From Casetext: Smarter Legal Research

First Data Merch. Servs. Corp. v. SecurityMetrics, Inc.

UNITED STATES DISTRICT COURT FOR THE DISTRICT OF MARYLAND
Nov 13, 2013
Civil Action No. RDB-12-2568 (D. Md. Nov. 13, 2013)

Opinion

Civil Action No. RDB-12-2568

11-13-2013

FIRST DATA MERCHANT SERVICES CORPORATION, et al., Plaintiffs, v. SECURITYMETRICS, INC., Defendant.


REVISED AND REDACTED MEMORANDUM OPINION

This action arises out of a continuing dispute between the parties following the settlement of litigation in the United States District Court for the District of Utah. In this action, Plaintiff First Data Merchant Services Corporation ("FDMS") and First Data Corporation ("FDC") (collectively "First Data") assert claims against Defendant Security-Metrics, Inc. ("SecurityMetrics") relating to SecurityMetrics' alleged post-settlement misconduct. Subsequently, SecurityMetrics answered the Complaint and asserted fifteen counterclaims sounding in various doctrines of contract, trademark, and antitrust law. Currently pending before this Court is Plaintiffs' Motion to Dismiss Certain of Defendant's Counterclaims (ECF No. 163). The Motion is fully briefed. The parties' submissions have been reviewed and no hearing is necessary. See Local Rule 105.6 (D. Md. 2011). For the reasons that follow, the Morion of First Data Merchant Services Corp. and First Data Corporation to Dismiss Certain of Defendant's Counterclaims (ECF No. 163) is DENIED IN PART and GRANTED IN PART. Specifically, the Motion is denied in all respects except for Counts Eleven and Thirteen in so far as those counts allege monopolization in violation of § 2 of the Sherman Antitrust Act, 15 U.S.C. § 2, and § 11-204(a)(2) of the Commercial Law Article of the Maryland Code, Md. Code, Com. Law § 11-204(a)(2).

Specifically, FDMS's original Complaint alleged tortious interference with existing and prospective contractual and business relationships (Count I), false endorsement/association in violation of the Lanham Act, 15 U.S.C. § 1125(a)(1)(A) (Count II), trademark, service mark and tradename infringement in violation of the Lanham Act, 15 U.S.C. §§ 1114(1) and 1125(a)(1)(A) (Count III), false advertising in violation of the Lanham Act 15 U.S.C. § 1125 (a)(1)(b) (Count IV) and common law unfair competition (Count V). Following a stay of this action pending final disposition of the earlier case filed in the District of Utah and the subsequent denial of FDMS's Preliminary Injunction Motion filed in this Court, FDMS was permitted to amend its Complaint (ECF No. 91).
The Amended Complaint (ECF No. 92) filed by both First Data Plaintiffs seeks declaratory relief (Counts I & IX) and alleges breach of contract (Count II), common law unfair competition (Count III), tortious interference with existing and prospective contractual and business relationships (Count IV). injurious falsehood (Count V), as well as violations of the Lanham Act, 15 U.S.C. §§ 1114(1) and 1125(a)(1)(A) (Counts VI, VII & VIII).

BACKGROUND

This Court accepts as true the facts alleged in the Security-Metrics' counterclaims. See v. Alcolac, Inc., 658 F.3d 388, 390 (4th Cir. 2011). As this Court has already issued a number of written opinions and letter orders in this case, and because the pending motion only addresses certain of SecurityMetrics' counterclaims, the Court includes only a short summary of the relevant allegations here.

A. The Payment Card Industry

In the payment card industry, there are a few main types of service providers. An "issuer" issues a payment card to a consumer and bills and collects amounts due from the consumer. Def.'s Countercls. ¶ 14. The other main sendee is provided on the merchant side; "once a consumer initiates a payment card transaction by offering a card to pay a merchant for goods or services," an "acquirer" obtains authorization for the transaction from the consumer's issuer and then clears and settles the transaction so that the merchant gets paid and the consumer's account gets charged, Id. ¶ 15. In addition, some payment card brands or associations operate in open networks that allow separate entities or banks to operate as issuers and acquirers; in such open networks, "processors" help to facilitate the communication and setdement of payment, Id. ¶¶ 16, 17. FDMS is an acquirer, id. ¶ 19, while FDC is the payment processor for FDMS's transactions. Id. ¶ 20.

The term "PCI" was originally as an acronym for "Payment Card Industry." Id. ¶ 21. Now, however, the term is also used to refer to the PCI Security Standards Council (PCI Council") and the PCI Data Security Standard ("PCI Standard") managed by the PCI Council. Id.

American Express, Discover, JCB, MasterCard, and Visa (collectively, "Card Brands") formed the PCI Council in 2006. Id. ¶ 22. The PCI Council developed the PCI Standard. The Card Brands agreed to adopt the PCI Council's PCI Standard as their data security compliance requirement for all merchants. Id. ¶¶ 22, 28. Thus, the Card Brands enforce compliance with the PCI Standard and determine the penalties for non-compliance. Id. ¶ 23.

While the PCI standard is universal, the various Card Brands have different requirements for demonstrating or validating compliance with the standard. Id. ¶ 28. The category at issue in this case are "Level 4 merchants"—those merchants with the lowest transaction volume. Id. ¶ 30. Level 4 merchants are more numerous than higher-volume merchants and, as such, have the most collective transactions. Id. For these lower-volume merchants, the PCI Council provides the Self-Assessment Questionnaire ("SAQ"). Id. ¶ 26. The SAQ is a validation tool intended to assist merchants in self-evaluating their compliance with the PCI Standard. Id. ¶ 26.

Specifically. SecurityMetrics alleges:

For PCI Standard compliance validation purposes, Visa, MasterCard, and Discover each divide merchants into four levels; American Express divides them into three; and JCB divides them into two. Following the classifications used by Visa and MasterCard, the lowest-volume merchants are commonly referred to as "Level 4 merchants."
Def.'s Countcrcl. ¶ 30. The Court adopts this terminology herein.

