1 2 3 4 UNITED STATES DISTRICT COURT 5 NORTHERN DISTRICT OF CALIFORNIA 6 7 DAVID ANGEL SIFUENTES, Case No. 25-cv-04479-JST
8 Plaintiff, ORDER DISMISSING THE SAC v. 9 Re: ECF Nos. 23, 28 10 META PLATFORMS, INC., Defendant. 11
12 13 Before the Court is Defendant Meta’s motion to dismiss Plaintiff David Angel Sifuentes’s 14 Second Amended Complaint (“SAC”). ECF No. 23. The Court will grant the motion and dismiss 15 the SAC without leave to amend. 16 I. BACKGROUND 17 On May 27, 2025, Sifuentes filed this action against Meta, alleging that it had failed to 18 notify him that his personal information and that of his Facebook friends had been compromised 19 in a “massive data breach” that occurred in 2021. ECF No. 1 ¶ 1. He subsequently filed a First 20 Amended Complaint (“FAC”) on June 10, 2025. ECF No. 5. Magistrate Judge Alex G. Tse 21 granted Sifuentes’s application to proceed in forma pauperis but screened and dismissed the FAC 22 under 28 U.S.C. § 1915(e)(2). ECF Nos. 10, 11. Sifuentes filed this SAC on July 21, 2025, which 23 Judge Tse screened without dismissing on July 23, 2025. ECF No. 14. 24 The SAC alleges thirteen causes of action: (1) violation of the Fair Credit Reporting Act; 25 (2) negligence (under Michigan law); (3) invasion of privacy (under California Law); (4) breach of 26 express contract (under California law); (5) breach of implied contract (under California law); (6) 27 violation of California’s Unfair Competition Law; (7) violation of California’s Consumer Legal 1 of Michigan’s Consumer Protection Act; (10) bailment (under California law); (11) violation of 2 Michigan’s Identity Theft Protection Act; (12) fraud (under California law); and (13) trespass to 3 chattels (under California law). 4 Meta filed a motion to dismiss on September 26, 2025. ECF No. 23. Sifuentes opposed on 5 October 6. ECF No. 25. Meta replied on October 17. ECF No. 26. Sifuentes moved for leave to 6 file a sur-reply on October 28. ECF No. 28. Meta opposed the motion for leave on December 1. 7 ECF No. 38. 8 Sifuentes also attached to his opposition to the motion to dismiss a “cross-motion for 9 summary judgment and opposition to defendant’s motion to dismiss.” ECF No. 25 at 7. He later 10 filed a “notice of motion and motion for summary judgment” separately, including only an outline 11 of the arguments he expected to make. ECF No. 35. Meta opposed the summary judgment 12 motion on December 8, 2025. ECF No. 39. Sifuentes then filed an amended motion for summary 13 judgment. ECF No. 40. The Court denied Sifuentes’s summary judgment motions by separate 14 order. ECF No. 41. 15 Sifuentes is an acknowledged serial litigant who has been placed on restricted filing status 16 in both the Eastern and Western Districts of Michigan. Sifuentes v. Twitter Inc., No. 1:23-CV- 17 981, 2023 WL 8818095, at *4 (W.D. Mich. Nov. 30, 2023), appeal dismissed, No. 23-2066, 2024 18 WL 2887907 (6th Cir. May 31, 2024), and motion for relief from judgment denied, No. 1:23-CV- 19 981, 2025 WL 294259 (W.D. Mich. Jan. 21, 2025), appeal dismissed sub nom. Sifuentes v. 20 Midland Cnty., MI 42nd Cir. Ct., No. 24-2063, 2025 WL 3502509 (6th Cir. Nov. 5, 2025). 21 II. JURISDICTION 22 The Court has jurisdiction under §§ 1331, 1332, and 1367. 23 III. LEGAL STANDARD 24 To survive a motion to dismiss under Federal Rule of Civil Procedure 12(b)(6), a 25 complaint must contain “a short and plain statement of the claim showing that the pleader is 26 entitled to relief.” Fed. R. Civ. P. 8(a)(2). “[A] complaint must contain sufficient factual matter, 27 accepted as true, to ‘state a claim to relief that is plausible on its face.’” Ashcroft v. Iqbal, 556 1 allegations need not be detailed, but facts must be “enough to raise a right to relief above the 2 speculative level.” Twombly, 550 U.S. at 555. 3 In determining whether a plaintiff has met the plausibility requirement, a court must 4 “accept all factual allegations in the complaint as true and construe the pleadings in the light most 5 favorable” to the plaintiff. Knievel v. ESPN, 393 F.3d 1068, 1072 (9th Cir. 2005). However, mere 6 legal conclusions and “[t]hreadbare recitals of the elements of a cause of action” are “not entitled 7 to the assumption of truth.” Iqbal, 556 U.S. at 678–79. 8 As here, a “document filed pro se is to be liberally construed and a pro se complaint, 9 however inartfully pleaded, must be held to less stringent standards than formal pleadings drafted 10 by lawyers.” Erickson v. Pardus, 551 U.S. 89, 94 (2007) (internal quotations and citation 11 omitted). 12 IV. DISCUSSION 13 A. Plausibility 14 Each of Sifuentes’s claims stems from his allegation that his personal information was 15 “compromised” by a breach of data maintained by Facebook. ECF No. 12 ¶ 10. The basis for 16 Sifuentes’s allegation is two attached documents: (1) a screenshot of a notification from Apple, 17 received by Sifuentes on May 20, 2025, indicating that the email and password he used for his 18 Facebook account had been involved in a data breach, and (2) a news article describing a 19 cyberattack in April of 2021 wherein cybercriminals accessed personal information belonging to 20 “more than half a million Facebook users.” ECF No. 5 at 24, 27; ECF No. 12 ¶ 13.1 The article 21 states that cybercriminals aquired Facebook identities, full names, birth dates, locations, and email 22 addresses. ECF No. 5 at 27. 23 Sifuentes has failed to allege facts rendering his theory plausible. The 2025 Apple 24 notification merely states that the password used for his Facebook account appeared in a breach— 25 26 1 Although these documents are attached to the FAC, but not the SAC, the Court considers them as 27 incorporated by reference into the SAC. See ECF No. 5 at 24–33; Williams v. Cnty. of Alameda, 1 not that the breach was one targeting Facebook. ECF No. 5 at 24. Moreover, the news article 2 Sifuentes attached does not state that passwords were included in the 2021 breach. Compare ECF 3 No. 5 at 24 with id. at 27. Rather, the article states that the 2021 breach involved “scrap[ing]” 4 users’ profiles—but passwords are not published on users’ profiles. Id. at 27–28. Moreover, as 5 Sifuentes readily admits, he used the same password for “multiple” other accounts. ECF No. 12 6 ¶ 16; ECF No. 5 at 24. The fact that Sifuentes received the notification in 2025 further 7 undermines his claim that it related back to the 2021 Facebook breach. ECF No. 5 at 24. 