913 F. Supp. 2d 840 | N.D. Cal. | 2012
Order Granting Motion of Apple Inc. to Dismiss With Leave to Amend
Plaintiff Maria Pirozzi brings this putative class action against Defendant Apple Inc. (“Apple”) for failing to prevent third-party software applications distributed through its online App Store from uploading user information from their mobile devices without permission. Plaintiff asserts six claims against Apple: (1) Violations of California’s Unfair Competition Law (“UCL”), Cal. Bus. & Prof.Code §§ 17200 et seq.; (2) Violations of California’s False Advertising Law (“FAL”), Cal. Bus. & Prof.Code §§ 17500 et seq.; (3) Violations of California’s Consumer Legal Remedies Act (“CLRA”), Cal. Civ.Code §§ 1750 et seq.; (4) Negligent Misrepresentation; (5) Negligence; and (6) Unjust Enrichment.
Apple has filed a Motion to Dismiss on the grounds that Plaintiffs claims are barred by Section 230 of the Communications Decency Act, 47 U.S.C. § 230; Plaintiff lacks Article III standing; Plaintiff fails to satisfy the particularity requirement of Rule 9(b); and each of Plaintiffs claims fails to state a claim upon which relief can be granted.
Having carefully considered the papers submitted, the Amended Class Action Complaint (“CAC”), for the reasons set forth below, the Court hereby GRANTS the Motion to Dismiss With Leave to Amend.
I. BACKGROUND
Plaintiff alleges as follows: Apple designs and manufactures three popular mobile devices: the iPhone, the iPod touch and the iPad (collectively “Apple Devices”). Owners of Apple Devices can customize their user experience by installing third-party software applications (“Apps”). (CAC ¶¶ 21-25.) These Apps are integral to users’ experiences when operating Apple Devices. Apple operates an online “App Store” “where customers can shop for and acquire apps offered by Apple and third-party developers.” (Id. ¶ 21.) The App Store is the exclusive source from which owners of Apple Devices can obtain Apps for their Apple Devices.
Apple completely controls users’ experience from development of the Apple Device to development and selection of the Apps available at the Apps Store. (Id. ¶¶ 21, 25, 35.) Apple claims to “review every app on the App Store based on a set of technical, content, and design criteria.” (Id. ¶ 38.) The App approval process “ensure[s] that applications are reliable, perform as expected, and are free of explicit and offensive material.” (Id.)
The App Store Review Guidelines provide that “Apps cannot transmit data about a user without obtaining the user’s prior permission and providing the user with access to information about how and
According to Apple, its iOS operating system “ ‘is highly secure from the moment you turn on your iPhone. All apps run in a safe environment, so a website or app can’t access data from other apps. iOS also supports encrypted network communication to protect your sensitive information. To guard your privacy, apps requesting location information are required to get your permission first. You can set a passcode lock to prevent unauthorized access to your device[.]’ Apple makes similar claims with respect to the iPad and the iPod Touch.” (Id. ¶ 37 (alteration in original).)-
Notwithstanding Apple’s representations regarding its protection of users’ personal information and the security of the iOS operating system, “Apple-approved apps have downloaded and/or copied users’ private address book information (including names and contact information of users’ contacts), location data, private photographs and videos without the users’ knowledge or consent when a user agrees to allow an app to access the user’s then current locations.” (Id. ¶ 41.) “For example, in early February 2012, it- was revealed that one such app, Path, was uploading data stored on users’ Apple Devices (including address book and calendar) to its servers.” (Id. ¶42.) “[0]ther popular apps such as Angry Birds, Cut-the-Rope, Twitter, Facebook, Linkedln, Gowalla, Foodspotting, Instagram, Foursquare, Beluga, Yelp!, Hipster and Kik Messenger among others, have likewise downloaded users’ data without their explicit consent in contrast to Apple’s stated policy.” (Id. ¶ 43.) And while “copying address book data, photos and videos without a user’s consent is against Apple’s rules ... [, Apple has] failed to properly screen apps and allowed such apps to be sold in the App Store.” (Id: ¶ 46.)
