FILED NOT FOR PUBLICATION MAY 31 2022 UNITED STATES COURT OF APPEALS MOLLY C. DWYER, CLERK U.S. COURT OF APPEALS
FOR THE NINTH CIRCUIT
FLORENTINO JAVIER, Individually and No. 21-16351 on behalf of all others similarly situated, D.C. No. 4:20-cv-02860-JSW Plaintiff-Appellant,
v. MEMORANDUM*
ASSURANCE IQ, LLC; ACTIVEPROSPECT INC.,
Defendants-Appellees.
Appeal from the United States District Court for the Northern District of California Jeffrey S. White, District Judge, Presiding
Argued and Submitted May 9, 2022 San Francisco, California
Before: W. FLETCHER and BUMATAY, Circuit Judges, and SILVER,** District Judge. Concurrence by Judge BUMATAY.
* This disposition is not appropriate for publication and is not precedent except as provided by Ninth Circuit Rule 36-3. ** The Honorable Roslyn O. Silver, United States District Judge for the District of Arizona, sitting by designation. Florentino Javier (“Javier”) appeals from the district court’s order granting
Assurance IQ, LLC’s (“Assurance”) and ActiveProspect Inc.’s (“ActiveProspect”)
motion to dismiss for failure to state a claim.
Assurance is an insurance platform that owns and operates
Nationalfamily.com. On this website, users can request life insurance quotes from
Assurance and its insurance partners. To operate this website, Assurance relies on
a product created by ActiveProspect called “TrustedForm.” TrustedForm records
user’s interactions with the website and creates a unique certificate for each user
certifying that the user agreed to be contacted.
In January 2019, Javier visited Nationalfamily.com. To request an insurance
quote, he answered a series of questions about his demographic information and
medical history. Unbeknownst to Javier, TrustedForm captured in real time every
second of his interaction with Nationalfamily.com and created a video recording of
that interaction. After filling out the insurance quote questionnaire, Javier viewed
a screen that stated that clicking the “View My Quote” button would constitute
agreement to Assurance’s Privacy Policy. Javier clicked the “View My Quote”
button.
Javier filed a class action complaint against Assurance and ActiveProspect
(collectively, “Defendants”) in the Northern District of California. He alleged that
2 Defendants violated Section 631(a) of the California Invasion of Privacy Act
(“CIPA”). Cal. Penal Code § 631(a). The district court granted Defendants’
motion to dismiss the Second Amended Complaint for failure to state a claim
without leave to amend. It held that Javier’s claims were defeated because he had
retroactively consented to the conduct at issue by agreeing to Assurance’s privacy
policy, and that retroactive consent is valid under Section 631(a). The district
court did not reach any of Defendants’ other arguments.
We have jurisdiction under 28 U.S.C. § 1291. We grant Javier’s request for
judicial notice.
We review de novo a district court’s decision to grant a motion to dismiss
under Rule 12(b)(6) for failure to state a claim. Mudpie, Inc. v. Travelers Cas. Ins.
Co. of Am., 15 F.4th 885, 889 (9th Cir. 2021) (citing L.A. Lakers, Inc. v. Fed. Ins.
Co., 869 F.3d 795, 800 (9th Cir. 2017)).
Though written in terms of wiretapping, Section 631(a) applies to Internet
communications. It makes liable anyone who “reads, or attempts to read, or to
learn the contents” of a communication “without the consent of all parties to the
communication.” Cal. Penal Code § 631(a). The district court held that consent
under Section 631(a) is valid even if it is given after the communication has taken
place. We disagree.
3 “When interpreting state law, federal courts are bound by decisions of the
state’s highest court. In the absence of such a decision, a federal court must predict
how the highest state court would decide the issue . . . .” PSM Holding Corp. v.
Nat’l Farm Fin. Corp., 884 F.3d 812, 820 (9th Cir. 2018) (quoting Ariz. Elec.
Power Co-Op., Inc. v. Berkeley, 59 F.3d 988, 991 (9th Cir. 1995)). We must
therefore predict whether the California Supreme Court would interpret Section
631(a) to require prior consent.
The California Supreme Court has stated that another provision in CIPA,
Section 632, requires prior consent even though the text of that section contains
only the word “consent.” See Cal. Penal Code § 632. It wrote that Section 632
“prohibits . . . a party . . . from recording [a] conversation without first informing
all parties to the conversation that the conversation is being recorded.” Kearney v.
Salomon Smith Barney, Inc., 137 P.3d 914, 930 (Cal. 2006) (emphasis added).
Further, the California Supreme Court has written about Section 631:
As one commentator has noted, . . . secret monitoring denies the speaker an important aspect of privacy of communication—the right to control the nature and extent of the firsthand dissemination of his statements. Partly because of this factor, the Privacy Act has been read to require the assent of all parties to a communication before another may listen. Thus, the Legislature could reasonably have contemplated that [S]ection 631 . . . would prohibit the type of surreptitious monitoring of private conversations alleged here . . . .
4 Ribas v. Clark, 696 P.2d 637, 640–41 (Cal. 1985) (emphasis added) (citations
omitted). Though both of these statements were dicta, we are “bound to follow the
considered dicta as well as the holdings of the California Supreme Court when
applying California law.” Aceves v. Allstate Ins. Co., 68 F.3d 1160, 1164 (9th Cir.
1995) (citing Rocky Mountain Fire & Cas. Co. v. Dairyland Ins. Co., 452 F.2d
603, 603–04 (9th Cir. 1971)). Finally, the California Supreme Court has also
emphasized that all CIPA provisions are to be interpreted in light of the broad
privacy-protecting statutory purposes of CIPA. Ribas, 696 P.2d at 639–41; Smith
v. LoanMe, Inc., 483 P.3d 869, 879 (Cal. 2021) (“The interpretation of section
632.7 we adopt is better aligned with the[] aims and declarations [of CIPA] than a
narrower interpretation would be.”).
