On November 9, 2021, the Oklahoma Supreme Court in State ex rel. Hunter v. Johnson & Johnson, No. 118474, 2021 WL 5191372 (Okla., Nov. 9, 2021), overturned a $465 million verdict against opioid manufacturer, Johnson & Johnson (“J&J”). In the 5-1 decision, the court held that the district court erred in holding J&J liable under the state’s public nuisance law because the statute does not extend to the manufacturing, marketing, and selling of products. The court warned that extending public nuisance law to the manufacturing, marketing, and selling of products would allow consumers to convert product liability actions into public nuisance claims.  Id. at *11. Such an expansion of public nuisance law could catalyze widespread litigation against large companies for any public health problem.

Factual and Procedural Background

Like many cities across the United States, Oklahoma has seen the effects of the over-prescription of opioids to its residents. Id. at *1. In an effort to hold large opioid manufacturers accountable, the State sued three opioid manufactures in June 2017, including J&J. Id. The State argued that J&J marketed the benefits of opioid use while downplaying the dangers in an effort to increase sales. Id. at *2. The State settled with the other manufacturers and later dismissed all claims against J&J with the exception of the public nuisance claim. Id.

The district court held a month-long bench trial on the public nuisance issue. Id. The Oklahoma public nuisance statute states, “[a] public nuisance is one which affects at the same time an entire community or neighborhood, or any considerable number of persons, although the extent of the annoyance or damage inflicted upon the individuals may be unequal.” 50 Okl. St. § 2. Thus, the question before the court was whether J&J was liable for creating a public nuisance in the marketing and selling of opioids within the state. State ex rel. Hunter, No. 118474, 2021 WL 5191372 at *1.

The court returned a verdict against J&J, finding them liable for conducting “false, misleading, and dangerous marketing campaigns” about opioids. Id. at *2. In doing so, the court ordered J&J to pay $465 million to fund one year of government programs aimed at combating the opioid crisis. Id. In issuing this hefty damage award, the court did not base the amount on J&J’s specific market interest of prescription opioids sold. Id. The court also did not offset the amount with the amount the State received from the settlement agreements with the other opioid manufacturers. Id.

J&J appealed the verdict and the State cross-appealed, arguing that J&J should be held liable for a higher amount to fund twenty years of the state’s government programs aimed against opioid use. The Supreme Court of Oklahoma retained the appeal. Id. at *3. The issue on appeal was whether the district court correctly determined that J&J’s actions in marketing and selling opioids created a public nuisance. Id.

Supreme Court of Oklahoma’s Decision

Origins and History of Oklahoma Public Nuisance Law

The Oklahoma Supreme Court began its opinion by giving a history of the public nuisance doctrine going back to the twelfth century. Id. The court explained how the public nuisance theory began as a criminal remedy used to protect the rights of public property. Id. Many years later during the twentieth century, public nuisance evolved into a common law tort and was later codified by the Oklahoma Legislature. Id. at *4. In applying the state’s nuisance statutes, the court has limited public nuisance liability to defendants “(1) committing crimes constituting a nuisance, or (2) causing physical injury to property or participating in an offensive activity that rendered the property uninhabitable.”  Id. Nuisance cases can also be brought in cases in which conduct “annoys, injures, or endangers the comfort, repose, health, or safety of others.” Id. at *5. Yet, the court reminded the State that such conduct has traditionally been criminal or property-based. Id. As such, the court reasoned that applying nuisance law to the manufacturing, marketing, and selling of lawful products would be an overbroad application of the law. Id.

Oklahoma’s Public Nuisance Law Does Not Cover the State’s Alleged Harm

The court refused to extend the public nuisance doctrine to the State’s claim that J&J’s failure to warn of the dangers of opioids constitutes a public nuisance. In reaching this decision, the court identified three reasons for which the doctrine is inapplicable to product liability: (1) the manufacture and distribution of products rarely cause a violation of a public right, (2) a manufacturer does not generally have control of its product once it is sold, and (3) a manufacturer could be held perpetually liable for its products under a nuisance theory. Id. at *6.

In analyzing the first factor, the court concluded that the State failed to show a violation of a public right. The court defined a public right as a right to a public good (i.e. natural resources, public spaces). Id. The court rejected the State’s argument that J&J’s conduct amounted to an interference with the public right of health because prescription opioids do have beneficial uses for pain management and the rise in misuse and addiction could not have been anticipated. Id. at *7 The court distinguished J&J’s conduct from cases of pollution in public water or the discharge of sewer on property, in which injury could have been anticipated. Id. Further, the court reasoned that the State’s argument would promote the notion that an unreasonable interference with a public right could be shown solely by the unanticipated misuse of products by some consumers. Id. “A public right to be free from the threat that others may misuse or abuse prescription opioids—a lawful product—would hold manufacturers, distributors, and prescribers potentially liable for all types of use and misuse of prescription medications.” Id. Thus, the court concluded that the State failed to show a violation of a public right in this case.

As to the second factor, the court reasoned that J&J did not have control over the manner in which opioids were used once they were sold. Id. at *8. “A product manufacturer’s responsibility is to put a lawful, non-defective product into the market. There is no common law tort duty to monitor how a consumer uses or misuses a product after it is sold.” Id. The court reasoned that J&J had no control over its products once they were sold through the multiple levels of distribution which included distributors, wholesalers, pharmacies, hospitals and doctors’ offices. Id. Without control, J&J could also not abate or fix the nuisance. Here, the court attacked the remedy of monetary sanctions imposed by the district court. Id. at *9. Though, the amount awarded to the State was intended to go to the State’s abatement plan to combat opioid addiction, the court did not find this to be a suitable remedy. The court reasoned that the abatement program would not stop the promoting or selling of opioids. Id. Therefore, the court rejected the monetary damage award as it did not address the alleged nuisance. Id.

In addressing the third and final factor, the court plainly rejected the imposition of liability for public nuisance in this case, because J&J could be held continuously liable for its products. Id. J&J’s products entered the stream of commerce more than twenty years ago. Id. The court reasoned that imposing liability under a public nuisance cause of action here would subject manufacturers to endless liability and would sidestep the statute of limitations in traditional tort law. Id.

This Court Will Not Extend Oklahoma Public Nuisance Law to the Manufacturing, Marketing, And Selling of Prescription Opioids

In sum, the court, held that it will not extend the state’s public nuisance law to J&J’s conduct in the manufacturing, marketing and selling of prescription opioids. The court dug its heels into the common law criminal and property-based limitations that have shaped the state’s public nuisance doctrine. Without these limitations, the court warned that businesses could be held boundlessly liable for the manufacturing, marketing or selling of products, i.e. “will a sugar manufacturer or the fast food industry be liable for obesity, will an alcohol manufacturer be liable for psychological harms, or will a car manufacturer be liable for health hazards from lung disease to dementia or for air pollution.” Id. at *11. Though the court does tip its hat to the State’s novel theory of extending public nuisance liability for the marketing and selling of a legal product, the court remained unconvinced. Instead, the court advised that this is an issue that could be more appropriately addressed by the legislature, rather than the courts.

