Facts
- Plaintiffs initiated a class action against Educational Computer Systems, Inc. (ECSI) on December 6, 2022, alleging various violations related to student loan payment processing fees [lines=“19-22”].
- Plaintiffs asserted that ECSI unlawfully charged “Pay-to-Pay Fees” without proper authorization, violating state debt collection laws and the implied covenant of good faith in their contracts [lines=“72-79”].
- A joint motion to stay the case pending mediation was granted, and after several extensions, ECSI filed a Notice of Settlement on November 6, 2023 [lines=“41-49”].
- The Settlement Agreement, executed on January 5, 2024, established a $3.65 million fund to cover claims from approximately 557,773 borrowers [lines=“107-112”].
- As of June 20, 2024, Kroll reported receiving over 40,000 timely claim forms from the settlement class, indicating substantial participation in the claims process [lines=“158-164”].
Issues
- Whether the claims against ECSI regarding the assessment of unauthorized fees were valid under applicable consumer protection and debt collection laws [lines=“1-40”].
- Whether the proposed class settlement was fair, reasonable, and adequate according to Rule 23(e) of the Federal Rules of Civil Procedure [lines=“184-205”].
- Whether the class certification met the numerosity, commonality, typicality, and adequacy requirements under Rule 23(a) [lines=“230-232”].
Holdings
- The court affirmed that ECSI’s actions constituted potential violations of the implied covenant of good faith and several consumer protection statutes based on the collective claims presented [lines=“77-80”].
- The court granted final approval of the settlement, finding it fair, reasonable, and adequate under Rule 23(e), given the substantial support from class members and the thorough negotiation process [lines=“907-908”].
- The court held that the proposed class successfully satisfied Rule 23(a) requirements for certification, indicating a cohesive and adequately represented class [lines=“474-475”].
OPINION
JULIE JONES, et al. v. PELOTON INTERACTIVE, INC.
Case No.: 23-cv-1082-L-BGS
UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF CALIFORNIA
July 5, 2024
Hon. M. James Lorenz
Pеnding before the Court in this putative class action asserting violations of California privacy laws is Defendant Peloton‘s Motion to Dismiss the First Amended Complaint. [ECF No. 20.] The Court decides the matter on the papers submitted and without oral argument. See Civ. L. R. 7.1(d.1). For the reasons stated below, the Court denies the Motion to Dismiss.
I. FACTUAL BACKGROUND1
Plaintiff brings this putative class action against Peloton as the owner and operator of the website https://www.onepeloton.com (“Website“) for violations of the California Invasion of Privacy Act,
II. PROCEDURAL BACKGROUND
On June 9, 2023, Plaintiff filed a Complaint asserting violations of CIPA, the UCL and California Constitution in relation to the unauthorized interception, collection, recording, and dissemination of Plaintiff‘s and Class Members’ communications and data. [ECF No. 1.] On August 16, 2023, Defendant a motion to dismiss which the Court granted on March 12, 2024. [ECF No. 18.] Plaintiff filed a First Amended Complaint containing a single CIPA Section 631(a) claim on March 15, 2024. [ECF No. 19.] On March 29, 2024, Defendant filed the present Motion to Dismiss the First Amended Complaint. [ECF No. 20.] On April 15, 2024, Plaintiff filed a response in Opposition. [ECF No. 21.] On April 22, 2024, Defendant filed a Rеply. [ECF No. 22.]
//
//
Defendant seeks dismissal of this action pursuant to Federal Rule of Civil Procedure 12(b)(6) for failure to state a claim.
A. Failure to State a Claim
A 12(b)(6) motion to dismiss tests the sufficiency of the complaint. Navarro v. Block, 250 F.3d 729, 732 (9th Cir. 2001). A pleading must contain, in part, “a short and plain statement of the claim showing that the pleader is entitled to relief.”
In reviewing a 12(b)(6) motion to dismiss, “[a]ll allegations of material fact are taken as true and construed in the light most favorable to the nonmoving party.” Cahill v. Liberty Mut. Ins. Co., 80 F.3d 336, 337-38 (9th Cir. 1996). However, a court need not take legal conclusions as true merely because they are cast in the form of factual allegations. See Roberts v. Corrothers, 812 F.2d 1173, 1177 (9th Cir. 1987). Similarly, “conclusory allegations of law and unwarranted inferences are not sufficient to defeat a motion tо dismiss.” Pareto v. FDIC, 139 F.3d 696, 699 (9th Cir. 1998).
