Opinion
23-cv-00281-DMS-DTF
07-18-2024
ORDER GRANTING DEFENDANT'S MOTION TO DISMISS
HON. DANA M. SABRAW, CHIEF JUDGE UNITED STATES DISTRICT COURT
Pending before the Court is Defendant Great Wolf Resorts, Inc.'s motion to dismiss. Based on her interactions with Defendant's website, Plaintiff Ophelia Augustine alleges on behalf of herself, and a class of all others similarly situated, that Defendant Great Wolf Resorts, Inc. violated California Penal Code § 631(a), Clause Four. For the reasons explained below, the Court grants Defendant's motion to dismiss.
I. BACKGROUND
A. Factual Allegations
Defendant Great Wolf Resorts, Inc. (“Defendant” or “Great Wolf”) operates a chain of indoor water parks and family resorts across the United States, including locations in Manteca, CA and Anaheim, CA. (First Am. Compl. (“FAC”) ¶ 34, ECF No. 23.) Great Wolf runs the website www.greatwolf.com, through which customers can shop for and book vacations. (Id. ¶¶ 39-40.) Plaintiff alleges that Great Wolf utilizes session replay software obtained from third-party vendor Contentsquare to track the behavior of its website users. (Id. ¶¶ 46, 48.) Great Wolf allegedly inserts Contentsquare's JavaScript tracking code into the HTML code displaying the website on consumers' devices. (Id. ¶ 48.) When users visit Great Wolf's website, “the JavaScript immediately loads onto their device[s]” from the website “and is stored in their device[s'] cache or temporary internet files.” (Id. ¶ 49.) Contentsquare's tracking software then “monitors and records communications the device[s] sends to, and receive[] from, Defendant's servers while the consumer[s] browse” the Great Wolf website. (Id. ¶ 50.) The electronic communications allegedly include “instructions to and from” Great Wolf's computer servers indicating the text that is typed onto the website and the user's clicks and requested content. (Id. ¶ 43.) The electronic communications “travel their normal path between the consumer's device and Defendant's servers, but the communications are tapped and copied and sent to Contentsquare's servers as well” without the consumer knowing. (Id. ¶ 51.)
At some point in 2022, Plaintiff Ophelia Augustine (“Plaintiff”) visited the Great Wolf website “to look at hotel rooms and vacation packages” while present in Southern District of California. (Id. ¶¶ 38, 41-42.) Plaintiff alleges that while “perusing” the website, her web browser loaded the website's HTML code which included the JavaScript tracking code from Contentsquare. (Id. ¶ 52.) The Contentsquare JavaScript code instructed Plaintiff's browser to connect to Contentsquare's servers which placed cookies onto Plaintiff's browser and assigned Plaintiff a “visitor ID.” (Id.) The Contentsquare JavaScript code instructed Plaintiff's browser to send information including various search terms Plaintiff entered onto the website to Contentsquare as Plaintiff browsed the website. (Id.) Plaintiff alleges that by using Contentsquare's software:
Defendant and Contentsquare were able to learn ... about Plaintiff and Class Members, including the pages and content they viewed, their scroll
movements, words and text typed even if not fully entered, copy and paste actions, any search terms (even if not fully entered), mouse clicks and movements, keystrokes, and all other information related to the visit.(Id. ¶ 44.) In sum, Plaintiff alleges Contentsquare (1) created and licensed the JavaScript code which Great Wolf inserted into the HTML code for its own website, (2) caused the JavaScript to run on Plaintiff's device when Plaintiff visited the Great Wolf website, (3) used the script to “tap and learn” the contents of Plaintiff's electronic communications to and from Great Wolf's website, (4) captured and stored copies of the electronic communications in Contentsquare's servers, (5) allowed Great Wolf to access Plaintiff's browsing sessions on Great Wolf's website in real time or recorded the session for review at a later time, and (6) used the data it captured “for its own business purposes.” (Id. ¶ 54.) Contentsquare allegedly did all of this “at the direction of Defendant,” Great Wolf, who contracted with Contentsquare for services including tapping and recording Plaintiff's and Class Members' electronic communications stemming from their visits to the website. (Id. ¶ 55.)
