Judge: Daniel M. Crowley, Case: 24STCV04504, Date: 2024-07-09 Tentative Ruling

Case Number: 24STCV04504    Hearing Date: July 9, 2024    Dept: 71

Superior Court of California

County of Los Angeles

DEPARTMENT 71

TENTATIVE RULING

Defendant Fountain9, Inc.’s demurrer to Plaintiff Rebeka Rodriguez’s first amended complaint is sustained with 20 days leave to amend.

Defendant Fountain9, Inc.’s motion to strike portions of Plaintiff’s first amended complaint is denied as moot.

Defendant Fountain9, Inc. (“Fountain9”) (“Defendant”) demurs to each cause of action in Plaintiff Rebeka Rodriguez’s (“Rodriguez”) (“Plaintiff”) first amended complaint (“FAC”) on the grounds Plaintiff’s purported cause of action for violation of Penal Code §638.51 fails to state a cause of action under settled principles of California law and on grounds that Plaintiff’s consent to the acts complained of appears on the face of the complaint, where lack of consent is either an element of Plaintiff’s cause of action or alternatively where consent is an affirmative defense.  (Notice of Demurrer, pgs. 1-2; C.C.P. §430.10(e).)  Defendant also filed a motion to strike portions of Plaintiff’s FAC.  (Notice of MTS, pgs. 1-2.)

Request for Judicial Notice

Plaintiff’s 6/25/24 request for judicial notice of (1) the Senate Committee on Public Safety Bill Analysis of Apr. 12, 2010, for Senate Bill No. 1428 (2009-2010 Regular Session) (P-RJN, Exh. 1); and (2) Assembly Committee on Public Safety Bill Analysis of June 21, 2010, for Senate Bill No. 1428 (2009-2010 Regular Session) (P-RJN, Exh. 2) is granted.

Plaintiff’s 6/25/24 request for judicial notice of (1) Minute Order filed on August 11, 2023, in Licea v. Jockey Int’l, Inc., No. 23STCV02906 (Cal. Super. Ct., Los Angeles County Aug. 11, 2023) (Richardson, J.); (2) Minute Order filed on April 3, 2024, in Levings v. Choice Hotels Int’l, Inc., No. 23STCV28359, 2024 WL 1481189 (Cal. Super. Ct. L.A. Cty. Apr. 3, 2024) (Nellon, J.); and (3) Minute Order filed on June 4, 2024, in Sanchez v. Weber-Stephen Products LLC, No. 24STCV00217 (Cal. Super. Ct. L.A. Cty. June 4, 2024) (Nellon, J.) is denied.

Meet and Confer

Before filing a demurrer, the demurring party must meet and confer in person, by telephone, or by video conference with the party who filed the pleading to attempt to reach an agreement that would resolve the objections to the pleading and obviate the need for filing the demurrer.  (C.C.P. §430.41(a), emphasis added.)

The demurring party shall file and serve with the demurrer a declaration stating either of the following: (A) The means by which the demurring party met and conferred with the party who filed the pleading subject to demurrer, and that the parties did not reach an agreement resolving the objections raised in the demurrer. (B) That the party who filed the pleading subject to demurrer failed to respond to the meet and confer request of the demurring party or otherwise failed to meet and confer in good faith.  (C.C.P. §430.41(a)(3).)

Defendant’s counsel failed to submit a meet and confer declaration in violation of under C.C.P. §430.41(a), despite noting in the notice of the demurrer that the declaration of Carver Farrow was attached.  (See Notice of Demurrer, pg. 2.)  However, failure to sufficiently meet and confer is not grounds to overrule or sustain a demurrer.  (C.C.P. §430.41(a)(4); Dumas v. Los Angeles County Board of Supervisors (2020) 45 Cal.App.5th 348, 355; Olson v. Hornbrook Community Services District (2019) 33 Cal.App.5th 502, 515.)  Therefore, the Court will consider Defendant’s demurrer.

Background

Plaintiff filed her initial complaint (“Complaint”) on February 22, 2024.  Plaintiff filed her operative first amended complaint (“FAC”) on April 18, 2024, against Defendant alleging a single cause of action for violation of the California Invasion of Privacy Act (“CIPA”), Penal Code §638.51(a).