Plaintiff does not specify when she reviewed any of these statements, but claims that she relied, upon statements by Apple in her decision to purchase an Apple Device and in her decision to purchase Apps from the App Store. The 27-page CAC has only one paragraph regarding Named Plaintiff Maria Pirozzi:
8. Plaintiff Maria Pirozzi is a citizen of New Jersey and is an owner of an Apple Device. Plaintiff has owned an Apple Device since September 2011. During that time, she has downloaded a number of apps from the App Store.
(CAC ¶ 8.)
Plaintiff does not specify which Apple Device(s) she owns, which Apps she downloaded from the App Store, or whether any third-party App actually uploaded personal information from her mobile device. Rather, she alleges generically, that “Apple failed to properly safeguard Apple Devices and, instead, induced Plaintiff to purchase an Apple Device and to download apps under the premise that Plaintiffs private
II. STANDING ANALYSIS
Apple challenges Plaintiffs standing to bring this action and moves to dismiss pursuant to Rule 12(b)(1). A motion under Rule 12(b)(1) challenges the grounds for the Court’s subject matter jurisdiction. See Fed.R.Civ.P. 12(b)(1). If a plaintiff lacks standing under Article III of the U.S. Constitution, then the Court lacks subject matter jurisdiction. Because standing is a threshold jurisdictional question, the Court will address this issue first. See Steel Company v. Citizens for a Better Environment, 523 U.S. 83, 94, 102, 118 S.Ct. 1003, 140 L.Ed.2d 210 (1998).
To establish Article III standing, a plaintiff must satisfy three elements: (1) “injury in fact — an invasion of a legally protected interest which is (a) concrete and particularized and (b) actual or imminent, not conjectural or hypothetical”; (2) causation — “there must be a causal connection between the injury and the conduct complained of’; and (3) redressability — “it must be likely, as opposed to merely speculative, that the injury will be redressed by a favorable decision.” Lujan v. Defenders of Wildlife, 504 U.S. 555, 560-61, 112 S.Ct. 2130, 119 L.Ed.2d 351 (1992) (internal quotation marks, citations and footnote omitted). In the class action context, the named plaintiff must show that she personally has suffered an injury, not just that other members of the putative class suffered the injury. Lierboe v. State Farm Mut. Auto. Ins. Co., 350 F.3d 1018, 1022 (9th Cir.2003) (“if none of the named plaintiffs purporting to represent a class establishes the requisite of a case or controversy with the defendants, none may seek relief on behalf of himself or any other member of the class.”).
Apple argues that Plaintiff fails to allege that she lost money or that any third-party App uploaded personal information from her mobile device. Apple further argues that Plaintiff suffered no economic loss. However, Apple’s arguments misconstrue the nature of Plaintiffs allegations in Counts I through IV of the CAC. As Apple recognizes, Plaintiff asserts that Apple’s “misrepresentations and omitted material facts’ purportedly induced her ‘to purchase [an] Apple Device.’ ” In that regard, Apple argues that Plaintiff fails to allege that she relied upon any statement when she purchased a third-party App.
Plaintiff alleges two injuries: (1) that she overpaid for her Apple Device and/or was induced to purchase an Apple Device; and (2) misappropriation of her valuable personal information. With respect to the first injury, Plaintiff alleges that she was “misled as to the nature and integrity of Apple’s products.” (CAC ¶ 60.) “Apple has repeatedly advertised that its products were safe and secure. Apple has further assured consumers that it closely monitors the apps available in the App Store.” (Id. ¶ 68.) Plaintiff “acted in response to the statements made by Apple when [she] purchased an Apple Device.” Plaintiff based her decision to purchase the Apple Device and/or purchase apps through the App Store in substantial part on Apple’s misrepresentations. (Id. ¶ 71.)