Takeaways

There is a growing trend in which courts are reluctant to apply public nuisance law to opioid-manufacturer cases. This case comes on the heels of a recent tentative decision from a California superior court in which the court also rejected the plaintiffs’ argument that defendants, J&J, Endo Pharmaceuticals, Teva Pharmaceuticals, and Allerfan PLC, created a public nuisance by manufacturing and selling opioids. People v. Purdue Pharma, No. 30-2014-00725287-CU-BT-CXC (Cal. Super. Nov. 9, 2021). Prior to these decisions, North and South Dakota courts have also rejected public nuisance claims against the same defendants for the same alleged conduct. See State ex rel. Stenehjem v. Purdue Pharma, L.P., No. 08-2018-cv-01300, 2019 WL 2245743, at *13 (N.D. Dist. Ct. May 10, 2019) (rejecting the public nuisance claim because public nuisance law does not apply to cases involving a sale of goods); see also State ex rel. Ravnsborg v. Purdue Pharma L.P., No. 32CIV18-000065 (S.D. Cir. Ct. Jan. 13, 2021) (rejecting the public nuisance claim as applied to the sale of good and holding that defendants did not have control of the instrumentality of the nuisance when the damage occurred).

These decisions mark a shift in the landscape of opioid litigation, casting doubt on the use of the public nuisance doctrine as applied to the manufacturers of these drugs. Another important aspect of this ruling is the questionable ability of plaintiffs to receive monetary damage awards to redress harm in these cases. The Oklahoma Supreme Court expressed skepticism in this approach and encouraged redress to be handled by public policy rather than the courts. If plaintiffs continue to allege that that the manufacturing and selling of opioids constitutes a public nuisance, it may become increasingly difficult to prove that the appropriate redress is something other than an injunction on such manufacturing and selling.

As it stands, it is not clear whether these cases are outliers or a projection of a growing national trend. Given differences in states’ public nuisance doctrines, cases certainly could come out on the other side. As more cases are set to go to trial in the coming months, it will be instructive on how courts view this doctrine and its applicability to opioid-related cases.

Thursday, October 28, 2021
1:00 p.m. to 2:00 p.m. Eastern
12:00 p.m. to 1:00 p.m. Central
11:00 a.m. to 12:00 p.m. Mountain
10:00 a.m. to 11:00 a.m. Pacific

REGISTER HERE

FinTech produces real benefits to consumers, including increased speed, convenience, and new product offerings that make it easier for consumers to manage their financial lives. As FinTech offers thrilling new opportunities, it also poses potentially serious challenges. As consumers increasingly embrace innovative new technologies in our banking system, how can we make certain we include everyone—particularly consumers and small business owners who are currently disconnected from the financial system?

In the sixth installment of the Consumer Financial Services Litigation Webinar Series, Seyfarth attorneys will explore the evolution of FinTech and AI and their resulting impact on lending. Specifically, the presenters will cover:

  • FDIC rule codifying and clarifying expectations for industrial bank application process;
  • Evolution of FinTech regulation and enforcement;
  • Impact of FinTech on consumer driven banking;
  • Rise of comprehensive use of AI technology in consumer banking.

Consumer Financial Services Webinar Series

Given the magnitude of the potential changes ahead, Seyfarth has developed a webinar series designed to convey strategies and best practices to help you to ensure that your company and internal clients are prepared for what is ahead. To stay abreast of these changes, please subscribe to our mailing list.

Subscribe to Seyfarth’s Consumer Financial Services Mailing List.

For updates and insight on Consumer Financial Services Issues, we invite you to click here to subscribe to Seyfarth’s Consumer Class Defense Blog.

Speakers

Tonya Esposito, Partner, Seyfarth Shaw LLP

Tracee Davis, Partner, Seyfarth Shaw LLP

Anne Dunne, Associate, Seyfarth Shaw LLP

If you have any questions, please contact Colleen Vest at cvest@seyfarth.com and reference this event.

This webinar is accredited for CLE in CA, IL, NJ, and NY. Credit will be applied for as requested for TX, GA, WA, NC, FL and VA. The following jurisdictions accept reciprocal credit with these accredited states, and individuals can use the certificate they receive to gain CLE credit therein: AZ, CT, NH. The following jurisdictions do not require CLE, but attendees will receive general certificates of attendance: DC, MA, MD, MI, SD. For all other jurisdictions, a general certificate of attendance and the necessary materials will be issued that can be used in other jurisdictions for self-application. If you have questions about jurisdictions, please email CLE@seyfarth.com.

A mere three weeks after the application to vacate stay was filed, the United States Supreme Court has effectively ended the year-long row over the lawfulness of the federal Centers for Disease Control’s nationwide eviction moratorium (the “CDC Moratorium”).¹ On August 26, 2021, in a per curiam opinion joined by six members of the Court, with three members dissenting, the Court vacated the District of Columbia Circuit Court’s stay of enforcement pending appeal in Alabama Ass’n of Realtors v. Dep’t of Health & Human Servs., No. 21A23, 594 U.S. __, 2021 WL 3783142 (Aug. 26, 2021). The ruling, while technically not on the merits, rendered the District Court’s judgment, a summary judgment decision which held the CDC lacked statutory authority to impose the moratorium but was stayed pending appeal, immediately enforceable.² And as a practical matter, the opinion’s conclusion to deny stay relief on the grounds that “[i]f a federally imposed eviction moratorium is to continue, Congress must specifically authorize it” renders the CDC Moratorium immediately unenforceable in all of America’s courts, absent such Congressional authorization.

The Supreme Court previously declined to grant this relief when, on a 5-4 vote issued on June 29, 2021, Justice Kavanaugh wrote a concurring opinion which denied an earlier motion for stay relief, stating that only Congressional action could justify further extension beyond its then-July 31, 2021 sunset date.³

The CDC Moratorium

The CDC originally ordered its eviction Moratorium in September 2020 as a response to the COVID-19 pandemic, and extended it multiple times in light of the continuing state of emergency. We previously summarized the restrictions of the CDC Moratorium here, and highlighted several extensions of its reach here and here. In short, the CDC Moratorium subjected landlords to possible criminal and civil penalties if they proceeded with actions to evict certain “covered” residential tenants affected by COVID-19 for nonpayment of rent; it did not affect tenants’ underlying rental payment obligations or landlords’ ability to sue for unpaid rent.

Prelude to the Supreme Court’s Alabama Ass’n of Realtors Decision

The Court’s decision is the culmination of hotly-contested litigations in multiple federal courts around the country that challenged the CDC Moratorium on various statutory and constitutional grounds. As summarized by the D.C. District Court in Alabama Ass’n of Realtors:

at least six courts have considered various statutory and constitutional challenges to the CDC Order. Most recently, the Sixth Circuit denied a motion to stay a district court decision that held that the order exceeded the CDC’s authority under 42 U.S.C. § 264(a), see Tiger Lily, LLC v. United States Dep’t of Hous. & Urb. Dev., No. 2:20-cv-2692, __ F. Supp. 3d __, __, 2021 WL 1171887, at *4 (W.D. Tenn. Mar. 15, 2021) (concluding that the CDC Order exceeded the statutory authority of the Public Health Service Act), appeal filed, 992 F.3d 518 (6th Cir. 2021); Tiger Lily, LLC v. United States Dep’t of Hous. & Urb. Dev., 992 F.3d 518, 520 (6th Cir. 2021) (denying emergency motion for stay pending appeal); see also Skyworks, Ltd. v. Ctrs. for Disease Control & Prevention, No. 5:20-cv-2407, __ F. Supp. 3d __, __, 2021 WL 911720, at *12 (N.D. Ohio Mar. 10, 2021) (holding that the CDC exceeded its authority under 42 U.S.C. § 264(a)). Two other district courts, however, declined to enjoin the CDC Order at the preliminary injunction stage, see Brown v. Azar, No. 1:20-cv-03702, __ F. Supp. 3d __, __, 2020 WL 6364310, at *9-11 (N.D. Ga. Oct. 29, 2020), appeal filed, No. 20-14210 (11th Cir. 2020); Chambless Enterprises, LLC v. Redfield, No. 20-cv-01455, __ F. Supp. 3d __, __, 2020 WL 7588849, at *5-9 (W.D. La. Dec. 22, 2020), appeal filed, No. 21-30037 (5th Cir. 2021). Separately, another district court declared that the federal government lacks the constitutional authority altogether to issue a nationwide moratorium on evictions. See Terkel v. Ctrs. for Disease Control & Prevention, No. 6:20-cv-564, __ F. Supp. 3d __, __, 2021 WL 742877, at *1-2, 10-11 (E.D. Tex. Feb. 25, 2021), appeal filed, No. 21-40137 (5th Cir. 2021).5