8 Sifuentes’s attached article states that individuals can confirm that they were impacted by 9 the 2021 breach using a website. ECF No. 5 at 27. Sifuentes does not allege that he used this 10 website to confirm that he was impacted. And he alleges no other means by which he attempted to 11 discover whether his information was included in the 2021 breach and no facts suggesting that it 12 was. 13 Sifuentes alleges that because of the breach, his “Facebook account was hijacked, his 14 personal information and that of his contacts were exposed, [and] unauthorized communications 15 were sent from his account.” ECF No. 12 ¶ 2. He does not explain how or to whom “his personal 16 information and that of his contacts were exposed.” He likewise does not provide any detail about 17 the “unauthorized communications” and “Facebook friend requests” sent from his account, even 18 though those details are presumably readily accessible to him. Id. ¶¶ 2, 15. Nor does he explain 19 why the cybercriminals behind the 2021 Facebook data breach would be interested in sending 20 Facebook friend requests on his behalf. 21 Sifuentes also attaches a screenshot of an apparent phishing email. ECF No. 5 at 33. He 22 provides no grounds for the Court to conclude that this phishing email was related to the alleged 23 breach in any way. First, it involved a different email address than the one listed in the 24 notification from Apple. Id. Second, it was received on June 2, 2025—more than four years after 25 the data breach at issue. Id. Sifuentes’s assertion that his phishing problem “is fairly traceable to 26 Facebook data breach because Plaintiff’s compromised personal information, including his IP 27 address and other protected data, has been used by bad actors in a ‘constant virus spreading to 1 Sifuentes’s contradictory and conclusory statements are insufficient to allow the Court to 2 find it plausible that he was impacted by a 2021 breach of Facebook users’ data. 3 B. Meta Terms of Service 4 1. Incorporation by Reference 5 The Court agrees with Meta that its Terms of Service are incorporated by reference into the 6 complaint. ECF No. 23 at 14 n.1. The Court may incorporate by reference and thus treat a 7 document as part of the complaint for purposes of a motion to dismiss, even where the plaintiff did 8 not attach that document to the complaint, if: “(1) the complaint refers to the document; (2) the 9 document is central to the plaintiff’s claim; and (3) no party questions the authenticity of the copy 10 attached to the 12(b)(6) motion.” Marder v. Lopez, 450 F.3d 445, 448 (9th Cir. 2006) (citing 11 Branch v. Tunnell, 14 F.3d 449, 453–54 (9th Cir. 1994)). 12 The SAC acknowledges that Sifuentes’s use of the Facebook platform is governed by the 13 Terms of Service, to which all users agree when they create and use a Facebook account. ECF 14 No. 12 ¶¶ 43–46. Because Sifuentes alleges that Meta “had a duty, arising from statute, common 15 law, and its own terms of service, to timely and adequately notify users of data breaches that 16 compromise their personal information,” the Terms of Service are central to his claims. Id. ¶ 19 17 (emphasis added). The Terms also form the basis of Sifuentes’s breach of contract and fraud 18 claims. Id. ¶¶ 43, 83. Moreover, although Sifuentes baldly states that “the authenticity, 19 applicability, and the specific version of the Terms in effect at the time of the 2021 breach are all 20 matters subject to factual development through discovery,” he does not raise any actual dispute 21 concerning the applicability or authenticity of the Terms. ECF No. 25 at 2; see also id. (implying 22 that the Terms are “potentially disputed”). 23 The Court may consider the Terms without converting the motion to dismiss to one for 24 summary judgment. See Sifuentes v. X Corp., No. 24-CV-00590-SK, 2024 WL 4953431, at *5 25 (N.D. Cal. Dec. 2, 2024) (in a very similar suit brought by Sifuentes, considering the X 26 Corporation Terms of Service because they are “not the subject of reasonable dispute, and their 27 authenticity is not in question” and they “form the basis of [Sifuentes’s] breach of contract 1 reference in the complaint . . . without converting the motion to dismiss into a motion for 2 summary judgment.”). 3 2. Choice of Law 4 The Terms state “that the laws of the State of California will govern these Terms and any 5 claim, cause of action, or dispute without regard to conflict of law provisions.” ECF No. 23-1 at 6 14. The Terms therefore bar Sifuentes’s Michigan law claims: those for (2) negligence under 7 Michigan common law, (9) violation of the Michigan Consumer Protection Act, and (11) violation 8 of the Michigan Identity Theft Protection Act. 9 California’s choice-of-law rules, as the “law of the forum state,” govern the choice-of-law 10 determination. Hoffman v. Citibank, N.A., 546 F.3d 1078, 1082 (9th Cir. 2008); see also Atl. 11 Marine Const. Co. v. U.S. Dist. Ct. for W. Dist. of Texas, 571 U.S. 49, 65 (2013) (“A federal court 12 sitting in diversity ordinarily must follow the choice-of-law rules of the State in which it sits.”). 13 California has a “strong policy favoring enforcement of” choice-of-law provisions. Nedlloyd 14 Lines B.V. v. Superior Ct., 3 Cal. 4th 459, 465 (61992). California courts analyzing choice-of-aw 15 provisions first ask “(1) whether the chosen state has a substantial relationship to the parties or 16 their transaction, or (2) whether there is any other reasonable basis for the parties’ choice of law.” 17 Id. at 466. “If either test is met, ‘the parties’ choice generally will be enforced unless’ the party 18 asserting the law of an alternate state ‘can establish both that the chosen law is contrary to a 19 fundamental policy’ of the alternate state and that the alternate state ‘has a materially greater 20 interest in the determination of the particular issue.’” Palomino v. Facebook, Inc., No. 16-CV- 21 04230-HSG, 2017 WL 76901, at *3 (N.D. Cal. Jan. 9, 2017) (quoting Washington Mut. Bank, FA 22 v. Superior Court, 24 Cal. 4th 906, 917 (2001)); see also Restatement (Second) of Conflict of 23 Laws § 187 (1971). 