Plaintiff alleges that the Contentsquare spyware recorded Plaintiff's communications and that Great Wolf and Contentsquare then “analyzed the communications for business purposes.” (Id. ¶ 78.) Plaintiff speculates that Great Wolf's use of session replay software “was not instrumental to Defendant's provision of any of its services” and that “the level and detail of information surreptitiously collected ... indicates that the only purpose was to gain an unlawful understanding of the habits and preferences of users of its website, and the information collected was solely for the benefit of Defendant and Contentsquare.” (Id. ¶ 69.) Plaintiff cites a portion of the boilerplate service agreement from Contentsquare's website, which states:
Customer grants Contentsquare and its Affiliates a ... right and license to (i) compile and use Customer Data, strictly in order to research, develop, modify, improve or support the services provided by Contentsquare and its Affiliates; (ii) use Customer Data in an anonymous or aggregated form where no such information could directly identify ... Customer, Customer's
Users or its Visitors, for benchmarking or machine learning purposes; and (iii) collect and use data, information, or insights generated or derived from the use of the CS Service for its business purposes, including industry analysis, analytics, marketing, and developing, training and improving its products and services. In no event shall Contentsquare or its Affiliates sell Customer Data to third parties for any marketing or advertising purposes whatsoever.(Id. ¶ 82, quoting Contentsquare Master Service Agreement, Contentsquare (Apr. 2023 v.2023.2.1), https://contentsquare.com/legal/terms-conditions/, emphasis added.) Contentsquare is not a party to this lawsuit.
Finally, Plaintiff alleges she reasonably expected that her visits to Great Wolf's website would be private and that neither Great Wolf nor Contentsquare would record her communications with the website. (Id. ¶¶ 56, 66.) Plaintiff alleges that neither Great Wolf nor Contentsquare informed her they would record her electronic communications with the website, and she never consented to such data collection. (Id. ¶¶ 57, 65, 79.) Plaintiff also alleges that she “was completely unaware” of “Contentsquare's presence and involvement in the scheme,” and had “never heard of Contentsquare, which is a separate entity from Defendant operating on its own.” (Id. ¶¶ 85-86.) However, she does not explain how she learned of Great Wolf's use of Contentsquare software.
B. Procedural History
Plaintiff filed the original complaint in this action on February 14, 2023, (see ECF No. 1,) and the operative FAC on July 23, 2023, (ECF No. 23), which raised a single claim based on an alleged violation of the California Invasion of Privacy Act (CIPA), Cal. Penal Code § 631(a). The Court held a telephonic conference on October 16, 2023, after which the Court ordered that Defendant may file any Rule 12(b) motion to dismiss by November 13, 2023. (ECF No. 31.) Defendant filed its motion to dismiss on November 13, 2023. (Def.'s Mot., ECF No. 32.) Plaintiff filed its response in opposition on December 22, 2023. (Pl.'s Opp'n, ECF No. 36.) Defendant filed a reply in support of its motion to dismiss on January 19, 2024. (Def.'s Reply, ECF No. 39.) The Court took the motion under submission without oral argument, see S.D. Cal. Civ. L.R. 7.1(d)(1), on February 26, 2024. (ECF No. 40.)
II. LEGAL STANDARD
Under Federal Rule of Civil Procedure 12(b)(6), a party may file a motion to dismiss on the grounds that a complaint “fail[s] to state a claim upon which relief can be granted.” Fed.R.Civ.P. 12(b)(6). A motion to dismiss under Rule 12(b)(6) “tests the legal sufficiency of a claim.” Navarro v. Block, 250 F.3d 729, 732 (9th Cir. 2001). To survive a motion to dismiss, “a complaint must contain sufficient factual matter, accepted as true, to ‘state a claim to relief that is plausible on its face.'” Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009) (quoting Bell Atl. Corp. v. Twombly, 550 U.S. 544, 570 (2007)). “A claim has facial plausibility when the plaintiff pleads factual content that allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged.” Id. “Determining whether a complaint states a plausible claim for relief will ... be a context-specific task that requires the reviewing court to draw on its judicial experience and common sense.” Id. at 679. “Factual allegations must be enough to raise a right to relief above the speculative level.” Twombly, 550 U.S. at 555. If Plaintiff “ha[s] not nudged” her “claims across the line from conceivable to plausible,” the complaint “must be dismissed.” Id. at 570.