The majority of courts concluded that the CDC lacked statutory authority to pronounce such a sweeping restriction on landlords and property owners’ rights, but did not impose any nationwide remedies. The D.C. District Court, however, invalidated the CDC Moratorium nationwide.6 When the court stayed its order pending the government’s appeal, both the D.C. Circuit and Supreme Court initially upheld the stay. But Justice Kavanaugh’s concurring opinion expressed that in his view the agency had “exceeded its existing statutory authority” in the CDC Moratorium, and that “clear and specific congressional authorization (via new legislation) would be necessary for the CDC to extend the moratorium past July.”7

The Supreme Court Decides Alabama Ass’n of Realtors on a “Rocket Docket”

The CDC reinstated the CDC Moratorium on August 3, 2021. The plaintiffs filed an emergency motion in the D.C. District Court to again vacate the stay pending the federal government’s appeal, based upon Justice Kavanaugh’s concurrence. On August 13, 2021, the District Court denied that motion, ruling that it was still bound by the D.C. Circuit and Supreme Court’s prior stay orders.8 Plaintiffs sought emergency relief from the D.C. Circuit. In a per curiam decision issued on August 20, 2021, the D.C. Circuit denied stay relief, referring to its prior decision.

Only 10 days passed between the CDC’s reinstatement and the District Court’s stay denial order. Only another 7 days passed between that order and the D.C. Circuit’s stay denial order. And only another six days passed between that order and the Supreme Court’s decision. A multi-staged rocket docket, indeed.

The Supreme Court’s Alabama Ass’n of Realtors Decision

The Supreme Court made quick work of the statutory question. The CDC justified its Moratorium on § 361(a) of the Public Health Service Act, which the Court concluded had specific language authorizing the agency to regulate such things as “inspection, fumigation, disinfection, sanitation, pest extermination, and destruction of contaminated animals and articles” in order to protect public health.10 The CDC Moratorium, by contrast, only had—at most—a very tangential connection to protecting public health by stopping landlords from evicting non-paying tenants who may end up homeless, who may cross state lines seeking shelter, and who may have been infected with COVID-19 and cause possible further spread of the disease. The Court concluded that the statute did not permit the sweeping authority enacted by the CDC in its eviction Moratorium.11 

The CDC’s alternative justification that the statutory language granting the agency authority to adopt “other measures, as in [its] judgment may be necessary,” § 361(a), gained no more traction with the Court. The Court found that this language could only encompass measures consistent with the list of things previously referenced in the statute, and that expanding it to include such things as the nationwide CDC Moratorium results in a stretched interpretation that would provide the agency with boundless, unchecked powers. It concluded that Congress is expected to speak clearly when passing legislation that gives executive agencies broad powers, but had not done so in § 361(a) of the Public Health Service Act.12

Turning to the equities of the stay pending appeal, the Court noted that the CDC Moratorium saddled the plaintiffs and landlords all over the country with a risk of irreparable harm through lost rental payments with no guarantee they would be made whole. It further noted that government rental-assistance funds continued to be available to tenants affected by COVID-19, and that several months had passed since it previously upheld the stay.13 It concluded by holding that any further eviction moratorium could only be justified by new Congressional legislation that includes findings that the public interest supports such action.14 

What’s Next?

With the federal moratorium having come to a close, some states and municipalities have passed their own eviction moratoria.15 Challenges to them will not be governed by the Alabama Ass’n of Realtors Supreme Court decision, which addressed only the CDC’s authority. The local moratoria will no doubt be scrutinized for whether they can withstand challenges to their lawfulness, as well. Given that states and localities possess police powers that the federal government does not, such challenges will likely be unsuccessful, unless they can show that the promulgators lacked the requisite authority or failed to follow the required processes to enact or order their foreclosure moratoria. In those jurisdictions in which there are no longer any moratoria, it remains to be seen how quickly, or slowly, their judiciaries and civil officers will order and carry out evictions while the pandemic is still raging.

1. See “Temporary Halt in Residential Evictions to Prevent the Further Spread of COVID-19,” 85 Fed. Reg. 55292 (Sept. 4, 2020). As originally enacted, and after numerous extensions, the CDC Moratorium expired on July 31, 2021. See Consolidated Appropriations Act, 2021, Pub. L. No. 116-260, § 502, 134 Stat. 1182, 2078-79 (2020) (extending the CDC Moratorium through Jan. 31, 2021); 86 Fed. Reg. 8020 (Feb. 3, 2021) (extending it through March 31, 2021); id. 16731 (March 31, 2021) (extending it through June 30, 2021); id. 34010 (final extension through July 31, 2021). On August 3, 2021, the CDC re-enacted it with a slight narrowing of its geographic scope, but no other material changes. See id. 43244 (Aug. 3, 2021).

2. Alabama Ass’n of Realtors v. Dep’t of Health & Human Servs., No. 20-cv-3377 (DLF), __ F.3d __, 2021 WL 1779282 (D.C. May 5, 2021).

3. Alabama Ass’n of Realtors v. Dep’t of Health & Human Servs., 141 S. Ct. 2320, 2321 (Mem.) (2021).

4.  Terkel v. Ctrs. for Disease Control & Prevention, No. 6:20-cv-564, 2021 WL 742877, at *2-3 (E.D. Tex. Feb. 25, 2021), appeal filed, No. 21-40137 (5th Cir. 2021).

5. Alabama Ass’n of Realtors, 2021 WL 1779282, at *3.

6. Id. at *9-10.

7. Alabama Ass’n of Realtors, 141 S. Ct. 2320.

8. Alabama Ass’n of Realtors v. Dep’t of Health & Human Servs., No. 20-cv-3377 (DLF), __ F.3d __, 2021 WL 3577367, at *4-6 (D.C. Aug. 13, 2021).

9. Alabama Ass’n of Realtors v. Dep’t of Health & Human Servs., No. 21-5093, 2021 WL 3721431 (D.C. Cir. Aug. 20, 2021).

10. Alabama Ass’n of Realtors, 2021 WL 3783142, at *3.

11. Id. at *3-4.

12. Id.

13. Id. at *4.

14. Id.

15. Notable examples include New York state and the City of Boston.  See “Governor Hochul Signs New Moratorium on COVID-related Residential and Commercial Evictions into Law, Effective Through January 15, 2022” (Sept. 2, 2021), copy located at https://www.governor.ny.gov/news/governor-hochul-signs-new-moratorium-covid-related-residential-and-commercial-evictions-law (last reviewed Sept. 7, 2021); Boston Public Health Comm’n, “Temporary Order Establishing an Eviction Moratorium in the City of Boston” (Aug. 31, 2021), copy located at https://www.bphc.org/onlinenewsroom/Blog/SiteAssets/Lists/Posts/AllPosts/BPHC%20Temporary%20Eviction%20Moratorium%20Order%208%2031%2021%20(003).pdf (last reviewed Sept. 7, 2021).

