Summary
holding that the DDPA does not apply to the dissemination of personal information obtained from a private party
Summary of this case from Opinion No. 2008-138Opinion
No. 02 C 657.
July 22, 2002.
David H. Latham, Jill L. Jennings, Law Offices of David H. Latham, Chicago, IL, for plaintiff.
William D. Dallas, Peter Gregory Frezados, Philip Peter De Maertelaere, Regas Frazados Harp, Chicago, IL, for defendant.
MEMORANDUM OPINION AND ORDER
Plaintiff Sean O'Brien brought this action against defendants Quad Six, Inc., d/b/a The Voodoo Nightclub (Voodoo), Riprocks, Inc., d/b/a Riprocks Nightclub and Sports Grille (Riprocks), Louis Gatziolis, Alexander Gatziolis and John Gatziolis, alleging violations of Driver's Privacy Protection Act (DPPA), 18 U.S.C. § 2721 et seq., and the Illinois Consumer Fraud and Deceptive Practices Act (ICFA), 815 ILCS 505/1 et seq. Defendants now move to dismiss for failure to state a claim. Fed.R.Civ.P. 12(b)(6). For the following reasons, the motion to dismiss is granted.
BACKGROUND
The material facts are undisputed. Plaintiff was a patron of Voodoo, a nightclub located in Schaumburg, Illinois. Upon entry, he presented his driver's license as a means of identification. Voodoo personnel videotaped the license, entered O'Brien's name and address into a customer database and subsequently shared the customer list with Riprocks, a related nightclub. Both Voodoo and Riprock used the list to send promotional materials to existing Voodoo customers. Louis, Alexander and John Gatziolis are all owners or officers of the nightclubs.
DISCUSSION
The DPPA prohibits state motor vehicle agencies from disclosing certain information about individuals unless specific prerequisites are satisfied. 18 U.S.C. § 2721(a). The statute also prohibits authorized recipients from redisclosing that information, 18 U.S.C. § 2721(c), and grants the subject of the improperly used information a private right of action against violators. 18 U.S.C. § 2724.
Defendants did not obtain plaintiffs information (his name and address) from a state motor vehicle agency. Plaintiff himself presented his driver's license to nightclub personnel as identification. Defendants argue that the DPPA does not prohibit the use of information procured directly from the individual, as opposed to from a state motor vehicle agency, and that a driver's license is not a "motor vehicle record" because it is not in the agency's custody. Plaintiff counters that the text does not include any requirement that the information be obtained from the state agency:
A person who knowingly obtains, discloses or uses personal information, from a motor vehicle record, for a purpose not permitted under this chapter shall be liable to the individual to whom the information pertains, who may bring a civil action in a United States district court.18 U.S.C. § 2724. Because the phrase "from the state agency" does not appear in this section, all it requires, plaintiff contends, is that the information be obtained from a motor vehicle record.
We disagree. There is absolutely nothing in the text or legislative history to suggest such a broad scope. Congress enacted the DPPA to regulate information collected from citizens by the state, not transactions between private businesses and their customers. Section 2721 is the operative portion of the statute; section 2724 merely creates the private right of action to enforce it. Reading the statute as a whole, it is clear that it is concerned with the source of the information — the state, as opposed to oneself — and not the medium by which it is conveyed — a driver's license, passport, credit card, or the spoken word. Consumers who do not want private businesses to use their personal information can simply decline to disclose it and can refuse to patronize businesses that demand such information as a condition of service. Disclosing information to state motor vehicle agencies, by contrast, is significantly less voluntary.
We note that existing DPPA caselaw predominantly addresses constitutional issues. There is very little precedent interpreting the statute and none remotely on point.
This is likely why Congress specifically prohibited states from conditioning licenses on consent to disclose personal information. See 18 U.S.C. § 2721(e).
We are sympathetic to plaintiffs concerns about the way businesses collect and use personal information, and its implications for all of our privacies. But that is not what Congress intended the DPPA to regulate. This statute seeks to control dissemination of information collected using the coercive power of the state. It does not regulate information freely given by consumers to private businesses, such as when plaintiff tendered his driver's license to Voodoo.
We express no opinion as to whether a driver's license can constitute a motor vehicle record, only that the statute does not regulate information an individual discloses about oneself.
Our jurisdiction over the ICFA claim was predicated on the federal DPPA claim. See 28 U.S.C. § 1367(a). The instant motion was defendants' initial filing in response to the complaint. Because we have dismissed all claims over which we had original jurisdiction so early in this case, we decline to exercise our supplemental jurisdiction over the remaining state law claim. See 28 U.S.C. § 1367(c)(3).
CONCLUSION,
For the foregoing reasons, the motion to dismiss is granted.