1. Violation of the California Invasion of Privacy Act, Cal Penal Code § 631
Section 631(a) of the California Penal Code imposes civil and criminal liability on “any person who by means of any machine, instrument, or contrivance, or in any other manner:
[1] intentionally taps, or makes any unauthorized connection, whether physically, electrically, acousticаlly, inductively, or otherwise, with any
telegraph or telephone wire, line, cable, or instrument, including the wire, line, cable, or instrument of any internal telephonic communication system, or [2] who willfully and without the consent of all parties to the communication, or in any unauthorized manner, reads, or аttempts to read, or to learn the contents or meaning of any message, report, or communication while the same is in transit or passing over any wire, line, or cable, or is being sent from, or received at any place within this state; or
[3] who uses, or attempts to use, in any manner, or for any purpose, or to communicate in any way, any information so obtained, or
[4] who aids, agrees with, employs, or conspires with any person or persons to unlawfully do, or permit, or cause to be done any of the acts or things mentioned above in this section[.]
The California Supreme Court has explained that Section 631(a) consists of three main clauses which cover “three distinct and mutually independent patterns of conduct“: (1) “intentional wiretapping,” (2) “willfully attempting to learn the contents or meaning of a communication in transit over a wire,” and (3) “attempting to use or communicate information obtained as a result of engaging in either of the two previous activities.” Tavernetti v. Superior Court, 22 Cal. 3d 187, 192 (1978). The fourth basis for liability in Section 631(a) imposes liability for aiding and abetting on any person or persons who “unlawfully do, or permit, or cause to be done any of the’ other three bases fоr liability.” Mastel v. Miniclip SA, 549 F.Supp.3d 1129, 1134 (E.D. Cal. 2021)(quoting
In the FAC, Plaintiff alleges that Peloton “aids and abets Drift to commit both unlawful interception [Clause Two] and unlawful use [Clause Three] under Section 631(a), surreptitiously and as a matter of course.” (FAC 41). Plaintiff makes no allegations regarding Clause One.
//
//
To establish liability under the second clause of section 631(a), Plaintiff must allege that Drift “willfully and without the consent of all parties to the communication, or in any unauthorized manner, reads, or attempts to read, or to learn the contents or meaning of any message.”
Under this clause, a person is liable if he or she secretly listens to another‘s conversation. Ribas v. Clark, 38 Cal. 3d 355, 359 (1985). Only a third party can “eavesdrop” on a conversation, therefore a party to the communication is exempt from liability under section 631. See In re Facebook, Inc. Internet Tracking Litig., 956 F.3d 589, 607 (9th Cir. 2020); Warden v. Kahn, 99 Cal.App.3d 805, 811 (Ct. App. 1979). There is no definition for the term “party” in CIPA, therefore, courts have looked to the technical processes and context of the interception when considering who qualifies as a third-party eavesdropper. Facebook, 956 F.3d at 607.
Defendant argues that the party exemption applies becаuse Plaintiff‘s factual allegations establish that Drift provides a tool that allows Peloton to record and analyze its own data in aid of its business which means it functions as an extension of Peloton rather than as a third-party eavesdropper. (Mot. at 9). According to Peloton, Plaintiff‘s claim thаt Drift is a third-party because it uses the intercepted data to improve its AI chatbot is insufficient to show that the data is aggregated, re-distributed or sold to other vendors as required to be considered a third-party eavesdropper. (Id. at 7-8). In addition, Plaintiff did not specifically allege that she intеracted with Drift‘s AI chat feature when she allegedly visited the Website, but instead it appears her communications were intercepted by a traditional “rule-based” chatbot. (Id. at 8-9).
In response, Plaintiff argues that Drift functions as a third-party eavesdropper because it uses the interceрted data for its own purposes including to improve the technological function and capabilities of its patented AI software assets for the exclusive
To answer the question whether a service provider like Drift is more akin to a party or a third-party eavesdropper for purposes of the party exception, courts look to the “technical context of the case.” Facebook, 956 F.3d at 607. Two lines of district court cases have emerged in California addressing whether the party exemption can apply to software providers. See Javier v. Assurance, 649 F.Supp.3d 891, 899-901 (N.D. Cal. 2023) (discussing two lines of cases).
In the first line of cases, a software provider can be held liable under the second prong of section 631(a) if that entity listens in on a conversation between the participants, evеn if one of the participants consents to the additional party‘s presence, and the entity uses the collected data for its own commercial purposes. Ribas, 38 Cal. 3d at 361-62. For instance, an independent party that captures data from a hosting website to sell to advertisers to generate revenue has been considered an eavesdropper. Facebook, 956 F.3d at 607-608 (Facebook used embedded software to track its users to third-party websites even when its users were not signed into Facebook, and then sold that data to advertisers); see also Revitch v. New Moosejaw, 2019 WL 5485330, *2 (N.D. Cal. 2019) (marketing company and data broker NaviStone operated as a third party because they used intercepted data to “create marketing databases of identified website visitors” and sold the information.)
