21 Civ. 7695 (AT); 21 Civ. 10347 (AT); 21 Civ. 10602 (AT)
UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF NEW YORK
September 24, 2024
ANALISA TORRES, District Judge
OPINION AND ORDER
OPINION AND ORDER
ANALISA TORRES, District Judge:
When a diner orders food from a restaurant using the online platform of a third-party food delivery service (“Delivery Service“), the restaurant generally receives only the individual‘s first name, the first initial of her surname, and the order‘s contents—the minimum information required to fulfill the order. In August 2021, in an effort to support local restaurants that use Delivery Services, Defendant, the City of New York (the “City“), enacted Local Law No. 2021/090 (the “Customer Data Law“). The Customer Data Law requires that Delivery Services provide restaurants with a diner‘s full name, email address, phone number, delivery address, and order contents.
Plaintiffs, DoorDash, Inc. (“DoorDash“), Portier, LLC (“Uber Eats“), and Grubhub, Inc. (“Grubhub“), are Delivery Services. In these consolidated actions, they argue that the Customer Data Law violates three provisions
For the reasons stated below, Plaintiffs’ motion is GRANTED as to their First Amendment claim.2 The City‘s cross-motion for summary judgment on the First Amendment claim is DENIED. On the remaining claims, Plaintiffs’ motion and the City‘s cross-motion are DENIED as moot.
BACKGROUND3
I. The Customer Data Law
On July 29, 2021, the New York City Council passed the bill that would become the Customer Data Law. N.Y.C. Int. No. 2311-A; see Pl. 56.1 ¶¶ 5, 75, ECF No. 165. After then-Mayor Bill DeBlasio did not approve the bill or return it with objections within 30 days, it became law, with an effective date of December 27, 2021.
The Customer Data Law permits a restaurant to “request customer data from a [Delivery Service],” and “[u]pon such a request,” the Delivery Service is obligated to furnish it (the “Restaurant Request Provision“).
The Delivery Service is barred from providing the data if the customer requests that it not be shared (the “Opt-Out Provision“).
A Delivery Service is not allowed to limit a restaurant‘s ability to download and retain consumer data or the restaurant‘s use of it for marketing or other purposes (the “Marketing Provision“).
Food service establishments that receive customer data pursuant to this section
shall not sell, rent, or disclose [] customer data to any other party in exchange for financial benefit, except with the express consent of the customer from whom the customer data was collected; shall enable a customer to withdraw their consent to use of their data by the food service establishment; and shall delete . . . customer data upon request by a customer.
II. Plaintiffs
Plaintiffs are technology companies that connect individuals who place orders, restaurants that provide food, and delivery persons who deliver orders from restaurants to diners. Pl. 56.1 ¶¶ 91–92 (DoorDash);
Plaintiffs work with both small and medium businesses (“SMBs“) and regional, national, and global chains, known as enterprise merchants (“Enterprises“). Pl. 56.1 ¶¶ 162–63, 376, 378, 550. As of April 30, 2023, DoorDash had contracts with about [REDACTED] restaurants and had approximately [REDACTED] customers in New York City.
A. Plaintiffs’ Practices Regarding Data Collection
Plaintiffs offer restaurants various products. The first, which each calls “Marketplace,” allows a restaurant to appear on Plaintiffs’ web and mobile platforms. Pl. 56.1 ¶¶ 94, 265, 549. The second provides back-end support for the restaurant‘s own website; DoorDash calls this Storefront, Uber Eats calls this Webshop, and Grubhub calls this Grubhub Direct.
This case concerns the first product.4 Through Plaintiffs’ Marketplace products, individuals order food through Plaintiffs’ platforms to be prepared by a restaurant.
The policies also permit Plaintiffs to collect additional data about the diner, including information from advertising partners and payment and analytics providers, and—with the customer‘s consent—location data and information from social media accounts. Def. 56.1 ¶ 566 (DoorDash); Pl. 56.1 ¶ 281 (Uber Eats);
B. Plaintiffs’ Practices Regarding Customer Data
When a restaurant receives an order through the Marketplace products, the restaurant obtains only the customer‘s first name, the first initial of her surname, and her order contents—the “minimum amount of information required to fulfil[l] the order.” Pl. 56.1 ¶¶ 191, 203, 427, 500, 567. If the restaurant elects the self-delivery option, Plaintiffs provide the delivery address and phone number.