Within the payment card industry, there are a number of different types of PCI compliance service vendors, including: Approved Scanning Vendors ("ASVs"), Qualified Security Assessors ("QSAs"), Payment Application Qualified Security Assessors ("PA-QSAs"), PCI Forensic Investigators ("PFIs"), and Point-to-Point Encryption assessors ("P2PEs"). The Card Brands recognize each of those certifications. Id. ¶ 24. The PCI Council also certifies these vendors. Id. SecurityMetrics is certified by the PCI Council as an ASV, QSA, PA-QSA, PFI, and P2PE. Id. ¶ 25. First Data has none of those certifications. Id. ¶ 25.

B. The Relationship of the Parties

First Data is a global payment processor engaged in the business of processing credit and debit card transactions for merchants and independent sales organizations ("ISOs") who use First Data's card processing services. See Def.'s Answer ¶ 15. SecurityMetrics provided compliance services to some merchants for whom First Data provides processing services. Def.'s Countercls. ¶ 50.

For several years, the parties worked together pursuant to a series of contracts. Def.'s Countercls. ¶¶ 51-55. Under those agreements, "First Data promoted SecurityMetrics to its Level 4 merchant customers as its preferred vendor for services relating to validation of compliance with PCI Standards, and SecurityMetrics developed and utilized a protocol for reporting validation of compliance through what is known as the "START' system. START is not an industry standard and it is not prescribed by the PCI Council." Id. ¶ 55. The agreement was last renewed on January 3, 2012. Id. ¶ 57. SecurityMetrics alleges, however, that First Data materially breached the agreement in April 2012 and then unilaterally and prematurely terminated it in May 2012. Id. ¶ 57. Since that point, SecurityMetrics ceased SMART reporting and began to send emails containing links to PDF reports of compliance. Id. ¶ 58.

SecurityMetrics alleges that in June 2012 First Data began offering a service called "PCI Rapid Comply," which competes with the services offered by SecurityMetrics. Id. ¶ 59. First Data imposes billing minimums on ISOs, and SecurityMetrics alleges that, when calculating these minimums, First Data counts fees for PCI Rapid Comply towards the required minimums, but refuses to count costs or fees paid to vendors of other PCI compliance services. Id. ¶ 143. In addition, SecurityMetrics asserts that First Data represented that merchants who used compliance verification vendors other than PCI Rapid Comply would have to pay for those services in addition to the cost of PCI Rapid Comply. W.¶112.

In May of 2012, FDMS filed suit in First Data Merchant Services Corporation v. SecurityMetrics, Inc., Case No. 2:12-cv-495 ("Utah Action") in the United States District Court for the District of Utah ("Utah Court") and moved for a temporary restraining order and preliminary injunction requiring SecurityMetrics to resume START reporting. Id. ¶¶ 60-61. The Utah Court denied the motion, id. ¶ 61, and the parties entered mediation, which resulted in the signing of Terms of Setdement ("Setdcment Terms") by both parties. Id. 62.

The Terms of Settlement is a one page document, reading in relevant part:

First Data Merchant Services ("FD") and SecurityMetrics, Inc. ("SM") agree to the following essential terms of settlement:
• The parties shall incorporate these terms of settlement in a final settlement agreement, in a form and with content mutually acceptable to both parties, [REDACTED].
• [REDACTED]
• The parties shall keep confidential the terms of this settlement and those facts and circumstances forming the basis of or that relate to allegations that were asserted by both parties in connection with this dispute, and shall include mutual confidentiality provisions in a final settlement agreement.
• The parties shall agree to mutual non-disparagement provisions, consistent with the relationship of competitors in a free market place, in a final settlement agreement.
• [REDACTED]
• FD shall dismiss with prejudice the lawsuit it filed in Federal Court, and the parties hereby mutually release each other from any and all obligations and claims, known or unknown.
Def.'s Countcl. Ex. F, ECF No. 157-6.

C. The Presently Pending Action

In the wake of the settlement, First Data filed the presently pending action before this Court on August 27, 2012. See PL's Compl., ECF No. 1. Following a stay of this action pending final disposition of the Utah Action and the subsequent denial of FDMS's Preliminary Injunction Motion filed before this Court, FDMS was permitted to amend its Complaint (ECF No. 91). As a result, First Data filed the Amended Complaint (ECF No. 92) on March 8, 2013. SecurityMetrics answered the Complaint on August 26, 2013 and asserted fifteen counterclaims of its own against First Data. See ECF No. 157. SecurityMetrics' Counterclaims include claims for Specific Performance of the First Settlement Term (Count I), declaratory judgment with respect to third and fifth Settlement Terms (Counts 11 & III), injurious falsehoods (Count IV), federal false advertising (Count V), federal false endorsement (Count VI), cancellation of registration (Count VII), Utah Deceptive Trade Practices violations (Count VIII), tortious interference (Count IX), restraint of trade under federal and Maryland law (Counts X & XII), monopolization and attempted monopolization under federal and Maryland law (Counts XI & XIII), Man-land predator)' pricing (Count XIV), and Maryland tying (Count XV). First Data's Motion to Dismiss Certain of Defendant's Counterclaims (ECF No. 163), filed on September 19, 2013, targets only a few of these counts. Specifically, First Data seeks to dismiss the first, fifth, part of the sixth, seventh, tenth, eleventh, twelfth, thirteenth, fourteenth, and fifteenth counterclaims.

STANDARD OF REVIEW

First Data moves to dismiss SecurityMetrics' counterclaims pursuant to Rule 12(b)(6) of the Federal Rules of Civil Procedure. This Court applies the same standard of review that would be applied to a Rule 12(b)(6) motion to dismiss a complaint. Shoregood Water Co. v. U.S. Bottling Co., No. RDB-08-2470, 2010 WL 1923992, at *1-*2 (D. Md. May 11, 2010) (Bennett, J.) (applying normal 12(b)(6) standard of review to a motion to dismiss counterclaims); see also Fisher v. Virginia Blec. and Power Co., 258 F. Supp. 2d 445, 447 (E.D. Va. 2003).

Under Rule 8(a)(2) of the Federal Rules of Civil Procedure, a pleading must contain a "short and plain statement of the claim showing that the pleader is entitled to relief." FED. R. CIV. P. 8(a)(2). Rule 12(b)(6) of the Federal Rules of Civil Procedure authorizes the dismissal of a pleading if it fails to state a claim upon which relief can be granted. The purpose of Rule 12(b)(6) is "to test the sufficiency of [the pleading] and not to resolve contests surrounding the facts, the merits of a claim, or the applicability of defenses." Presley v. City of Charlottesville, 464 F.3d 480, 483 (4th Cir. 2006).

