Hoffman v. One Technologies, LLC
Filing
24
ORDER denying defendant's 13 Partial Motion to Dismiss for Failure to State a Claim by Judge Robert S. Lasnik.(RS)
<![CDATA[
1
2
3
4
5
6
UNITED STATES DISTRICT COURT
WESTERN DISTRICT OF WASHINGTON
AT SEATTLE
7
8
9
MARK HOFFMAN, individually and on
behalf of other similarly situated persons,
10
11
Plaintiff,
No. C16-1006RSL
v.
12
13
ORDER DENYING DEFENDANT’S
PARTIAL MOTION TO DISMISS
ONE TECHNOLOGIES, LLC,
Defendant.
14
15
This matter comes before the Court on “Defendant’s Partial Motion to Dismiss.” Dkt.
16
# 13. Plaintiff Mark Hoffman sued defendant One Technologies, LLC for violations of
17
Washington’s Commercial Electronic Mail Act, RCW 19.190.010 et seq. (“CEMA”), and
18
Consumer Protection Act, RCW 19.86.010 et seq. (“CPA”). Dkt. # 1-3. Defendant moves to
19
dismiss or stay plaintiff’s claims. Dkt. # 13. Having reviewed the parties’ briefing and the
20
remainder of the record, the Court finds as follows.
BACKGROUND
21
22
Plaintiff claims that defendant violated CEMA and the CPA by sending him emails that
23
deceptively solicited him to provide personally identifying information. Specifically, plaintiff
24
alleges that these emails suggested that the sender was affiliated with the credit bureaus Equifax,
25
Experian, and TransUnion, and urged plaintiff to follow web links in order to check his credit
26
27
28
ORDER DENYING DEFENDANT’S
PARTIAL MOTION TO DISMISS - 1
1
score.1 The linked web sites, which belonged to defendant, asked plaintiff to input personally
2
identifying information. Plaintiff received multiple such emails between 2012 and 2016. Dkt.
3
# 1-3, ¶¶ 9–20. He brings his CEMA and CPA claims individually and on behalf of other
4
persons who received similar emails from defendant.
DISCUSSION
5
6
7
A.
Pleading Standard
Federal pleading rules require a complaint to include “a short and plain statement of the
8
claim showing that the pleader is entitled to relief.” Fed. R. Civ. P. 8(a)(2). This requirement
9
serves to “give the defendant fair notice of what the claim is and the grounds upon which it
10
rests.” Bell Atl. Corp. v. Twombly, 550 U.S. 544, 545 (2007) (internal marks and citation
11
omitted). Although the complaint’s factual allegations need not be detailed, they must
12
sufficiently state a “plausible” ground for relief. Id. at 544. “A claim has facial plausibility
13
when the plaintiff pleads factual content that allows the court to draw the reasonable inference
14
that the defendant is liable for the misconduct alleged.” Ashcroft v. Iqbal, 556 U.S. 662, 678
15
(2009). The plausibility standard is met when a complaint alleges “more than a sheer possibility
16
that a defendant has acted unlawfully.” Id. “Dismissal is proper only where there is no
17
cognizable legal theory or an absence of sufficient facts alleged to support a cognizable legal
18
theory.” Taylor v. Yee, 780 F.3d 928, 935 (9th Cir. 2015). Dismissal without leave to amend is
19
proper “only if it is absolutely clear that the deficiencies of the complaint could not be cured by
20
amendment.” Grogan v. Health Officer of Cty. of Riverside, 221 F.3d 1348 (9th Cir. 2000)
21
(quotation marks and citation omitted). All well-pleaded allegations of material fact are
22
23
24
25
26
1
For example, the emails contained subject lines such as “Data Breach: Check Your Equifax
Score for Errors, Free*Today” and “Your Monthly Notification Experian Score is Now Viewable”;
identified their sender by addresses such as “TransUnion DataLeak Warning <TransUnion-DataLeakWarning@value10.cozyrecordscore.us>” and “Equifax Cyber Warning <equifax.cyber.warning
@blw222.interiorscore.ninja>”; and contained text such as “Experian CyberCrime Warning Complimentary Score Check ends 04.23.15 Go Here to View Your Score,” with an embedded hyperlink
leading to a website run by defendant. Dkt. # 1-3, ¶¶ 11–14.
27
28
ORDER DENYING DEFENDANT’S
PARTIAL MOTION TO DISMISS - 2
1
accepted as true and are construed in the light most favorable to the non-moving party.
2
Manzarek v. St. Paul Fire & Marine Ins. Co., 519 F.3d 1025, 1031 (9th Cir. 2008).
3
B.