In reviewing the plausibility of a complaint on a motion to dismiss, a court must “accept factual allegations in the complaint as true and construe the pleadings in the light most favorable to the nonmoving party.” Manzarek v. St. Paul Fire & Marine Ins. Co., 519 F.3d 1025, 1031 (9th Cir. 2008). But courts are not “required to accept as true allegations that are merely conclusory, unwarranted deductions of fact, or unreasonable inferences.” In re Gilead Scis. Secs. Litig., 536 F.3d 1049, 1055 (9th Cir. 2008) (quoting Sprewell v. Golden State Warriors, 266 F.3d 979, 988 (9th Cir. 2001)).
When a court grants a motion to dismiss a complaint, it must then decide whether to grant leave to amend. Leave to amend should be “freely given” where there is no (1) “undue delay,” (2) “bad faith or dilatory motive,” (3) “undue prejudice to the opposing party” if amendment were allowed, or (4) “futility” in allowing amendment. Foman v. Davis, 371 U.S. 178, 182 (1962). Dismissal without leave to amend is proper only if it is clear that “the complaint could not be saved by any amendment.” Intri-Plex Techs. v. Crest Grp., Inc., 499 F.3d 1048, 1056 (9th Cir. 2007). “Leave need not be granted where the amendment of the complaint ... constitutes an exercise in futility ....” Ascon Props., Inc. v. Mobil Oil Co., 866 F.2d 1149, 1160 (9th Cir. 1989).
III. DISCUSSION
Section 631(a) makes actionable “three distinct and mutually independent patterns of conduct: intentional wiretapping, wil[l]fully attempting to learn the contents or meaning of a communication in transit over a wire, and attempting to use or communicate information obtained as a result of engaging in either of the previous two activities.” Tavernetti v. Super. Ct. of San Diego Cnty., 22 Cal.3d 187, 192 (1978). Section 631 also imposes liability upon “anyone ‘who aids, agrees with, employs, or conspires with any person or persons to unlawfully do, or permit, or cause to be done any of the' ... three bases for liability.” Mastel v. Miniclip SA, 549 F.Supp.3d 1129, 1134 (E.D. Cal. 2021) (quoting Cal. Penal Code § 631(a)). Specifically, Section 631(a) makes liable any person
[1] who, by means of any machine, instrument, or contrivance, or in any other manner, intentionally taps, or makes any unauthorized connection, whether physically, electrically, acoustically, inductively, or otherwise, with any telegraph or telephone wire, line, cable, or instrument, including the wire, line, cable, or instrument of any internal telephonic communication system, or
[2] who willfully and without the consent of all parties to the communication, or in any unauthorized manner, reads, or attempts to read, or to learn the contents or meaning of any message, report, or communication while the same is in transit or passing over any wire, line, or cable, or is being sent from, or received at any place within this state; or
[3] who uses, or attempts to use, in any manner, or for any purpose, or to communicate in any way, any information so obtained, or
[4] who aids, agrees with, employs, or conspires with any person or persons to unlawfully do, or permit, or cause to be done any of the acts or things mentioned above in this section ..Cal. Penal Code § 631(a).
Plaintiff alleges a single theory of liability under Clause Four. Clause Four imposes liability on those who “who aid[], agree[] with, employ[], or conspire[]” with any person who violates Clauses One, Two, or Three. Cal. Penal Code § 631(a). “To state a claim under [Clause Four], Plaintiff must allege [the third-party service] has violated one of the first three clauses of section 631(a), and that Defendant aided, agreed with, employed, or conspired with that person or entity to commit those unlawful acts.” Esparza v. UAG Escondido A1 Inc., No. 23-cv-102 DMS, 2024 WL 559241, at *2 (S.D. Cal. Feb. 12, 2024). Plaintiff's theory of liability is that nonparty Contentsquare violated Clauses Two and Three by intercepting Plaintiff's communications while in transit (in violation of Clause Two), and using those intercepted communications for business purposes (in violation of Clause Three); and that Great Wolf aided and abetted those violations in violation of Clause Four. Great Wolf argues that the Clause Four claim fails because Plaintiff fails to plausibly allege the existence of: (1) any predicate violation that Great Wolf could have aided and abetted; and (2) a third-party eavesdropper. For the reasons that follow, the Court concludes Plaintiff has failed to plausibly allege the existence of any predicate violation that Great Wolf could have aided and abetted.
