’ a motor vehicle operator’s permit, 12 title, registration, or identification card.” Id. Meta uses the Seventh Circuit’s definition of 13 “pertain” in Lake v. Neal, which defines pertain as “to belong as a part, member, accessory, or 14 product.” 585 F.3d 1059, 1061 (7th Cir. 2009) (quoting Merriam-Webster’s Collegiate 15 Dictionary (11th ed. 2004)). Meta argues that “[a] public-facing webpage does not ‘belong as a 16 part, member, accessory, or product,’ . . . to any operator’s permit, vehicle title, registration, or 17 identification card issued by the DMV . . . –rather, it exists prior to and independently of the 18 DMV’s issuance of any permit, title, registration, or identification card.” ECF No. 18 at 12. 19 Davis responds that “the Nevada DMV website is [a] record because it is ‘something that 20 records’ information.” ECF No. 21 at 2-3 (quoting Record, Merrium-Webster Online Dictionary 21 (2023)). He also argues that the DMV maintains the website, so it is a record within the DPPA’s 22 meaning. He next argues that the Nevada DMV website is a motor vehicle record because it 23 “records information that ‘pertain[s] to a motor vehicle operator’s permit, motor vehicle title, 6 1 motor vehicle registration, or identification card issued by a department of motor vehicles’” as it 2 “allows Nevadans to schedule driving tests, book appointments for new car registrations, or 3 apply for disability placards to place on their cars.” Id. at 3. Additionally, Davis argues that 4 “every single webpage on the Nevada Department of Motor Vehicles website has some kind of a 5 ‘connection with driving,’” making the website a motor vehicle record. Id. at 4 (emphasis 6 omitted). 7 Meta replies that “ a connection with driving is not sufficient to make information a 8 ‘motor vehicle’ record.” ECF No. 28 at 7 (quotation omitted). It argues that on the Nevada 9 DMV’s public website, there are webpages that do not pertain to a driver’s permit, title, 10 registration, or ID card, so the website cannot be a motor vehicle record under the DPPA. Id. at 11 8. Meta also argues that even if “the DMV website uses the information collected on various 12 webpages to create other records about driving tests, car registrations, or disability placards, that 13 does not make the website itself a motor vehicle record.” Id. (emphasis in original). Meta also 14 points out that Davis never alleges that “he visited any specific webpage, scheduled a driving 15 test, booked an appointment for a new car registration, or applied for a disability placard,” so he 16 has not plausibly alleged that a record was created for him on the Nevada DMV website. Id. 17 Davis does not plausibly allege that the Nevada DMV website is a motor vehicle record 18 as defined by the DPPA. First, he does not allege what, if anything, the Nevada DMV website 19 records. While he alleges that individuals can complete a variety of tasks on the website, like 20 scheduling appointments for driver tests or new car registrations, he does not allege that the 21 website itself records any of this information. While Davis alleges that these actions create event 22 data that is sent to Meta via the Meta Tracking Pixel, Davis alleges the event data is “transmitted 23 to Meta in just fractions of a second [to] give[] Meta a real-time look into exactly what a 7 1 particular driver” is doing on the Nevada DMV website. ECF No. 1 at 9-10. Because the event 2 data is sent to Meta instantaneously, this does not suggest that the Nevada DMV website is 3 maintaining a record of this information, nor does Davis allege that it is. 4 Davis cites Gershzon v. Meta Platforms, Inc. in support of his argument that the Nevada 5 DMV website is a motor vehicle record. 23-cv-00083-SI, 2023 WL 5420234 at *8 (N.D. Cal. 6 Aug. 22, 2023). There, the court found that the plaintiff’s “My DMV” online account, which 7 contained the plaintiff’s personal information and was maintained by the California DMV, was a 8 record within the DPPA’s meaning. Id. Davis does not allege that he made a “MyDMV” account 9 or any other kind of personal account where his information was stored by the Nevada DMV. 10 Nor does he allege that the public-facing Nevada DMV website had any way of maintaining a 11 record of Davis’s personal information. Thus, he has not plausibly alleged that the Nevada 12 DMV website was a record within the DPPA’s meaning, so he has not plausibly alleged that it 13 was a motor vehicle record. 1 14 iii. From a motor vehicle record 15 The DPPA requires that any personal information obtained or disclosed must come from 16 a motor vehicle record to be protected by the statute. 18 U.S.C. § 2724(a). Davis’s allegations 17 about where the c_user and fr cookies containing the Facebook ID come from are unclear. At 18 times, he alleges that the cookies come directly from his web browser: 19 • 20 “When a driver is navigating https://dmv.nv.gov/ while logged into Facebook, the DMV website compels a visitor’s browser to transmit an identifying ‘computer cookie’ to Meta 21 22 23 1 Because I am granting Davis leave to amend, I address the remainder of Meta’s arguments to ensure that amendment would not be futile. 