Opinion
20 Civ. 5162 (LGS)
11-16-2021
OPINION AND ORDER
LORNA G. SCHOFIELD UNITED STATES DISTRICT JUDGE
Plaintiffs Tigran Ohanian and Regge Lopez, individually and on behalf of all others similarly situated, bring this action against Defendants Apple Inc. and T-Mobile USA, Inc., alleging violations of New York General Business Law (“NY GBL”) sections 349 and 350, fraudulent misrepresentation and unjust enrichment. Apple moves to dismiss the claims brought by Lopez. For the reasons stated below, the motion is granted in part and denied in part.
I. BACKGROUND
The following facts are taken from the Complaint and are assumed to be true only for purposes of this motion. See R.M. Bacon, LLC v. Saint-Gobain Performance Plastics Corp., 959 F.3d 509, 512 (2d Cir. 2020).
Apple is a California corporation with its principal place of business in California. Apple manufactures, markets, distributes and sells computer hardware, software and mobile devices, including the iPhone. T-Mobile is a Delaware corporation with its principal place of business in Washington. It operates a wireless mobile network and manufactures, advertises, markets, distributes and sells SIM cards, among other things.
Apple aggressively markets the security and privacy features of its products, including the iPhone. Apple markets the iPhone and the iPhone's operating system, iOS, as “[s]afe and secure by design.” The iPhone's software includes FaceTime, which was introduced by Apple and allows iPhone users to communicate via video, and iMessage, which is a proprietary messaging program.
For iMessage and FaceTime to function on a wireless network, iPhone users must use a SIM card, which stores data such as the user's phone number and mobile carrier information. T-Mobile sells SIM cards to consumers for use in the iPhone. Once an iPhone is equipped with a SIM card, iMessage and FaceTime register with the iPhone user's phone number from the SIM card, and the user can begin using iMessage and FaceTime.
After releasing iMessage and FaceTime, Apple represented to consumers that “iMessages” were “unlimited” and “secure too;” the iOS operating system was “highly secure” and protected users' “sensitive information;” the iPhone provided “stringent security technology features” and iMessage and FaceTime communications were “fully encrypted.” Apple continued making similar representations in 2016 and 2017, including representations that iOS keeps iPhone users' information private and “iOS is designed to put [] privacy first.” On September 2017, Apple represented to consumers that Apple “believe[s] privacy is fundamental human right” and that every Apple device “is designed from the ground up to protect” information on the device and empowers users “to choose what you share and with whom.”
From the introduction of FaceTime in June 2010 and iMessage in October 2011, a security flaw existed in iOS software that allowed iMessage correspondence and FaceTime calls to be accessed by third parties. When an iPhone user ceased using a SIM card and the phone number associated with that SIM card was reused by a wireless network carrier, such as T-Mobile, the previous owner of the SIM card associated with that phone number would receive iMessage correspondence and FaceTime calls that were intended to be received by the new owner of that phone number. This flaw occurs because the Apple identification associated with iMessage and FaceTime maintained a legacy connection to the phone number of the recycled SIM card even after the phone number was issued to a new user. Because of this flaw, all outgoing iMessage correspondence and FaceTime calls were capable of being unknowingly misdirected.
The security flaw became known in 2011 when iPhones were stolen or resold. The flaw impacted an Apple Store employee in February 2012. In 2011, the publication Ars Technica reported that “thieves and unsuspecting buyers [were] still able to send and receive iMessages as the original owner -- even after the devise is registered under a new account.”
Ohanian and Lopez purchased iPhones on account of the privacy protections touted by Apple. Ohanian purchased a SIM card from T-Mobile, which provided him with a phone number for using iMessage and FaceTime on his iPhone. Ohanian used that phone number for approximately one year. Lopez subsequently purchased an iPhone and obtained a T-Mobile account. T-Mobile installed a SIM card in Lopez's iPhone and provided him a phone number, which was the same number previously assigned to Ohanian. Although Ohanian's SIM card was deactivated and no longer installed in his iPhone, Ohanian began receiving iMessage and FaceTime communications intended for Lopez.
Apple had been aware of the security flaw as early as 2012. In September 2018, Apple introduced multifactor authentication for iPhone users to confirm their identity.