The Supreme Court's recent opinions in Bell Atlantic Corp. v. Twombly, 550 U.S. 544 (2007), and Asbcrofl v. Iqbal, 556 U.S. 662 (2009), "require that [claims] in civil actions be alleged with greater specificity than previously was required." Walters v. McMahen, 684 F.3d 435, 439 (4th Cir. 2012) (citation omitted). The Supreme Court's decision in Twombly articulated "[t]wo working principles" that courts must employ when ruling on Rule 12(b)(6) motions to dismiss. Iqbal, 556 U.S. at 678. First, while a court must accept as true all the factual allegations contained in the pleading, legal conclusions drawn from those facts arc not afforded such deference. Id. (stating that "[t]hreadbare recitals of the elements of a cause of action, supported by mere conclusory statements, do not suffice" to plead a claim).

Second, a pleading must be dismissed if it does not allege "a plausible claim for relief." Id. at 679. Under the plausibility standard, a pleading must contain "more than labels and conclusions" or a "formulaic recitation of the elements of a cause of action." Twombly, 550 U.S. at 555. Although the plausibility requirement does not impose a "probability requirement," id. at 556, "[a] claim has facial plausibility when the plaintiff pleads factual content that allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged." Iqbal, 556 U.S. at 678; see also Robertson v. Sea Pines Real Estate Cos., 679 F.3d 278, 291 (4th Cir. 2012) ("A complaint need not make a case against a defendant or forecast evidence sufficient to prove an element of the claim. It need only allege facts sufficient to state elements of the claim." (emphasis in original) (internal quotation marks and citation omitted)). In making this assessment, a court must "draw on its judicial experience and common sense" to determine whether the pleader has stated a plausible claim for relief. Iqbal, 556 U.S. at 679. "At bottom, a plaintiff must nudge [its] claims across the line from conceivable to plausible to resist dismissal." Wag More Dogs, LLC v. Cozart, 680 F.3d 359, 365 (4th Cir. 2012) (internal quotation marks omitted).

ANALYSIS

A. First Counterclaim - Specific Performance of the First of the Terms of Settlement

SecurityMetrics seeks specific performance of the first of the Terms of Settlements signed by First Data on May 31, 2012, which states the parties will negotiate a final agreement with "content mutually acceptable to both parties." SecurityMetrics alleges that First Data proposed a draft settlement agreement on June 11, 2012 that was "represented as acceptable to [First Data), with form and content acceptable to SecurityMetrics." Def.'s Countercls. ¶ 67. SecurityMetrics alleges that First Data's refusal to execute an agreement in the form of the June 11, 2012 draft is a breach of the first of the Settlement Terms.

In its Motion to Dismiss, First Data argues that SecurityMetrics itself rejected the draft and, therefore, the draft was not "mutually acceptable." In addition, First Data asserts that Judge Shelby of the U.S. District Court for the District of Utah specifically found that the draft that was not mutually acceptable to the parties. See Pls.' Mem. Supp. Mot. Dismiss Certain Countercls. (hereinafter, "Pls.' Mot. Dismiss"), ECF No. 163, at 6. According to First Data, Judge Shelby's findings are the "law of the case" or appropriate for judicial notice. Id. In opposition, SecurityMetrics argues that First Data attempts to impermissibly introduce factual assertions inappropriate for this stage of the proceeding.

It is axiomatic that a court, when considering a motion to dismiss, may not go beyond the complaint and any documents attached or incorporated therein. B.I. Du Pont de Nemours v. Kolon Inds., Inc., 637 F.3d 433 (4th Cir. 2011). First Data raises factual issues not alleged in SecurityMetrics' Counterclaims. Accordingly, First Data's argument fails. Nor do the doctrines of "law of the case" or "judicial notice" support First Data, as those doctrines do not apply to factual matters outside the complaint. See Arizona v. California, 460 U.S. 605, 618 (1983) (noting that the rule of the case doctrine applies to rules of law); Lee v. City of Los Angeles, 250 F3d 668, 690 (9th Cir. 2001) ("On a Rule 12(b)(6) motion to dismiss, when a court takes judicial notice of another court's opinion, it may do so not for the truth of the facts recited therein, but for the existence of the opinion, which is not subject to reasonable dispute over its authenticity." (internal quotation marks omitted)).

Of course, the Court's refusal to dismiss SecurityMetrics' First Counterclaim does not bar First Data from raising these arguments or similar estoppel arguments on dispositive motion.

B. Fifth Counterclaim - Federal False Advertising

SecurityMetrics' Fifth Counterclaim alleges that First Data has violated sections 34, 35, and 43 of the Lanham Act, 15 U.S.C. §§ 1116, 1117, & 1125, by falsely stating that merchants who use services other than PCI Rapid Comply "will have to pay for those sen-ices in addition to paying [the] full cost for PCI Rapid Comply." Def.'s Countercls. ¶ 112. SecurityMetrics asserts that this statement is false because "First Data, on request, has refunded, and will refund, amounts paid to third-party vendors by merchants who use the sen-ices of those vendors to become compliant," and that these statements "deter merchants from using SecurityMetrics' sen-ices. Def.'s Countercls. ¶¶ 113-14.

This Court will follow the common convention of referring to the individual sections of the Lanham Act rather than the United States Code. For ease of reference, however, citations are formatted using the United States Code.