24 Here, the first factor is satisfied because Meta is headquartered and has its principal place 25 of business in California. See ECF No. 12 ¶¶ 4, 6, 8; Palomino, 2017 WL 76901, at *3 (finding 26 this factor met in view of Facebook’s headquarters and principal place of business). As to the 27 second factor, Sifuentes fails to establish “that the chosen law is contrary to a fundamental policy” 1 particular issue.” Wash. Mut. Bank, 24 Cal. 4th at 917. 2 Sifuentes argues that Michigan’s public policy interests “may override the choice-of-law 3 clause” because “Michigan has a profound public policy interest in protecting its citizens under the 4 Michigan Consumer Protection Act (MCPA) and Identity Theft Protection Act (MITPA).” ECF 5 No. 25 at 3. But he does not compare Michigan law to California law or explain why California 6 law is insufficiently protective or otherwise contrary to the “fundamental policy” of Michigan. 7 And as Meta argues, California law does in fact provide thorough and comparable protections. 8 ECF No. 26 at 10–11; see California Consumers Legal Remedies Act (CLRA), Cal. Civ. Code 9 §§ 1750 et seq.; California’s Unfair Competition Law, Cal. Bus. & Prof. Code §§ 17200 et seq.; 10 California Identity Theft Act (CITA), Cal. Civ. Code §§ 1798.92 et seq.; Cal. Pen. Code §§ 530.5 11 et seq.; see Williams v. Facebook, Inc., 384 F. Supp. 3d 1043, 1056 (N.D. Cal. 2018) (upholding 12 choice of law clause and recognizing California’s consumer protection laws as “robust”). 13 Meta’s Terms of Service therefore provide an independent ground for disposing of causes 14 of action (2), (9), and (11). Because Sifuentes has conceded that the Terms apply and failed to 15 show that the choice of law clause is unenforceable, further amendment as to these claims would 16 be futile and dismissal is with prejudice. See Universal Mortg. Co. v. Prudential Ins. Co., 799 17 F.2d 458, 459 (9th Cir.1986) (“Although leave to amend ‘shall be freely given when justice so 18 requires,’ it may be denied if the proposed amendment either lacks merit or would not serve any 19 purpose because to grant it would be futile in saving the plaintiff’s suit.” (citations omitted)). 20 3. Limitation on Liability 21 The Meta Terms of Service limit liability to the fullest extent permitted by law for “any 22 lost profits, revenues, information, or data, or consequential, special, indirect, exemplary, punitive, 23 or incidental damages arising out of or related to these Terms or the Meta Products (however 24 caused and on any theory of liability, including negligence).” ECF No. 23-1 at 13–14. The Terms 25 also disclaim any guarantees that products such as the Facebook platform will be “safe, secure, or 26 error-free, or that they will function without disruptions, delays, or imperfections” and state that 27 Meta is “not responsible for [third parties’] actions or conduct.” Id. 1 Gate Way, LLC v. Enercon, Servs., Inc., 572 F. Supp. 3d 797, 814 (N.D. Cal. 2021) (internal 2 quotation marks omitted). Under California Civil Code Section 1668, however, such clauses are 3 void as to claims of fraud, willful injury, and statutory violations. See Adkins v. Facebook, Inc., 4 No. 18-cv-05982 WHA, 2019 WL 3767455, at *2 (N.D. Cal. Aug. 9, 2019); N. Star Gas Co. v. 5 Pac. Gas & Elec. Co., No. 15-CV-02575-HSG, 2016 WL 5358590, at *16 (N.D. Cal. Sept. 26, 6 2016). 7 The Court has already concluded that Sifuentes’s claim (2) for negligence under Michigan 8 law is barred by the Terms’s choice of law clause. It is also barred by the limitations of liability 9 clause, which explicitly disclaims liability for negligence. ECF No. 23-1 at 14; see Karam v. Meta 10 Platforms, Inc., No. 3:25-CV-01397-AMO, 2025 WL 3079048, at *4 (N.D. Cal. Nov. 4, 2025) 11 (finding the same provision in the Meta Terms to bar negligence claims predicated on the conduct 12 of third parties); Young v. Meta Platforms, Inc., No. 24-cv-03583-HSG, 2025 WL 2930979, at *3 13 (N.D. Cal. Oct. 15, 2025) (same, in the context of an alleged Facebook account hack); cf. Bass v. 14 Facebook, Inc., 394 F. Supp. 3d 1024, 1038 (N.D. Cal. 2019) (declining to find that the Terms’ 15 limitations of liability provision barred a negligence claim in part because it did not explicitly 16 disclaim liability for negligence). Sifuentes’s claim (10) for bailment is likewise barred because it 17 alleges negligent handling of the alleged bailed property—Sifuentes’s data. ECF No. 12 ¶¶ 73–77 18 (“[Meta] breached its duty of care as bailee by failing to implement adequate security measures.”). 19 Citing City of Santa Barbara v. Superior Ct., 41 Cal. 4th 747 (2007), Sifuentes argues that 20 the limitation on liability is void on public policy grounds as to claims of gross negligence. 21 Sifuentes does not allege gross negligence in his complaint, however, nor does he state facts that 22 could plausibly constitute gross negligence. See ECF No. 122; Minor v. FedEx Off. & Print 23 Servs., Inc., 182 F. Supp. 3d 966, 977 (N.D. Cal. 2016) (“Plaintiff’s pleadings do not include a 24 claim for workers’ compensation insurance fraud nor any factual allegations to support such a 25 2 In alleging his cause of action for trespass to chattels, Sifuentes alludes to gross negligence, 26 stating that “[Meta’s] actions or culpable omissions (including its gross negligence or recklessness in failing to secure its computer systems and [Sifuentes’s] data) intentionally facilitated or directly 27 resulted in unauthorized third parties” taking adverse actions against Sifuentes. ECF No. 12 ¶ 92. 1 claim . . . [and] Plaintiff may not use his opposition to raise and argue new allegations or claims 2 not in the complaint.”). 3 Sifuentes’s claims (4) and (5) for breach of contract and breach of implied contract are also 4 barred by the limitations of liability clause. “[U]nder California law, ‘[w]ith respect to claims for 5 breach of contract, limitation of liability clauses are enforceable unless they are unconscionable, 6 that is, the improper result of unequal bargaining power or contrary to public policy.’” Adkins, 7 2019 WL 3767455, at *2 (quoting Food Safety Net Servs. v. Eco Safe Sys. USA, Inc., 209 Cal. 8 App. 4th 1118, 1126 (2012)); see also Darnaa, LLC v. Google LLC, 756 F. App’x 674, 676 (9th 9 Cir. 2018) (“As interpreted by California courts, Section 1668 generally does not prohibit parties 10 from limiting liability for breach of contract, including breach of the implied covenant.”). 