II. STANDARD
On a motion to dismiss, a court accepts as true all well-pleaded factual allegations and draws all reasonable inferences in favor of the non-moving party but does not consider “conclusory allegations or legal conclusions couched as factual allegations.” Dixon v. von Blanckensee, 994 F.3d 95, 101 (2d Cir. 2021) (internal quotation marks omitted). To withstand a motion to dismiss, “a complaint must contain sufficient factual matter, accepted as true, to state a claim to relief that is plausible on its face.” Kaplan v. Lebanese Canadian Bank, SAL, 999 F.3d 842, 854 (2d Cir. 2021) (internal quotation marks omitted) (quoting Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009)). “Threadbare recitals of the elements of a cause of action, supported by mere conclusory statements, do not suffice.” Iqbal, 556 U.S. at 678; accord Dane v. UnitedHealthcare Ins. Co., 974 F.3d 183, 189 (2d Cir. 2020). It is not enough for a plaintiff to allege facts that are consistent with liability; the complaint must “nudge[]” claims “across the line from conceivable to plausible.” Bell Atl. Corp. v. Twombly, 550 U.S. 544, 570 (2007); accord Bensch v. Estate of Umar, 2 F.4th 70, 80 (2d Cir. 2021). To survive dismissal, “plaintiffs must provide the grounds upon which [their] claim rests through factual allegations sufficient to raise a right to relief above the speculative level.” Rich v. Fox News Network, LLC, 939 F.3d 112, 121 (2d Cir. 2019) (alteration in original) (internal quotation marks omitted).
III. DISCUSSION
A.NY GBL Sections 349 and 350
1. Lopez's Individual Claims
To state a claim under NY GBL sections 349 or 350 “a plaintiff must allege that a defendant has engaged in (1) consumer-oriented conduct, that is (2) materially misleading, and that (3) the plaintiff suffered injury as a result of the allegedly deceptive act or practice.” Plavin v. Grp. Health Inc., 146 N.E.3d 1164, 1168 (N.Y 2020). Conduct is materially misleading when it is “likely to mislead a reasonable consumer acting reasonably under the circumstances.” Hobish v. AXA Equit. Life Ins. Co., 98 N.YS.3d 38, 40 (1st Dep't 2019) (internal quotation marks omitted).
Apple's argument that its statements are not materially misleading is unavailing. Apple is correct that some of the statements are non-actionable puffery, such as Apple's statements about its design process, “advanced” and “stringent” security features and privacy philosophy. See Nadler v. Samadi, 132 N.Y.S.3d 606, 607 (1st Dep't 2020) (“[T]he misstatements identified by plaintiffs either are not material or are puffery and therefore do not describe deceptive conduct.”). Other statements, such as those regarding encryption, are not material because there is no allegation that a flaw in encryption injured Lopez. But, as Apple concedes, some of the statements are specific, verifiable claims, such as the statements that “iOS keeps iPhone users' information private” and that iOS protects users “sensitive information.” The Complaint sufficiently alleges that those statements are misleading because, drawing inferences in favor of the non-moving party, reasonable consumers would believe that a system designed to protect their information and keep it private would not route information intended for them to unknown third parties.
The Complaint sufficiently alleges that Apple failed to disclose the security flaw. Apple argues that the Complaint does not allege Apple was aware of the security flaw at the time Lopez purchased his iPhone. To the contrary, the Complaint alleges two examples of Apple's awareness. First, the Complaint alleges that an Apple Store employee, Sam Biddle, suffered a similar issue as Lopez. Second, the Complaint alleges that Ars Technica contacted Apple about the security flaw. The Ars Technica article is contextually different because it involves stolen iPhones, but, viewed in the light most favorable to Plaintiff, the technical issue described in the article is the same issue experienced by Plaintiff. The article states that iPhones continue to receive communications intended for their prior owners even after the phone is wiped and the number is moved to a new phone. Here, the Complaint alleges that Ohanian received messages intended for Lopez even after Lopez was assigned Ohanian's former phone number and installed a SIM card associated with that number in his iPhone.
For the foregoing reasons, Apple's motion to dismiss Lopez's NY GBL claims is denied.
2. Class Claims
NY GBL sections 349 and 350 are limited to transactions that take place in New York. Goshen v. Mut. Life Ins. Co. of N.Y., 774 N.E.2d 1190, 1195-96 (N.Y. 2002); see Cruz v. FXDirectDealer, LLC, 720 F.3d 115, 122 (2d Cir. 2013); Fishon v. Peloton Interactive, Inc., No. 19 Civ. 11711, 2021 WL 2941820, at *2 (S.D.N.Y. July 12, 2021). Lopez asserts NY GBL claims on behalf of “individual consumers who (i) purchased one or more iPhones, or purchased one or more T-Mobile SIM cards for use in iPhones, during the Class Period; and (ii) utilized the iMessage and/or FaceTime features of the iPhones through the SIM cards during the Class Period.” The purported class does not have any geographical limitations to the included purchases. To the extent Lopez's claims under NY GBL sections 349 and 350 are based on transactions that took place outside of New York, those claims are dismissed.