Certain Enterprises have negotiated different terms with Plaintiffs. For example, DoorDash supplies additional categories of data—specifically, a full name and email address—to five Enterprises which have executed agreements with “opt-in data-sharing contractual provisions.” Pl. 56.1 ¶ 206; Def. 56.1 ¶ 499). DoorDash has offered other merchants a future opportunity to do opt-in data sharing. Def. 56.1 ¶¶ 507–08.5 Brian Sommers, DoorDash‘s director of sales compliance and international sales strategy, testified that [REDACTED] Sommers Dep. at 20:3–5, 148:4–149:10, ECF No. 149-14; see Pl. 56.1 ¶ 214. Sommers said that DoorDash [REDACTED]
[REDACTED] Sommers Dep. at 146:7–10, 148:2–3; Pl. 56.1 ¶¶ 215–16.
Uber Eats often negotiates marketing terms in its Enterprise agreements, including [REDACTED] Pl. 56.1 ¶¶ 438, 440. Jordan Gildersleeve, head of global delivery partnerships at Uber, testified that [REDACTED] Gildersleeve Dep. at 14:6, 68:21–69:4, ECF No. 151-55. Aaron Cohen, the head of operations for delivery in New York and New Jersey for Uber, testified [REDACTED] Cohen Dep. at 15:6–7, 47:22–48:1, ECF No. 150-54; see Pl. 56.1 ¶ 444.
When Uber Eats agrees to disclose customer data to a restaurant, the Enterprise is required to sign a data addendum, which specifies that [REDACTED] Pl. 56.1 ¶ 458. Certain addenda [REDACTED]
Grubhub permits Enterprise restaurants to use customer data “for purposes beyond order fulfillment” only [REDACTED]
C. Plaintiffs’ Practices Regarding Aggregate Data Sharing
Plaintiffs furnish aggregate data analytics to restaurants. For example, DoorDash provides restaurants with an “Insights Hub” tool that allows restaurants to access data about their “menu performance, customer feedback, and daily operations.” Pl. 56.1 ¶ 111. Restaurants can “understand where their customers are ordering from and what ‘optimal locations’ may exist for additional stores.”
Restaurants can also use Plaintiffs’ advertising offerings that leverage customer data. Pl. 56.1 ¶ 112; Def. 56.1 ¶ 467 (DoorDash); Pl. 56.1 ¶¶ 484, 487, 492–93 (Uber Eats);
D. Impact on Plaintiffs’ Businesses
Plaintiffs have not conducted a formal study of the impact of the Customer Data Law on their businesses. Def. 56.1 ¶¶ 90, 101, 107, 604. Plaintiffs use customer information to enhance their own products. Pl. 56.1 ¶¶ 135, 136–39, 142, 149–51 (DoorDash);
III. Passage of the Customer Data Law
On June 27, 2019, the New York City Council‘s Committee on Small Business held a hearing regarding the impact of “digital food delivery apps” on “local restaurants and the food industry.” Def. 56.1 ¶ 1. At the hearing, the executive director of the New York City Hospitality Alliance—a
Councilmember Keith Powers presented Introduction No. 2311-2021 (the “Bill“), the precursor to the Customer Data Law, on May 12, 2021. Def. 56.1 ¶ 64; Pl. 56.1 ¶ 16. On June 8, 2021, the City Council‘s Committee on Consumer Affairs and Business Licensing held a public hearing.
Andrew Rigie, the executive director of the New York City Hospitality Alliance, stated at the hearing, “[B]y withholding the data the [Delivery Services] have enormous leverage over restaurants, because restaurants can‘t leave the platform because then essentially they leave their customers, and then the [Delivery Services] will use that customer data to market to competitor restaurants.” Def. 56.1 ¶ 75. Rigie argued that the law would “even the playing field” and allow restaurants “to reach out [to] their customers to market to them and really own that delivery [] customer, who is their customer.”
Also on June 8, 2021, the City Council‘s Government Affairs Division issued a committee report (the “June 8 Report“) regarding the Bill.
An amended bill was introduced on July 22, 2021, as Introduction 2311-A (the “Revised Bill“). Def. 56.1 ¶ 143. The Revised
On July 29, 2021, the City Council‘s Government Affairs Division issued another report related to the Revised Bill (the “July 29 Report“). Def. 56.1 ¶ 155. The July 29 Report sets forth the following findings:
- Eighty percent of New York City‘s restaurants employ fewer than 20 persons, while only one percent exceeded 500 employees.
Id. ¶ 156. - Restaurants are the second-largest component of the City‘s tourism industry, after accommodations.
Id. ¶¶ 157–58. - The restaurant industry needs support “as it weathers ongoing effects of the Covid-19 pandemic.”
Id. ¶ 159.