Plaintiff concedes in her Opposition that her sole theory of liability is that Great Wolf violated Clause Four by aiding and abetting nonparty Contentsquare's predicate violations of Clauses Two and Three. (Pl.'s Opp'n at 1, ECF No. 36, “Plaintiff never asserted a claim under [the first three prongs] of California Penal Code § 631[;] rather she asserts that Defendant violated the fourth prong by aiding and abetting Contentsquare to violate the second and third prongs.”)
A. Section 631(a), Clause Two
Plaintiff alleges the underlying third-party wrongdoer in this case is Contentsquare. To show that Contentsquare violated Section 631(a), Clause Two, Plaintiff must allege facts demonstrating that Contentsquare
willfully and without the consent of all parties to the communication, or in any unauthorized manner, read[], or attempt[ed] to read, or to learn the contents or meaning of any message, report, or communication while the same [was] in transit or passing over any wire, line, or cable, or [was] being
sent from, or received at any place within this state ... .Cal. Penal Code § 631(a). Defendant argues Plaintiff cannot plausibly allege a predicate Clause Two violation because Plaintiff fails to allege (1) that anyone read or learned the contents of any communication, (2) that anyone intercepted the contents of communications while in transit, (3) lack of consent, and alternatively (4) the existence of a third-party eavesdropper. The Court address each argument in turn.
1. Contents
Defendant argues that it “cannot be liable under CIPA § 631(a) Clause Two because the FAC does not allege the existence of any message, report or communication in the first place.” (Def.'s Mot. at 8.) Plaintiff responds that she has alleged the contents of the intercepted communications “in detail.” (Pl.'s Opp'n at 7.)
As explained, to establish an underlying Clause Two violation, Plaintiff must show that Contentsquare “read[], or attempt[ed] to read, or to learn the contents or meaning of any message, report, or communication.” Cal. Penal Code § 631(a) (emphasis added). Federal courts in California analyze an alleged CIPA violation in the same way as a federal Wiretap Act violation, 18 U.S.C. §§ 2510-23. See, e.g., Saleh v. Nike, Inc., 562 F.Supp.3d 503, 517 (C.D. Cal. 2021); Brodsky v. Apple Inc., 445 F.Supp.3d 110, 127 (N.D. Cal. 2020). The Ninth Circuit has held that “contents” of an online communication under the Wiretap Act “refers to the intended message conveyed by the communication” and does not include “record information regarding the characteristics of the message that is generated in the course of the communication.” In re Zynga Privacy Litig., 750 F.3d 1098, 1106 (9th Cir. 2014). Information such as “the ‘name,' ‘address,' and ‘subscriber number or identity' of a subscriber or customer,” id. (quoting 18 U.S.C. § 2702(c)(2)), transmitted together with the contents of a communication is record information, not contents, because such information does not amount to “the substance, purport, or meaning of [a] communication,” 18 U.S.C. § 2510(8). However, the Ninth Circuit has explained that whenever a person visits a website, that person necessarily “sends a message” (called a “GET request”) to the website's server which (1) communicates a request for the website to retrieve specified information, and (2) transmits a “referer header” which may contain personally identifiable information embedded into a lengthy URL. In re Facebook, Inc. Internet Tracking Litig., 956 F.3d 589, 605, 607-08 (9th Cir. 2020). The “GET request and the full-string detailed URL” generated and transmitted when a website user clicks on a hyperlink constitute the contents of a communication under CIPA. Id.