B. Fraudulent Misrepresentation
A claim for fraud requires “[1] material misrepresentation of a fact, [2] knowledge of its falsity, [3] an intent to induce reliance, [4] justifiable reliance by the plaintiff and [5] damages.” Roumi v. Guardian Life Ins. Co. of Am., 142 N.Y.S.3d 571, 574 (2d Dept. 2021). Under Federal Rule of Civil Procedure 9(b), to allege fraud, “a party must state with particularity the circumstances constituting fraud or mistake.” To comply with this rule “the complaint must: (1) specify the statements that the plaintiff contends were fraudulent, (2) identify the speaker, (3) state where and when the statements were made, and (4) explain why the statements were fraudulent.” In re Synchrony Fin. Sec. Litig., 988 F.3d 157, 167 (2d Cir. 2021) (internal quotation marks omitted). The adequacy of particularized allegations under Rule 9(b) is “case-and context-specific.” United States ex rel. Chorches v. Am. Med. Response, Inc., 865 F.3d 71, 81 (2d Cir. 2017) (internal quotation marks omitted); accord Variblend Dual Dispensing Sys. LLC v Crystal Intl. (Grp.) Inc., No. 18 Civ. 10758, 2021 WL 1198834, at *4 (S.D.N.Y. Mar. 30, 2021).
The Complaint's allegations of fraud do not satisfy Rule 9(b) because the Complaint does not specify when and where the allegedly fraudulent statements were made. The Complaint points to a variety of statements by Apple from approximately 2011 through to 2017. Except for a single statement on Apple's website in September 2017, the Complaint fails to allege where Apple's statements were made and in what context Lopez was exposed to the statements. The Complaint also fails to state when Lopez's purchased his iPhone and when he discovered the alleged fraud. The Complaint alleges Lopez purchased his iPhone during the class period but defines the class period as “from the applicable limitations period through the present.” These vague allegations are insufficient to meet Rule 9(b)'s pleading requirements. See, e.g., Womack v. Capital Stack, LLC, No. 18 Civ. 4192, 2019 WL 4142740, at *10 (S.D.N.Y. Aug. 30, 2019) (allegations related to fraudulent misrepresentation claim failed to meet Rule 9(b)'s pleading requirements where, inter alia, the complaint did not identify where and when misrepresentations were made); Brumfield v. Merck & Co., No. 17 Civ. 6526, 2018 WL 2277835, at *8 (E.D.N.Y. May 18, 2018) (allegations in support of fraudulent misrepresentation claim did not satisfy Rule 9(b) where the allegations “did not identify any specific advertisements . . . or when and where the advertisements were printed or aired”).
For the foregoing reasons, Apple's motion to dismiss Lopez's fraudulent misrepresentation claim is granted.
C. Unjust Enrichment
Plaintiff's unjust enrichment claim is dismissed with prejudice. To plead unjust enrichment, “a plaintiff must allege that (1) the other party was enriched, (2) at that party's expense, and (3) that it is against equity and good conscience to permit the other party to retain what is sought to be recovered.” Metro. Bank & Tr. Co. v. Lopez, 137 N.Y.S.3d 319, 321 (1st Dep't 2020) (internal quotation marks omitted). Unjust enrichment “is not a catchall cause of action to be used when others fail.” E.J. Brooks Co. v. Cambridge Sec. Seals, 105 N.E.3d 301, 312 (N.Y. 2018).
Here, the unjust enrichment claim is dismissed because it is entirely duplicative of the other claims in the Complaint. See Corsello v. Verizon N.Y., Inc., 967 N.E.2d 1177, 1185 (N.Y. 2012) (dismissing unjust enrichment claim where it was duplicative of other claims and noting that, even if plaintiffs' other claims were defective, “an unjust enrichment claim cannot remedy the defects”); accord Campbell v. Whole Foods Mkt. Grp., Inc., 516 F.Supp.3d 370, 394 (S.D.N.Y Feb. 2, 2021) (applying New York law). The unjust enrichment claim is stated “[i]n the alternative” to Plaintiffs' section 349, section 350 and fraudulent misrepresentation claims and relies on the allegation that “Apple violated state law by advertising, marketing, distributing, and selling iPhones . . . while misrepresenting and omitting material facts regarding the data privacy and security of the iPhones.” These allegations duplicate the other claims, which rely on misrepresentations and omissions regarding Apple's conduct while advertising, marketing, distributing and selling iPhones.
IV. LEAVE TO AMEND
Leave to amend should be freely given “when justice so requires.” Fed.R.Civ.P. 15(a). If Plaintiff Lopez has additional facts that he believes would cure the deficiencies identified in the fraudulent misrepresentation claim, he shall file a letter to the Court seeking leave to replead with a proposed amended complaint marked to show changes from the current Complaint, no later than November 30, 2021. Plaintiff may decide not to replead, particularly as the NY GBL claims survive and he can recover only once for his injury, regardless of the claim.
V. CONCLUSION
For the foregoing reasons, Defendants' motion to dismiss is GRANTED IN PART and DENIED IN PART. The NY GBL claims survive for transactions that took place in New York and are dismissed for transactions that took place outside New York. The fraudulent misrepresentation and unjust enrichment claims are dismissed.
The Clerk of Court is respectfully directed to close the motion at Docket Number 42.