Overpaying for goods or purchasing goods a person otherwise would not have
With respect to the second harm identified, misappropriation of her personal information, Plaintiff has not alleged that a third-party App developer actually misappropriated her personal information, only that her personal information is at a greater risk of being misappropriated. “The hypothetical threat of future harm due to a security risk to Plaintiffs personal information is insufficient to confer Article III standing.” Hernandez v. Path, Inc., 12-CV-01515 YGR, 2012 WL 5194120, at *2 (N.D.Cal. Oct. 19, 2012) (citing Krottner v. Starbucks Corp., 628 F.3d 1139, 1141-43 (9th Cir.2010)). Plaintiff argues that In re iPhone Application Litig., 844 F.Supp.2d 1040, 1054 (N.D.Cal.2012) is particularly instructive. (Opp’n 15.) The Court agrees, but not for the reasons Plaintiff argues. In dismissing the plaintiffs’ first complaint in In re iPhone Application Litigation, Judge Koh identified the following information required for Article III standing: “(a) which ‘¡Devices they used;’ (b) ‘which Defendant (if any) accessed or tracked their personal information;’ (c) which apps they downloaded that ‘access[ed]/track[ed] their personal information,’ and; (d) ‘what harm (if any) resulted from the access or tracking of their personal information.’ ” Id. at 1054 (citing In re iPhone Application Litig., 11-MD-02250 LHK, 2011 WL 4403963 (N.D.Cal.2011)). The amended complaint in the iPhone Application Litigation addressed these deficiencies, and therefore, Judge Koh found that based on the facts alleged in the amended complaint, the plaintiffs had standing. Here, the, CAC suffers from many of the same deficiencies as the original complaint in the iPhone Application Litigation.
At this juncture, Plaintiff fails to identify which Apple Devices she used; which Apps accessed or tracked her personal information (if any); or the resulting harm from the data collection. Should Plaintiff choose to proceed on the theory that she has been harmed by actual collection of her personal information, she will need to identify which of the Apple Devices she used, which Apps she downloaded that accessed or tracked her personal information (if any), and what harm (if any) resulted from the accessing or tracking of her personal information. Because her claim for Negligence (Count V) fails to allege any harm to Plaintiff from misappropriation of her personal information caused by Apple’s alleged negligence, she lacks standing to bring that claim. Additionally, to the extent that Plaintiff believes that her personal information has inherent economic value, her Unjust Enrichment claim (Count VI) fails to allege that Apple ever received any of the personal information (or some other benefit from Plaintiffs personal information) that was purportedly collected by a third-party App maker. Therefore, as alleged, Plaintiff does not have standing to bring-claims for Negligence (Count V) or Unjust Enrichment (Count VI).
Based on the foregoing analysis, the Court concludes that Plaintiff does not have standing. For that reason, all claims are Dismissed With Leave to Amend consistent with this Order.
A motion to dismiss under Rule 12(b)(6) tests the legal sufficiency of the claims alleged in the complaint. Ileto v. Glock, Inc., 349 F.3d 1191, 1199-1200 (9th Cir.2003). All allegations of material fact are taken as true. Johnson v. Lucent Techs., Inc., 653 F.3d 1000, 1010 (9th Cir.2011). To withstand a motion to dismiss, “a complaint must contain sufficient factual matter, accepted as true, to ‘state a claim to relief that is plausible on its face.’” Ashcroft v. Iqbal, 556 U.S. 662, 678, 129 S.Ct. 1937, 173 L.Ed.2d 868 (2009) (quoting Bell Atl. Corp. v. Twombly, 550 U.S. 544, 557, 127 S.Ct. 1955, 167 L.Ed.2d 929 (2007)).
A. Communication Decency Act
Apple argues that Section 230(c)(1) of the Communication Decency Act (“CDA”), 47 U.S.C. § 230, renders it immune from liability in this case. Section 230(c)(1) states: “[n]o provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” Id. § 230(c)(1).
The CDA protects from liability (1) a provider of an interactive computer service (2) whom a plaintiff seeks to treat as a publisher (3) of information provided by another information content provider. Barnes v. Yahoo!, Inc., 570 F.3d 1096, 1100-01 (9th Cir.2009).
