Granados v. LendingTree, LLC

• Decision Date: 02 February 2023
• Docket Number: Civil Action 3:22-CV-00504-MOC-DSC
• Parties: WILLY GRANADOS, individually and on behalf of all others similarly situated, Plaintiff, v. LENDINGTREE LLC, Defendant.
• Court: U.S. District Court — Western District of North Carolina

WILLY GRANADOS, individually and on behalf of all others similarly situated, Plaintiff,
v.
LENDINGTREE LLC, Defendant.

Civil Action No. 3:22-CV-00504-MOC-DSC

United States District Court, W.D. North Carolina, Charlotte Division

February 2, 2023

MEMORANDUM AND RECOMMENDATION AND ORDER

David S. Cayer United States Magistrate Judge

THIS MATTER is before the Court on Defendant's “Motion to Compel Arbitration and Stay Claims, or Alternatively, to Dismiss Plaintiff's Class Action Complaint,” Doc. No. 9, filed November 22, 2022.

The Motion has been referred to the undersigned Magistrate Judge pursuant to 28 U.S.C. § 636(b)(1) and is now ripe for consideration.

Having fully considered the arguments, the record, and the applicable authority, Defendant's Motion to Compel Arbitration and Stay Claims is GRANTED. The undersigned respectfully recommends that Defendant's Motion to Dismiss be DENIED.

I. FACTUAL BACKGROUND

Accepting the factual allegations of the Complaint as true, Defendant provides an online marketplace for various financial borrowing needs including auto loans, small business loans, personal loans, and credit cards. Doc. No. 1, at ¶ 21. Plaintiff has used Defendant's services in the past. In the process of creating an account, Defendant collects sensitive information from

1

users such as their full name, street address, Social Security number, and date of birth. Id. at ¶ 22. Defendant suffered a cyberattack where data thieves gained access to users' private information. Id. at ¶ 38. On June 29, 2022, it sent a Notice of Data Breach to its users. Id. at ¶ 29. The letter stated Defendant “determined that a code vulnerability likely resulted in the unauthorized disclosure of some sensitive personal information.” Id. Plaintiff's private information was accessed and stolen as a result of the data breach. Id. at ¶ 41.

The files stolen during the attack contained users' names, dates of birth, Social Security numbers, and street addresses. Id. at ¶ 39. Defendant was aware of the risks of a cyberattack since it had experienced data breaches at least twice before - once in 2008 and again in January 2022. Id. at ¶ 45. It failed to properly implement basic data security practices and employ reasonable measures to protect against unauthorized access to users' private information. Id. at ¶ 51. Defendant also failed to abide by industry standards. Id. at ¶ 55.

Plaintiff alleges causes of action for negligence, negligence per se, violation of Cal. Bus. & Prof. Code § 17200, restitution, unjust enrichment, and violation of the North Carolina Unfair and Deceptive Trade Practices Act. Defendant asserts that Plaintiff is bound to arbitrate these claims in accordance with the Terms of Use he accepted when he created an account with Lendingtree.

II. DISCUSSION

1. Standard of Review

The Federal Arbitration Act establishes a policy favoring arbitration. The FAA provides that arbitration clauses "shall be valid, irrevocable, and enforceable, save upon such grounds as exist at law or in equity for the revocation of any contract." 9 U.S.C. § 2. The FAA requires courts to stay proceedings and compel arbitration in the event of a refusal to comply with a...