8 1 called ‘c_user,’ for every single event sent through the Meta Tracking Pixel.” ECF No. 1 2 at 11 ¶ 27 (emphasis in original). 3 • “By compelling a visitor’s browser to disclose the c_user and fr cookies alongside event 4 data, the Nevada DMV website knowingly discloses personal information and highly 5 restricted personal information to Meta.” Id. at 14 ¶ 38. 6 • “Alongside this event data, Defendant also obtained and used identifiers for Plaintiff 7 Davis including c_user and fr cookies to Meta, as first-party cookies on his web 8 browser.” Id. at 16 ¶ 45. 9 • “Both encrypted and unencrypted Facebook ID numbers are the fr and c_users cookies, 10 respectively. These cookies were placed on Plaintiff and Class members [sic] web 11 browsers. When Plaintiff and Class members loaded a Nevada DMV webpage, the 12 c_user and fr_cookies were contained in the code of that [sic] was loaded on Plaintiff and 13 Class members’ browsers.” Id. at 19 ¶ 59. 14 Elsewhere in the complaint, Davis alleges that the cookies come directly from the Nevada DMV 15 website: 16 • “The Meta Tracking Pixel uses both first- and third-party cookies. A first-party cookie is 17 created by the website the user is visiting–i.e., https:://dmv.nv.gov/platesdisabled.htm.” 18 Id. at 13 ¶ 36 (quotation omitted). 19 20 • “[B]y collecting the c_user and fr cookies as first-party cookies, Meta is collecting a drivers’ [sic] Facebook ID number from the Nevada DMV directly.” Id. at 14 ¶ 39. 21 22 23 9 1 • 2 “Defendant[ 2] also obtained and used identifiers for Plaintiff Davis including the c_user and fr cookies to Meta, as first party cookies on his web browser.” Id. at 16 ¶ 45. 3 • “By including the c_user and fr cookies as first-party cookies, they were cookies directly 4 stored by the Nevada DMV website.” Id. at 19 ¶ 59. 5 Meta argues that the only information Davis alleges as personal information under the 6 DPPA are the c_user and fr cookies, and Davis alleges that these cookies are either stored on the 7 DMV website or come from Davis’s browser. Meta argues that neither of these allegations is 8 sufficient to allege that the cookies are from a motor vehicle record because in both scenarios the 9 cookies do not originate with the Nevada DMV website. 10 Davis responds that he alleged that “the initial source of the Facebook ID numbers was 11 the Nevada DMV website” and “[t]he fact a web browser is used as an intermediary to send 12 information from the DMV website to Meta’s website, facebook.com, does not change the fact 13 the initial source of the information was a record in the possession of the DMV.” ECF No. 21 at 14 7 (emphasis in original). Davis argues that the DPPA does not require that the “personal 15 information from a motor vehicle record [be] delivered by the state DMV itself,” so the fact that 16 the transmission of the personal information “occurs online makes no difference under the 17 DPPA’s plain language.” Id. (emphasis in original). “[H]ere, the initial source of the cookies 18 containing the Facebook ID numbers was the Nevada DMV website, . . . which is a record in the 19 DMV’s possession. Plaintiff’s web browser . . . was simply the intermediary that delivered the 20 cookies containing the Facebook ID numbers to Meta.” Id. at 8. 21 22 23 2 I believe the word “Defendant” is a typographical error and that Davis meant the Nevada DMV. 10 1 Meta replies that Davis alleges in his complaint that the c_user and fr cookies came from 2 his web browser, which is insufficient for a DPPA claim. It also argues that, logically, the 3 Nevada DMV website cannot be the initial source of Davis’s Facebook ID number. 4 Even if Davis had plausibly alleged that the Nevada DMV website is a motor vehicle 5 record under the DPPA, he has not plausibly alleged that the c_user and fr cookies came from 6 that website. Davis’s own allegations appear to be inconsistent, at times alleging that Meta 7 collected the cookies from Davis’s web browser and at times alleging that Meta collected the 8 cookies directly from the Nevada DMV website. However, to plausibly state a DPPA claim, 9 Davis must allege that Meta collected the personal information from the motor vehicle record, 10 not that Meta collected information from the browser Davis used to access the motor vehicle 11 record. See Andrews, 932 F.3d at 1260 (“[W]e conclude that where, as here, the initial source of 12 personal information is a record in the possession of an individual, rather than a state DMV, then 13 use or disclosure of that information does not violate the DPPA.”); Garey v. James S. Farrin, 14 P.C., 35 F.4th 917, 926 (4th Cir. 2022) (“The phrase ‘obtain, disclose or use personal 15 information, from a motor vehicle record’ is