11 Sifuentes has not argued or shown that the clause is unconscionable or contrary to public policy. 12 See ECF No. 25 at 3. 13 Courts in this district have sometimes found that Section 1668 prohibits limitations of 14 liability concerning breach of contract or negligence claims when they are based on underlying 15 allegations of intentional misconduct. See, e.g., Gerber v. Twitter, Inc., No. 4:23-CV-00186- 16 KAW, 2024 WL 5173313, at *8 (N.D. Cal. Dec. 18, 2024), motion to certify appeal denied, No. 17 4:23-CV-00186-KAW, 2025 WL 1359217 (N.D. Cal. May 9, 2025). But Sifuentes does not 18 allege any facts constituting intentional conduct on Meta’s part. At best, he alleges that Meta was 19 “aware or constructively aware of the Data Breach and its impact on users like” Sifuentes. ECF 20 No. 12 ¶ 17. 21 Sifuentes alleges several intentional torts. Although limitations of liability for “willful 22 injury” are unenforceable under Section 1668, Sifuentes has failed to allege facts constituting 23 intentional conduct by Meta for the intentional torts he alleges— (3) invasion of privacy, (8) 24 intentional infliction of emotion distress, and (13) trespass to chattels. All three claims concern 25 intentional conduct by the third-party cybercriminals, but raise no non-conclusory inference of 26 intentional conduct by Meta. See id. ¶ 39 (“Defendant, through its grossly inadequate security 27 practices, allowed third parties to intrude upon Plaintiff’s seclusion by accessing his private 1 that [Sifuentes] would suffer severe emotion distress as a result of its conduct”); id. ¶ 92 2 (“Defendant’s action or culpable omissions (including its gross negligence or recklessness in 3 failing to secure its computer systems and [Sifuentes’s] data) intentionally facilitated or directly 4 resulted in unauthorized third parties” taking adverse actions against Sifuentes.). These 5 conclusory allegations are insufficient to plead intentional conduct by Meta. 6 Sifuentes’s claims (2), (10), (4), (5), (3), (8), (13) are barred by the Meta Terms’s 7 limitations of liability clause because they are not based on intentional misconduct, statutory 8 violations, or fraud. Because amendment would be futile, leave to amend is denied. 9 C. Specific Claims Dismissed With Prejudice 10 The Court next considers Meta’s arguments concerning Sifuentes’s failure to state a claim 11 as to the individual causes of action. Failing to meaningfully address them in his opposition to the 12 motion to dismiss, Sifuentes concedes all of the arguments discussed below except those under 13 FCRA. See ECF No. 25 at 4–5. 14 1. Fair Credit Reporting Act 15 “Congress enacted FCRA in 1970 to ensure fair and accurate credit reporting, promote 16 efficiency in the banking system, and protect consumer privacy.” Safeco Ins. Co. of Am. v. Burr, 17 551 U.S. 47, 52 (2007). With respect to entities that furnish financial information to consumer 18 credit reporting agencies, the FCRA imposes two general duties: the duty to provide accurate 19 information, 15 U.S.C. § 1681s–2(a), and the duty to investigate the accuracy of reported 20 information upon receiving notice of a dispute, 15 U.S.C. § 1681s–2(b). See Sanai v. Saltz, 170 21 Cal. App. 4th 746, 763 (2009), as modified on denial of reh’g (Feb. 18, 2009). The statute gives 22 consumers a private right of action to enforce Section 1681s–2(b), but not to enforce Section 23 1681s–2(a). Nelson v. Chase Manhattan Mortg. Corp., 282 F.3d 1057, 1059–60 (9th Cir. 2002). 24 Moreover, to trigger the duty to investigate under Section 1681s–2(b), the consumer credit 25 reporting agency (“CRA”)—not the consumer—must notify the furnisher of information of the 26 dispute. See id. at 1060; Johnson v. Wells Fargo Home Mortg., Inc., 558 F. Supp. 2d 1114, 1120 27 (D. Nev. 2008). 1 FCRA’s implementing regulations define the term “furnisher” as “an entity that furnishes 2 information relating to consumers to one or more consumer reporting agencies for inclusion in a 3 consumer report.” 12 C.F.R. § 1022.41(c). Sifuentes has not alleged that Meta “furnishes” 4 information to CRAs. He only alleges, in a conclusory fashion, that Facebook’s data “is regularly 5 accessed and utilized by consumer reporting agencies . . . for purposes including . . . credit scores, 6 loans, and other eligibility determinations.” ECF No. 12 ¶ 27. He has also failed to allege that 7 any credit reporting agency notified Meta of a dispute sufficient to trigger its duty to investigate 8 under Section 1681s-2(b). Id. ¶¶ 31. 9 Even if Sifuentes could cure these deficiencies on amendment, his claims suffer from a 10 more fundamental problem: the FCRA does not impose on furnishers the duties that Sifuentes 11 claims that Meta breached. Sifuentes alleges, without citation, that Meta had a duty as a furnisher 12 to “implement and maintain reasonable security procedures,” to provide him with “timely and 13 adequate notice” of the 2021 breach, to offer him “remedial services,” and to inform CRAs of the 14 breach. ECF No. 12 ¶ 29. But neither Section 1681s-2, nor Sections 1022.42 or 1022.43 of 15 Regulation V defining the obligations of furnishers, impose such duties. 16 Moreover, even if the FCRA did impose these duties, Sifuentes would not have a private 17 right of action to enforce them, because the private right of action against furnishers is only under 18 Section 1681s-2(b), concerning the duty to investigate erroneous information furnished to a CRA. 19 ECF No. 25 at 5 (“[T]his claim is not brought under the § 1681s-2(b) dispute procedure.”). 20 Sifuentes does not allege that any erroneous information was furnished to a CRA. 21 Because the FCRA claim is based on duties not imposed by the statute and Sifuentes has 22 no private right of action, further amendment of that claim would be futile and its dismissal is with 23 prejudice. 