Plaintiff alleges she is a consumer privacy advocate who works as a “tester” to ensure that companies abide by the privacy obligations imposed by California law.  (FAC ¶4.)  Plaintiff alleges Defendant is a provider of inventory software to clients throughout California and in this County.  (FAC ¶5.)  Plaintiff alleges Defendant owns and operates www.fountain9.com (“Website”).  (FAC ¶46.)  Plaintiff alleges Defendant has incorporated the code of the PR/TT beacon into the code of its Website.  (FAC ¶50.)  Plaintiff alleges that when she visited the Website, the Website caused the PR/TT beacon to be installed on her and other users’ browsers.  (FAC ¶50.) 

Plaintiff alleges upon installing the PR/TT on its Website, Defendant uses the PR/TT to collect the IP address of visitors to the Website, which is used by the PR/TT beacon’s developer to provide services to Defendant and its other clients, including targeted advertisements and website analytics.  (FAC ¶52.)  Plaintiff alleges Defendant and its partners use the PR/TT beacon to “digitally fingerprint” each visitor.  (FAC ¶52.)  Plaintiff alleges that at no time prior to the installation and use of the PR/TT beacon on Plaintiff’s and other users’ browsers, or prior to the use of the PR/TT beacon, did Defendant procure Plaintiff’s or other users’ consent for such conduct.  (FAC ¶53.)  Plaintiff alleges Defendant did not obtain a court order to install or use the PR/TT beacon.  (FAC ¶53.)  Plaintiff alleges the specific PR/TT spyware beacons detected on Defendant’s Website are identified in Exhibit “1.”  (FAC ¶54, Exh. 1.) 

Plaintiff alleges she has visited the Website within the applicable statute of limitations period via an Internet-connected computer.  (FAC ¶59.)  Plaintiff alleges that when she visited the Website, the Website’s code—as programmed by Defendant—caused the PR/TT beacon to be installed on Plaintiff’s browser.  (FAC ¶60.)  Plaintiff alleges Defendant and the PR/TT beacon’s developer then used the PR/TT beacon to collect Plaintiff’s IP address.  (FAC ¶60.)  Plaintiff alleges Defendant and the PR/TT beacon’s developer used the information collected by the PR/TT beacon to analyze Website data and marketing campaigns, conduct targeted advertising, and ultimately boost Defendant’s and/or advertisers’ revenue.  (FAC ¶61.) 

Plaintiff alleges she did not provide her prior consent to Defendant to install or use the PR/TT beacon on her browser.  (FAC ¶62.)  Plaintiff alleges Defendant did not obtain a court order before installing or using the PR/TT beacon.  (FAC ¶63.)  Plaintiff alleges Defendant knowingly and intentionally deployed PR/TT spyware to (1) decode and record the routing, addressing, and signaling information transmitted by Plaintiff’s electronic device communication; and (2) capture the incoming electronic or other impulses that identify the originating number or other dialing, routing, addressing, or signaling information reasonably likely to identify the source of a wire or electronic communication as part of its identity resolution efforts.  (FAC ¶65.)  Plaintiff alleges this conduct constitutes illegal installation of PR/TT spyware in violation of California law.  (FAC ¶65.) 

Defendant filed the instant demurrer and accompanying motion to strike on May 15, 2024.[1]  Plaintiff filed her oppositions on June 25, 2024.[2]  Defendant filed its replies on July 1, 2024.

A.   Demurrer

Summary of Demurrer

Defendant demurs to Plaintiff’s FAC on the grounds that Plaintiff does not allege that Defendant has invaded her privacy by improperly acquiring what she claims is her personal, private information (e.g., her marital status) or caused her any concrete, injury-in-fact.  (Demurrer, pg. 4.)  Defendant argues the alleged “beacon” or “cookie” that Plaintiff claims was installed on her browser is not a “pen register” as defined by Penal Code §638.51.  (Id.)  Defendant argues Plaintiff also does not claim that the “beacon” or “cookie” was installed on her browser by Defendant, but rather, Plaintiff claims that it was installed by Defendant’s software developer/server.  (Id.)