most naturally read to refer to a defendant who 16 obtains such information directly ‘from a motor vehicle record’ . . ., not a defendant who obtains 17 information that, at some point in time, appeared in a motor vehicle record.”). Even viewing the 18 facts in the light most favorable to Davis, as I do at the motion to dismiss stage, I cannot discern 19 where Davis alleges Meta collects the c_user and fr cookies from. Thus, Davis has not plausibly 20 alleged that the c_user and fr cookies came from a motor vehicle record, as is required to state a 21 claim under the DPPA. 22 / / / / 23 / / / / 11 1 2 iv. Improper Purpose Under the DPPA Meta violated the DPPA only if it obtained or disclosed personal information from a 3 motor vehicle record for any use not permitted under § 2721(b). 18 U.S.C. § 2722(a). Section 4 2721(b) lists fourteen permissible purposes. Meta argues that if it did obtain Davis’s personal 5 information from a motor vehicle record, it did so for a permissible purpose. Specifically, it 6 argues that it collected the data to assist the DMV in “carrying out its functions” as a government 7 agency, to conduct “motor vehicle market research activities,” and with written consent because 8 Davis agreed to Meta’s Terms of Service when he created a Facebook account. Id. at 9 §§ 2721(b)(1), (b)(2), (b)(13). 10 Davis contests all three of the permissible purposes Meta asserts. He argues that Meta 11 used the personal information it collected from the DMV to create personalized advertisements, 12 and this is not a permissible purpose under the statute. And he argues that Meta never received 13 his express consent to collect his sensitive personal data from the Nevada DMV website. 14 Meta replies that the data the Meta Tracking Pixel collects from the Nevada DMV 15 website “helps the DMV carry out its functions by measuring user activity on its website and 16 improving the quality of the DMV’s online services.” ECF No. 28 at 11 (simplified). It also 17 argues that by allowing the DMV to track the people on its website and the actions they take, the 18 Meta Tracking Pixel allows the DMV to “undertake motor vehicle market research activities.” 19 Id. (quotation omitted). Meta also argues that Davis had to agree to the Terms of Service to 20 create a Facebook account, and the Terms of Service disclose to users that Meta collects and uses 21 their personal data. It also argues that the Terms of Service link to its Privacy Policy, which 22 provides detailed disclosures about the Meta Tracking Pixel and how it operates. 23 12 1 In his complaint, Davis alleges that Meta obtained his personal information to create 2 customized audiences for the Nevada DMV website. This purpose benefits Meta’s commercial 3 advertising efforts. Commercial advertising is not a permissible purpose under the DPPA, and is 4 one of the very things the DPPA sought to prevent. See Andrews, 932 F.3d at 1259-60 5 (describing one of Congress’s purposes in promulgating the DPPA as stopping “the States’ 6 common practice of selling personal information to businesses engaged in direct marketing and 7 solicitation”) (emphasis and quotation omitted). “Whether Meta in fact had a permissible 8 purpose in obtaining and using personal information from the DMV website raises factual 9 questions to be resolved on summary judgment or at trial.” Gershzon, 2023 WL 5420234 at *9. 10 However, at the motion to dismiss stage I evaluate whether, taking Davis’s allegations as true, 11 Meta acted with a permissible purpose. Viewing the facts in the light most favorable to Davis, 12 the complaint does not allege that Meta acted within one of the DPPA’s permissible purposes. 13 14 v. Knowingly Meta argues that the DPPA imposes liability only if it knowingly violated the DPPA, not 15 just if it knowingly collected Davis’s personal information. Davis responds that he alleges that 16 Meta knowingly obtained and used the information that it collected from the Nevada DMV 17 website. Whether Meta knew that the data it was collecting allegedly violated the DPPA is a 18 question of fact that is not appropriate for resolution at the motion to dismiss stage. Because I 19 cannot decide what Meta knew at this stage, I do not address Meta’s statutory argument that to 20 violate the DPPA, Meta had to know it was collecting personal information protected by the 21 DPPA. 22 / / / / 23 / / / / 13 1 2 vi. Conclusion I grant Meta’s motion to dismiss. Davis plausibly alleges that the c_user and fr cookies 3 contain the Facebook ID, which is personal information within the DPPA’s ambit. However, 4 Davis does not plausibly allege that the Nevada DMV website is a motor vehicle record as 5 defined by the DPPA, nor that the fr and c_user cookies came from the Nevada DMV website. I 6 grant Davis leave to amend if he can plausibly allege that the Nevada DMV website is a motor 7 vehicle record, as defined by the DPPA, and that the cookies containing the personal information 8 came from that motor vehicle record. 