The Lanham Act prohibits commercial entities from making false statements in their advertising. Specifically, § 43(a)(1)(B) of the Act states that:

Any person who, on or in connection with any goods or sen-ices . . . uses in commerce any . . . false or misleading representation of fact, which . . . , in commercial advertising or promotion, misrepresents the nature, characteristics, qualities, or geographic origin of his or her or another person's goods, sen-ices, or commercial activities, shall be liable in a civil action by any person who believes that he or she is or is likely to be damaged by such act.
15 U.S.C. § 1125(a)(1)(B). Thus, the Act provides a "private remedy for a commercial plaintiff who meets the burden of proving that its commercial interests have been harmed by a competitor's false advertising." Made in the USA Foundation v. Phillips Foods, Inc., 365 F.3d 278, 281 (4th Cir. 2004) (quoting Mylan Laboratories, Inc. v. Matkari, 7 F.3d 1130, 1139 (4th Cir. 1993)). The elements for a false advertising claim under the Lanham Act are:
(1) the defendant made a false or misleading description of fact or representation of fact in a commercial advertisement about his own or another's product; (2) the misrepresentation is material, in that it is likely to influence the purchasing decision; (3) the misrepresentation actually deceives or has the tendency to deceive a substantial segment of its audience; (4) the defendant placed the false or misleading statement in interstate commerce; and (5) the plaintiff has been or is likely to be injured as a result of the misrepresentation, either by direct diversion of sales or by a lessening of goodwill associated with its products.
PBM Products, LLC v. Mead Johnson & Co., 639 F.3d 111, 120 (4th Cir. 2011) (quoting Scolts Co. v. United Industries, 315 F.3d 264, 272 (4th Cir. 2002)). With respect to the false or misleading nature of the statement, the advertisement may be "literally false" or an "implied falsehood" that "tend[s] to mislead or confuse consumers." Id. (citations omitted). In the case of literal falsehoods, a claimant need not allege nor prove evidence of consumer deception; an implied falsehood, however, requires extrinsic evidence of confusion or deception. Id.

With respect to implied falsity, there is some dispute whether a failure to disclose is acdonable in the Fourth Circuit. Compare San Francisco Oven, LLC v. Fransmart, LLC, No. 05-cv-700, 2005 WL 1838125 (E.D. Va. July 27, 2005) ("Under Fourth Circuit caselaw, however, a Lanham Act cause of action requires an affirmative statement that is false or misleading, (citing Mylan Labs., Inc. v. Malkari, 7 F.3d 1130, 1138-39 (4th Cir. 1993))) with Am. Rockwool, Inc. v. Owens-Corning Fiberglas Corp., 640 F. Supp. 1411, 1440 (E.D.N.C. 1986) ("A statement actionable under the Lanham Act may be the product of an affirmatively misleading statement, a partially correct statement, or a failure to disclose a material fact or facts." (citing Skil Corp. v. Rockwell Int'l Corp., 375 F. Supp. 777, 783 n.11 (N.D. 111. 1974))).

The cases from the U.S. Court of Appeals for the Fourth Circuit contain similarly contradictory statements. Compare P. Lorillard Co. v. Federal Trade Commission, 186 F.2d 52 (4th Cir. 1950) ("To tell less than the whole truth is a well known method of deception.") with Matarki, 7 F.3d at 1139 (rejecting Lanham Act claim that defendant's act of putting a drug on the market constituted a false statement that the defendant's drug had received FDA approval).

Here, First Data argues that SecurityMetrics' Fifth Counterclaim must be dismissed because the statements alleged are literally true and that the counterclaim is impermissibly premised upon a failure to disclose rather than a material falsehood. See Pls.' Mot. Dismiss, at 8. In contrast, SecurityMetrics argues that it's counterclaim is premised upon affirmative misstatements because First Data's advertising states that merchants "will pay" the additional cost and that, even if the statements arc not literally false, they are sufficiently misleading and confusing for sanction under the Lanham Act. Def.'s Opp'n, at 19-20. Because SecurityMetrics' Counterclaim is articulable as an affirmative misstatement—i.e., that merchants will pay for the sen-ice but that some do not because of the refund—this Court finds that SecurityMetrics has stated a plausible claim.

Moreover, because SecurityMetrics has stated a claim for affirmative misstatement, this Court need not determine the legal viability of a false advertising claim premised upon a failure to disclose. See supra note 6 & accompanying text.

C. Sixth Counterclaim - False Endorsement

In its Sixth Counterclaim, SecurityMetrics alleges that First Data's use of the phrase "PCI" in the name of its "PCI Rapid Comply" sen-ice is likely to cause merchants and others to incorrectly believe that the sen-ice is associated with or approved by the PCI Council; accordingly, SecurityMetrics alleges that hirst Data has violated sections 34, 35, and 43 of the Lanham Act, 15 U.S.C. §§ 1116, 1117, 1125.

In its Opposition brief, SecurityMetrics asserts that its Sixth Counterclaim is brought pursuant to § 43(a)(1)(A). See Def.'s Opp'n, at 20.

First Data attacks the false endorsement counterclaim on the basis of standing. Specifically, First Data argues that, because SecurityMetrics does not own any mark confusingly similar to First Data's "PCI Rapid Comply" mark, SecurityMetrics has no cause of action under § 43 of the Lanham Act. In opposition, SecurityMetrics asserts that it has standing to sue because it is harmed by First Data's use of a misleading mark. In particular, SecurityMetrics argues that the Lanham Act provides broad protections that were enacted to prevent the type of harm suffered by SecurityMetrics—i.e., harm caused by the use of a misleading mark (regardless of the ownership of that mark). See Def.'s Opp'n, at 22-23.

First Data states that it seeks only partial dismissal of the Sixth Counterclaim; specifically, it claims to only seek dismissal based on "misleading product designations," not "false statements." See Pls.' Mot. Dismiss, at 9.

A claim of false endorsement arises when the name, symbol, or other identifying likeliness is "used in such a way as to deceive the public into believing that [the plaintiff] endorsed, sponsored, or approved of the defendant's product." Mktg. Products Mgmt., LLC v. Uealtbandbeautydirect.com, Inc., 333 F. Supp. 2d 418, 430 (D. Md. 2004) (quoting v. Discovery Communications, Inc., 200 F.Supp.2d 512, 522 (D. Md. 2002)). Notably, § 43 "goes beyond trademark protection." Dastar Corp. v. Twentieth Century Fox Film Corp., 539 U.S. 23, 28-29 (2003). Specifically, section 43(a)(1)(A) of the Lanham Act, which defines the scope of a false endorsement claim, states that:

Any person who, on or in connection with any goods or services . . . uses in commerce any word, term, name, symbol, or device, or any combination thereof, or any false designation of origin, false or misleading description of fact, or false or misleading representation of fact, which . . . is likely to cause confusion, or to cause mistake, or to deceive as to the affiliation, connection, or association of such person with another person, or as to the origin, sponsorship, or approval of his or her goods, services, or commercial activities by another person, or . . . shall be liable in a civil action by any person who believes that he or she is or is likely to be damaged by such act.
15 U.S.C. § 1125(a)(1)(A). Thus, there arc three distinct individuals involved in the statutory' analysis—(1) the user/defendant; (2) the misrepresented party; and (3) the plaintiff. First Data asserts that the misrepresented party and the damaged party must be one and the same, Pls.' Mot. Dismiss, at 9, while SecurityMetrics argues that the statute does not so require. See Def.'s Opp'n, at 22.

