Hoffman v. One Technologies, LLC

Filing 24

ORDER denying defendant's 13 Partial Motion to Dismiss for Failure to State a Claim by Judge Robert S. Lasnik.(RS)

Download PDF
1 2 3 4 5 6 UNITED STATES DISTRICT COURT WESTERN DISTRICT OF WASHINGTON AT SEATTLE 7 8 9 MARK HOFFMAN, individually and on behalf of other similarly situated persons, 10 11 Plaintiff, No. C16-1006RSL v. 12 13 ORDER DENYING DEFENDANT’S PARTIAL MOTION TO DISMISS ONE TECHNOLOGIES, LLC, Defendant. 14 15 This matter comes before the Court on “Defendant’s Partial Motion to Dismiss.” Dkt. 16 # 13. Plaintiff Mark Hoffman sued defendant One Technologies, LLC for violations of 17 Washington’s Commercial Electronic Mail Act, RCW 19.190.010 et seq. (“CEMA”), and 18 Consumer Protection Act, RCW 19.86.010 et seq. (“CPA”). Dkt. # 1-3. Defendant moves to 19 dismiss or stay plaintiff’s claims. Dkt. # 13. Having reviewed the parties’ briefing and the 20 remainder of the record, the Court finds as follows. BACKGROUND 21 22 Plaintiff claims that defendant violated CEMA and the CPA by sending him emails that 23 deceptively solicited him to provide personally identifying information. Specifically, plaintiff 24 alleges that these emails suggested that the sender was affiliated with the credit bureaus Equifax, 25 Experian, and TransUnion, and urged plaintiff to follow web links in order to check his credit 26 27 28 ORDER DENYING DEFENDANT’S PARTIAL MOTION TO DISMISS - 1 1 score.1 The linked web sites, which belonged to defendant, asked plaintiff to input personally 2 identifying information. Plaintiff received multiple such emails between 2012 and 2016. Dkt. 3 # 1-3, ¶¶ 9–20. He brings his CEMA and CPA claims individually and on behalf of other 4 persons who received similar emails from defendant. DISCUSSION 5 6 7 A. Pleading Standard Federal pleading rules require a complaint to include “a short and plain statement of the 8 claim showing that the pleader is entitled to relief.” Fed. R. Civ. P. 8(a)(2). This requirement 9 serves to “give the defendant fair notice of what the claim is and the grounds upon which it 10 rests.” Bell Atl. Corp. v. Twombly, 550 U.S. 544, 545 (2007) (internal marks and citation 11 omitted). Although the complaint’s factual allegations need not be detailed, they must 12 sufficiently state a “plausible” ground for relief. Id. at 544. “A claim has facial plausibility 13 when the plaintiff pleads factual content that allows the court to draw the reasonable inference 14 that the defendant is liable for the misconduct alleged.” Ashcroft v. Iqbal, 556 U.S. 662, 678 15 (2009). The plausibility standard is met when a complaint alleges “more than a sheer possibility 16 that a defendant has acted unlawfully.” Id. “Dismissal is proper only where there is no 17 cognizable legal theory or an absence of sufficient facts alleged to support a cognizable legal 18 theory.” Taylor v. Yee, 780 F.3d 928, 935 (9th Cir. 2015). Dismissal without leave to amend is 19 proper “only if it is absolutely clear that the deficiencies of the complaint could not be cured by 20 amendment.” Grogan v. Health Officer of Cty. of Riverside, 221 F.3d 1348 (9th Cir. 2000) 21 (quotation marks and citation omitted). All well-pleaded allegations of material fact are 22 23 24 25 26 1 For example, the emails contained subject lines such as “Data Breach: Check Your Equifax Score for Errors, Free*Today” and “Your Monthly Notification Experian Score is Now Viewable”; identified their sender by addresses such as “TransUnion DataLeak Warning <TransUnion-DataLeakWarning@value10.cozyrecordscore.us>” and “Equifax Cyber Warning <equifax.cyber.warning @blw222.interiorscore.ninja>”; and contained text such as “Experian CyberCrime Warning Complimentary Score Check ends 04.23.15 Go Here to View Your Score,” with an embedded hyperlink leading to a website run by defendant. Dkt. # 1-3, ¶¶ 11–14. 27 28 ORDER DENYING DEFENDANT’S PARTIAL MOTION TO DISMISS - 2 1 accepted as true and are construed in the light most favorable to the non-moving party. 2 Manzarek v. St. Paul Fire & Marine Ins. Co., 519 F.3d 1025, 1031 (9th Cir. 2008). 3 B. 4 Washington Commercial Electronic Mail Act Under CEMA, it is illegal to “solicit, request, or take any action to induce a person to 5 provide personally identifying information by means of a web page, electronic mail message, or 6 otherwise using the internet by representing oneself, either directly or by implication, to be 7 another person, without the authority or approval of such other person.” RCW 19.190.080. 