24 2. Invasion of Privacy 25 Sifuentes purports to allege two privacy torts: intrusion upon seclusion and public 26 disclosure of private facts. “To state a claim for intrusion upon seclusion under California 27 common law, a plaintiff must plead that (1) a defendant ‘intentionally intrude[d] into a place, 1 the intrusion ‘occur[red] in a manner highly offensive to a reasonable person.” In re Facebook, 2 Inc. Internet Tracking Litigation, 956 F.3d 589, 601 (9th Cir. 2020) (quoting Hernandez v. 3 Hillsides, Inc., 47 Cal. 4th 272, 286 (2009)). And “[t]o prove a claim for public disclosure of 4 private fact, a plaintiff must show: ‘(1) public disclosure (2) of a private fact (3) which would be 5 offensive and objectionable to the reasonable person and (4) which is not of legitimate public 6 concern.’” Doe v. Gangland Prods., Inc., 730 F.3d 946, 958 (9th Cir. 2013) (quoting Shulman v. 7 Grp. W Prods., Inc., 18 Cal. 4th 200, 214 (1998)). “[E]xcept in cases involving physical intrusion, 8 the tort [of public disclosure of private facts] must be accompanied by publicity in the sense of 9 communication to the public in general or to a large number of persons as distinguished by one 10 individual or a few.” Kinsey v. Macur, 107 Cal. App. 3d 265, 270 (1980). 11 Sifuentes alleges that he “had a reasonable expectation of privacy in the personal 12 information he entrusted to Facebook” and that Meta “through its grossly inadequate security 13 practices, allowed third parties to intrude upon [his] seclusion by accessing his private Facebook 14 account and the sensitive data contained therein.” ECF No. 12 ¶¶ 38–39. He further alleges that 15 “the hijacking of [his] account and compromise of his data led to the unauthorized disclosure or 16 exposure of [his] private information and that of his family and friends to unauthorized third 17 parties.” Id. ¶ 40. 18 While Sifuentes fails to allege most elements of both claims, it is sufficient to note that he 19 does not allege that Meta intruded into his seclusion or disclosed his private facts. Rather, he 20 states explicitly that third-party cybercriminals did so. Consequently, he cannot state a claim 21 against Meta for intrusion into seclusion or public disclosure of private facts. See Mcgee v. 22 Poverello House, No. 1:18-CV-00768-NONE-SAB, 2021 WL 3602157, at *24 (E.D. Cal. Aug. 23 13, 2021) (rejecting claim that the defendant “allowed [a third party] to intentionally intrude” into 24 plaintiffs’ privacy because “[a] claim for intrusion requires the ‘defendant (to) intentionally 25 intrude’ a plaintiff’s privacy” (quoting Hernandez v. Hillsides, Inc., 47 Cal. 4th 272, 286 (2009)) 26 (emphasis added)); In re Facebook, Inc., Consumer Priv. User Profile Litig., 402 F. Supp. 3d 767, 27 796 (N.D. Cal. 2019) (holding that liability for public disclosure of private facts requires “the 1 Courts therefore reject invasion of privacy claims alleging conduct that merely increased 2 the risk of an invasion of privacy by a third party. See Matthews v. Apple, Inc., 769 F. Supp. 3d 3 999, 1011 (N.D. Cal. 2024) (rejecting invasion of privacy claim where, “[a]t best, Mathews’s 4 allegations amount to a theory that Apple’s Recovery Key feature created an increased risk that a 5 third party might be able to steal iCloud users’ personal data.”); see also Ruiz v. Gap, Inc., 540 F. 6 Supp. 2d 1121, 1127–28 (N.D. Cal. 2008), aff’d, 380 Fed. App’x 689 (9th Cir. 2010) (rejecting 7 privacy claim under the California constitution where defendant’s act merely created an “increased 8 risk” of information theft). 9 Following suit, the Court dismisses Sifuentes’s breach of privacy claims with prejudice. 10 3. Breach of Express and Implied Contract 11 To plead a claim for breach of contract under California law, a plaintiff must allege “the 12 existence of a contract, his or her own performance, the other party’s breach, and damages 13 suffered by the complaining party.” Sonic Mfg. Techs., Inc. v. AAE Sys., Inc., 196 Cal. App. 4th 14 456, 464 (2011). “To properly plead breach of contract, ‘[t]he complaint must identify the specific 15 provision of the contract allegedly breached by the defendant.’” Caraccioli v. Facebook, Inc., 167 16 F. Supp. 3d 1056, 1064 (N.D. Cal. 2016) (quoting Donohue v. Apple, Inc., 871 F. Supp. 2d 913, 17 930 (N.D. Cal. 2012)). 18 “A cause of action for breach of implied contract has the same elements as does a cause of 19 action for breach of contract, except that the promise is not expressed in words but is implied from 20 the promisor’s conduct.” Yari v. Producers Guild of Am. Inc., 161 Cal. App. 4th 172, 182 (2008). 21 “An action does not lie on an implied contract where there exists between the parties a valid 22 express contract which covers the same subject matter.” Rogers v. Am. President Lines, Ltd., 291 23 F.2d 740, 742 (9th Cir. 1961). 24 Sifuentes identifies the Terms as the operative express contract, but he does not identify 25 any specific provision that Meta has breached. He asserts that the Terms, Meta Privacy Policy, 26 and Meta’s “public representations” “contained express and/or implied terms obligating Defendant 27 to provide services in a competent manner and to take reasonable measures to protect the security, 1 a “material term” of his implied contract with Meta, “inherent in the nature of the services 2 provided and the sensitivity of the data entrusted, was that [Meta] would employ reasonable and 3 appropriate measures . . . to safeguard [Sifuentes’s] Personal Information.” Id. ¶ 50. 4 But the Terms, which are incorporated by reference into Sifuentes’s complaint, expressly 5 disclaim these alleged obligations, providing that Facebook would not always be “safe, secure, or 6 error-free” and that Meta is not responsible for the “actions or conduct” of third parties.” ECF No. 7 23-1 at 13; see Baldwin-Kennedy v. Meta Platforms Inc., No. 23-cv-06615, 2024 WL 4565091, at 8 *6 (N.D. Cal. Oct. 23, 2024) (rejecting the plaintiff’s claim that that a “user would expect [Meta] 9 ‘to take reasonable steps and secure user accounts’ and ‘to act responsibly and effectively in 10 response to breaches’” because the Meta Terms contained no such promises); see also King v. 11 Facebook, Inc., No. 19-cv-1987-WHO, 2019 WL 6493968, at *2 (N.D. Cal. Dec. 3, 2019), aff’d, 12 845 F. App’x 691 (9th Cir. 2021) (dismissing contract claim because “[a]s courts in this District 13 have explained, while Facebook’s Terms ‘place restrictions on users’ behavior,’ they ‘do not 14 create affirmative obligations’ on Facebook”). 