The "user" is the "person who, on or in connection with any goods or services, or any container for goods, uses in commerce any word, term, name, symbol, or device, or any combination thereof, or any false designation of origin, false or misleading description of fact, or false or misleading representation of fact . . . ."§ II 25(a)(1).

The "misrepresented party" is the person whose "affiliation, connection, or association" is misappropriated by the user. § 1125(a)(1)(A).

The "plaintiff" is the person who files the "civil action" because he or she "believes that he or she is likely to be damaged" by the user's act. § 1125(a).

Both parties agree that not every individual qualifies as a permissible false endorsement plaintiff. For example, consumers lack standing to bring a Lanham Act claim. See Made in the USA Foundation, 365 F.3d at 281. Moreover, plaintiffs must have some sort of commercial or competitive interest (although the extent of that interest varies among the various circuits of the U.S. Courts of Appeal). Id. Only a few courts, however, have direcdy addressed the precise question at issue here—i.e., whether a plaintiff must have some type of interest in the mark itself.

In support of its position, SecurityMetrics cites to Famous Horse Inc. v. 5th Avenue Photo Inc., 624 F.3d 106 (2d Cir. 2010). In that case, the U.S. Court of Appeals for the Second Circuit noted that "none of the various test [for determining standing under the Lanham Act] . . . hold that only the owner of a trademark has standing." Id. at 111 (emphasis added). Accordingly, the Second Circuit held that a retailer had standing to sue another retailer selling counterfeit designer jeans even though the designer—not the plaintiff retailer— owned the mark. Id. at 115.

First Data, on the other hand, arguing that false endorsement is a form of trademark infringement, points to Advanced Resources International, Inc. v. Tri-Star Petroleum Co., 4 F.3d 327 (4th Cir. 1993), where the Fourth Circuit purportedly "presuppose[d]" that the plaintiff must protect "its own name or mark." Pls.' Mot. Dismiss, at 10. Although the language from Advanced Resources does connect the plaintiff and the misrepresented parry, the quotation is drawn merely from a summary of other courts' conclusions. See 4 F.3d at 334 ("Those courts recognized a § 43(a) injury where the plaintiff's voices, uniforms, likenesses, published words, or names were used in such a way as to deceive the public into believing that they endorsed, sponsored, or approved of the defendant's product."). Moreover, the Fourth Circuit gave no indication that it intended to limit § 43(a) actions to only those situations where the plaintiff could claim an ownership interest rather than a business interest. Cf. id. (describing cases where the plaintiff and misrepresented party are one and the same as "typical").

First Data also cites to National Licensing Ass'n v. Inland Joseph Fruit Co., 361 F. Supp. 2d 1244 (E.D. Wash. 2004); Kam Lee Yuen Trading Co. v. Hocean, Inc., No. 10-455 SC, 2010 WL 3155812 (N.D. Cal. Aug. 9, 2010). The Court notes that those cases are not binding authority on this Court and finds them distinguishable based upon the interests raised.

As this Court sees no contradiction between burnous Horse and Advanced Resources International, this Court finds Famous Horse persuasive. Indeed, the Second Circuit's conclusion is the most consistent with the statutory language. Section 43(a)(1) states that a plaintiff may be "any person who believes that he or she is or is likely to be damaged by such act." Thus, the only qualification relates to damage suffered. Based on the purpose of the statue—protecting those engaged in congressionally regulated commerce against unfair competition—courts have limited the type of damage covered—i.e, damage to commercial or competitive interests. See Made in the USA Foundation, 365 F.3d at 280-81. Here, SecurityMetrics has in fact alleged damaged to its commercial interests and its ability to stay competitive in the marketplace. Accordingly, this Court finds that the SecurityMetrics' lack of an ownership or proprietary interest in the PCI term is not grounds for dismissal at this stage.

D. Seventh Counterclaim - Cancellation of Registration

SecurityMetrics' Seventh Counterclaim seeks to cancel First Data's registered trademark in "PCI Rapid Comply" pursuant to section 37 of the Lanham Act, 15 U.S.C. § 1119. Specifically, SecurityMetrics alleges that First Data's mark is "likely to cause confusion or to deceive" due to the similarity of First Data's mark to those registered by the PCI Council, including the mark "PCI Security Standards Council." Def.'s Countercls. ¶ 126.

First Data argues that, because SecurityMetrics docs not own any mark confusingly similar to First Data's "PCI Rapid Comply" mark, SecurityMetrics has no cause of acdon under the Lanham Act. See Pls.' Mot. Dismiss, at 11-12. In opposition, SecurityMetrics asserts that it has standing to sue because it is harmed by First Data's use of a misleading mark. In particular, SecurityMetrics argues that the Lanham Act provides broad protections that were enacted to prevent the type of harm suffered by SecurityMetrics—i.e., harm caused by the use of a misleading mark (regardless of the ownership of that mark). See Def.'s Opp'n, at 22-23.

The Lanham Act permits federal courts to order the cancellation of trademark registrations. 15 U.S.C. § 1119. Specifically, section 14 of the Act permits a cancellation action by "any person who believes that he is or will be damaged . . . ." 15 U.S.C. § 1064. However, in order to prevent frivolous litigation brought by "mere intermeddler[s]," Upton Indus., Inc. v. Ralston Purina Co., 670 F.2d 1024, 1029 (C.C.P.A. 1982), a litigant must establish a "real interest in the proceeding." Int'l Order of Job's Daughters v. Lindeburg & Co., 727 F.2d 1087, 1092 (Fed. Cir. 1984) (internal quotation marks omitted). In evaluating this standing requirement, ownership or control of the name or mark is not dispositive. Universal Oil Prods. Co. v. Rexall Drug & Chem. Co., 463 F.2d 1122, 124 (C.CP.A. 1972) ("Control over the mark or name relied upon is not determinative of standing to oppose."); see also Jewelers Vigilance Committee v. Ullenberg Corp., 823 F.2d 490, 493 (Fed. Cir. 1987) ("There is no question that a trade association, having a real interest in the outcome of the proceedings, may maintain an opposition without proprietary rights in a mark or without asserting that it has a right or has an interest in using the alleged mark sought to be registered by an applicant. This is true irrespective of the grounds upon which the opposer relics in asserting the nonregistrability of [the) applicant's mark.").