4
Washington Commercial Electronic Mail Act
Under CEMA, it is illegal to “solicit, request, or take any action to induce a person to
5
provide personally identifying information by means of a web page, electronic mail message, or
6
otherwise using the internet by representing oneself, either directly or by implication, to be
7
another person, without the authority or approval of such other person.” RCW 19.190.080.
8
“Personally identifying information” is defined as an individual’s social security number,
9
driver’s license number, bank account number, credit or debit card number, personal
10
identification number, automated or electronic signature, unique biometric data, account
11
passwords, or “any other piece of information that can be used to access an individual’s financial
12
accounts or to obtain goods or services.” RCW 19.190.010(12). Electronic solicitation of
13
personally identifying information by deceptive means is informally known as “phishing.”
14
Gragg v. Orange Cab Co., Inc., 145 F. Supp. 3d 1046, 1051 n.2 (W.D. Wash. 2015).
15
Defendant moves to dismiss plaintiff’s phishing claim on the grounds that plaintiff has
16
neither alleged with specificity what personally identifying information defendant’s emails
17
sought, nor alleged that he actually provided any information in response to the offending
18
emails. It is true that the complaint alleges only the solicitation of “personally identifying
19
information,” rather than specific categories of information. But read together with the other
20
factual allegations in the complaint, including the allegation that the emails urged plaintiff to
21
check his credit score and suggested an affiliation with the three credit bureaus, the allegation
22
rises above “a formulaic recitation of the elements of a cause of action.” See Twombly, 550
23
U.S. at 555. Plaintiff has alleged the specific actions that defendant took to induce him to
24
provide certain information, and has alleged facts from which the Court can draw a plausible
25
inference that the information sought falls under CEMA’s definition of “personally identifying
26
27
28
ORDER DENYING DEFENDANT’S
PARTIAL MOTION TO DISMISS - 3
1
2
information.”2
The Court also rejects defendant’s argument that plaintiff must allege that he actually
3
provided his personal information in order to plead a cognizable injury giving rise to a CEMA
4
claim. As previously noted, see Dkt. # 23 at 2, plaintiff’s allegations of personal harm –
5
including, inter alia, usurpation of his electronic storage space and invasions of his privacy, Dkt.
6
# 1-3, ¶ 23 – are sufficiently concrete and particularized to establish Article III standing. See
7
Spokeo, Inc. v. Robins, 136 S. Ct. 1540, 1549–50 (2016). And plaintiff need only allege that he
8
received emails violating CEMA to state a claim under that statute. In amending CEMA to add
9
the phishing provision, the Washington legislature empowered individual email recipients to
10
enforce the law; it did not limit the private right of action to individuals whose information had
11
been divulged and misappropriated. See RCW 19.190.090(1); Wash. H.R. B. Rep., 2005 Reg.
12
Sess. H.B. 1888 (“A recipient . . . may bring a civil action against a sender who violates the laws
13
relating to commercial electronic mail messages.”). Plaintiff correctly distinguishes this
14
requirement under CEMA from the injury to “business or property” that is required to state a
15
claim under the CPA, see RCW 19.86.090. By alleging that he received emails that deceptively
16
solicited him to provide personally identifying information, plaintiff has pled facts sufficient to
17
state a CEMA claim.
18
Defendant’s motion to dismiss plaintiff’s CEMA claim is denied.3
19
20
21
22
23
24
25
26
2
Moreover, defendant appears to concede that its “flagship website,” www.freescore360.com,
solicits “personally identifying information,” though defendant argues that it does so only after the
viewer provides his name, email address, and zip code. Dkt. # 13 at 5. Defendant claims that it has
attached a print-out of this website as an exhibit to its motion to dismiss, Dkt. # 13-1, but because
plaintiff contests the exhibit’s authenticity, the Court does not rely on it in ruling on this motion. See
Knieval v. ESPN, 393 F.3d 1068, 1076 (9th Cir. 2005).
3
Defendant separately moves to dismiss certain of plaintiff’s allegations because they fail to
state a claim under CEMA. Dkt. # 13 at 13–15. A party may not move to “dismiss” factual allegations
merely because they do not support a viable claim for relief.
27
28
ORDER DENYING DEFENDANT’S
PARTIAL MOTION TO DISMISS - 4
1
2
C.
Washington Consumer Protection Act
The CPA forbids “unfair or deceptive acts or practices in the conduct of any trade or
3
commerce.” RCW 19.86.020. Generally, a plaintiff may prevail in a private CPA action if he
4
shows: (1) an unfair or deceptive act or practice; (2) occurring in trade or commerce; (3) an
5
impact on the public interest; (4) an injury to the plaintiff in his business or property; and (5)
6
causation. Hangman Ridge Training Stables, Inc. v. Safeco Title Ins. Co., 105 Wn.2d 778, 780
7
(1986).