15 Because the Terms constituted an express contract covering the relevant subject matter, 16 Sifuentes’s claim for a breach of implied contract is dismissed with prejudice. And because the 17 terms of the express contract contradict Sifuentes’s allegations of breach, his express contract 18 claims are dismissed with prejudice as well. 19 4. UCL 20 California’s Unfair Competition Law (“UCL”) prohibits “any unlawful, unfair or 21 fraudulent business act.” Cal. Bus. & Prof. Code § 17200. “To have standing to bring a claim 22 under the UCL, Plaintiffs must have suffered an injury in fact and must have lost money or 23 property as a result of the unfair competition.” Wesch v. Yodlee, Inc., No. 20-CV-05991-SK, 2021 24 WL 1399291, at *6 (N.D. Cal. Feb. 16, 2021) (citing Cal. Bus. & Prof. Code § 17204). “[T]here 25 are ‘innumerable ways’ to demonstrate economic injury from unfair competition” including 26 “where a plaintiff (1) surrenders in a transaction more, or acquires in a transaction less, than he or 27 she otherwise would have; (2) [has] a present or future property interest diminished; (3) [is] 1 enter into a transaction, costing money or property, that would otherwise have been unnecessary.” 2 Cappello v. Walmart Inc., 394 F. Supp. 3d 1015, 1019 (N.D. Cal. 2019) (quoting Kwikset Corp. v. 3 Superior Court, 51 Cal. 4th 310, 322 (2011)). 4 Sifuentes alleges the “loss of [the] value of his personal information and the time and 5 resources spent addressing the consequences of the breach.” ECF No. 12 ¶¶ 59, 95. The 6 dissemination of Sifuentes’s personal information is not an economic injury. While a loss of 7 property may qualify, Kwikset, 51 Cal. 4th at 322, Sifuentes does not allege that he actually lost 8 any property. Rather, he alleges that third parties gained access to information they may not have 9 been able to access before. That is not the type of property loss that constitutes an economic loss 10 under the UCL. See Lau v. Gen Digital Inc., No. 22-CV-08981-RFL, 2024 WL 1880161, at *4 11 (N.D. Cal. Apr. 3, 2024), aff’d sub nom. Karwowski v. Gen Digital, Inc., No. 24-7213, 2025 WL 12 3002610 (9th Cir. Oct. 27, 2025) (“[T]he misappropriation of private information alone does not 13 constitute economic injury.”); Moore v. Centrelake Med Grp., Inc., 299 Cal. Rptr. 3d 544, 566 & 14 n.13 (Ct. App. 2022) (finding unpersuasive federal cases that held that a loss of privacy in one’s 15 information was sufficient to allege UCL standing). 16 As to Sifuentes’s claim that he spent time and resources addressing the consequences of 17 the breach, courts in this circuit have split on whether such harms are cognizable under the UCL. 18 See In re Anthem, Inc. Data Breach Litig., 162 F. Supp. 3d 953, 987 (N.D. Cal. 2016) (collecting 19 cases). While some find the costs of credit monitoring, identity theft protection, etc. cognizable as 20 an economic injury incurred because the plaintiff is “required to enter into a transaction, costing 21 money or property, that would otherwise have been unnecessary” under Kwikset, others conclude 22 that it is not the type of injury contemplated by the statute. Id. The Court need not resolve this 23 legal question, however, because, as Meta points out, Sifuentes’s claim to have spent money 24 “addressing the consequences” of the 2021 breach is contradicted by his contention that he only 25 discovered that he may have been involved in the Facebook breach on May 20, 2025—seven days 26 before he filed the complaint in this matter. ECF No. 1; ECF No. 5 at 1. Moreover, Sifuentes’s 27 allegation concerning costs incurred “addressing the consequences” of the breach is vague and 1 To successfully amend, Sifuentes would need to do one of the following: (1) plausibly 2 allege that he incurred costs between May 20 and May 27, 2025 that were traceable to his 3 “knowledge” of the 2021 Facebook breach and not the numerous other breaches he has been 4 involved in or (2) plausibly allege that he was monetizing the data available on his Facebook page 5 in such a way that its dissemination to cybercriminals would diminish its value. Lau, 2024 WL 6 1880161, at *4 (discussing the “diminution-in-value” theory of economic injury following a data 7 breach). Under these circumstances, the Court finds that amendment of Sifuentes’s UCL claim 8 would be futile and dismisses without leave to amend. 9 5. Trespass to Chattels 10 Under California law, trespass to chattels “lies where an intentional interference with the 11 possession of personal property has proximately caused injury.” Intel Corp. v. Hamidi, 30 Cal.4th 12 1342, 1350–51 (2003). “Short of dispossession, personal injury, or physical damage (not present 13 here), intermeddling is actionable only if the chattel is impaired as to its condition, quality, or 14 value, or . . . the possessor is deprived of the use of the chattel for a substantial time.” Id. This 15 claim does not lie where injuries are to privacy and confidentiality. See Casillas v. Berkshire 16 Hathaway Homestate Ins. Co., 79 Cal. App. 5th 755, 765 (2022). For that reason, data breaches, 17 leaks, and other forms of extraction do not alone constitute a trespass to chattels. See X Corp. v. 18 Bright Data Ltd., 733 F. Supp. 3d 832, 842 (N.D. Cal. 2024); see also In re iPhone Application 19 Litig., No. 11-MD-02250-LHK, 2011 WL 4403963, at *13–14 (N.D. Cal. Sept. 20, 2011) 20 (following Hamidi and dismissing a privacy-based action where plaintiffs failed to connect the 21 trespass to a harm in the functioning of the phone). 22 Under California law, a claim for trespass to chattels cannot be sustained for mere data 23 breaches. Dismissal of Sifuentes’s claim for trespass to chattels, which the Court has already 24 found to be barred by the limitations of liability clause, is therefore with prejudice. 25 6. Bailment 26 “Courts have suggested various, mostly similar definitions of bailment.” Ruiz, 540 F. 27 Supp. 2d at 1126–27. Relying on California law, the Ninth Circuit has defined bailment as “the 1 Alcaraz–Garcia, 79 F.3d 769, 774 n.11 (9th Cir.1996); see also Whitcombe v. Stevedoring Servs. 