- Delivery Services typically charge commissions and additional fees for increased visibility on the platform, access to customer information, promotions and marketing, and delivery.
Id. ¶ 160. - Delivery Services collect and analyze data supplied by restaurant customers and share this data with third parties.
Id. ¶¶ 161–64. - However, Delivery Services “share very little with the restaurants the customer is ordering from” and limit restaurants’ ability to retain data on customers.
Id. ¶¶ 165–66. - The Delivery Services “only act as a conduit for the order, which is placed with the restaurant.”
Id. ¶ 167. “Consumers using [Delivery Services] are clearly customers of the restaurants from which they order, but restaurants are precluded from equitable access to this data.”Id. ¶ 172. - Restaurants “are often left with no records regarding loyal, repeat customers.”
Id. ¶ 168. - Data analytics allow Delivery Services to “expose customers to restaurants that pay a higher commission.”
Id. ¶ 169. Delivery Services have “list[ed] false information about a restaurant (for example, listing it as closed), in order to direct traffic to a restaurant paying higher commissions and fees.”Id. ¶ 170. - “[C]ustomer data can [] be a very useful mechanism to drive future profits for restaurant owners, including growing the loyalty of a restaurant‘s existing customer base and reaching new audiences.”
Id. ¶ 173. - “[C]ustomer contact information can inform business decisions and enable restaurants to conduct specific outreach to retain customers.”
Id. ¶ 175. - “[I]f restaurants had access to their customer data they could offer promo codes, discounts, and new menu items, which could help turn infrequent or new customers into loyal customers.”
Id. ¶ 176. They also could “assess the popularity of menu items and further develop relationships in the community.”Id. ¶ 177.
On July 29, 2021, at a hearing held by the Committee on Consumer Affairs and Business Licensing, Councilmember Powers stated that the Revised Bill was “part of an effort” to “support our restaurants and bars.” Pl. 56.1 ¶¶ 63–64. Several councilmembers, including Brad Lander, Carlos Menchaca, and Kalman Yeger, expressed concerns about the bill‘s potential impact on consumers’ “data privacy.”
Following the Revised Bill‘s passage, Mayor Bill de Blasio neither approved nor returned it with objections within 30 days, so the Customer Data Law was enacted and titled Local Law 90-2021 on August 29, 2021. N.Y.C. Local Law No. 2021/090; see Def. 56.1 ¶ 178; Pl. 56.1 ¶ 77. The law had an effective date of December 27, 2021. Pl. 56.1 ¶ 79. It is codified at
IV. Procedural History
On September 15, 2021, DoorDash filed its complaint and moved for a preliminary injunction. ECF Nos. 1, 5. On October 4, 2021, the parties stipulated that the City would not enforce the Customer Data Law against DoorDash, and DoorDash withdrew its preliminary-injunction motion. ECF No. 29. Uber Eats and Grubhub filed their actions on December 3 and 10, 2021, respectively, and the City agreed to stay enforcement. ECF Nos. 1, 15, No. 21 Civ. 10347; ECF Nos. 1, 19, No. 21 Civ. 10602. By order dated January 7, 2022, the Court consolidated the three actions. ECF No. 43.
By joint stipulation dated January 4, 2024, Plaintiffs voluntarily dismissed their claims pursuant to the Dormant Commerce Clause of the United States Constitution, the Due Process Clauses of the United States and New York Constitutions, the Equal Protection Clauses of the United States and New York Constitutions, and preemption pursuant to
Before the Court are the parties’ cross-motions for summary judgment. Pl. Mot.; Def. Mot.; see Pl. Mem., ECF No. 153 (redacted); Pl. Reply, ECF No. 181 (redacted); Def. Mem., ECF No. 171 (redacted); Def. Reply, ECF No. 192 (redacted).6
LEGAL STANDARD
Summary judgment is appropriate when the record shows that there is no genuine dispute as to any material fact and that the moving party is entitled to judgment as a matter of law.
The moving party initially bears the burden of informing the Court of the absence of a genuine dispute of material fact by citing particular evidence in the record.
DISCUSSION
I. First Amendment
“The First Amendment prohibits governmental abridgement of the freedom of speech.” Commodity Futures Trading Comm‘n v. Vartuli, 228 F.3d 94, 110–11 (2d Cir. 2000) (cleaned up). “At the heart of the First Amendment lies the principle that each person should decide for himself or herself the ideas and beliefs deserving of expression, consideration, and adherence.” Turner Broad. Sys., Inc. v. FCC (Turner I), 512 U.S. 622, 641 (1994). Speech serves “the pursuit of truth, the accommodation among interests, the achievement of social stability, the exposure and deterrence of abuses of authority, personal autonomy and personality development, [and] the functioning of a democracy.” Vartuli, 228 F.3d at 111. Freedom of speech is “indispensable to the discovery and spread of political truth.” Whitney v. California, 274 U.S. 357, 375 (1927) (Brandeis, J., concurring).