In the second line of cases, if the software provider merely collects, refines, and relays the informаtion obtained on the company website back to the company “in aid of [defendant‘s] business” then it functions as a tool and not as a third-party. Graham v. Noom, 533 F.Supp.3d 831, 832-833 (N.D. Cal. Apr. 8, 2021) (tracking service provider
Somе district courts have cautioned against considering the use a technical partner makes of the data, finding that doing so reads a use requirement into the second clause and usurps the use inquiry that is contained in the third clause. Javier, 649 F.Supp.3d at 900 (“reading a use requirement into the second prong would add requirements that are not present (and swallow the third prong in the process)).” However, the inquiry focuses on the technical processes by which the data is gathered and manipulated, a question which is often intertwined with the use of that data. Noom, 533 F.Supp.3d at 832. Therefore, the Court considers the technical asрect along with the use made by Drift of the surreptitiously gathered information.
In the FAC, Plaintiff describes the technical manner in which Drift accesses customer‘s information and explains:
Chat communications on the Website are intercepted by Drift while those communications are in transit, and this is acсomplished because the imbedded code directs those communications to be routed directly to Drift. Drift‘s chat service is an Application Programming Interface (API) that is “plugged into” the Website. The chat function is run from Drift‘s servers but allows for chat functionality on the Website. In other words, Drift runs the chat service from its own servers, but consumers interact with the chat service on Defendant‘s Website, so it appears they are only communicating with a company representative of Defendant.
(FAC 13).
After accessing customers’ communications in this manner,
... Drift analyzes and uses the chat conversations it intercepts and records to, inter alia, improve its SaaS platform, including proprietary machine learning for its chatbots and related technologies, all of which independently benefits and serves the profit-driven equity interests of Drift‘s shareholders. In other words, Drift uses the content of the conversations that Plaintiff and Class Members have with Defendаnt—without Plaintiff‘s or Class Members’ consent—to improve the technological function and capabilities of its proprietary, patented artificial intelligence software assets for the
exclusive purpose and benefit of increasing the value of Drift shareholders’ equity in the comрany and its technologies.
(FAC. 17)(emphasis in original).
The FAC alleges, “Drift‘s exploitation, modernization, use of, and interaction with the data it gathers through the chat feature in real time makes it more than a mere ‘extension’ of Defendant.” (FAC 19).
Taking these allegations as true for purposes of the present motion, the Court finds Plaintiff has sufficiently alleged that Drift‘s software surreptitiously intercepts the data entered by Peloton‘s customers through the embedded API and uses “the data for their own benefit and not for the sole benefit of the party to the communication [Peloton],” therefore Drift functions as a third-party eavesdropper within the meaning of section 631(a). Javier, 649 F.Supp.3d at 899; Esparza v. UAG Escondido AI Inc., 2024 WL 559241, at *7 (S.D. Cal. 2024) (allegations that a chat service provider “profit[s] from secretly exploiting” the ability to identify individuals who visited Defendant‘s website led to a plausible inference that the chat service provider is using the information for its own purposes.) For these reasons, the Court finds that the party exemption does not apply and Plaintiff has sufficiently stated a claim under clause two of § 631(a). Accordingly, Defendant‘s motion to dismiss is denied on this ground.
(b) Section 631(a) Clause Three “Use” Claim and Clause Four “Aiding and Abetting”
Maintaining a claim under the third clause оf § 631 requires “attempting to use or communicate information obtained as a result of engaging in either of the two previous activities” i.e. intentional wiretapping (clause one) or willfully attempting to learn the contents or meaning of a communication in transit over a wire (clause twо). Tavernetti, 22 Cal. 3d at 192. As noted above, Plaintiff has sufficiently alleged a claim under clause two because she asserts that Drift uses intercepted communications to improve its SaaS platform, including its proprietary machine learning software, which yields a monetary benefit to
Plaintiff has stated a claim under clause three of Section 631 because she has maintained a claim under clause two. Cahill, 80 F.3d at 337-38. For the same reasons, Plaintiff asserts a plausible claim for relief under clause four for aiding and abetting.
A. Injunctive Relief
Plaintiff has chosen to withdraw her claim for injunctive relief (Oppo. at 13), therefore, the Court dismisses the injunctive relief claim with prejudice. Hipschman v. Cnty. Of San Diego, No. 22-CV-00903, 2023 WL 5734907, at * 9 (S.D. Cal. Sept. 5, 2023) (dismissing abandoned claim without leave to amend). Defendant‘s motion to dismiss is denied as moot to this claim.
IV. CONCLUSION AND ORDER
For the forgoing reasons, Defendant‘s motion to dismiss is DENIED.
IT IS SO ORDERED.
Dated: July 5, 2024
Hon. M. James Lorenz
United States District Judge