2 of Am., 2 F.3d 312, 317 (9th Cir. 1993) (stating that “California law generally defines a bailment 3 as the delivery of a thing in trust for a purpose upon an implied or express contract”) (internal 4 citation omitted). Under traditional bailment doctrine, the standard of care depends on the 5 circumstances surrounding the bailment. 13 Witkin, Summary 11th Personal Property § 167 6 (2025). 7 Courts reject alleged bailment relationships based on possession of individuals’ personal 8 information. For instance, in Ruiz, which involved the theft from an employer of laptops 9 containing the social security numbers and other personal identifying information belonging to 10 prospective job applicants, the Court stated that it was “hard pressed to conceive of how 11 [Plaintiff]’s social security number could be construed to be personal property so that [Plaintiff] 12 somehow ‘delivered’ this property to [Defendant] and then expected it to be returned.” 540 F. 13 Supp. 2d at 1127; see also In re Sony Gaming Networks & Customer Data Sec. Breach Litig., 903 14 F. Supp. 2d 942, 974 (S.D. Cal. 2012) (reaching the same conclusion for the same reasons); 15 Worldwide Media, Inc. v. Twitter, Inc., No. 17-CV-07335-VKD, 2018 WL 5304852, at *11 (N.D. 16 Cal. Oct. 24, 2018) (“Twitter did not take custody of plaintiffs’ credit card information, nor was it 17 subject to return to plaintiffs at some later time. Plaintiffs’ credit card information was indeed 18 shared with Twitter, but that sharing does not fit the ‘bailment’ mold.”). 19 Sifuentes has not shown that the details he inputted into his Facebook profile were 20 “personal property” within the meaning of bailment law, nor that he “deposited” that property and 21 gave it over to Meta’s care in any meaningful sense. Alcaraz-Garcia, 79 F.3d at 744 n.11. The 22 Court is aware of no case finding a bailment relationship under those circumstances. Rather, the 23 Court follows the cases cited above in finding that no bailment relationship exists between a 24 Facebook user and Meta. Sifuentes’s claims for bailment are therefore dismissed with prejudice. 25 7. Intentional Infliction of Emotional Distress 26 Under California law, “[a] cause of action for intentional infliction of emotional distress 27 exists when there is (1) extreme and outrageous conduct by the defendant with the intention of 1 suffering severe or extreme emotional distress; and (3) actual and proximate causation of the 2 emotional distress by the defendant’s outrageous conduct.” Hughes v. Pair, 46 Cal. 4th 1035, 3 1050 (2009) (citations and internal quotation marks omitted). 4 The Court agrees with Meta that Sifuentes has failed to allege either of the first two 5 elements. ECF No. 23 at 31–32; ECF No. 12 ¶¶ 65–68. “A defendant’s conduct is outrageous 6 when it is so extreme as to exceed all bounds of that usually tolerated in a civilized community.” 7 Hughes, 46 Cal. 4th at 1050–51 (citations and internal quotation marks omitted). “And the 8 defendant’s conduct must be intended to inflict injury or engaged in with the realization that injury 9 will result.” Id. at 1051 (citations and internal quotation marks omitted). Meta’s alleged conduct 10 in failing to implement adequate security measures and failing to notify Sifuentes that his data had 11 been breached falls well short of constituting “extreme and outrageous conduct.” 12 With respect to the requirement of “severe or extreme emotional distress,” California 13 courts have set a “high bar”: the plaintiff must show “emotional distress of such substantial 14 quality or enduring quality that no reasonable [person] in civilized society should be expected to 15 endure it.” Hughes, 46 Cal. 4th at 1051 (citations and internal quotation marks omitted). The 16 “mere allegation that [a plaintiff] suffered severe emotional distress, without facts indicating the 17 nature of extent of any mental suffering incurred as a result of the defendant’s alleged outrageous 18 conduct, fail[s] to state a cause of action for intentional infliction of emotional distress.” Pitman v. 19 City of Oakland, 197 Cal. App.3d 1037, 1047 (1988). Sifuentes has alleged no such facts. The 20 Court is also unable to conclude that the dissemination to cybercriminals of information that an 21 individual chose to publish on his Facebook page could cause “emotional distress of such 22 substantial quality . . . that no reasonable person in civilized society should be expected to endure 23 it. Hughes, 46 Cal. 4th at 1051. 24 Because amendment would be futile, Sifuentes’s claim for intentional infliction of 25 emotional distress is dismissed with prejudice. 26 8. Fraud & CLRA 27 Under California law, the elements of fraud and intentional misrepresentation are “(1) 1 justifiable reliance; and (5) resulting damage.” Shafer v. Berger, Kahn, Shafton, Moss, Figler, 2 Simon & Gladstone, 107 Cal. App. 4th 54, 74 (2003), as modified on denial of reh’g (Apr. 8, 3 2003) (internal quotation marks and citation omitted). “In California, fraud must be pled 4 specifically; general and conclusory allegations do not suffice.” Lazar v. Superior Ct., 12 Cal. 4th 5 631, 645 (1996). “This particularity requirement necessitates pleading facts which ‘show how, 6 when, where, to whom, and by what means the representations were tendered.’” Robinson 7 Helicopter Co. v. Dana Corp., 34 Cal. 4th 979, 993 (2004) (quoting Lazar, 12 Cal. 4th at 645). 8 Sifuentes alleges that Meta implicitly and explicitly represented that it would take reasonable and 9 adequate measures to secure his personal information, and that Meta “engaged in fraudulent 10 omission and concealment” by not disclosing the 2021 Data Breach to him, but Sifuentes does not 11 identify any particular false statements or the means through which those specific statements were 12 made. ECF No. 12 ¶¶ 83, 85. This does not suffice to state a claim. See Robinson Helicopter, 34 13 Cal. 4th at 993. Moreover, the Terms and Conditions incorporated by reference into the complaint 14 show that Meta disclaimed any such protections. ECF No. 23-1 at 13–14. 15 The CLRA, California Civil Code Section 1750 et seq., identifies a number of different 16 prohibited practices, but the core elements of a CLRA claim are “misrepresentation, reliance and 17 damages.” Yastrab v. Apple Inc., 173 F. Supp. 3d 972, 977 (N.D. Cal. 2016). As claims grounded 18 in fraud, CLRA claims are also subject to enhanced pleading standards under Federal Rule of 19 Civil Procedure 9(b), requiring allegations that “identify ‘the who, what, when, where, and how of 20 the misconduct charged.’” Id. at 978. 