Plaintiffs argue that the Customer Data Law infringes the First Amendment by requiring them to furnish data to restaurants that they otherwise would not provide. The parties disagree as to (1) whether the First Amendment is implicated at all; (2) if it is, what level of scrutiny the Court should apply; and (3) whether the Customer Data Law passes muster.7
A. Application of the First Amendment
The first question is whether the Customer Data Law “regulates ‘speech’ within the meaning of the First Amendment.” Universal City Studios, Inc. v. Corley, 273 F.3d 429, 449–50 (2d Cir. 2001). The Court concludes that it does.
“‘Speech’ is an elusive term, and judges and scholars have debated its bounds for two centuries.” Id. at 446. But, “the creation and dissemination of information are speech within the meaning of the First Amendment.” Sorrell v. IMS Health, 564 U.S. 552, 570 (2011). “Even dry information, devoid of advocacy, political relevance, or artistic expression, has been accorded First Amendment protection.” Universal City, 273 F.3d at 446; see Rubin v. Coors Brewing Co., 514 U.S. 476, 481 (1995) (“[I]nformation on beer labels constitutes commercial speech.“).
Sorrell, for example, involved a Vermont law that banned pharmacies from selling data about physicians’ prescribing practices for drug-marketing purposes. Sorrell, 564 U.S. at 558–59. When “data miners” and pharmaceutical manufacturers challenged the law on First Amendment grounds, Vermont contended that the law implicated “conduct, not speech“—akin to “a ban on the sale of cookbooks, laboratory results, or train schedules.” Id. at 570. The Supreme Court disagreed, finding instead that there was “a strong argument that prescriber- identifying information is speech for First Amendment purposes.”
Under Sorrell, the Customer Data Law implicates speech. Customer data is information within Plaintiffs’ possession.8 And, the Customer Data Law restricts how Plaintiffs can use the customer data they collect. Previously, when restaurants requested customer data from Plaintiffs, they could decline to provide it. See Sommers Dep. at 148:4–149:10 (testifying that [REDACTED]). Under the Customer Data Law, Plaintiffs have only one option: They must provide specific customer data in a machine-readable format at least once a month. See
As the State did in Sorrell, the City argues that the Customer Data Law regulates Plaintiffs’ conduct, not their speech. It is true that “the First Amendment does not prevent restrictions directed at commerce or conduct from imposing incidental burdens on speech.” Sorrell, 564 U.S. at 567. But, this rule is applicable only when a restriction on speech is a necessary byproduct of the government‘s regulation of conduct. See Expressions Hair Design v. Schneiderman, 581 U.S. 37, 47 (2017). If the City passed a law requiring Plaintiffs to treat all restaurants equally, for example, and Plaintiffs chose to provide data to one restaurant, the law‘s nondiscrimination mandate could
The City next contends that the First Amendment is not implicated because Plaintiffs are nothing more than passive intermediaries for diners’ speech. Def. Mem. at 33–36. By analogy, the City relies on Restaurant Law Center v. City of New York, 360 F. Supp. 3d 192 (S.D.N.Y. 2019), which addressed a New York City law requiring fast-food employers—upon an employee‘s authorization—to deduct voluntary contributions from the employee‘s paycheck and send them to the nonprofit organization of the employee‘s choosing. The district court rejected the employers’ First Amendment challenge, reasoning that “an entity‘s mere transmission of others’ speech does not necessarily constitute speech of that entity.” Id. at 210. Although the employers served as intermediaries, “they ha[d] no discretion as to the recipient of their employees’ donations,” and their “act of sending a check to an employee‘s designated non-profit recipient” was a “mere ministerial act, not speech.” Id. at 212 (quotation marks omitted).
Unlike the employers in Restaurant Law Center, Plaintiffs are not mere transmitters of information; they are more like brokers, making a market between the diner who is searching for food and the restaurant who is searching for customers. Under Plaintiffs’ privacy policies, individuals provide data to Plaintiffs with the understanding that Plaintiffs may disclose the information to third parties. See Pl. 56.1 ¶ 126; Def. 56.1 ¶¶ 566–68 (DoorDash); Pl. 56.1 ¶¶ 279–83 (Uber Eats);
The City argues that, under the Customer Data Law, diners consent to the disclosure of their information to the restaurant, which makes it the customers’ speech. But, that is not how the law is designed. Rather than requiring a person to agree to transmit her data to the restaurants, the Presumed Consent Provision accepts as true that customers agree to disclose their data—and transmits their information without any action by the customer.