Based on the liming of the suit, certain other further requirements may be applicable. See 15 U.S.C. § 1064. These requirements have not been raised here.

In its Motion to Dismiss, First Data cites to several district court opinions for the proposition that standing to maintain a cancellation action requires a commercial or economic interest in the disputed mark. See Pl.s Mem. Supp. Mot. Dismiss Certain Countercl., at 12 (citing to Aklienaten v. Najee, LLC, 544 F. Supp. 2d 320, 332 (S.D.N.Y. 2008); Gen. Healthcare Ltd. v. Qashat, 254 F. Supp. 2d 193, 204 (D. Mass. 2003); Fed. Treasury Enter. Sojuzplodoimport v. Spirits Int'l B.V., 2011 WL 4005321, at *6-8 (S.D.N.Y. Sept. 1, 2011); Yurman Design Inc. v. Chaindom Enters., Inc., 2000 WL 897141, at *4 (S.D.N.Y. July 5, 2000)). This Court does not Find those cases to be persuasive in the discussion here. In particular, none of the cited cases are from the Fourth Circuit or this Court. Instead, the Federal Circuit (and its predecessor, the United States Court of Customs and Patent Appeals), which reviews the decisions of the Trademark Trial and Appeal Board, is the more persuasive authority.

Here, SecurityMetrics does not assert any ownership interest in the mark. Nevertheless, SecurityMetrics alleges that the registration of "PCI Rapid Comply" is "likely to cause confusion or to deceive" and, in fact, has already caused such harm. Def.'s Countercls. ¶¶ 126-27. Thus, SecurityMetrics has standing to seek cancellation of the mark as an entity believing it will be damaged. See 15 U.S.C. § 1064. SecurityMetrics' allegations are sufficiently pled to avoid dismissal at this stage of the proceeding.

E. Tenth & Twelfth Counterclaims - Restraint of Trade

SecurityMetrics also alleges that First Data has engaged in conduct that restrains trade in violation of § 1 of the Sherman Antitrust Act, 15 U.S.C. § 1, and § 11-204(a)(1) of the Commercial Law Article of the Maryland Code. SecurityMetrics alleges, "[o]n information and belief," that First Data has a number of contracts with various independent sales organizations ("ISOs") that tic the cost of processing services to hirst Data's PCI Rapid Comply program by counting the costs of PCI Rapid Comply towards the ISOs billing minimums but refusing to count the fees paid to other vendors. Def.'s Countercls. ¶ 143. Moreover, because ISOs have "de facto control over their merchants' selection of PCI compliance vendors," SecurityMetrics argues that First Data has incentivized the use of First Data's PCI Rapid Comply service in order to restrain commerce. Id. ¶¶ 148-49. Additionally, SecurityMetrics alleges that "hirst Data has market power in the payment card transaction market, including without limitation the market for acquirer and processor services," id. ¶ 145, and that First Data has restrained trade and creates "a dangerous probability that [First Data| will have further success in restraining trade, as intended, by entering into its contracts with ISOs," id. ¶ 146 and "by incentivizing ISOs to use their control to have their merchants use PCI Rapid Comply." Id. ¶ 150.

As indicated supra, ISOs are "third-party sales organizations that associate with acquirers and payment processors to find, open, aggregate, and manage merchant processing accounts." Def.'s Countercl. ¶ 90.

Section 1 of the Sherman Antitrust Act prohibits contracts, combinations, or conspiracies that restrain interstate commerce. 15 U.S.C. § 1 ("Every contract, combination in the form of trust or otherwise, or conspiracy, in restraint of trade or commerce among the several States, or with foreign nations, is declared to be illegal."). The elements of a claim under § 1 are "(1) a contract, combination, or conspiracy; (2) that imposed an unreasonable restraint of trade." Dickson v. Microsoft Corp., 309 F.3d 193, 202 (4th Cir. 2002).

Following the convention laid out above, this Court will refer to sections of the Sherman Antitrust Act in-text but will cite to the United States Code.

Similarly, § 11-204(a)(1) of the Commercial Law Article of the Maryland Code states that "[a] person may not . . . [b]y contract, combination, or conspiracy with one or more other persons, unreasonably restrain trade or commerce." In construing this provision, the courts are to be "guided by the interpretation given by the federal courts to the various federal statutes dealing with the same or similar matters." Md. Code, Commercial Law, § 11-202(a)(2).

SecurityMetrics' Counterclaims, however, are tying claims, which receive slightly-different treatment under § 1 of the Sherman Antitrust Act. Impermissible tying arrangements arise when a party agrees "to sell one product [(the "tying product")] but only on the condition that the buyer also purchases a different (or tied) product . . . ." N. Pac. Ry. Co. v. United States, 356 U.S. 1, 5, 78 S. Ct. 514, 518, 2 L. Ed. 2d 545 (1958); see also Jefferson Parish Hosp. Dist. No. 2 v. Hyde, 466 U.S. 2, 12 91984) ("The essential characteristic of an invalid tying arrangement lies in the seller's exploitation of its control over the tying product to force the buyer into the purchase of a tied product that the buyer . . . might have preferred to purchase elsewhere on different terms."). Some tying arrangements—those deemed to "pose an unacceptable risk of stifling competition"—are per se unreasonable:

To establish a per se tying claim under section 1, a plaintiff must prove (1) the existence of two separate products, (2) an agreement conditioning purchase of the tying product upon purchase of the tied product (or at least upon an agreement not to purchase the tied product from another party), (3) the seller's possession of sufficient economic power in the tying product market to restrain competition in the tied product market, and (4) a not insubstantial impact on interstate commerce. See generally Jefferson Parish, 466 U.S. at 12-16, 18-21, 104 S. Ct. at 1558-60,1561-63.
Service & Training, Inc. v. Data General Corp., 963 F.2d 680, 683 (4th Cir. 1992) (footnotes omitted).