Legal Standard

“[A] demurrer tests the legal sufficiency of the allegations in a complaint.” (Lewis v. Safeway, Inc. (2015) 235 Cal.App.4th 385, 388.)  A demurrer can be used only to challenge defects that appear on the face of the pleading under attack or from matters outside the pleading that are judicially noticeable.  (See Donabedian v. Mercury Insurance Co. (2004) 116 Cal.App.4th 968, 994 [in ruling on a demurrer, a court may not consider declarations, matters not subject to judicial notice, or documents not accepted for the truth of their contents].)  For purposes of ruling on a demurrer, all facts pleaded in a complaint are assumed to be true, but the reviewing court does not assume the truth of conclusions of law.  (Aubry v. Tri-City Hospital District (1992) 2 Cal.4th 962, 967.)

Failure to State a Claim

CIPA, Penal Code §638.51(a) (1st COA)

CIPA §638.51(a) provides: “Except as provided in subdivision (b), a person may not install or use a pen register or a trap and trace device without first obtaining a court order pursuant to Section 638.52 or 638.53.”  (Pen. Code §638.51(a).)

Plaintiff alleges she brings this cause of action individually against Defendant.  (FAC ¶69.)  Plaintiff alleges the PR/TT beacon is a “pen register” because it is a “device or process” that “capture[d]” the “routing, addressing, or signaling information”—the IP address—from the electronic communications transmitted by Plaintiff’s computer or smartphone.  (FAC ¶72.) 

Plaintiff alleges at all relevant times, Defendant knowingly installed the PR/TT beacon—which is a pen register—on Plaintiff’s browser and used the PR/TT beacon to collect Plaintiff’s IP address, and track Plaintiff.  (FAC ¶73.)  Plaintiff alleges the PR/TT beacon does not collect the content of Plaintiff’s electronic communications with the Website.  (FAC ¶74.)  Plaintiff alleges she did not provide Plaintiff’s prior consent to Defendant’s installation or use of the PR/TT beacon.  (FAC ¶75.)  Plaintiff alleges Defendant did not obtain a court order to install or use the PR/TT beacon.  (FAC ¶76.) 

Plaintiff alleges pursuant to §637.2 of the California Penal Code, Plaintiff has been injured by Defendant’s violation of §638.51(a) of the California Penal Code and seeks statutory damages of $5,000 for Defendant’s violation of §638.51(a).  (FAC ¶76.)

          Plaintiff fails to allege a concrete injury-in-fact.  The only allegedly personal information that Plaintiff alleges that Defendant “collected” was her IP address. (FAC ¶¶41, 77.)  Plaintiff’s only allegation regarding injury is that “Plaintiff has been injured by Defendant’s violation of section 638.51 (a) of the California Penal Code.”  (FAC ¶77.)  The alleged injury is abstract and hypothetical because it is solely premised on statutory damages under CIPA.  (TransUnion LLC v. Ramirez (2021) 141 S.Ct. 2190, 2199 [“No concrete harm, no standing.”]; id. at pgs. 2209-2210 [holding that plaintiffs who alleged a violation of the Fair Credit Reporting Act (“FCRA”) lacked standing because their inaccurate credit files were not disclosed to any potential creditor and therefore plaintiffs did not suffer an injury in fact]; see Limon v. Circle K Stores, Inc. (2022) 84 Cal.App.5th 671, 703-707 [finding no standing on sole allegation of statutory damages under FCRA].)

          Further, Plaintiff does not allege that Defendant is tracing Plaintiff’s activities or is creating a digital fingerprint of Plaintiff.  Plaintiff alleges Defendant’s non-party software developer, not Defendant, packages and sells the information alleged in the FAC to third parties for advertising and marketing purposes.  (FAC ¶¶52, 57-58.) 

          Accordingly, Defendant’s demurrer to Plaintiff’s 1st cause of action is sustained with 20 days leave to amend.

B.    Motion to Strike

In light of the Court’s ruling on Defendant’s demurrer, Defendant’s motion to strike is denied as moot.

Conclusion

Defendant’s demurrer to Plaintiff’s FAC is sustained with 20 days leave to amend.

Defendant’s motion to strike is denied as moot.

Moving Party to give notice.

Dated:  July _____, 2024