In sum, when the Customer Data Law requires that Delivery Services send customer data to restaurants, it compels speech that falls within the First Amendment‘s protection.
B. Level of Review
1. “Genre” of Speech
“[N]ot all speech is of equal First Amendment importance.” Dun & Bradstreet, Inc. v. Greenmoss Builders, Inc., 472 U.S. 749, 758 (1985). Therefore, the Court must next “determine the level of scrutiny that applies to the regulation of protected speech at issue.” United States v. Kokinda, 497 U.S. 720, 725 (1990). To do so, the Court first considers the “genre of speech involved.” Safelite Grp., Inc. v. Jepsen, 764 F.3d 258, 261 (2d Cir. 2014). On one end of the spectrum, speech regarding “matters of public concern” lies “at the heart of the First Amendment‘s protection.” First Nat‘l Bank of Bos. v. Bellotti, 435 U.S. 765, 776 (1978) (citing Thornhill v. Alabama, 310 U.S. 88, 101 (1940)). On the other end, certain “well-defined and narrowly limited” categories of speech—including obscenity, defamation, fraud, incitement, and speech integral to criminal conduct—are entirely unprotected. United States v. Stevens, 559 U.S. 460, 468–69 (2010) (quoting Chaplinsky v. New Hampshire, 315 U.S. 568, 571–72 (1942)). In the middle is commercial speech, which enjoys “a limited measure of protection, commensurate
with its subordinate position in the scale of First Amendment values.” Ohralik v. Ohio State Bar Ass‘n, 436 U.S. 447, 456 (1978). The City argues that the Customer Data Law regulates commercial speech; Plaintiffs contend that it regulates “non-commercial speech.” Pl. Mem. at 28. The Court agrees with the City.
Commercial speech is “expression related solely to the economic interests of the speaker and its audience.” Cent. Hudson Gas & Elec. Corp. v. Pub. Serv. Comm‘n of N.Y., 447 U.S. 557, 560–61 (1980). The “core notion of commercial speech” is “speech which does no more than propose
But, courts have viewed the core notion as “a starting point” and have tried to give effect to “a ‘common-sense distinction’ between commercial speech and other varieties of speech.” Jordan v. Jewel Food Stores, Inc., 743 F.3d 509, 516–17 (7th Cir. 2014) (quoting Ohralik, 436 U.S. at 455–56); accord Ariix, LLC v. NutriSearch Corp., 985 F.3d 1107, 1115 (9th Cir. 2021); Boelter v. Hearst Commc‘ns, Inc., 192 F. Supp. 3d 427, 445 (S.D.N.Y. 2016). The Second Circuit examines the “overall ‘nature’ and ‘effect‘” of the speech, Conn. Bar Ass‘n v. United States, 620 F.3d 81, 95 (2d Cir. 2010) (quoting Riley, 487 U.S. at 796), including whether the statement is made “in the context of [a] commercial transaction[],” Bolger, 463 U.S. at 68; see also N.Y. State Ass‘n of Realtors, Inc. v. Shaffer, 27 F.3d 834, 840 (2d Cir. 1994); Grocery Mfrs. Ass‘n v. Sorrell, 102 F. Supp. 3d 583, 627–28 (D. Vt. 2015).
Here, the compelled disclosure of customer data occurs “in the context of [a] commercial transaction[].” Bolger, 463 U.S. at 68. Plaintiffs agree that customer data is economically valuable to them—something that they [REDACTED] Sommers Dep. at 146:7–10, 148:2–3; Pl. 56.1 ¶¶ 215–16; Gildersleeve Dep. at 14:6, 68:21–69:4. And, the July 29 Report states that customer data is important to restaurants so that they can more effectively market and make business decisions. Def. 56.1 ¶¶ 173, 175–77; see also Pl. 56.1 ¶ 22; cf. U.S. West, Inc. v. FCC, 182 F.3d 1224, 1232 (10th Cir. 1999) (examining the speaker‘s ultimate use of data—there, for marketing—in determining the First Amendment interests that attached to the speech). The “combination of [] these characteristics” supports the conclusion that the disclosure of customer data is “properly characterized as commercial speech.”10 Bolger, 463 U.S. at 67.