Apple argues that Plaintiffs claims against it are barred because Plaintiff seeks to impose liability on Apple for the content of third-party Apps distributed through Apple’s website and for Apple’s decisions to allow those Apps to be distributed through its website. According to Apple, the “misappropriation” of users’ information is “at the heart of Plaintiffs case.” Therefore, Apple believes that it is shielded from liability for its exercise of editorial discretion in approving and distributing Apps via its online App Store. (Mot. 9.) Apple’s arguments, however, misconstrue the nature of certain of the allegations in the CAC.
Plaintiffs claims are not predicated solely upon Apple’s approving and distributing Apps via its online App Store; Plaintiff also seeks to hold Apple liable for representations made by Apple itself. As Apple acknowledges, Plaintiffs claims include “allegations that Apple somehow misled Plaintiff as to the ‘nature and integrity of Apple’s products.’ ” (Mot. 18.) To the extent that Plaintiffs claims allege that Apple’s misrepresentations induced Plaintiff to purchase an Apple Device, those claims do not seek to hold Apple liable for making Apps available on its website. In that context, even if Apple acts as an “interactive computer service,” Plaintiff seeks to hold it liable as the “information content provider” for the statements at issue.
That said, based on the scant record before the Court, it is premature to decide whether the CDA bars Plaintiffs claims. Unlike the findings in Carafano, supra, as to the role of Matchmaker.com for the content of information, if Apple is responsible for the “creation or development of [the] information” at issue, then Apple functions as an “information content provider” unprotected by the CDA. 339 F.3d at 1124-25. However, the Court cannot make that determination based on the allegations in the CAC.
Accordingly, the Court cannot find that Apple is entitled to immunity under the CDA.
B. Fraud with Particularity (Counts I-IV)
In actions alleging fraud, “the circumstances constituting fraud or mistake shall be stated with particularity.” Fed. R.Civ.P. 9(b). Particularity under Rule 9(b) requires that the complaint allege specific facts regarding the fraudulent activity, such as the time, date, place, and content of the alleged fraudulent representation, how or why the representation was false or misleading, and in some cases, the identity of the person engaged in the fraud. In re GlenFed Sec. Litig., 42 F.3d 1541, 1547-49 (9th Cir.1994).
Regardless of whether fraud is an essential element of a consumer protection claim, where the claim “reifies] entirely on [a fraudulent course of conduct] as the bases of that claim ... the claim is said to be ‘grounded in fraud’ or to ‘sound in fraud,’ and the pleading ... as a whole must satisfy the particularity requirement of Rule 9(b).” Kearns, supra, 567 F.3d at 1125 (quoting Vess, supra, 317 F.3d at 1103-04). Plaintiffs claims under the UCL, FAL, CLRA, and for Negligent Misrepresentation (Counts I through IV) allege that Apple is misrepresenting the characteristics of its Apple Devices and Apps in the App Store. Therefore, those claims sound in fraud, and are subject to the heightened pleading requirements of Rule 9(b). Kearns, supra, 567 F.3d at 1127 (claims under the CLRA, UCL, and FAL that sound in fraud must satisfy Rule 9(b)’s heightened pleading requirement).
While Plaintiff identifies a number of representations
Based on the foregoing analysis, Counts I through IV are Dismissed With Leave to Amend consistent with this Order.
C. Whether Plaintiff’s Claims Fail to State a Claim Under Rule 12(b)(6) 1. Count III: Violation of California’s Consumer Legal Remedies Act, Cal. Civ.Code §§ 1750 et seq.
The CLRA prohibits “unfair methods of competition and unfair or deceptive acts or practices undertaken by any person in a transaction intended to result in or which results in the sale ... of goods or services to any consumer.” Cal. Civ.Code § 1770(a). Plaintiffs CLRA claim alleges misrepresentations by Apple about the services that it offers. (See CAC ¶¶ 76-78.) Specifically, Plaintiff takes issue with Apple’s representations that its services have characteristics, uses, benefits that they do not have (id. ¶ 76); Apple’s representations that its services are of a particular standard, quality and grade
Apple argues that Plaintiffs CLRA claim fails because a person who uses the App Store is not a consumer,
Plaintiff does not argue that she has stated a cause of action for violation of the CLRA with respect to any acts or practices in connection to the sale of services. Instead, in her opposition she argues that her CLRA claim is premised on the purchase of “goods,” such as Apple Devices. The CAC does not so allege. Plaintiff has leave to amend her CLRA claim to allege unfair acts or deceptive acts or practices in a transaction for the sale of goods.