Plaintiff fails to adequately allege that Contentsquare intercepted the contents of communications. Plaintiff alleges that Great Wolf's use of Contentsquare's software
allowed Contentsquare to tap, read, record, and learn the contents of Plaintiff's and Class Members' interactions with Defendant's website immediately, including how Plaintiff and Class Members moved around the site, any credit card numbers entered, expiration dates, CVV codes, zip codes, first names, last names, email addresses, phone numbers, addresses, mouse movements and clicks, keystrokes, search terms, other words and text typed, all information inputted into the website, and pages and content viewed ... .(FAC ¶ 8.) Plaintiff explains that Great Wolf's use of Contentsquare's software enabled
Defendant and Contentsquare . to learn much more about Plaintiff and Class Members, including the pages and content they viewed, their scroll movements, words and text typed even if not fully entered, copy and paste actions, any search terms (even if not fully entered), mouse clicks and movements, keystrokes, and all other information related to the visit.(Id. ¶ 44.) These allegations fail to show communications between Plaintiff and Great Wolf or that the contents of such communications were intercepted. It is not clear to the Court how simply entering a credit card number, for example, into a field on a retailer's website constitutes an “intended message conveyed” to the retailer absent an allegation that it was actually sent to the retailer (i.e., by placing an order). In re Zynga, 750 F.3d at 1106. Critically, Plaintiff makes no allegation that she placed an order on Great Wolf's website or in any other way intended to convey a message to Great Wolf consisting of the information alleged in Paragraphs 8 and 44 of the FAC. The Ninth Circuit has recognized that “[u]nder some circumstances, a user's request to a search engine for specific information could constitute a communication such that divulging a URL containing that search term to a third party could amount to disclosure of the contents of a communication.” In re Zynga, 750 F.3d at 1108-09. However, unlike the GET requests and transmission of URLs at issue in In re Facebook, 956 F.3d at 605, 608, Plaintiff does not allege the transmission of a URL as the content of a message or in any way specify the nature of the alleged intercepted communications here. See Yoon v. Lululemon USA, Inc., 549 F.Supp.3d 1073, 1082-83 (C.D. Cal. 2021) (plaintiff failed to allege Clause Two violation because “keystrokes, mouse clicks, pages viewed, ... shipping and billing information,” and “the date and time of the visit, the duration of the visit, Plaintiff's IP address, her location at the time of the visit, her browser type, and the operating system on her device” are not “message content in the same way that [are] the words of a text message or an email”).
But see Saleh, 562 F.Supp.3d at 517-18 (although mouse movements, clicks, typing, scrolling, swiping, tapping, keystrokes, geographic location, IP addresses, data entry, and “a video capturing each of Plaintiff's keystrokes and mouse clicks on the website” may not all “constitute the ‘contents' of a communication,” “Plaintiff has met his burden to allege facts plausibly showing Defendants recorded Plaintiff's content communications . with Nike's website”); Tanner v. Acushnet Co., No. 8:23-CV-00346, 2023 WL 8152104, at *3 (C.D. Cal. Nov. 20, 2023) (“Although perhaps not all of this information is ‘content' under CIPA, much of what is captured certainly is and the allegations are more than sufficient for pleading purposes.”). The Court finds Saleh and Tanner unpersuasive in this regard because they do not explain why the alleged captured data in each case are “contents” of communications, and they provide only a conclusory assertion that at least some of the alleged information is “contents.”
Plaintiff points to James v. Walt Disney Co., __F.Supp.3d __, 2023 WL 7392285 (N.D. Cal. Nov. 8, 2023) to bolster her argument that she has sufficiently alleged contents of communications, but the Court finds that James largely cuts against Plaintiff's argument. As in this case, the plaintiffs in James alleged that a third-party eavesdropper intercepted their “keystrokes, mouse clicks, and other communications -such as the specific web pages [they] viewed” while they browsed the ESPN.com website in violation of CIPA. Id. at *2, *7. Although Judge Chen acknowledged that the plaintiffs need not plead “the exact communications they had with the ESPN.com website,” the court explained it was “a closer call” whether keystrokes and mouse clicks constitute the “contents” of a communication. Id. at *11. The James court ultimately concluded it did not need to “definitively decide whether the rather conclusory allegations about mouse clicks and keystrokes are sufficient” because it gave the plaintiffs leave to amend their complaint with “more specific facts with respect to mouse clicks and keystrokes” on other grounds. Id.