2. Rational Basis, Intermediate Scrutiny, or Strict Scrutiny
Having concluded that the speech compelled by the Customer Data Law is commercial speech, the Court next determines what level of review it must apply to the law: rational basis, intermediate scrutiny, or strict scrutiny.
Regulations of commercial speech are generally subject to the intermediate-scrutiny test set forth in Central Hudson: “Commercial speech that is not false or deceptive and does not concern unlawful activities . . . may be restricted only in the service of a substantial governmental interest, and only through means that directly
The City contends that the Court should apply a rational basis review based on Zauderer v. Office of Disciplinary Counsel, 471 U.S. 626, 651 (1985), which created an exception to intermediate scrutiny for commercial speech involving only a mandated “informational disclosure” (as opposed to a “prohibition on speech“). Safelite, 764 F.3d at 262; see Def. Mem. at 38–40. In Zauderer, the Supreme Court examined an Ohio rule that required attorneys advertising their contingency-fee services to disclose that “the client may have to bear certain expenses even if he loses.” 471 U.S. at 650. In upholding the rule, the Court noted that the required disclosure involved “purely factual and uncontroversial information about the terms under which [the attorney‘s] services will be available.” Id. at 651. Because the attorney had a “minimal” constitutionally protected interest in withholding that information from potential clients, the regulation was subject to rational-basis review. Id.
The Court is not persuaded that Zauderer applies. In Zauderer, the Supreme Court was concerned that the public could be misled by trickily worded attorney advertisements and found that the required disclosures served a helpful corrective purpose. Id. at 652–53. Here, by contrast, the compelled disclosure is made not to the general public, but to Plaintiffs’ competitors—the restaurants.11 The disclosure, therefore, does not serve the public informational interest that animated Zauderer. Nor does the disclosure concern merely the
“terms under which [Plaintiffs‘] services will be available“; rather, it reflects data collected by Plaintiffs in the course of their services. Id.; cf. Safelite, 764 F.3d at 264 (noting that Zauderer does not apply to compelled speech “that goes beyond the speaker‘s own product or service“). Therefore, the Court shall not apply Zauderer‘s rational-basis review.
Plaintiffs, on the other hand, contend that, the “nature of the law” should trigger strict scrutiny, not intermediate scrutiny. See Safelite, 764 F.3d at 261; Pl. Mem. at 28–31. Although Plaintiffs are correct that government action evincing an improper purpose compels a higher level of scrutiny, the Court “need not decide the issue” of whether strict or intermediate scrutiny applies. Evergreen Ass‘n v. City of New York, 740 F.3d 233, 245 (2d Cir. 2014). For the reasons set forth below, the Customer Data Law cannot withstand even intermediate scrutiny.
C. Application of Intermediate Scrutiny
1. Legal Standard
The government can freely regulate commercial speech that concerns unlawful activity or is misleading. Central Hudson, 447 U.S. at 566. But where, as here, the information does not fall into those two categories, courts apply a balancing test to determine whether
To evaluate whether an interest is substantial, the Court must “evaluate the City‘s asserted goal in enacting the regulation.” Vugo, Inc., 931 F.3d at 51; see Edenfield v. Fane, 507 U.S. 761, 768 (1993) (“[T]he Central Hudson standard does not permit [the Court] to supplant the precise interests put forward by [the government] with other suppositions.“). “When the [g]overnment defends a regulation on speech as a means to redress past harms or prevent anticipated harms, it must do more than simply posit the existence of the disease sought to be cured.” Turner I, 512 U.S. at 664 (quotation marks and citation omitted). Intermediate scrutiny requires that the state “demonstrate that the harms it recites are real.” Rubin, 514 U.S. at 487.
Next, the City must demonstrate that “the speech restriction directly and materially advances the asserted governmental interest” and “will in fact alleviate [the harms identified by the City] to a material degree.” Greater New Orleans, 527 U.S. at 188. “[T]he regulation may not be sustained if it provides only ineffective or remote support for the government‘s purpose.” Central Hudson, 447 U.S. at 564.
“The last step of the Central Hudson test complements the [prior] step, asking whether the speech restriction is not more extensive than necessary to serve the interests that support it.” Lorillard Tobacco Co. v. Reilly, 533 U.S. 525, 556 (2001) (cleaned up). The fit need not be “perfect, but reasonable; that represents not necessarily the single best disposition but one whose scope is in proportion to the interest served.” Bd. of Trs. of the State Univ. of N.Y. v. Fox, 492 U.S. 469, 480 (1989) (quotation marks and citation omitted).