Now more than ever, it is important for organizations to review and update their basic information security protocols (their incident response, business continuity and crisis communications plans), and to ensure they’re keeping apprised of potential and developing security threats that may imperil their organizations (like a catastrophic ransomware attack). Nation state attacks and cyber criminal gangs efforts seem to be aimed daily at US businesses. And the ransomware plague that continues unabated, affects nearly all industry verticals.¹

Unfortunately, sometimes even when threats are known and being addressed, when employees are trained frequently regarding information security, and when the highest security precautions are taken, a threat-actor can quickly capitalize on miniscule vulnerabilities, and an organization is faced with the grueling task of picking up the pieces. This usually includes conducting a forensic investigation, updating written information security protocols, deploying patches and password resets, replacing hardware, conducting additional employee training, as well as analyzing differing state breach legislation and notifying consumers, attorneys general, and credit bureaus in accordance with those laws.

Even after these efforts, an organization is still at risk of privacy class action litigation. This might arise through a state attorney general, federal regulator, or a consumer whose data was wrongly accessed or in fact stolen during the cyber-attack.

But in order for a consumer to sue, the threshold, and hot-button, question is whether the consumer has standing under Article III of the US Constitution. [T]he “irreducible constitutional minimum” of standing consists of three elements. The plaintiff must have (1) suffered an “injury in fact” (2) that is “fairly traceable” to the challenged conduct of the defendant and (3) that is likely to be redressed by a favorable judicial decision.²

This article discusses the first prong of the standing elements: injury in fact. Because it is generally difficult for plaintiffs in these actions to show financial harm, or other actual damages, arguments have been raised by the plaintiffs’ bar that the future risk of harm should suffice to meet the first prong of the standing elements. The Supreme Court stated in Spokeo, Inc. v. Robins that even when a statute has been violated, plaintiffs must show that an “injury-in-fact” has occurred that is both concrete and particularized. While this did provide some additional information, the question of how the future risk of harm fits in was left outstanding. Fortunately, on June 25, 2021 the Supreme Court revisited this issue in TransUnion LLC v. Ramirez, 20-297, 2021 WL 2599472, at *1 (U.S. June 25, 2021), when a credit reporting agency flagged certain consumers as potential matches to names on the United States Treasury Department’s Office of Foreign Assets Control (OFAC) list of terrorists, drug traffickers, or other serious criminals. The Court found that those “flagged” consumers whose information was divulged to third party businesses as being included in this list suffered a concrete injury in fact.. With regards to those consumers who were flagged as potential matches, but the information was never disseminated, the Court was unconvinced that a concrete injury occurred. Id. The Court further examined the risk of future harm for these individuals, but declined to find injury in fact, stating that risk of harm cannot be speculative, it must materialize, or have a sufficient likelihood of materializing. Id. It will be interesting to see how this ruling plays out in the circuits in the context of a data breach. The Court included in its opinion some interesting information regarding certain circumstances that may give rise to a concrete harm. Id. Aside from physical or financial harm, the Court also stated that reputational harm, the disclosure of private information, or intrusion upon seclusion may rise to the level of concrete harm. Id. This then begs the question of whether a risk of harm analysis might be necessary in the context of a breach, where private information is indeed accessed and disclosed (i.e., disseminated) to an unauthorized 3rd party.

In light of this ruling, we surveyed certain of the most active Circuit Court’s behavior on the Article III standing issue (post-data breach). While there are certainly trends in each circuit, it seems risk of future harm in particular, is often evaluated, rightly, based on the specific facts of the matter, which still does cause some variance within each circuit. Below we explore these trends, and the circumstances under which injury in fact is often found. Given the recent TransUnion ruling, we expect the circuits to maintain some variability and look to distinguish the TransUnion case when possible.

Second Circuit

The Second Circuit very recently faced this issue, and acknowledged “join[ing] all of [its] sister circuits that have specifically addressed the issue in holding that plaintiffs may establish standing based on an increased risk of identity theft or fraud following the unauthorized disclosure of their data.” The court held that plaintiffs lacked standing due to a failure to plead a sufficient risk of future identity fraud. This is in contrast to its decision in Whalen v. Michael Stores, Inc., 689 F. App’x 89, 90-91 & n.1 (2d Cir. 2017), which seemed to favor the Sixth and Seventh Circuit’s approach.

The Second Circuit also recently looked to this issue in McMorris v. Carlos Lopez & Assocs., LLC, No. 19-4310, at 11 n.3 (2d Cir. April 26, 2021). When the defendant employer accidentally sent an email containing employee PII, plaintiff employees sued for negligence and violation of state consumer protection laws. Plaintiffs’ PII was not, at the time of the case, misused or stolen. The court remained consistent with its decision in Whalen concluding that despite measures taken to avoid identity theft, the plaintiffs could not show injury in fact.

Third Circuit

The Third Circuit has taken its own approach, allowing standing when data is statutorily protected, but rejecting risk of harm arguments for common law claims. This is demonstrated by the court in In re Horizon Healthcare Servs. Inc. Data Breach Litig., 846 F.3d 625, 641 (3d Cir. 2017), which found standing when personal data was breached in violation of the Fair Credit Reporting Act. The court did not delve into the future risk of harm issue, as it had already found a “cognizable injury.” Id.

The future risk of harm issue was discussed however in Reilly v. Ceridian Corp., 664 F.3d 38, 42 (3d Cir. 2011) (“Unless and until [] conjectures [about alleged future identity theft] come true, Appellants have not suffered any injury; there has been no misuse of the information, and thus, no harm.”), and Kamal v. J. Crew Grp., Inc., 918 F.3d 102, 113 (3d Cir. 2019) (denying standing where no information was stolen or disclosed, or where a threat-actor would need to piece together information from different sources in order to proceed with identity theft, and stating “[i]f a procedural violation does not present a material risk of harm to an underlying interest, a plaintiff fails to demonstrate concrete injury under Article III”).

Fourth Circuit

The Fourth Circuit additionally rejects the risk of future harm argument, finding in Beck v. McDonald, 848 F.3d 262, 274-75 (4th Cir. 2017) that the plaintiffs’ supposed risk of future identity theft was “too speculative” when plaintiffs failed to present evidence that their personal information had been accessed or misused.

A year later however, in Hutton v. Natl. Bd. of Examiners in Optometry, Inc., 892 F.3d 613, 621 (4th Cir. 2018), the court of appeals distinguished the Beck decision and vacated a district court’s dismissal of class action suit. There, the Fourth Circuit found injury in fact when Plaintiffs alleged that they were victims of identity theft and credit card fraud, which constituted misuse and thus satisfied the injury prong of Article III. Id.

7th Circuit

The Seventh Circuit favors standing when a breach causes an increased risk of harm to the affected individuals, when the data exposed is likely to lead to identity theft. This is supported by the decisions in Pisciotta v. Old Nat’l Bancorp, 499 F.3d 629, 634 (7th Cir. 2007), which found injury in fact when plaintiffs claimed an increased risk of data theft after their information had been accessed by a malicious and sophisticated hacker; Lewert v. P.F. Chang’s China Bistro, Inc., 819 F.3d 963, 967 (7th Cir. 2016) where injury in fact was found when plaintiffs spent time resolving fraudulent charges even when the bank prevented charges from going through; and Remijas v. Neiman Marcus Grp., LLC, 794 F.3d 688, 692 (7th Cir. 2015), where similarly, victims of identity theft suffered “aggravation and loss of value of time needed to set things straight, to reset payment associations after credit card numbers are changed and pursue relief for unauthorized charges.”