The Court concludes that Plaintiff has failed to adequately allege that Contentsquare intercepted the contents of communications. As in James, this Court similarly finds that the FAC here would benefit from more specific factual allegations. Although Plaintiff need not plead “the exact communications” she had with the Great Wolf website, id., she must plausibly show at least (1) that the data alleged to have been intercepted are communications and (2) that Contentsquare intercepted the contents of those communications-i.e., the “intended message conveyed” by those communications. In re Zynga, 750 F.3d at 1106. As currently pled, the FAC falls short. As such, Plaintiff has failed to allege a predicate Clause Two violation because she has not adequately pled that Contentsquare intercepted “the contents or meaning of any message, report, or communication.” Cal. Penal Code § 631(a). Although this is a sufficient ground for granting Great Wolf's motion to dismiss in full, the Court will briefly address Defendant's other arguments because the dismissal is with leave to amend.
The Court therefore does not reach whether the communications were intercepted while “in transit.”
2. Consent
Great Wolf argues that Plaintiff's status as a “tester” or “frequent filer” in the Southern District of California shows that “it is far more plausible here that plaintiff intended” for a third-party to eavesdrop on her browsing session on the Great Wolf website. (Def.'s Mot. at 13.) The Court rejects this argument. Whether Plaintiff is a “frequent filer” in this District bears no relevance on whether Plaintiff consented to a third-party employing session replay software to capture her browsing activity. And whether Plaintiff is a “tester” “do[es] not show Plaintiff consented to” Contentsquare's alleged eavesdropping. Esparza, 2024 WL 559241, at *4. Plaintiff has sufficiently pled a lack of consent at this stage. (See FAC ¶¶ 12-13, 21, 57, 65, 79-80.)
3. Party Exemption
Finally, Defendant argues that the Court should dismiss the FAC because Plaintiff “fails to allege facts that demonstrate that” Great Wolf “[did] anything more than use a third-party software service as a tool to record its own data.” (Def.'s Mot. at 17.) The Court rejects this argument because Plaintiff has plausibly alleged that Contentsquare had at least “the capability” to use the data it collected from Plaintiff and Great Wolf website visitors for its own purposes.
CIPA contains “an exemption from liability for a person who is a ‘party' to the communication” because such parties cannot eavesdrop on their own conversation. In re Facebook, 956 F.3d at 607; see Rogers v. Ulrich, 52 Cal.App.3d 894, 899 (1975) (“It is never a secret to one party to a conversation that the other party is listening .. .”). Courts in California “are split on whether this exemption extends to ... third party software providers.” Esparza, 2024 WL 559241, at *4. One line of cases “holds that software providers . are third parties within the meaning of Section 631 and Ribas.” Javier v. Assurance IQ, LLC, 649 F.Supp.3d 891, 899 (N.D. Cal. 2023) (citing Ribas v. Clark, 38 Cal.3d 355, 358, 360-61 (1985) (wife's friend listening in on wife's conversation with her former husband (Ribas) at wife's invitation was eavesdropper under CIPA § 631)). “The second set of cases, led by . Graham v. Noom, holds that software vendors . are ‘extension[s]' of the websites that employ them, and thus not third parties within the meaning of the statute.” Id. (citing Graham v. Noom, 533 F.Supp.3d 823, 832 (N.D. Cal. 2021)). The Graham court reasoned that the third-party software vendor in that case “provide[d] a tool-like [a] tape recorder . -that allow[ed] Noom to record and analyze its own data in aid of Noom's business,” and thus was “not a third-party eavesdropper” under CIPA. Graham, 533 F.Supp.3d at 832-33.
The Javier court aligned itself with the first set of cases and identified “two problems” with the reading of section 631(a) in the Graham line of cases:
The first [reason] is that it interprets the second prong of the statute- “willfully and without the consent of all parties to the communication, or in any unauthorized manner, reads, or attempts to read, or to learn the contents or meaning of any message, report, or communication while the same is in transit”-based on the intentions and usage of the prospective third party.Javier, 533 F.Supp.3d at 900 . Such an interpretation would subsume Clause Three, which itself “penalizes ‘use'-‘us[ing], or attempt[ing] to use, in any manner, or for any purpose, or to communicate in any way, any information so obtained.'” Id. (quoting Cal.
