Plaid Partially Successful in Tossing Out Class-Action Complaint – Privacy Allegations Still Remain
For those who have not been following the Plaid class action unfold, we previously covered it HERE and HERE. Soon after the class actions were consolidated last year, Plaid filed a motion to dismiss Plaintiffs’ Consolidated Class Action Complaint in September, 2020. Oral arguments were held in February of this year, and the Court just issued its 38-page ruling, partially granting Plaid’s motion to dismiss, with prejudice.
As you may recall, this action consists of five separately-filed putative class action complaints in which 11 named plaintiffs allege that Plaid used consumers’ banking login credentials to harvest and sell detailed financial data without the user’s consent. The five actions were consolidated last year, and the Consolidated Class-Action Complaint alleged violations of: 1) invasion of privacy—intrusion into private affairs; 2) violation of the Computer Fraud and Abuse Act (“CFAA”), 18 U.S.C. § 1030; 3) violation of the Stored Communications Act (“SCA”), 18 U.S.C. § 2701 et seq.; 4) declaratory judgment and injunctive relief; 5) unjust enrichment (quasi-contract claim for restitution and disgorgement); 6) violation of California’s Unfair Competition Law (“UCL”), California Business & Professions Code section 17200 et seq.; 7) violation of Article I, Section I of the California Constitution; 8) violation of the California Anti-Phishing Act of 2005, California Business & Professions Code section 22948 et seq.; 9) violation of California Civil Code sections 1709 and 1710; and 10) violation of California’s Comprehensive Computer Data Access and Fraud Act (“CDAFA”), California Penal Code section 502.
In issuing its ruling on Plaid’s motion to dismiss, the Court also took judicial notice of the complaint filed by The PNC Financial Services Group, Inc. (“PNC”) against Plaid, on December 21, 2020, in the United States District Court, Western District of Pennsylvania. (The PNC Financial Services Group, Inc. v. Plaid Inc., No. 2:20-cv-1977 (filed on Dec. 21, 2020)). That complaint alleges that Plaid “sought to obtain trust and consumer confidence from consumers by intentionally designing user interfaces to misleadingly suggest that Plaid was affiliated or associated with, or sponsored by, PNC.” The complaint further alleges that Plaid did so “to mislead consumers into believing they are entering their sensitive personal and financial information in PNC’s trusted and secure platform” or a platform associated with PNC in order to “persuade consumers to provide Plaid the consumer’s sensitive financial information.” Plaid did not oppose the request for the judicial notice.
After lengthy briefing from both parties, and oral arguments, the Court dismissed 5 out of the 10 allegations, with prejudice. The Court stated “Plaintiffs [have] amended their complaint once already. At the hearing, the court gave Plaintiffs the opportunity to articulate any other facts that could cure the pleading defects… further amendment would be futile.” Plaintiffs’ claims for declaratory judgment and injunctive relief, as well as their claims under the SCA, UCL, CFAA and CDAFA were dismissed with prejudice. Plaid’s motion to dismiss Plaintiffs’ claims under invasion of privacy, California Constitution (Article I, Section I), unjust enrichment, California Civil Code sections 1709 and 1710, and California Anti-Phishing Act of 2005, was denied.
In evaluating Plaintiffs’ claims under invasion of privacy and the California Constitution (Article I, Section I), the Court opined that “…the question of whether Plaintiffs consented to Plaid’s collection of their personal information is a key factual dispute to be decided on the merits rather than a Rule 12 motion… [and]…[w]hether Plaid’s alleged conduct “could highly offend a reasonable individual,” is also “an issue that cannot be resolved at the pleading stage.”” For those unfamiliar, Rule 12 motions are not merit based inquiries into the allegations. Instead, the court assumes all factual allegations contained in the complaint to be true, giving the plaintiff the full benefit of the doubt. The court tests the legal sufficiency of the claims alleged in the complaint, and considers whether the factual content plead allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged. It is an effective remedy for dismissing poorly pled and improperly pled claims.
Regarding Plaintiffs’ claims under the California Anti-Phishing Act, the Court stated that to adequately plead a claim, the alleged conduct must involve “tak[ing] any action to induce another person to provide identifying information by representing itself to be a business without the authority or approval of the business.” Because the Court was taking judicial notice of the PNC Complaint, and that complaint directly stated that Plaid in fact “sought to obtain trust and consumer confidence from consumers by intentionally designing user interfaces to misleadingly suggest that Plaid was affiliated or associated with, or sponsored by, PNC” the Court considered the claim to be sufficiently pled.