However, some recent cases show that the Seventh Circuit is not quite ready to accept that any potential for identify theft satisfies the injury in fact element of standing. For example, in Kylie S. v. Pearson PLC, 475 F. Supp. 3d 841, 846 (N.D. Ill. 2020), the court did not find standing where the data breached could not “easily be used in fraudulent transactions,” and where plaintiffs were unable to show any consequences of the breach a year following the incident.

Ninth Circuit

The Ninth Circuit has determined that a plaintiff can establish standing by showing injury in fact based on the increased risk of identity theft following a data breach. In Krottner v. Starbucks Corp., 628 F.3d 1139, 1143 (9th Cir. 2010), the court found that the plaintiffs had standing where they “alleged credible threat of real and imminent harm stemming from the theft of a laptop containing their unencrypted personal data.” Likewise, the court in In re Zappos.com, Inc., 888 F.3d 1020, 1028 (9th Cir. 2018), found that “Plaintiffs sufficiently alleged an injury in fact based on a substantial risk that the Zappos hackers will commit identity fraud or identity theft.”

Eleventh Circuit

The Eleventh Circuit has found that a plaintiff must show more than an increased risk of identity theft to establish injury in fact for Article III standing. In Tsao v. Captiva MVP Rest. Partners, LLC , 986 F.3d 1332, 1343 (11th Cir. 2021), the court explained that the information allegedly accessed by the hackers “generally cannot be used alone to open unauthorized or new accounts” therefore, “it is unlikely that the information allegedly stolen [ ], standing alone, raises a substantial risk of identity theft.

Conclusion

While the Supreme Court did provide further color to the issue of risk of future harm, we have yet to see how this plays out in the context of a data breach. The trends in the circuits tell us that in the absence of a showing that individual data was indeed misused, we can expect courts across the circuits to evaluate each case based on the facts and circumstances at hand, and continue to draw conclusions based on the trends discussed above. However, with the Supreme Court using dissemination of information as the threshold to determine harm, it will be interesting to see what is to come in this space. For now, we can expect the following trends to continue in the circuits:

Threshold 1st 2nd 3rd 4th DC 5th 6th 7th 8th 9th 10th 11th
Actual Harm (Pecuniary Loss) X X X X X X
Threat of Harm/Misuse X X X X
Middle Ground X X X X X

1. See Georgia hospital system hit with ransomware attack following Biden-Putin summit Ι Fox Business

2. Spokeo, Inc. v. Robins, 136 S. Ct. 1540, 1547 (2016), as revised (May 24, 2016)

Tuesday, June 29, 2021
1:00 p.m. to 2:00 p.m. Eastern
12:00 p.m. to 1:00 p.m. Central
11:00 a.m. to 12:00 p.m. Mountain
10:00 a.m. to 11:00 a.m. Pacific

REGISTER HERE

The CARES Act gives borrowers a payment break on federal student loans—but starting in October, payments will start back up. Servicers of private and federal student loans are beginning to face lawsuits alleging that it harmed student loan borrowers throughout the repayment process. These suits could take years to conclude.

In the fifth installment of the Consumer Financial Services Litigation Webinar Series, Seyfarth attorneys will review this past year and will unfold the regulatory and legislative initiatives underway. Specifically, the presenters will cover:

  • Federal Student Loan Payment Moratorium
  • American Rescue Plan Tax Relief
  • Loan Forgiveness Initiatives
  • Developments in Bankruptcy Discharge

Consumer Financial Services Webinar Series

Given the magnitude of the potential changes ahead, Seyfarth has developed a webinar series designed to convey strategies and best practices to help you to ensure that your company and internal clients are prepared for what is ahead. To stay abreast of these changes, please subscribe to our mailing to list.

Subscribe to Seyfarth’s Consumer Financial Services Mailing List.

For updates and insight on Consumer Financial Services Issues, we invite you to click here to subscribe to Seyfarth’s Consumer Class Defense Blog.

Speakers
David Bizar, Partner, Seyfarth Shaw LLP
Bill Hanlon, Partner, Seyfarth Shaw LLP
Anne Dunne, Associate, Seyfarth Shaw LLP

If you have any questions, please contact Colleen Vest at cvest@seyfarth.com and reference this event.

This webinar is accredited for CLE in CA, IL, NJ, and NY. Credit will be applied for as requested for TX, GA, WA, NC, FL and VA.  The following jurisdictions accept reciprocal credit with these accredited states, and individuals can use the certificate they receive to gain CLE credit therein: AZ, CT, ME, NH.  The following jurisdictions do not require CLE, but attendees will receive general certificates of attendance: DC, MA, MD, MI, SD.  For all other jurisdictions, a general certificate of attendance and the necessary materials will be issued that can be used in other jurisdictions for self-application. If you have questions about jurisdictions, please email CLE@seyfarth.com

Requests for the inspection of books and records pursuant to Section 220 of the Delaware General Corporation Law is an important part of corporate litigation in Delaware. One important issue for these types of proceedings is the scope of documents that these types of requests can reach, particularly when it comes to privileged documents and other pre-discovery material. The following was published by The D&O Diary on May 17, 2021.

This article provides a summary of recent Delaware decisions on the permissible scope of shareholder books and records demands pursuant to Section 220 of the Delaware General Corporation Law (“Section 220”), including whether shareholders may use Section 220 to obtain pre-complaint discovery and/or privileged corporate documents. In short, there has been a significant uptick in Section 220 demand litigation in recent years and shareholders are frequently using Section 220 as an alternative method of obtaining discovery for ongoing or potential future fiduciary litigation. This article summarizes where shareholders have been permitted to proceed with such demands and where Delaware courts have drawn the line.

Section 220 Procedure

Section 220 provides shareholders with the right to inspect the books and records of a Delaware corporation where the shareholders have demonstrated a proper purpose. Procedurally, Section 220 requires shareholders to first serve a demand for inspection on a corporation and, if the demand is rejected, shareholders may initiate an action in Delaware Chancery Court to compel the production of the sought records. Section 220 actions are summary proceedings, which are supposed to be litigated in a more expeditious manner than regular lawsuits. These cases are quickly moved to a trial before a judge in the Court of Chancery. Sometimes, the parties forgo trial and instead, merely submit papers and hold oral argument.

Proper Purpose of Investigating Wrongdoing

There has been an explosive growth in Section 220 demand litigation in recent years with many shareholders using Section 220 as a tool for obtaining pre-complaint discovery to build cases against corporations and their officers and directors. This has led to many recent Delaware decisions evaluating whether shareholders were actually seeking books and records for a proper purpose under Section 220.

Delaware courts have held that a proper purpose can include investigating possible mismanagement, waste, improper transactions, self-dealing, etc. Where documents are sought for investigatory purposes, shareholders “must present some evidence to suggest a credible basis from which a court can infer that mismanagement … or wrongdoing may have occurred.”[i] This is the “lowest possible burden of proof” and “does not require a stockholder to prove that the wrongdoing actually occurred.”[ii] Because of this low standard, shareholders generally are permitted to proceed with their sought after review of corporate records.