2. Application
The City argues that it has a substantial interest in protecting the restaurant industry—“a critical sector of the New York City economy“—from the “exploitive practices” of Delivery Services. Def. Mem. at 45. The Customer Data Law seeks to “strike the right balance and equity between those that hold the information and those that supply the goods and services.” Id. at 41 (quoting Def. 56.1 ¶¶ 71–72).
Courts have held that “promoting a major industry that contributes to the economic vitality of the [locality] is a substantial government interest.” Edwards v. District of Columbia, 755 F.3d 996, 1002 (D.C. Cir. 2014) (citing Smith v. City of Ft. Lauderdale, 177 F.3d 954, 955–56 (11th Cir. 1999)); Ctr. for Bio-Ethical Reform, Inc. v. City & Cnty. of Honolulu, 455 F.3d 910, 922 (9th Cir. 2006)). Society has an “interest in maintaining the small businesses necessary for functioning neighborhoods.” Melendez v. City of New York, 16 F.4th 992, 1037 (2d Cir. 2021). And, “the Government‘s interest in eliminating restraints on fair competition is always substantial.” Turner I, 512 U.S. at 664. But, the City cannot simply “posit the existence of the disease sought
The City identifies three allegedly “exploitive” practices. First, Delivery Services “limit the ability of restaurants to retain data on their own customers,” which hampers restaurants’ ability to “reach out to their loyal customers” and “assess menu items’ popularity.” Def. Mem. at 42–43 (quoting June 8 Report at NYC_0002187–88).12 Second, Delivery Services may use a restaurant‘s customer data to promote competitor restaurants that pay the services higher fees, or to establish virtual restaurants that sell meals solely on the platform. Id. at 43. Third, Delivery Services “list[] false information about a restaurant (for example, listing it as closed), in order to direct traffic to a restaurant paying higher commissions and fees.” Id. (quoting July 29 Report at NYC_0002235).
The Court shall begin with the latter two practices identified by the City. Although the City has explained why these practices harm restaurants and has established a substantial interest in regulating them, it has not provided evidence that the Customer Data Law will in fact affect
the objectionable practices. The City states, “[I]t is undisputed that the [Customer Data] Law does not restrict Plaintiffs’ use of customer data (such as using the data to provide delivery or marketing services).” Def. Reply at 40. Therefore, Plaintiffs may continue to use customer data to promote competitors. And, the Customer Data Law does not aim at false or misleading statements made by Plaintiffs, even though Central Hudson permits such regulation of commercial speech. The only effect that the Customer Data Law could have on these two practices is to make it more desirable for restaurants, now equipped with data that they could use to target customers, to leave Plaintiffs’ platforms. But, even that has a “remote” connection to these practices, Central Hudson, 447 U.S. at 564, because restaurants can leave Plaintiffs’ platforms now, see Def. 56.1 ¶ 439 (DoorDash); Pl. 56.1 ¶¶ 383–84, 466 (Uber Eats); id. ¶¶ 600–01 (Grubhub), and Plaintiffs could continue these practices with whatever restaurants choose not to leave the platforms.
In IMS Health, Inc. v. Sorrell, 630 F.3d 263, 275–76 (2d Cir. 2010), aff‘d, 564 U.S. 552 (2011), the Second Circuit examined the Vermont statute (discussed supra at 16–17) that prohibited the sale of prescriber-identifiable health data for drug marketing purposes. Vermont asserted an interest in “protecting the privacy of prescribers and prescribing information.” Id. at 275. Because prescriber data could be sold for non-marketing purposes, the Circuit construed Vermont‘s asserted interest as a twofold “interest in the integrity of the prescribing process itself, and . . . an interest in preserving patients’ trust in their doctors.” Id. at 276. But, the Circuit faulted Vermont for failing to “show[] any effect” on these two interests “from the use of [prescriber-identifiable data] in marketing.” Id. The evidence that Vermont put forth was either “speculative” or “merely indicate[d] that some doctors do not approve” of the use of prescriber-identifiable data in marketing. Id. Therefore, the Circuit rejected the “medical privacy”
The City‘s evidence is similarly flawed. The July 29 Report states that restaurants could use customer data to “offer promo codes, discounts, and new menu items” and “assess the popularity of menu items.” Def. 56.1 ¶¶ 176–77. But, Plaintiffs currently provide marketing tools—with solicited listings, promotions, and other forms of advertising—that permit restaurants to reach out to the customers who place orders through their platforms. E.g., Pl. 56.1 ¶¶ 112, 484, 487, 492–93, 544(c). Plaintiffs also provide data analytics that permit restaurants to understand the performance of menu items. Id. ¶¶ 111, 149, 481–82, 491, 544(c).