Based on the foregoing analysis, Plaintiffs CLRA claim is Dismissed With Leave to Amend.
2. Count V: Negligence
The elements for a claim for negligence under California law are: “(1) a legal duty to use due care; (2) a breach of such legal duty; and (3) the breach as the proximate or legal cause of the resulting injury.” 6 Witkin, Summary of Cal. Law, Torts § 835, p. 52 (10th ed. 2005). In this context, “legal duty” means the duty to use ordinary care in activities from which harm to the plaintiff might reasonably be anticipated. See id. at p. 53. “ ‘The risk reasonably to be perceived defines the duty to be obeyed.’ ” Dillon v. Legg, 68 Cal.2d 728, 739, 69 Cal.Rptr. 72, 441 P.2d 912 (Cal.1968) (quoting Palsgraf v. Long Island R.R. Co. 248 N.Y. 339, 344, 162 N.E. 99 (N.Y.1928)).
Plaintiffs negligence claim does not specify the particular duty breached, but her opposition argues that “Apple owed a duty to Plaintiff to protect her personal information and data, and to take reasonable steps to protect her from the wrongful taking of her personal information and the wrongful invasion of her privacy.” (Opp’n 22.) The CAC alleges that “Apple breached its duty by designing the Apple Devices so that app developers could acquire personal information without users’ knowledge or permission, by failing to remove privacy-violating apps from the App Store, and by constructing and controlling consumers’ user experience and mobile environment so that consumers could not reasonably avoid such privacy affecting actions.” (CAC ¶ 90.)
Apple argues that it owes no legal duty to Plaintiff to protect her personal information from misappropriation by third-party App developers. (Mot. 22.) A defendant generally owes no duty to protect another from the conduct of third-parties. See, e.g., Tarasoff v. Regents of Univ. of Calif, 17 Cal.3d 425, 435 (Cal.1976). Plaintiff argues that Apple’s control over the user experience from development of the Apple Devices to selection of the Apps- available at the Apps Store “creates a special relationship between Plaintiff and Apple.” Plaintiff further argues that Apple undertook this duty by committing to review all Apps for adherence to its policy of requiring App developers to obtain user consent before downloading a user’s personal information.
Based on the foregoing analysis, the negligence claim is Dismissed With Leave to Amend consistent with this Order.
3. Count VI: Unjust Enrichment
Plaintiffs Sixth Count alleges unjust enrichment. Unjust enrichment is a theory of recovery in quasi-contract, in which a plaintiff contends the defendant received a benefit to which it was not entitled. Paracor Fin. v. General Elec. Capital Corp., 96 F.3d 1151, 1167 (9th Cir.1996). To state a claim for unjust enrichment, Plaintiff must allege “receipt of a benefit and unjust retention of the benefit at the expense of another.” Lectrodryer v. SeoulBank, 77 Cal.App.4th 723, 726, 91 Cal.Rptr.2d 881 (Cal.Ct.App.2000).
Plaintiff alleges that Apple “received revenue and/or other benefits as a result of unauthorized access to private user information, including, but not limited to user address book, private photos and video.” Apple moves for dismissal of Count VI
Based on the foregoing, Plaintiffs claim for Unjust Enrichment is Dismissed With Leave to Amend consistent with this Order.
IV. CONCLUSION
For the reasons set forth above, the Motion to Dismiss is Granted.
By no later than January 22, 2013, Plaintiff shall file a second amended complaint.
This Order Terminates Docket Number 18.
It Is So Ordered.