One of First Data's main contentions is that SecurityMetrics has not adequately alleged the second element—i.e., the conditioning (or tying) of the purchase of one product on the other. See, e.g., Pl.'s Reply, ECF No 178, at 11-12. However, SecurityMetrics alleges that First Data requires ISOs to count fees paid for PCI Rapid Comply (but not fees for services provided by other compliance service providers) towards the ISO billing minimums. Def.'s Countercls. ¶ 143. Thus, SecurityMetrics alleges that First Data's billing structure ties its processing services and compliance services. Accordingly, SecurityMetrics has plausibly alleged a tying arrangement.

First Data also argues that SecurityMetrics failed to define the applicable market or First Data's power within that market as required for the third element of a tying claim. See Pls.' Mot. Dismiss, at 15-16. Specifically, First Data protests that SecurityMetrics has failed to identify a relevant product or service market or a relevant geographical market. Id. at 16-17. SecuriryMetric's Counterclaims, however, identify the relevant products (processing and compliance services) and the relevant geographical market (Maryland and interstate and international commerce). See Def.'s Countercls. ¶¶144, 160; of. E.I. Du Pont de Nemours v. Kolon Inds., Inc., 637 F.3d 435 (4th Cir. 2011) ("Because market definition is a deeply fact-intensive inquiry, courts hesitate to grant motions to dismiss for failure to plead a relevant product market." (quoting Todd v. Exxon Corp., 275 F.3d 191, 199 (2d Cir. 2001))). Moreover, SecurityMetrics has alleged that "First Data has market power in the payment card transaction market, including without limitation the market for acquirer and processor sendees." Def.'s Countercls. ¶ 145.

In addition, hirst Data argues that the Tenth and Twelfth Counterclaims fail because SecurityMetrics has merely alleged an express contract and not an agreement to restrain trade. See Pls.' Mot. Dismiss, at 20-21. SecurityMetrics has alleged, however, that First Data's billing practices create a combination between First Data and ISOs, thereby causing merchants to pay for First Data's PCI Rapid Comply service. Accord Systemcare, Inc. v. Wang Laboratories Corp., 117 F.3d 1137, 1145 (10th Cir. 1997) ("[A] contract between a buyer and seller satisfies the concerted action element of section 1 of the Sherman Antitrust Act where the seller coerces a buyer's acquiescence in a tying arrangement imposed by the seller.").

First Data next protests the combination of FDMS and its corporate parent FDC. Early in its Counterclaims, SecurityMetrics distinguishes FDMS as the acquirer and FDC as the processor in its operations. Def.'s Countercls. ¶¶ 19-20. As SecurityMetrics' antitrust Counterclaims involve those two entities' activities in those roles, the use of the collective term "First Data" is not inappropriate here.

First Data's next argument pertains to purportedly insufficient allegations regarding market-wide harm to competition. Specifically, First Data argues that mere injury to SecurityMetrics is insufficient because there is no allegation of actual adverse effect to competition in the market. Pls.' Mot. Dismiss, at 18-19. Indeed, "[t]he elimination of a single competitor, standing alone, does not prove [the] anticompetitive effect." Military Servs. Realty, Inc. v. Realty Consultants of Va., 823 F.2d 829, 832 (4th Cir. 1987). Nevertheless, at this stage of the proceeding, SecurityMetrics has alleged anticompetitive injury by alleging actions that restrain trade and discourage the use of competing products. Def.'s Countercls. ¶¶ 146-50.

F. Eleventh & Thirteenth Counterclaims - Monopolization and Attempted Monopolization

Similarly, SecurityMetrics alleges that First Data's pricing with respect to processing services and PCI Rapid Comply violates § 2 of the Sherman Antitrust Act, 15 U.S.C. § 2. First Data opposes the claims on the same basic grounds as those raised under the Tenth and Twelfth Counterclaims.

Section 2 of the Sherman Antitrust Act states that "[e]very person who shall monopolize, or attempt to monopolize, or combine or conspire with any other person . . . to monopolize any part of the trade or commerce" has violated the Act and is subject to penalties. 15 U.S.C. § 2. A monopolization claim under § 2 of the Sherman Antitrust Act requires a claimant to demonstrate two elements: (1) "the possession of monopoly power in the relevant market; and (2) "the willful acquisition or maintenance of that power as distinguished from growth or development as a consequence of a superior product, business acumen, or historic accident." Verizon Communications Inc. v. Law Offices of Curst V. Trinko, LLP, 540 U.S. 398, 408 (2004).

Similarly, § 11-204(a)(2) of the Commercial Law Anicle of the Maryland Code provides:

A person may not. . . Monopolize, attempt to monopolize, or combine or conspire with one or more other persons to monopolize any part of the trade or commerce within the State, for the purpose of excluding competition or of controlling, fixing, or maintaining prices in trade or commerce.
Md. Code, Com. Law § 11-204(a)(2). As noted supra, the interpretation of the Maryland antitrust statute is to be "guided by the interpretation given by the federal courts to the various federal statutes dealing with the same or similar matters." Md. Code. Commercial Law, § 11-202(a)(2).

First Data reiterates its market power argument with respect to the monopolization claim; specifically, First Data argues that monopolization requires control of 70% to 100% of the relevant market under Fourth Circuit law and that, as such, SecurityMetrics' monopolization counts fails. Indeed, although SecurityMetrics has alleged market power for purposes of a tying agreement, its allegations fall short of what is required for monopoly power pursuant to a § 2 monopolization claim. Cf. R. J. Reynolds Tobacco Co. v. Philip Morris Inc., 199 F. Supp. 2d 362, 394 (M.D.N.C. 2002), affd sub nom. RJ Reynolds Tobacco Co. v. Philip Morris USA, Inc., 67 F. App'x 810 (4th Cir. 2003), ("[M]onopoly power is a higher degree of power than market power."); E.I. Du Pont De Nemours, 637 F.3d at 451 (noting that monopolization was adequately pled where the claimant specifically alleged that, inter alia, (1) numerous barriers to entry into the market existed; (2) the alleged monopolist had long dominated the market; and (3) that the alleged monopolist controlled over 70% of the market).

With respect to attempted monopolization, however, SecurityMetrics has satisfied its burden at this stage. An attempted monopolization claim requires a claimant to show: "(1) the use of anticompetitive conduct; (2) with specific intent to monopolize; and (3) a dangerous probability of success." E.I. Du Pont de Nemours v. Kolon bids., Inc., 637 F.3d 435 (4th Cir. 2011).