Penal Code § 631(a)). In other words, “reading a use requirement into the second prong would add requirements that are not present (and swallow the third prong in the process).” Id. The Javier court continued:
The second problem with this view is that it was not the California Supreme Court's stated rationale in Ribas: The Ribas Court did not consider the wife's friend's intention or the use to which they put the information they obtained. Instead, it emphasized the privacy concerns at issue with having an “unannounced second auditor” listening in on the call, when Section 631 concerns “the right to control the nature and extent of the firsthand dissemination of [their] statements.”Id. (quoting Ribas, 38 Cal.3d at 360-61). This Court has followed Javier's reasoning in earlier cases and does so again here. See Esparza, 2024 WL 559241, at *5 (“This Court finds the reasoning of ... Javier persuasive, and is inclined to find that the party exemption does not extend to third parties.”).
The Javier court determined it could conclude that the third party was not an “unannounced second auditor” if the third party “does not have the capability to use its record of the interaction for any other purpose (just as a tape recorder has no independent capability to divulge the recording for any other purpose but that of its owner).” Javier, 533 F.Supp.3d at 900. “Thus, applying Javier, the question now is whether Plaintiff has adequately alleged that” Contentsquare “has the ‘capability' to use the chat data for its own purposes or benefit.” Rodriguez v. Ford Motor Co., No. 3:23-CV-00598-RBM, 2024 WL 1223485, at *13 (S.D. Cal. Mar. 21, 2024). The Court finds that Plaintiff has adequately so alleged. Citing the language in Contentsquare's boilerplate “master service agreement,” Plaintiff alleges that the terms and conditions between Great Wolf and Contentsquare provide that Contentsquare may “(i) compile and use Customer Data ... in order to research, develop, modify, improve or support the services provided by Contentsquare and its Affiliates”; “(ii) use Customer Data in an anonymous or aggregated form for benchmarking or machine learning purposes”; and “(iii) collect and use data, information, or insights generated or derived from the use of the CS Service for its business purposes, including industry analysis, analytics, marketing, and developing, training and improving its products and services.” (FAC ¶ 82, quoting Contentsquare Master Service Agreement, Contentsquare (Apr. 2023 v.2023.2.1), https://contentsquare.com/legal/terms-conditions/.) This plausibly demonstrates at this stage that Contentsquare had at least “the capability” to use the data it collected from Plaintiff and other Great Wolf website visitors for its own gain. See Esparza, 2024 WL 559241, at *5-6 (finding similar allegations plausibly alleged third-party eavesdropper).
4. Summary
For reasons explained above, the Court concludes that Plaintiff has failed to plausibly allege a predicate Clause Two violation because Plaintiff has not shown that Contentsquare intercepted the contents of any communications. In an amended complaint, Plaintiff should more precisely identify the communications implicated and the contents of such communications that were intercepted.
B. Section 631(a), Clause Three
To show that Contentsquare violated Clause Three, Plaintiff must allege facts demonstrating that Contentsquare “use[d], or attempt[ed] to use, in any manner, or for any purpose, or to communicate in any way, any information” obtained as the result of a violation of the two preceding clauses. Cal. Penal Code § 631. “A violation of Clause Three is contingent upon a violation of Clauses One or Two.” Garcia v. Build.com, Inc., No. 22-CV-1985-DMS-KSC, 2024 WL 1349035, at *7 (S.D. Cal. Mar. 29, 2024) (citing In re Google Assistant Privacy Litig., 457 F.Supp.3d 797, 827 (N.D. Cal. 2020)). As explained, Plaintiff concedes there is no predicate Clause One violation here, and the Court concludes Plaintiff has failed to plausibly allege a predicate Clause Two violation. Plaintiff therefore “necessarily fails to allege a predicate violation of Clause Three.” Id. Finally, because there is no predicate violation under Clauses One, Two, or Three, “Plaintiff has failed to plausibly allege an aiding-abetting claim against Defendant under Clause Four.” Id.
IV. CONCLUSION AND ORDER
For the foregoing reasons, the Court GRANTS Defendant's motion to dismiss, with leave to amend. Within fourteen (14) days of the date of this Order, Plaintiff may file a second amended complaint which cures the pleading deficiencies identified in this Order. Plaintiff is cautioned that if the second amended complaint fails to cure the identified deficiencies, the Court may dismiss this action without further leave to amend.
IT IS SO ORDERED.