However, this standard is not without limitations. For example, in 2017, in Wilkinson v. A. Schulman, Incorporated,[iii] the Delaware Chancery Court found there was no proper purpose where the shareholder conceded that his reasons for seeking the documents were substantially different from those set forth in the document demand drafted by his attorneys. Although the shareholder verified the complaint, he did not confirm the accuracy of the allegations contained therein, did not review the company’s answer, and was not otherwise involved in efforts to obtain the documents. In this case, the Court held that the shareholder’s “purported purposes were not his actual purposes” and, instead, “were his counsel’s purposes.”[iv] In subsequent rulings, Delaware courts have declined to extend Wilkinson, noting that the case “involved extreme facts” and “blunders.”[v] Indeed, following Wilkinson, Delaware courts have generally deferred to a shareholder’s asserted purpose unless it is obvious that the shareholder “[i]s a passive conduit in a purely lawyer-driven inspection effort.”[vi]

Recent Delaware decisions have affirmed the very low standard for establishing a proper purpose and have permitted shareholders to proceed with Section 220 demands, even where it appears shareholders are using this inspection tool solely to pursue future litigation.[vii] For example, in a late 2020 decision in AmerisourceBergen Corporation v. Lebanon County Employees’ Retirement Fund, the Delaware Supreme Court made two rulings favorable to shareholders pursuing Section 220 demands.[viii] First, the Court held that “when the purpose of an inspection of books and records under Section 220 is to investigate corporate wrongdoing, the stockholder seeking inspection is not required to specify the ends to which it might use the books and records.”[ix] However, the Court did note that shareholder’s “intended uses” were not entirely “irrelevant.”[x] Next, the Court held that a shareholder is not required to establish that the alleged wrongdoing it seeks to investigate is legally actionable in order to demonstrate a proper purpose.[xi] Yet, the decision indicated that “a court may be justified in denying inspection” in the “rare case” where a shareholder’s “sole reason for investigating mismanagement or wrongdoing is to pursue litigation and a purely procedural obstacle, such as standing or the statute of limitations, stands in the stockholder’s way.”[xii] This decision reaffirms that shareholders can generally use Section 220 demands as a means of obtaining pre-complaint discovery.

Section 220 Demands for Privileged Documents and the Garner Doctrine

Shareholders sometimes seek privileged or attorney work product protected documents in their Section 220 demands, a topic that has been litigated with some frequency since a 2014 Delaware Supreme Court opinion finding that shareholders are permitted do so in certain situations (the “IBEW decision”).[xiii] In the IBEW decision, the Delaware Supreme Court, for the first time, formally recognized the Garner doctrine, “which allows stockholders of a corporation to invade the corporation’s attorney-client privilege in order to prove fiduciary breaches by those in control of the corporation upon showing good cause”[xiv] Prior to this decision, the Delaware Chancery Court had applied the Garner doctrine to Section 220 litigation, even though it had not been expressly recognized by the Supreme Court.[xv]

In determining whether the Garner “good cause” exception to the attorney-client privilege applies, a court considers multiple factors, including:

(1) the number of shareholders and the percentage of stock they represent;

(2) the bona fides of the shareholders;

(3) the nature of the shareholders’ claim and whether it is obviously colorable;

(4) the apparent necessity or desirability of the shareholders having the information and the availability of it from other sources;

(5) whether, if the shareholders’ claim is of wrongful action by the corporation, it is of action criminal, or illegal but not criminal, or of doubtful legality;

(6) whether the communication related to past or to prospective actions;

(7) whether the communication is of advice concerning the litigation itself;

(8) the extent to which the communication is identified versus the extent to which the shareholders are blindly fishing;

(9) the risk of revelation of trade secrets or other information in whose confidentiality the corporation has an interest for independent reasons.[xvi]

Since the IBEW decision, Delaware courts have found that: (1) “the colorability of the claim,” (2) “the extent to which the communication is identified versus the extent to which the shareholders are blindly fishing,” and (3) the necessity and availability of the sought information are the three most important factors in determining whether the Garner exception is applicable.[xvii] Delaware courts have been particularly reluctant to apply the Garner doctrine where necessity and unavailability have not been established.[xviii]

The applicability of the Garner doctrine has been evaluated in several Delaware decisions following IBEW.[xix] These cases involved a fact intensive analysis of the Garner factors. There has been only one decision, subsequent to IBEW, in which the Garner exception was found to apply and a company was ordered to produce privileged documents.[xx] This is somewhat unsurprising since the Garner exception is intended to be “narrow,” “exacting,” and “very difficult to satisfy.”[xxi]

Most recently, on May 4, 2021, a Delaware Chancery Court refused to apply the Garner exception in a derivative case involving the 2018 approval of Tesla’s CEO Elon Musk’s compensation plan.[xxii] In that case, the derivative plaintiff sought privileged communications between Tesla’s outside legal counsel, in-house counsel and compensation committee regarding the committee’s independence from Musk. Although the Court found that the plaintiff had established a colorable claim and was not fishing, the Court ultimately held that “plaintiff’s showing [of necessity and unavailability] falls well short of the narrow and exacting mark set by Garner and its Delaware progeny.” The court rejected plaintiff’s conclusory assertions that the information sought was necessary and unavailable and noted that plaintiff “provide[d] no meaningful explanation as to why [the information sought] [wa]s not or will not be adequately addressed in the nonprivileged discovery available to plaintiff.”

Conclusion

In sum, recent Delaware case law reflects the challenges of opposing Section 220 demands. Although a shareholder must establish a “credible basis” for a demand, Delaware courts have reaffirmed that this is the “lowest possible burden of proof” and that shareholders do not need to show legally cognizable wrongdoing. On the other hand, Delaware courts have been more conservative in permitting shareholders access to privileged documents. Unless a shareholder can set forth non conclusory reasons as to why the privileged documents are necessary and unavailable from other sources, among other items, they will not be permitted to inspect privileged documents.

________________________

[i] See, e.g., Pettry v. Gilead Sciences, Inc., C.A. No. 2020-0132-KSJM, 2020 WL 6870461, at *10 (Del.Ch. Aug 26, 2020).

[ii] Id. at *11 (quotations omitted).

[iii] C.A. No. 2017–0138–VCL, 2017 WL 5289553, at *3 (Del.Ch. Nov. 13, 2017).

[iv] Id.

[v] See, e.g., Pettry., 2020 WL 6870461, at *15; Gross v. Biogen Inc., C.A. No. 2020-0096-PAF, 2021 WL 1399282, at *6 (Del.Ch. Apr. 14, 2021).

[vi] Pettry, 2020 WL 6870461, at *1.

[vii] Delaware courts have also awarded plaintiffs fees where Defendants have acted in an “overly aggressive” manner in defending Section 220 actions. See, e.g., Pettry, 2020 WL 6870461, at *29 (“defendants have turned books and records litigation into a surrogate proceeding to litigate the possible merits of the suit where they place obstacles in the plaintiffs’ way to obstruct them from employing it as a quick and easy pre-filing discovery tool”); See also Gross, 2021 WL 1399282, at *5.

[viii] In AmerisourceBergen, the shareholders sought materials “from May 1, 2010 to date concerning certain settlements, acquisitions, investigations, and other events related to AmerisourceBergen’s operations and its potential involvement in the opioid crisis.” 243 A.3d 417, 423 (Del. Supr. 2020)

[ix] Id. at 430.

[x] Id. at 429.

[xi] Id. at 437.

[xii] Id.

[xiii] Wal-Mart Stores, Inc. v. Indiana Elec. Workers Pension Trust Fund IBEW, 95 A.3d 1264, 1278-79 (Del. Supr. 2014).

[xiv] Id. at 1276.

[xv] See, e.g., id. at 1278. In the IBEW decision, the Delaware Supreme Court found that the Garner exception applies in both “plenary stockholder/corporation proceedings” and “Section 220 actions.” Id. Since then, one Delaware Chancery Court decision has suggested that it may also apply in cases where shareholders assert direct claims for breach of corporate fiduciary duties. Buttonwood Tree Value Partners, L.P. v. R.L. Polk & Co., Inc., Civil Action No. 9250–VCG, 2018 WL 346036, at *3 (Del.Ch. Jan. 10, 2018).