8
Plaintiff’s successful phishing claim, described above, gets him partway there. A CPA
9
claim can be predicated upon a per se violation of another statute. Klem v. Wash. Mut. Bank,
10
176 Wn.2d 771, 787 (2013). CEMA specifically provides that “practices covered by [CEMA]
11
are matters vitally affecting the public interest for the purpose of applying the [CPA],” and that a
12
violation of CEMA “is an unfair or deceptive act in trade or commerce . . . for the purpose of
13
applying the [CPA].” RCW 19.190.030(3); -.100. Accordingly, by successfully stating a
14
phishing claim under CEMA, plaintiff also successfully states the first three elements of a CPA
15
claim. Cf. Gragg v. Orange Cab Co., Inc., No. C12-576RSL, 2013 WL 195466, at *5 (W.D.
16
Wash. Jan 17, 2013).
17
To satisfy the fourth and fifth elements of his CPA claim, plaintiff alleges that
18
defendant’s emails injured plaintiff “in [his] trade and property.” Unlike plaintiff’s allegation
19
that defendant solicited his personally identifying information, this allegation is almost entirely
20
unsupported by any other factual allegations that save it from being a legal conclusion cast in the
21
form of a factual allegation, which cannot alone defeat a motion to dismiss. See W. Min.
22
Council v. Watt, 643 F.2d 618, 624 (9th Cir. 1981). At most, plaintiff alleges that the emails
23
“usurped some of the limited storage space on the computer he uses for trade” and “caused him
24
to lose time from his trade and compensable work,” Dkt. # 1-3, ¶¶ 23.e–j – injuries which suffice
25
for standing, see Spokeo, 136 S. Ct. at 1549–50, but which may not suffice to state the “injury to
26
business or property” required for a claim under the CPA. See Hangman Ridge, 105 Wn.2d at
27
28
ORDER DENYING DEFENDANT’S
PARTIAL MOTION TO DISMISS - 5
1
2
780.4
The Court need not decide whether these allegations of injury suffice, however, because
3
plaintiff manages to state a CPA claim via a different provision of CEMA. RCW 19.190.030
4
provides that “[i]t is a violation of the [CPA] . . . to initiate the transmission of a commercial
5
electronic mail message that . . . misrepresents or obscures any information in identifying the
6
point of origin or the transmission path of a commercial electronic mail message; or . . .
7
[c]ontains false or misleading information in the subject line.” RCW 19.190.030(1)(a), (b).
8
Plaintiff alleges that defendant initiated the transmission of commercial electronic mail messages
9
that contained false or misleading information in the subject line – specifically, subject lines
10
suggesting that the sender was affiliated with the three credit bureaus. Dkt. # 1-3, ¶¶ 11, 19–20.
11
Plaintiff also alleges that defendant deliberately obscured the point of origin of its emails by
12
keeping the linked websites active for “only a brief period after transmitting the email.” Dkt.
13
# 1-3, ¶ 17. Defendant argues that its website is not actually false or misleading, but fails to
14
address plaintiff’s allegations that defendant’s emails were misleading and had obscured points
15
of origin. Dkt. # 13 at 9–10. Accordingly, plaintiff’s allegations state a CPA claim under RCW
16
19.190.030(1).
17
Defendant’s motion to dismiss plaintiff’s CPA claim is denied.
18
19
20
21
22
23
24
25
26
4
Defendant notes that this Court recently certified to the Washington Supreme Court the
question whether CEMA’s liquidated damages provision, RCW 19.190.040(1), establishes the causation
and/or injury elements of a CPA claim as a matter of law. Dkt. # 13 at 15–16; Gragg v. Orange Cab
Co., Inc., No. C12-576RSL, ECF No. 186 (W.D. Wash. April 22, 2016). Defendant asks the Court to
stay resolution of this matter until the state supreme court answers that question. As the Court finds that
plaintiff has successfully stated a CPA claim on other grounds, see infra, the certified question is not
dispositive and a stay would not advance judicial economy. See Colorado River Water Conservation
Dist. v. United States, 424 U.S. 800, 817 (1976).
27
28
ORDER DENYING DEFENDANT’S
PARTIAL MOTION TO DISMISS - 6
CONCLUSION
1
2
3
For all of the foregoing reasons, defendant’s partial motion to dismiss (Dkt. # 13) is
DENIED.
4
5
DATED this 17th day of January, 2017.
6
A
7
Robert S. Lasnik
United States District Judge
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
ORDER DENYING DEFENDANT’S
PARTIAL MOTION TO DISMISS - 7
]]>
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?