The City‘s July 29 Report also claims that Plaintiffs’ restrictions on data leave restaurants with no records regarding repeat customers. Def. 56.1 ¶ 168. But, the City has failed to show the effect of this practice on the strength of the restaurant industry. According to the City, the practice affects restaurants because “80% of [them] are small and employ less than 20 employees,” and they “continue to weather the effects of the COVID-19 pandemic.” Def. Mem. at 43; see Def. 56.1 ¶¶ 156, 159. The City does not explain why the size of the restaurants and the fact that they remain affected by COVID-19 make it more likely that withholding customer data will harm the restaurant industry as a whole. The City does not dispute that Plaintiffs provide restaurants with access to customers and orders that they may not otherwise have. Pl. 56.1 ¶¶ 109–10, 277. Certain of Plaintiffs’ advertising tools permit outreach to individual customers that have previously interacted with the restaurants. Id. ¶¶ 142–43, 482–85. And, Plaintiffs—through their Storefront, Webshop, and Grubhub Direct products—provide restaurants with back-end support for building their own websites and owning their customer data. Id. ¶¶ 173–75, 432, 566. Accordingly, the City‘s claim that the Delivery Services’ practice of withholding data is exploitative is “too speculative to qualify as a substantial state interest.” IMS Health, 630 F.3d at 276.13
The City may prefer that restaurants have access to customer data, but a mere preference for one industry over another is not a substantial state interest. See Safelite, 764 F.3d at 264 (noting that speech that serves “covertly protectionist” goals by “protecting existing businesses” over competitors is disfavored under the First Amendment).
Even if the Court were to find that the City has a substantial interest in ensuring that restaurants obtain data about customers who order food, it has not demonstrated that the Customer Data Law is appropriately tailored to this goal. Under Central Hudson, the Second Circuit has required that the government offer some empirical evidence that there is a “fit” between a speech restriction and the “degree of the harm” it aims to redress. N.Y. State Ass‘n of Realtors, 27 F.3d at 844 (emphasis omitted). The Customer Data Law mandates that Plaintiffs hand over specific customer data within their
that an incentive-based program or more fine-tuned regulation would be ineffective, and compelling Delivery Services to disclose customer data is incommensurate with the identified harm.
Because the Customer Data Law regulates commercial speech but fails intermediate scrutiny, it violates the First Amendment. Accordingly, the Court GRANTS Plaintiffs’ motion for summary judgment and DENIES Defendant‘s cross-motion for summary judgment.
II. Remaining Claims
The Court‘s decision on the First Amendment claim prohibits the City from enforcing the Customer Data Law against Plaintiffs and, therefore, provides Plaintiffs with the ultimate relief they seek. “[I]f it is not necessary to decide more to dispose of a case, then it is necessary not to decide more.” Trump v. Anderson, 601 U.S. 100, 118 (2024) (Sotomayor, Kagan, and Jackson, J.J., concurring in judgment) (citation omitted). And, the remaining claims present questions of constitutional and state law, where the Court should be particularly careful not to issue advisory opinions. See Allstate Ins. Co. v. Serio, 261 F.3d 143, 149–50 (2d Cir. 2001) (“It is axiomatic that the federal courts should, where possible, avoid reaching constitutional questions.“); Young v. N.Y.C. Transit Auth., 903 F.2d 146, 163–64 (2d Cir. 1990) (“[N]eedless decisions of state law should be avoided both as a matter of comity and to promote justice between the parties, by procuring for them a surer-footed reading of applicable law.” (quoting United Mine Workers of Am. v. Gibbs, 383 U.S. 715, 726 (1966))). The remaining claims are, therefore, DENIED as moot.
CONCLUSION
For the foregoing reasons, Plaintiffs’ motion for summary judgment on the First Amendment claim is GRANTED, and the City‘s cross-motion for summary judgment on the First Amendment claim is DENIED. On the remaining claims, Plaintiffs’ motion and the City‘s cross-motion are DENIED as moot. By October 7, 2024, the parties shall file a proposed judgment in accordance with this order.
The Clerk of Court is respectfully directed to terminate the motions at ECF Nos. 146 and 163 in docket No. 21 Civ. 7695; ECF Nos. 100, 114, 131, and 142 in No. 21 Civ. 10347; and ECF Nos. 117, 148, and 159 in No. 21 Civ. 10602.
SO ORDERED.
Dated: September 24, 2024
New York, New York
ANALISA TORRES
United States District Judge