Opperman v. Path, Inc.

• Decision Date: 23 March 2015
• Docket Number: Case No. 13–cv–00453–JST
• Citation: 84 F.Supp.3d 962
• Parties: Marc Opperman, et al., Plaintiffs, v. Path, Inc., et al., Defendants.
• Court: U.S. District Court — Northern District of California

84 F.Supp.3d 962

Marc Opperman, et al., Plaintiffs

v.Path, Inc., et al., Defendants.

Case No. 13–cv–00453–JST

United States District Court, N.D. California.

Signed March 23, 2015

Cari Ann Cohorn, Cohorn Law, Ivo Michael Labar, James Matthew Wagstaffe, Michael John Von Loewenfeldt, Kerr & Wagstaffe LLP, Jonathan B. Gaskin, Kaufhold Gaskin LLP, Michael Kai Ng, Kobre & Kim LLP, David M. Given, Nicholas A. Carlin, Phillips Erlewine Given & Carlin LLP, San Francisco, CA, Jeffrey Scott Edwards, Edwards Law, Carl F. Schwenker, Law Offices of Carl F. Schwenker, Dirk M. Jordan, Austin, TX, Jennifer Sarnelli, Gardy & Notis, LLP, Englewood Cliffs, NJ, Brian Russell Strange, John Theodore Ceglia, Strange & Carpenter, Los Angeles, CA, for Plaintiffs.

Gregory J. Casas, Greenberg Traurig, LLP, Houston, TX, Jedediah Wakefield, Kathleen Lu, Marc Steven Elzweig, Tyler Griffin Newby, Fenwick & West LLP, Mazda Kersey Antia, Michael G. Rhodes, Matthew Dean Brown, Cooley LLP, Harmeet K. Dhillon, Krista Lee Baughman, Dhillon Law Group Inc., Michael Henry Page, Jui-Ting Anna Hsia, Katherine Robison, Zwillgen Law LLP, San Francisco, CA, Ryan T. Mrazik, Amanda J. Beane, Perkins Coie LLP, Christopher Brian Durbin, Cooley LLP, Seattle, WA, Tanya Deniese Henderson, Timothy L. Alger, Julie Erin Schwartz, Perkins Coie LLP, Jessica S. Ou, Gibson Dunn, Lori R. Mason, Cooley LLP, Palo Alto, CA, Alan D. Albright, Gray Cary Ware & Freidenrich LLP, Peter D. Kennedy, George & Donaldson, L.L.P., Shannon W. Bangle, Beatty, Bangle, Strama P.C., Adam Hugh Sencenbaugh, Hal L. Sanders, Jr., Haynes & Boone, LLP, Austin, TX, Clayton Cole James, Jessica Adler Black Livingston, Hogan Lovells US LLP, Denver, CO, Jenny Qian Shen, Maren Jessica Clouse, Robert B. Hawk, Hogan Lovells US LLP, Menlo Park, CA, David Frank McDowell, Morrison & Foerster LLP, Shelley Gershon Hurwitz, Holland & Knight LLP, Valentine Antonavich Shalamitski, Mitchell Silberberg Knupp LLP, Los Angeles, CA, Judith R. Nemsick, Christopher G. Kelly, Holland & Knight LLP, Christine Lepera, Jeffrey M. Movit, Mitchell Silberberg and Knupp LLP, New York, NY, Jacob Alan Sommer, ZwillGen PLLC, Marc J. Zwillinger, Zwillinger Genetski LLP, Washington, DC, Mazda Kersey Antia, Cooley LLP, San Diego, CA, for Defendants.

ORDER GRANTING IN PART AND DENYING IN PART MOTIONS TO DISMISS

Re: ECF Nos. 493, 495, 496, 497, 498, 499, 500, 501, 503

THIS ORDER RELATES TO ALL CASES

JON S. TIGAR, District Judge

Before the Court are nine motions to dismiss Plaintiffs' Second Consolidated Amended Complaint (“SCAC”) filed by Defendants Twitter, Inc.; Foodspotting, Inc. and Yelp! Inc.; Foursquare Labs, Inc.; Chillingo Ltd., Electronic Arts Inc., Rovio Mobile Oy, and ZeptoLab UK Limited; Gowalla Incorporated; Instagram, LLC; Kik Interactive, Inc.; Apple Inc.; and Path, Inc. ECF Nos. 493, 495, 497, 498, 499, 500, 501, 503. For the reasons set forth below, the Court will grant the Motions in part and deny them in part.

I. BACKGROUND¹

A. Factual History

This is a putative class action challenging conduct by Apple and various developers of applications for Apple devices (“App Defendants”). SCAC, ECF No. 478, ¶ 1. Plaintiffs allege that, during the class period (July 10, 2008 through February 2012), they owned one or more of the three Apple products at issue here—the iPhone, iPad, and/or iPod touch (collectively, “iDevices”). Id. , ¶ 2. Plaintiffs allege that Apple engaged in a mass marketing campaign, whereby it “consciously and continuously misrepresented its iDevices as secure, and that the personal information contained on iDevices—including, specifically, address books, could not be taken without their owners' consent.” Id. , ¶ 3.