SecurityMetrics argues that it has alleged specific acts in furtherance of monopolization; specifically, SecurityMetrics points to First Data's alleged tying and predatory pricing allegations. SecurityMetrics has also alleged diat First Data "willfully acquired and willfully maintained its market power." Def.'s Countercls. ¶ 157.

In addition. SecurityMetrics argues that its allegations with respect to the bundled discounts provided to ISOs, the use of allegedly "baseless" litigation, and the use of a "misinformation campaign" to convince ISOs that SecurityMetrics cannot use merchant data for selling its products or services are all also sufficient to support its attempted monopolization claim. Def.'s Opp'n, at 42-46.

In addition, SecurityMetrics has adequately demonstrated the third element—a dangerous probability of success. While market share is particularly relevant to die dangerous probability of success, the element may also be demonstrated by allegations of barriers to entry into the market or "unjustified exclusionary conduct." Rescue Phone, Inc. v. Enforcement Tech. Group, Inc., No. 1:07-cv-58, 2007 WL 2045514, at *4 (ED. Va. July 9, 2007). Moreover, the relevance of this third element "is tempered by evidence of the other two elements of the claim." M & M Med. Supplies & Serv., Inc. v. Pleasant Valley Hosp., Inc., 981 F.2d 160, 168 (4th Cir. 1992).

As noted above, SecurityMetrics has alleged anticompetitive acts, and those specific allegations are bolstered by conduct alleged elsewhere in the Counterclaims. For example, SecurityMetrics alleges a refusal to abide by the Settlement Terms and accept SecurityMetrics compliance reporting, Def.'s Countercls. ¶ 85, and various false statements intended to mislead SecurityMetrics' customers. See, e.g., Def.'s Countercls. ¶¶97-99. In light of this alleged exclusionary conduct, SecurityMetrics has adequately alleged a dangerous probability of success, "albeit the failure to allege market share weakens the claim considerably." Rescue Phone, Inc. v. Enforcement Tech. Grp., Inc., No. 2:07-cv-58, 2007 WL 2045514 (E.D. Va. July 9, 2007).

Accordingly, this Court finds that SecurityMetrics has adequately pled attempted monopolization, but has failed to state a claim for monopolization. Thus, SecurityMetrics Eleventh and Thirteenth Counterclaims will be dismissed to the extent that they allege monopolization pursuant to § 2 of the Sherman Antitrust Act and § 11-204(a)(2) of the Commercial Law Article of the Maryland Code.

G. Fourteenth Counterclaim — Maryland Predatory Pricing

SecurityMetrics argues that "First Data's discount on various processing-related senices for ISOs that abandon SecurityMetrics for PCI Rapid Comply" constituted illegal predatory pricing under Maryland law. Def.'s Countercls. ¶ 167. Section 11-204(a)(3) provides that a person may not:

Directly or indirectly discriminate in price among purchasers of commodities or services of like grade and quality, if the effects of the discrimination may:
(i) Substantially lessen competition;
(ii) Tend to create a monopoly in any line of trade or commerce; or
(iii) Injure, destroy, or prevent competition with any person who grants or knowingly receives the benefit of the discrimination or with customers of either of them;
Md. Code, Com. Law § 11-204(a)(3). First Data's Morion does not directly address the counterclaim, but instead relies upon the same arguments raised for the various federal claims. SecurityMetrics, however, has alleged that First Data's actions would substantially lessen competition in general and injures and prevents competition with hirst Data. Thus, it has stated a claim for predatory pricing under Maryland law.

H. Fifteenth Counterclaim - Maryland Tying

Finally, SecurityMetrics alleges that "First Data's tying of ISO pricing for processing-related services to each ISO's displacement of SecurityMetrics by PCI Rapid Comply . . . may substantially lessen competition for, and tend to create a monopoly over, compliance, validation, and reporting services to Level 4 merchants relating to the PCI Standard, within Maryland—in violation of Maryland Commercial Law Code § 11-204(a)(6), subdivisions (i) and (ii)." Section 11-204(a)(6) provides that a person may not:

Lease or make a sale or contract for the sale of a patented or unpatented commodity or service for use, consumption, enjoyment, or resale, or set a price charged for the commodity or sendee or discount from or rebate on the price, on the condition, agreement, or understanding that the lessee or purchaser will not use or deal in the commodity or senice of a competitor of the lessor or seller, if the effect of the lease, sale, or contract for sale or the condition, agreement, or understanding may:
(i) Substantially lessen competition; or
(ii) Tend to create a monopoly in any line of trade or commerce.
Md. Code, Com. Law § 11-204(a)(6). First Data does not present any new argument to address this claim but again merely asserts that its arguments with respect to the federal claims are sufficient to warrant dismissal of the state claims as well. As this Court finds those arguments inadequate to support dismissal at this stage of the proceeding under federal law, this Court sees no reason to dismiss SecurityMetrics' Fifteenth Counterclaim.

CONCLUSION

For the reasons stated above, the Motion of First Data Merchant Sendees Corp. and First Data Corporation to Dismiss Certain of Defendant's Counterclaims (ECF No. 163) is DENIED IN PART and GRANTED IN PART. Specifically, the Motion is denied in all respects except for Counts Eleven and Thirteen in so far as those counts allege monopolization in violation of § 2 of the Sherman Antitrust Act, 15 U.S.C. § 2, and § 11-204(a)(2) of the Commercial Law Article of the Maryland Code, Md. Code, Com. Law § 11-204(a)(2).

A separate Order follows.

____________

Richard D. Bennett

United States District Judge


Summaries of

First Data Merch. Servs. Corp. v. SecurityMetrics, Inc.

UNITED STATES DISTRICT COURT FOR THE DISTRICT OF MARYLAND
Nov 13, 2013
Civil Action No. RDB-12-2568 (D. Md. Nov. 13, 2013)
Case details for

First Data Merch. Servs. Corp. v. SecurityMetrics, Inc.

Case Details

Full title:FIRST DATA MERCHANT SERVICES CORPORATION, et al., Plaintiffs, v…

Court:UNITED STATES DISTRICT COURT FOR THE DISTRICT OF MARYLAND

Date published: Nov 13, 2013

Citations

Civil Action No. RDB-12-2568 (D. Md. Nov. 13, 2013)