8 “Personally identifying information” is defined as an individual’s social security number, 9 driver’s license number, bank account number, credit or debit card number, personal 10 identification number, automated or electronic signature, unique biometric data, account 11 passwords, or “any other piece of information that can be used to access an individual’s financial 12 accounts or to obtain goods or services.” RCW 19.190.010(12). Electronic solicitation of 13 personally identifying information by deceptive means is informally known as “phishing.” 14 Gragg v. Orange Cab Co., Inc., 145 F. Supp. 3d 1046, 1051 n.2 (W.D. Wash. 2015). 15 Defendant moves to dismiss plaintiff’s phishing claim on the grounds that plaintiff has 16 neither alleged with specificity what personally identifying information defendant’s emails 17 sought, nor alleged that he actually provided any information in response to the offending 18 emails. It is true that the complaint alleges only the solicitation of “personally identifying 19 information,” rather than specific categories of information. But read together with the other 20 factual allegations in the complaint, including the allegation that the emails urged plaintiff to 21 check his credit score and suggested an affiliation with the three credit bureaus, the allegation 22 rises above “a formulaic recitation of the elements of a cause of action.” See Twombly, 550 23 U.S. at 555. Plaintiff has alleged the specific actions that defendant took to induce him to 24 provide certain information, and has alleged facts from which the Court can draw a plausible 25 inference that the information sought falls under CEMA’s definition of “personally identifying 26 27 28 ORDER DENYING DEFENDANT’S PARTIAL MOTION TO DISMISS - 3 1 2 information.”2 The Court also rejects defendant’s argument that plaintiff must allege that he actually 3 provided his personal information in order to plead a cognizable injury giving rise to a CEMA 4 claim. As previously noted, see Dkt. # 23 at 2, plaintiff’s allegations of personal harm – 5 including, inter alia, usurpation of his electronic storage space and invasions of his privacy, Dkt. 6 # 1-3, ¶ 23 – are sufficiently concrete and particularized to establish Article III standing. See 7 Spokeo, Inc. v. Robins, 136 S. Ct. 1540, 1549–50 (2016). And plaintiff need only allege that he 8 received emails violating CEMA to state a claim under that statute. In amending CEMA to add 9 the phishing provision, the Washington legislature empowered individual email recipients to 10 enforce the law; it did not limit the private right of action to individuals whose information had 11 been divulged and misappropriated. See RCW 19.190.090(1); Wash. H.R. B. Rep., 2005 Reg. 12 Sess. H.B. 1888 (“A recipient . . . may bring a civil action against a sender who violates the laws 13 relating to commercial electronic mail messages.”). Plaintiff correctly distinguishes this 14 requirement under CEMA from the injury to “business or property” that is required to state a 15 claim under the CPA, see RCW 19.86.090. By alleging that he received emails that deceptively 16 solicited him to provide personally identifying information, plaintiff has pled facts sufficient to 17 state a CEMA claim. 18 Defendant’s motion to dismiss plaintiff’s CEMA claim is denied.3 19 20 21 22 23 24 25 26 2 Moreover, defendant appears to concede that its “flagship website,” www.freescore360.com, solicits “personally identifying information,” though defendant argues that it does so only after the viewer provides his name, email address, and zip code. Dkt. # 13 at 5. Defendant claims that it has attached a print-out of this website as an exhibit to its motion to dismiss, Dkt. # 13-1, but because plaintiff contests the exhibit’s authenticity, the Court does not rely on it in ruling on this motion. See Knieval v. ESPN, 393 F.3d 1068, 1076 (9th Cir. 2005). 3 Defendant separately moves to dismiss certain of plaintiff’s allegations because they fail to state a claim under CEMA. Dkt. # 13 at 13–15. A party may not move to “dismiss” factual allegations merely because they do not support a viable claim for relief. 27 28 ORDER DENYING DEFENDANT’S PARTIAL MOTION TO DISMISS - 4 1 2 C. Washington Consumer Protection Act The CPA forbids “unfair or deceptive acts or practices in the conduct of any trade or 3 commerce.” RCW 19.86.020. Generally, a plaintiff may prevail in a private CPA action if he 4 shows: (1) an unfair or deceptive act or practice; (2) occurring in trade or commerce; (3) an 5 impact on the public interest; (4) an injury to the plaintiff in his business or property; and (5) 6 causation. Hangman Ridge Training Stables, Inc. v. Safeco Title Ins. Co., 105 Wn.2d 778, 780 7 (1986). 