1. The “Contacts” App

Each iDevice comes pre-loaded with a “Contacts” mobile software application (or “App”), which iDevice owners may use as an address book to input and store the following information about the owner's contacts:

(1) first and last name and phonetic spelling of each, (2) nickname, (3) company, job title and department, (4) address(es), (5) phone number(s), (6) e-mail address(es), (7) instant messenger contact, (8) photo, (9) birthday, (10) related people, (11) homepage, (12) notes, (13), ringtone, and (14) text tone.

Id. , ¶ 54, 55. The “information in the Contacts App is among the most private and personal of such information a user maintains on an iDevice. The address book data reflects the connections, associations, and relationships that are unique to the owner of the iDevice.” Id. , ¶ 56. Further, the information stored therein “is highly personal and private,” and “is not shared, is not publicly available, is not publicly accessible, and is not ordinarily obtainable by a third party unless the owner physically relinquishes custody of his or her iDevice to another individual.” Id.

2. Apps' Use of Contact Information

According to Plaintiffs, and notwithstanding Apple's representations about the security of its iDevices, Apple knew that the devices permitted the App Defendants' Apps “to secretly upload, store, and in some cases disseminate [Plaintiffs'] personal and private address books as stored in the ‘Contacts' App from the iDevices without [Plaintiffs'] knowledge or consent.” Id. , ¶ 2. In fact, Plaintiffs allege, Apple provided its “assistance and cooperation” to the App Defendants in accessing and misusing iDevice owners' address-book information. Id. And despite Apple's “unique knowledge that its iDevices were not as secure as represented,” Apple “consistently and deliberately failed to reveal its products' security flaws to consumers....” Id. , ¶ 4. Because of “Apple's conduct, Plaintiffs and millions of other people purchased iDevices reasonably believing that they were secure when, in fact, they are not, and then downloaded Apps, including the Apps manufactured by App Defendants, and suffered the unexpected and unauthorized theft of their personal data.” Id. Plaintiffs allege that they would not have paid as much for their iDevices had they known of the devices' security flaws. Id. , ¶¶ 142, 148, 154, 161, 168, 174, 180, 186, 192, 197, 203, 210, 216, 223, 230.

3. The App Store and App Development

Apple offers Apps solely through its App Store, which Apple launched in July 2008. Id. , ¶ 39. “Apple has exclusive control over what Apps are available in the App Store, and the iDevices are designed to only accept software downloads from the App Store....” Id. According to Plaintiffs, “[t]he App Store and the availability of numerous Apps to perform different functions are key parts of Apple's marketing strategy and the popularity of the iDevices.” Id. ¶ 40.

In order to offer an App through the App store, “a third-party developer must be registered as an ‘Apple Developer,’ agree to the iOS Developer Program License Agreement with Apple, and pay a $99 yearly registration fee.” Id. , ¶ 44. To further control the Apps offered through its store, “Apple provides third-party developers with review guidelines, and conducts a review of all applications submitted for inclusion in the App Store for compliance with these documents.” Id. In addition, Apple provides a host of tools, as well as support services and guidelines to third-party developers who are licensed to provide Apps through the App Store. Id. , ¶¶ 44, 45, 49, 53. The result of these circumstances, according to Plaintiffs, is that “all iDevice Apps were built, in part, by Apple.” Id. , ¶ 46.

Apple's guidelines provide that “Apps ‘cannot transmit data about a user without obtaining the user's prior permission and providing the user with access to information about how and where the data will be used.’ ” Id. , ¶ 47. And “Apple has sole discretion over the App approval process and may reject any App at any time and for any reason,” including a violation of the terms and conditions of the licensing agreement, providing Apple with inaccurate information, or if Apple learns the App “violates, misappropriates, or infringes the rights of a third party.” Id.

Plaintiffs further contend that,

[d]espite Apple's public statements that it protects its iDevice owners' privacy, Apple's App Developer Program tutorials and developer sites (which Apple does not make available to consumers) teach App developers just the opposite–how to code and build Apps that non-consensually access, use and upload the mobile address books maintained on Apple iDevices—precisely what these App Defendants' identified Apps did. As App developers, the App Defendants were exposed to and aware of these tutorials and developer sites and, on information and belief, their personnel utilized them to build the identified Apps.

Id. , ¶ 52. In particular, Plaintiffs allege that Apple's iOS Human Interface Guidelines include the following statements:

Get information from iOS, when appropriate. People store lots of information on their devices. When it makes sense, don't force people to give you information that you can easily find for yourself, such as their contacts or calendar information.

It's often said that people spend no more than a minute or two evaluating a new app.... Avoid displaying an About window or a splash screen. In general, try to avoid providing any type of startup experience that prevents people from using your application immediately. Delay a login requirement for [as] long as possible. Ideally, users should be able to navigate through much of your app and understand what they can do with it before logging in.

If possible, avoid requiring users to indicate their agreement to your [end-user license agreement] when they first start your application. Without an agreement displayed, users can enjoy your application without delay.

Id. , ¶ 88 (emphases omitted).

B. Procedural History

This action began as several class actions filed both in California and Texas.² The four actions were consolidated here, where Plaintiffs filed their Consolidated Amended Complaint (“CAC”), ECF No. 362, on September 3, 2013.

Defendants filed several motions to dismiss the CAC, and on May 14, 2014, ...