9 10 b. Judicial Notice and Incorporation by Reference Meta requested that I take judicial notice of its Terms of Service, Privacy Policy, Cookies 11 Policy, and Business Tools Terms, and it provided the current web addresses for each of these 12 policies. Meta contends that I can take judicial notice of these websites “because they are from 13 publicly available websites whose contents are not subject to reasonable dispute.” ECF No. 19 at 14 2. 15 Federal Rule of Evidence 201(b) allows judicial notice of “a fact that is not subject to 16 reasonable dispute because it: (1) is generally known within the trial court’s territorial 17 jurisdiction; or (2) can be accurately and readily determined from sources whose accuracy cannot 18 reasonably be questioned.” Meta’s four websites do not fall into either category as they are not 19 generally known within this district, and because I cannot accurately and readily determine that 20 the webpages have remained unchanged since Davis visited the Nevada DMV website. 21 Consequently, I deny Meta’s request that I take judicial notice of these websites. 22 Meta also requests that I consider its Cookies Policy to be incorporated by reference into 23 Davis’s complaint because the complaint twice refers to the Cookies Policy. “[I]ncorporation- 14 1 by-reference is a judicially created doctrine that treats certain documents as though they are part 2 of the complaint itself. The doctrine prevents plaintiffs from selecting only portions of 3 documents that support their claims, while omitting portions of those very documents that 4 weaken—or doom—their claims.” Khoja v. Orexigen Therapeutics, Inc., 899 F.3d 988, 1002 5 (9th Cir. 2018). It can be applied where there are “documents whose contents are alleged in a 6 complaint and whose authenticity no party questions, but which are not physically attached to the 7 plaintiff’s pleading.” Knievel v. ESPN, 393 F.3d 1068, 1076 (9th Cir. 2005) (simplified). It also 8 can be applied in “situations in which the plaintiff’s claim depends on the contents of a 9 document, the defendant attaches the document to its motion to dismiss, and the parties do not 10 dispute the authenticity of the document, even though the plaintiff does not explicitly allege the 11 contents of that document in the complaint.” Id. It is not appropriate to consider documents 12 incorporated by reference if the “document did not necessarily form the basis of the complaint” 13 and “merely creates a defense.” Khoja, 899 F.3d at 1002. 14 While Davis’s complaint includes allegations about specific cookies, Meta’s Cookies 15 Policy does not form the basis of the complaint. I deny Meta’s request to consider the Cookies 16 Policy as incorporated by reference into Davis’s complaint. 17 18 c. Supplemental Authority Meta filed two requests for leave to file supplemental authority. First, it requested leave 19 to file the District of South Carolina’s decision in Keogh v. Meta Platforms, Inc., a similar case 20 involving the DPPA’s application to information that Meta received in connection with a state 21 DMV website. ECF Nos. 30; 30-1. Second, Meta requested leave to file the Eastern District of 22 North Carolina’s decision in Dye v. Meta Platforms, Inc., another similar case. ECF Nos. 36; 3623 2. Davis responds to Meta’s request by disagreeing with the Keogh court’s analysis. 15 1 Local rule 7-2(g) requires leave of court before a party may file supplemental briefs or 2 evidence. Leave may be granted for good cause. Ra Se. Land Co. LLC v. First Am. Title Ins. 3 Co., 2:14-cv-01621-MMD-NJK, 2016 WL 4591740, at *2 (D. Nev. Sept. 2, 2016). Good cause 4 exists when the supplemental authorities “control the outcome of the litigation,” are precedential, 5 or are “particularly persuasive or helpful.” Hunt v. Washoe Cnty. Sch. Dist., 3:18-cv-005016 LRH-WGC, 2019 WL 4262510, at *3 (D. Nev. Sept. 9, 2019) (quotation omitted). Because the 7 plaintiffs in Keogh and Dye brought nearly identical claims to Davis against the same defendant 8 and under the same statute, this supplemental authority is “particularly persuasive or helpful.” Id. 9 I grant Meta leave to file this supplemental authority. 10 III. Conclusion 11 I THEREFORE ORDER that Meta’s motion to dismiss (ECF No. 18) is GRANTED. 12 I FURTHER ORDER that Meta’s request for judicial notice (ECF No. 19) is DENIED. 13 I FURTHER ORDER that Meta’s requests for leave to file supplemental authority (ECF 14 Nos. 30, 36) are GRANTED. 15 I FURTHER ORDER that plaintiff Matthew Davis may file an amended complaint by 16 July 31, 2024, if facts exist to do so. Failure to file an amended complaint by that date will result 17 in Davis’s claims being dismissed with prejudice. 18 DATED this 3rd day of July, 2024. 19 20 ANDREW P. GORDON UNITED STATES DISTRICT JUDGE 21 22 23 16

Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.


Why Is My Information Online?