[xvi] Salberg v. Genworth Financial, Inc., C.A. No. 2017–0018–JRS, 2017 WL 3499807, at *4 (Del.Ch. July 27, 2017).

[xvii] Id. at *5. See also Buttonwood, 2018 WL 346036, at *3.

[xviii] Employees’ Retirement System of Rhode Island v. Facebook, Inc., C.A. No. 2020-0085-JRS, 2021 WL 529439, at *9 (Del.Ch. Feb. 10, 2021)

[xix] See, e.g., Employees’ Retirement System of Rhode Island, 2021 WL 529439, at *10 (holding that the production of privileged documents should not be compelled where non-privileged documents will “likely” provide the relevant information sought by plaintiffs); In re Facebook, Inc. Section 220 Litigation, No. 2018-0661-JRS, 2019 WL 2320842, at *18, n. 184 (Del.Ch. May 30, 2019) (“Plaintiffs have not met their heavy burden under Garner because, on this record, they have not demonstrated that the privileged information they seek ‘is both necessary to prosecute the action and unavailable from other sources.’”); Buttonwood, 2018 WL 346036; Elow v. Express Scripts Holding Company, C.A. No. 12721–VCMR, 2018 WL 2110946, at *2 (Del.Ch. Apr. 27, 2018) (conclusory statements that the privileged documents sought are “not available from any other source” are insufficient to satisfy Garner); Salberg, 2017 WL 3499807, at *7 (denying Plaintiff’s Section 220 demand for privileged documents under Garner, because the communications contained advice regarding a separate ongoing derivative action and “Plaintiffs cannot achieve via Section 220 what they could not achieve via discovery in the Derivative Action”); In re Lululemon Athletica Inc. 220 Litigation, C.A. No. 9039–VCP 2015 WL 1957196 (Del.Ch. Apr. 30, 2015).

[xx] See In re Lululemon Athletica Inc. 220 Litigation, WL 1957196, at *15

[xxi] IBEW, 95 A.3d at 1278.

[xxii] Tornetta v. Musk, Case No. 2018-0408-JRS, Entry # 87553543 (Del.Ch. May 4, 2021).

On Thursday April 15th, the U.S. Department of Justice, on behalf of the Federal Trade Commission (“FTC”) filed a lawsuit in the U.S. District Court for the Eastern District of Missouri against chiropractor Eric A. Nepute and his company Quickwork LLC (the “Defendants”) for violating the new COVID-19 Consumer Protection Act. In the complaint, the FTC charges Nepute and Quickwork LLC with making unsubstantiated claims about products sold under the “Wellness Warrior” brand regarding their ability to treat and prevent COVID-19. The FTC is seeking both monetary penalties against the Defendants, as well as a permanent injunction to prevent future violations of the FTC Act and the COVID-19 Consumer Protection Act by the Defendants.

Passed by Congress in December 2020, the COVID-19 Consumer Protection Act (“the Act”) serves to deter and prohibit businesses from marketing products based on unsubstantiated scientific claims for the duration of the COVID-19 crisis. Specifically, the Act prohibits deceptive acts or practices pertaining to “the treatment, cure, prevention, mitigation, or diagnosis of COVID-19” or “a government benefit related to COVID–19.” Congress included in the statute that any violation of this law “shall be treated as a violation of a rule defining an unfair or deceptive act or practice prescribed under section 18(a)(1)(B) of the Federal Trade Commission Act,” allowing for violators to receive financial penalties.

The Defendants promoted vitamin D and zinc products as part of their “Wellness Warrior” brand. They claimed–through multiple mediums of advertisement including emails, videos, and claims conveyed via Facebook–that their vitamin D products were scientifically proven to treat or prevent COVID-19. Some videos stated explicitly that “COVID-19 Patients who get enough Vitamin D are 52% less likely to die” and that people who get enough Vitamin D3 “have a 77 percent less chance of getting infected in the first place.” The Defendants made similar claims about their zinc products. More importantly, the Defendants also claimed that their products provided equal or better protection against COVID than the available vaccines.

The FTC issued a warning letter to Defendants about COVID-19 efficacy claims back in May 2020, but alleges that, since then, Defendants have “ramped up their unsubstantiated claims regarding Vitamin D and zinc.” Given the critical effort to roll out the various vaccines and maintain public trust regarding their effectiveness, it is unsurprising that the FTC has pursued this lawsuit.

The Lawsuit claims that Defendants violated both the FTC Act and the COVID-19 Consumer Protection act by making false claims regarding the ability of Defendants’ products ability to treat, cure, prevent, or mitigate COVID-19, both on their own and compared to available vaccines. The complaint seeks to prohibit further claims and to obtain monetary penalties Specifically the complaint states, “A violation of Section (b)(1) of the COVID-19 Consumer Protection Act made with the knowledge required by Section 5(m)(1)(A) of the FTC Act, 15 U.S.C. § 45(m)(1)(A), is subject to monetary civil penalties of not more than $43,792 for each violation of the COVID-19 Consumer Protection Act after January 13, 2021, including penalties whose associated violation predated January 13, 2021.”

By bringing this action, the FTC has made it clear that it takes these type of COVID-19 claims very seriously and that it will respond accordingly, partnering with the Justice Department as appropriate. To date, the FTC has sent over 350 warning letters to other companies regarding their conduct related to unsubstantiated COVID-19 claims, and there is a strong reason to believe the FTC will continue to pursue these claims as they arise.

Introduction

The Supreme Court of California, interpreting California Penal Code section 632.7, recently held in Smith v. LoanMe, Inc. that cellular or cordless phone conversations cannot be recorded by nonparties or the parties to the call without consent of the parties.  This decision overturned the Court of Appeal’s previous ruling that consent is only required if nonparties, and not the parties to the call, seek to record the conversation.  Therefore, companies must ensure that they obtain consent prior to recording their calls, or else criminal  and civil liability may ensue, including expensive class actions.

California Penal Code § 632.7

As part of the Invasion of Privacy Act, Penal Code section 632.7 provides, in relevant part: “Every person who, without the consent of all parties to a communication, intercepts or receives and intentionally records, or assists in the interception or reception and intentional recordation of, a communication transmitted between two cellular radio telephones, a cellular radio telephone and a landline telephone, two cordless telephones, a cordless telephone and a landline telephone, or a cordless telephone and a cellular radio telephone, shall be punished.”

Section 632.7 was enacted to expand section 632, which criminalized the unconsented to recording of phone conversations between traditional telephones, to include cellular or cordless phones.

Factual and Procedural Background

This case arose after Defendant LoanMe, Inc. (“LoanMe”) recorded a very brief phone conversation that it had with Plaintiff Jeremiah Smith (“Smith”), the husband of a woman to whom LoanMe extended a loan.  On October 15, LoanMe called the phone number that Smith’s wife had provided, and Smith answered on a cordless phone, informed LoanMe that his wife was not home, and hung up.  The call lasted a total of eighteen seconds.  About three seconds into the call, LoanMe caused a “beep” tone to sound, which signaled that the call was about to be recorded, though the LoanMe representative never verbally advised Smith that the call was going to be recorded.

Thereafter, in September 2016, Smith brought suit on behalf of a putative class consisting of “all persons in California whose inbound and outbound telephone conversations involving their cellular or cordless telephones were recorded without their consent by [LoanMe] or its agent/s within the one year prior to the filing of this action.”  The complaint alleged that the recording of these calls violated section 632.7.

The trial court held that there was no violation, holding that the beep tone gave Smith sufficient notice that the call was going to be recorded.