8 Plaintiff’s successful phishing claim, described above, gets him partway there. A CPA 9 claim can be predicated upon a per se violation of another statute. Klem v. Wash. Mut. Bank, 10 176 Wn.2d 771, 787 (2013). CEMA specifically provides that “practices covered by [CEMA] 11 are matters vitally affecting the public interest for the purpose of applying the [CPA],” and that a 12 violation of CEMA “is an unfair or deceptive act in trade or commerce . . . for the purpose of 13 applying the [CPA].” RCW 19.190.030(3); -.100. Accordingly, by successfully stating a 14 phishing claim under CEMA, plaintiff also successfully states the first three elements of a CPA 15 claim. Cf. Gragg v. Orange Cab Co., Inc., No. C12-576RSL, 2013 WL 195466, at *5 (W.D. 16 Wash. Jan 17, 2013). 17 To satisfy the fourth and fifth elements of his CPA claim, plaintiff alleges that 18 defendant’s emails injured plaintiff “in [his] trade and property.” Unlike plaintiff’s allegation 19 that defendant solicited his personally identifying information, this allegation is almost entirely 20 unsupported by any other factual allegations that save it from being a legal conclusion cast in the 21 form of a factual allegation, which cannot alone defeat a motion to dismiss. See W. Min. 22 Council v. Watt, 643 F.2d 618, 624 (9th Cir. 1981). At most, plaintiff alleges that the emails 23 “usurped some of the limited storage space on the computer he uses for trade” and “caused him 24 to lose time from his trade and compensable work,” Dkt. # 1-3, ¶¶ 23.e–j – injuries which suffice 25 for standing, see Spokeo, 136 S. Ct. at 1549–50, but which may not suffice to state the “injury to 26 business or property” required for a claim under the CPA. See Hangman Ridge, 105 Wn.2d at 27 28 ORDER DENYING DEFENDANT’S PARTIAL MOTION TO DISMISS - 5 1 2 780.4 The Court need not decide whether these allegations of injury suffice, however, because 3 plaintiff manages to state a CPA claim via a different provision of CEMA. RCW 19.190.030 4 provides that “[i]t is a violation of the [CPA] . . . to initiate the transmission of a commercial 5 electronic mail message that . . . misrepresents or obscures any information in identifying the 6 point of origin or the transmission path of a commercial electronic mail message; or . . . 7 [c]ontains false or misleading information in the subject line.” RCW 19.190.030(1)(a), (b). 8 Plaintiff alleges that defendant initiated the transmission of commercial electronic mail messages 9 that contained false or misleading information in the subject line – specifically, subject lines 10 suggesting that the sender was affiliated with the three credit bureaus. Dkt. # 1-3, ¶¶ 11, 19–20. 11 Plaintiff also alleges that defendant deliberately obscured the point of origin of its emails by 12 keeping the linked websites active for “only a brief period after transmitting the email.” Dkt. 13 # 1-3, ¶ 17. Defendant argues that its website is not actually false or misleading, but fails to 14 address plaintiff’s allegations that defendant’s emails were misleading and had obscured points 15 of origin. Dkt. # 13 at 9–10. Accordingly, plaintiff’s allegations state a CPA claim under RCW 16 19.190.030(1). 17 Defendant’s motion to dismiss plaintiff’s CPA claim is denied. 18 19 20 21 22 23 24 25 26 4 Defendant notes that this Court recently certified to the Washington Supreme Court the question whether CEMA’s liquidated damages provision, RCW 19.190.040(1), establishes the causation and/or injury elements of a CPA claim as a matter of law. Dkt. # 13 at 15–16; Gragg v. Orange Cab Co., Inc., No. C12-576RSL, ECF No. 186 (W.D. Wash. April 22, 2016). Defendant asks the Court to stay resolution of this matter until the state supreme court answers that question. As the Court finds that plaintiff has successfully stated a CPA claim on other grounds, see infra, the certified question is not dispositive and a stay would not advance judicial economy. See Colorado River Water Conservation Dist. v. United States, 424 U.S. 800, 817 (1976). 27 28 ORDER DENYING DEFENDANT’S PARTIAL MOTION TO DISMISS - 6 CONCLUSION 1 2 3 For all of the foregoing reasons, defendant’s partial motion to dismiss (Dkt. # 13) is DENIED. 4 5 DATED this 17th day of January, 2017. 6 A 7 Robert S. Lasnik United States District Judge 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 ORDER DENYING DEFENDANT’S PARTIAL MOTION TO DISMISS - 7

Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.

Why Is My Information Online?