. All pinpoint references to the CAC are to the paragraph number assigned to that paragraph. The CAC numbers its paragraphs out of order: 4, then 8, then 5, then 9. The CAC does not contain a paragraph 6 or 7.
. When resolving a motion to dismiss for failure to state a claim, review is generally limited to the contents of the complaint. Allarcom Pay Television, Ltd. v. Gen. Instrument Corp., 69 F.3d 381, 385 (9th Cir.1995). Under the incorporation by reference doctrine, a court also may consider documents referenced by the complaint and accepted by all parties as authentic. See Van Buskirk v. Cable News Network, Inc., 284 F.3d 977, 980 (9th Cir.2002). Apple has submitted its current Privacy Policy (Dkt. No. 18-1, Ex. A) and Terms and Conditions (Id., Ex. B), the pertinent portions of which its attorney states, are identical or substantially similar to earlier versions. (Dkt. No. 18-1.) A court can consider the agreements between Plaintiff and Apple under the incorporation by reference doctrine. In re iPhone Application Litig., supra, 2011 WL 4403963 (citing Rubio v. Capital One Bank, 613 F.3d 1195, 1199 (9th Cir.2010) and In re Gilead Scis. Sec. Litig., 536 F.3d 1049, 1055 (9th Cir.2008)). Here, the documents submitted are not accepted by all parties as authentic and therefore, are not admissible under the doctrine of incorporation by reference. See Knievel v. ESPN, 393 F.3d 1068, 1076-77 (9th Cir.2005) (admitting contents of website on motion to dismiss under doctrine of incorporation by reference where plaintiffs did not dispute authenticity of materials attached to motion). Even if the documents were considered incorporated by reference, Apple submits the documents to demonstrate that it made particular disclosures, which may create an issue of fact as to the reasonableness of reliance on other representations, but the fact that Apple may have made certain disclosures does not contradict the representations alleged in the CAC.
. An "interactive computer service” is defined as "any information service, system, or access software provider that provides or enables computer access by multiple users to a computer server.” 47 U.S.C. § 230(f)(2). The CDA defines an "information content provider” as any “person or entity responsible, in whole or in part, for the creation or development of information provided through” the interactive computer service. Id. § 230(f)(3). Courts adopt “a relatively expansive definition of 'interactive computer service’ and a relatively restrictive definition of 'information content provider.' ” Carafano v. Metrosplash.com, Inc., 339 F.3d 1119, 1123 (9th Cir.2003).
. The factual record may require more development before the Court can make this ruling.
. Apple argues that none of the representations is actionable because none is a specific verifiable claim of a past or existing fact. The Court will reserve ruling on this issue until Plaintiff identifies the particular representations on which she relied in making her decision to purchase an Apple Device.
. A “consumer” is defined as “an individual who seeks or acquires, by purchase or lease, any goods or services for personal, family, or household purposes.” Cal. Civ.Code § 1761(d).
. Kockelman v. Segal, 61 Cal.App.4th 491, 71 Cal.Rptr.2d 552 (1998) (psychiatrist and suicidal patient).
. Schwartz v. Helms Bakery Ltd., 67 Cal.2d 232, 60 Cal.Rptr. 510, 430 P.2d 68 (1967) (by instructing four-year old boy to cross street against heavy traffic in the middle of block to patronize driver's bakery truck, driver undertook duty to protect boy’s safety).
. Apple also argues that California does not recognize a cause of action for unjust enrichment. California courts are split on this issue. See Hill v. Roll Int’l Corp., 195 Cal.App.4th 1295, 1307, 128 Cal.Rptr.3d 109 (Cal. Ct.App.2011); In re iPhone Application Litig., supra, 2011 WL 4403963, at *15. Depending on the nature of the allegations, a cause of action for unjust enrichment could exist. See Restatement (Third) of Restitution and Unjust Enrichment § 1(2012). This Court previously held that there is a cause of action for unjust enrichment under California law. See, e.g., Hernandez v. Path, C-12-01515 YGR, 2012 WL 5194120, at *8 (N.D.Cal. October 19, 2012). Therefore, the Court will not dismiss the claim on this basis.