The Court of Appeal, rather than focusing on if Smith consented to the recording, addressed when consent would be required prior to the recording.  Specifically, the court debated if section 632.7 required that consent be obtained when parties to the call sought to record the call, or if it only applied when nonparties were the ones recording the conversation.  The court ultimately concluded that only nonparties were required to obtain consent, reasoning that “parties to a phone call always consent to the receipt of their communications by each other.”  Smith v. LoanMe, Inc., 43 Cal. App. 5th 844, 848 (2019).

Supreme Court of California’s Decision

On April 1, 2021, the Supreme Court of California reversed the lower courts, holding, “We conclude that [section 632.7] applies to the intentional recording of a covered communication regardless of whether the recording is performed by a party to the communication, or a nonparty.”  The Court’s analysis is as follows:

Statutory History

In Flanagan v. Flanagan, this Court defined “confidential communication” for purposes of interpreting section 632.  The Court held, “A conversation is confidential if a party to that conversation has an objectively reasonable expectation that the conversation is not being overheard or recorded.”  Flanagan v. Flanagan, 27 Cal. 4th 766, 768 (2002).  As part of its reasoning, the Court determined that this interpretation was consistent with section 632.7.  Therefore, because parties to a phone call will typically have a reasonable expectation that the call is not being recorded, it is unreasonable to assume that a person consented to a recording of their conversation by virtue of being on the call.

Language of § 632.7

The Court then looked to the language of the statute, which specifically addresses a person who “intercepts or receives” a call and intentionally records it without the parties’ consent.  Because a party to the call is a person who “receives” the call, the statute therefore forbids parties to the call from recording the conversation without the other party’s consent.  The Court went on to say, “Although parties might normally be regarded as consenting to the receipt of their communications by other parties to a call, this acquiescence would not, by itself, necessarily convey their consent to having these communications recorded.”

Legislative History

The Committee analyses of Assembly Bill 2465 establish that section 632.7 was enacted to respond to concerns that existing law did not prohibit the unconsented to recording of conversations involving cellular or cordless phones.  Although multiple analyses lend support to this notion, the following provides a concise explanation:

The primary intent of [AB 2465] is to provide a greater degree of privacy and security to persons who use cellular or cordless telephones.  Specifically, AB 2465 prohibits persons from recording conversations transmitted between cellular or cordless telephones.

Under current law, it is only illegal to ‘maliciously’ intercept a conversation transmitted between the above-identified telephones.  There is no prohibition against recording a conversation transmitted between cellular or cordless telephones.

By comparison, it is currently illegal to ‘intentionally’ intercept or record a conversation transmitted between landline, or traditional, telephones.

…Henceforth, persons using cellular or cordless telephones may do so knowing that their conversations are not being recorded.  Sen. Com. on Judiciary, Analysis of Assem. Bill No. 2465, at pp. 3-4, Ops. Cal. Legis. Counsel, No. 27958 (Dec 17, 1991)

Because the Legislature’s aim was to provide more protection for communications involving cellular or cordless phones, interpreting section 632.7 to require both parties and nonparties to obtain consent before recording a call squarely aligns with the legislative intent.

Policy Considerations

From a policy perspective, recording a conversation without a party’s consent, regardless of who is doing the recording, can implicate considerable privacy concerns.  As this Court recognized in Ribas v. Clark, “While one who imparts private information risks the betrayal of his confidence by the other party, a substantial distinction has been recognized between the secondhand repetition of the contents of a conversation and its simultaneous dissemination to an unannounced second auditor, whether that auditor be a person or mechanical device.”  Ribas v. Clark, 38 Cal. 3d 355, 360-61 (1985).  Applying this to section 632.7, although a party to a call consents to the other party receiving its communications, there are privacy concerns when the party’s communications are simultaneously disseminated to a recording device without the party’s consent.

The Court reasoned that the distinction stressed in Ribas owes to the fact that “secret monitoring denies the speaker an important aspect of privacy of communication — the right to control the nature and extent of the firsthand dissemination of his statements.” Ribas, at 361; United States v. White, 401 U.S. 745, 787-788 (1971)(dis. opn. of Harlan, J.) [“[m]uch off-hand exchange is easily forgotten and one may count on the obscurity of his remarks, protected by the very fact of a limited audience, and the likelihood that the listener will either overlook or forget what is said, as well as the listener’s inability to reformulate a conversation”]. The Court concluded, citing Kearney v. Salomon Smith Barney, 39 Cal.4th 95, 125 (2006),  to ensure that these concerns are addressed, the state has a “strong and continuing interest in the full and vigorous application” of laws that vindicate the privacy rights that can be compromised when a communication is recorded without consent.

Takeaways

Moving forward, it is now unlawful for anyone, party or nonparty, to record a cellular or wireless telephone conversation without the consent of all parties to the call.  As such, companies must ensure that they receive the other party’s consent before recording the call.  However, it is important to note that what exactly constitutes consent remains uncertain (it is still to be determined whether the “beep” in the above case gave Smith adequate notice that the call was being recorded).  Because of this, companies should have their representatives or automated systems clearly indicate to the other party that the call is being recorded and ensure that such notification is non-bypassable. Companies should ensure that their outbound and inbound call recording practices with California individuals comport with this significant new decision. We expect the plaintiffs’ bar to target non-compliant businesses conducting business in California. For more information, please see our recent webinar on California Consumer Class Action issues.

Monday, May 10, 2021
12:00 p.m. to 1:00 p.m. Eastern
11:00 a.m. to 12:00 p.m. Central
10:00 a.m. to 11:00 a.m. Mountain
9:00 a.m. to 10:00 a.m. Pacific

About the Program

On October 30, 2020, the CFPB released its long-awaited final collections rule, which restated and clarified certain prohibitions on harassment and abuse, false or misleading representations, and unfair practices by debt collectors under the Fair Debt Collection Practices Act (“FDCPA”).  The release marks one of the most significant developments in the debt collection industry since the FDCPA was enacted in 1977.

In the third installment of the Consumer Financial Services Litigation Webinar Series, Seyfarth attorneys will break down various portions of the final rules. Below is the list of topics that we plan to discuss in further detail.

  • Overview of the FDCPA and Rulemaking that led to the Fall 2020 new regulations;
  • Highlight of changes and key provisions in the new FDCPA regulations;
  • Recent CFPB actions to delay and supplement the new FDCPA regulations (i.e., the two notices I circulated in the last few days).

Consumer Financial Services Webinar Series
Given the magnitude of the potential changes ahead, Seyfarth has developed a webinar series designed to convey strategies and best practices to help you to ensure that your company and internal clients are prepared for what is ahead. To stay abreast of these changes, please subscribe to our mailing to list.

Subscribe to Seyfarth’s Consumer Financial Services Mailing List.

For updates and insight on Consumer Financial Services Issues, we invite you to click here to subscribe to Seyfarth’s Consumer Class Defense Blog

Speakers

Tonya M. Esposito, Partner, Seyfarth Shaw LLP
Michael Jusczyk, Associate, Seyfarth Shaw LLP
J. Patrick Kennedy, Senior Counsel, Seyfarth Shaw LLP

Jordan Vick and Kristine Argentine have organized and will be moderating a CLE program for the Federal Bar Association titled Commercial Class Actions: Hot Topics and Trends.

In this program, Seventh Circuit Judge David F. Hamilton and District Court Judge Robert M. Dow, Jr. will offer their perspectives on significant recent developments at the Circuit Court and Supreme Court levels affecting how class actions are brought, litigated, certified and settled.

Register for this program here.