21 Sifuentes’s description of Meta’s alleged misrepresentations lacks any specificity. 22 Sifuentes claims broadly that Meta represented that “its services had characteristics or benefits 23 (i.e., data security) which they did not have”; that “its services were of a particular standard, 24 quality or grade when they were of another;” that it advertised “goods or services with intent not 25 to supply them as advertised;” and that it “[f]ail[ed] to disclose material information about the 26 security of its platform and the breach of Plaintiff’s data.” ECF No. 12 ¶ 62. These conclusory 27 allegations, which largely restate portions of California Civil Code § 1770, are insufficient to state 1 represented that it would provide data security to its users and, as the Court noted above, the 2 Terms disclaim any such representation. 3 On Sifuentes’s third attempt to amend his complaint, he has failed to allege any claims 4 approaching the level of specificity required under Rule 9 to plead fraud or a violation of the 5 CLRA. Moreover, his underlying claim—that Meta represented that it would keep user data 6 secure—is undercut by the Terms. The Court therefore dismisses these claims with prejudice. 7 V. MOTION FOR LEAVE TO FILE A SUR-REPLY 8 On October 28, 2025, Sifuentes filed a motion for leave to file a sur-reply. ECF No. 28. 9 “Parties do not have the right to file sur[-]replies and . . . [t]he Court generally views motions for 10 leave to file a sur[-]reply with disfavor.” Garcia v. Biter, 195 F. Supp. 3d 1131, 1133–34 (E.D. 11 Cal. 2016) (citing Hill v. England, No. CVF05869 REC TAG, 2005 WL 3031136, at *1 (E.D. Cal. 12 2005)). “Although the court may in its discretion permit the filing of a sur-reply, this discretion 13 should be exercised in favor of allowing a sur-reply only where a valid reason for such additional 14 briefing exists, such as where the movant raises new arguments in its reply brief.” Warren v. City 15 of Chico, No. 2:21-CV-00640-DAD-DMC, 2024 WL 4803960, at *1 (E.D. Cal. Nov. 15, 2024) 16 (citation and quotation omitted). 17 Sifuentes argues that good cause justifies a sur-reply because Meta’s reply “introduces new 18 arguments, mischaracterizes Plaintiff’s position, and constitutes Defendant’s first formal 19 opposition to Plaintiff’s cross-motion [for summary judgment].” ECF No. 28 at 1. Meta opposes 20 on the grounds Sifuentes failed to comply with Local Rule 7-3(d) and that the circumstances do 21 not warrant a sur-reply. ECF No. 29 at 2. 22 The Court agrees with Meta. Meta’s reply only either repeated the arguments raised in its 23 opening brief or responded to Sifuentes’s opposition. See In re Hard Drive Suspension 24 Assemblies Antitrust Litig., No. 19-MD-02918-MMC, 2023 WL 1934491, at *1 (N.D. Cal. Jan. 6, 25 2023) (denying plantiff’s motion for leave to file sur-reply because defendant’s reply only 26 addressed arguments and evidence cited in the opposition brief). 27 The Court denies Sifuentes’s request for leave to file a motion for a sur-reply. 1 VI. MOTION FOR LEAVE TO FILE AN AMENDED COMPLAINT 2 On March 26, 2026, Sifuentes filed a motion for leave to file an amended complaint, 3 seeking to add allegations describing “repeated unauthorized login attempts to his Facebook 4 account originating from Beijing, China, along with corroborating public reporting confirming the 5 nature, scope, and cause of Defendant’s data breach.” ECF No. 49 at 1. The emails notifying 6 Sifuentes of “unauthorized login attempts” appear to be phishing attempts by unaffiliated third 7 parties. They were sent by variations of the email address “Facebook@rose6- 8 490915.firebaseapp.com” with the subject line: “Your Account is Temporary Blocked (Critical 9 Login Attempt) Please Verification is NEEDED.” ECF No. 49-2 at 6, 8, 10. As for the public 10 reporting, one consists of an April 6, 2021 article in Wired explaining the causes of an earlier 11 Facebook data breach from 2019. Id. at 12–17. The other is a March 10, 2025 BBC article 12 reporting that Meta considered cooperating in Chinese censorship activities and that it used 13 algorithms to target vulnerable teens. Id. at 21–29. 14 A motion for leave to amend is evaluated using the factors set forth Foman v. Davis: (1) 15 undue delay, (2) bad faith or dilatory motive on the part of the movant; (3) repeated failure to cure 16 deficiencies by amendments previously allowed; (4) undue prejudice to the opposing party by 17 virtue of allowance of the amendment; and (5) futility of amendment. 371 U.S. 178, 182 (1962). 18 Leave to amend is inappropriate if an amendment would be futile. See Klamath-Lake Pharm. 19 Ass’n v. Klamath Med. Serv. Bureau, 701 F.2d 1276, 1293 (9th Cir. 1983); Lopez v. Smith, 203 20 F.3d 1122, 1127 (9th Cir. 2000) (en banc). Here, none of the purported “newly discovered 21 evidence,” nor any of the changes Sifuentes proposes making to his complaint, addresses the 22 issues identified in this order. In fact, as Meta argues in its opposition, the proposed third 23 amended complaint is substantially more conclusory and bereft of colorable facts than was the 24 second amended complaint. ECF No. 50 at 7. Because amendment would be futile, leave to 25 amend is denied.3 26 3 Meta filed an objection to evidence newly presented in Sifuentes’s reply to this motion. ECF 27 No. 52; see Civil L.R. 7-3(d). The Court agrees that the new evidence is improper and does not 1 || VIL REMAINING MOTIONS 2 Sifuentes filed two additional motions. On December 12, 2022, he moved “for retroactive 3 and prospective unlimited PACER access.” ECF No. 42. The same day, he moved for early 4 || discovery concerning core factual matters. ECF No. 43. Having dismissed the SAC with 5 || prejudice, the Court terminates these motions as moot. 6 CONCLUSION 7 For the reasons explained, Sifuentes’s SAC is dismissed with prejudice and his remaining 8 || motions are terminated as moot. The clerk shall enter judgment and close the file. 9 IT IS SO ORDERED.
10 || Dated: April 28, 2026 1] JON S. TIGA 3s 12 nited States District Judge
13 14
15 16
Z 18 19 20 21 22 23 24 25 26 27 28 outcome of this motion.