Based on these statements by the California Supreme Court, we conclude
that the California Supreme Court would interpret Section 631(a) to require the
prior consent of all parties to a communication. Here, Javier has sufficiently
alleged that he did not provide express prior consent to ActiveProspect’s
wiretapping of his communications with Assurance. According to the complaint,
neither Assurance nor ActiveProspect asked for Javier’s consent prior to his filling
out the insurance questionnaire online, even though ActiveProspect was recording
Free access — add to your briefcase to read the full text and ask questions with AI
FILED NOT FOR PUBLICATION MAY 31 2022 UNITED STATES COURT OF APPEALS MOLLY C. DWYER, CLERK U.S. COURT OF APPEALS
FOR THE NINTH CIRCUIT
FLORENTINO JAVIER, Individually and No. 21-16351 on behalf of all others similarly situated, D.C. No. 4:20-cv-02860-JSW Plaintiff-Appellant,
v. MEMORANDUM*
ASSURANCE IQ, LLC; ACTIVEPROSPECT INC.,
Defendants-Appellees.
Appeal from the United States District Court for the Northern District of California Jeffrey S. White, District Judge, Presiding
Argued and Submitted May 9, 2022 San Francisco, California
Before: W. FLETCHER and BUMATAY, Circuit Judges, and SILVER,** District Judge. Concurrence by Judge BUMATAY.
* This disposition is not appropriate for publication and is not precedent except as provided by Ninth Circuit Rule 36-3. ** The Honorable Roslyn O. Silver, United States District Judge for the District of Arizona, sitting by designation. Florentino Javier (“Javier”) appeals from the district court’s order granting
Assurance IQ, LLC’s (“Assurance”) and ActiveProspect Inc.’s (“ActiveProspect”)
motion to dismiss for failure to state a claim.
Assurance is an insurance platform that owns and operates
Nationalfamily.com. On this website, users can request life insurance quotes from
Assurance and its insurance partners. To operate this website, Assurance relies on
a product created by ActiveProspect called “TrustedForm.” TrustedForm records
user’s interactions with the website and creates a unique certificate for each user
certifying that the user agreed to be contacted.
In January 2019, Javier visited Nationalfamily.com. To request an insurance
quote, he answered a series of questions about his demographic information and
medical history. Unbeknownst to Javier, TrustedForm captured in real time every
second of his interaction with Nationalfamily.com and created a video recording of
that interaction. After filling out the insurance quote questionnaire, Javier viewed
a screen that stated that clicking the “View My Quote” button would constitute
agreement to Assurance’s Privacy Policy. Javier clicked the “View My Quote”
button.
Javier filed a class action complaint against Assurance and ActiveProspect
(collectively, “Defendants”) in the Northern District of California. He alleged that
2 Defendants violated Section 631(a) of the California Invasion of Privacy Act
(“CIPA”). Cal. Penal Code § 631(a). The district court granted Defendants’
motion to dismiss the Second Amended Complaint for failure to state a claim
without leave to amend. It held that Javier’s claims were defeated because he had
retroactively consented to the conduct at issue by agreeing to Assurance’s privacy
policy, and that retroactive consent is valid under Section 631(a). The district
court did not reach any of Defendants’ other arguments.
We have jurisdiction under 28 U.S.C. § 1291. We grant Javier’s request for
judicial notice.
We review de novo a district court’s decision to grant a motion to dismiss
under Rule 12(b)(6) for failure to state a claim. Mudpie, Inc. v. Travelers Cas. Ins.
Co. of Am., 15 F.4th 885, 889 (9th Cir. 2021) (citing L.A. Lakers, Inc. v. Fed. Ins.
Co., 869 F.3d 795, 800 (9th Cir. 2017)).
Though written in terms of wiretapping, Section 631(a) applies to Internet
communications. It makes liable anyone who “reads, or attempts to read, or to
learn the contents” of a communication “without the consent of all parties to the
communication.” Cal. Penal Code § 631(a). The district court held that consent
under Section 631(a) is valid even if it is given after the communication has taken
place. We disagree.
3 “When interpreting state law, federal courts are bound by decisions of the
state’s highest court. In the absence of such a decision, a federal court must predict
how the highest state court would decide the issue . . . .” PSM Holding Corp. v.
Nat’l Farm Fin. Corp., 884 F.3d 812, 820 (9th Cir. 2018) (quoting Ariz. Elec.
Power Co-Op., Inc. v. Berkeley, 59 F.3d 988, 991 (9th Cir. 1995)). We must
therefore predict whether the California Supreme Court would interpret Section
631(a) to require prior consent.
The California Supreme Court has stated that another provision in CIPA,
Section 632, requires prior consent even though the text of that section contains
only the word “consent.” See Cal. Penal Code § 632. It wrote that Section 632
“prohibits . . . a party . . . from recording [a] conversation without first informing
all parties to the conversation that the conversation is being recorded.” Kearney v.
Salomon Smith Barney, Inc., 137 P.3d 914, 930 (Cal. 2006) (emphasis added).
Further, the California Supreme Court has written about Section 631:
As one commentator has noted, . . . secret monitoring denies the speaker an important aspect of privacy of communication—the right to control the nature and extent of the firsthand dissemination of his statements. Partly because of this factor, the Privacy Act has been read to require the assent of all parties to a communication before another may listen. Thus, the Legislature could reasonably have contemplated that [S]ection 631 . . . would prohibit the type of surreptitious monitoring of private conversations alleged here . . . .
4 Ribas v. Clark, 696 P.2d 637, 640–41 (Cal. 1985) (emphasis added) (citations
omitted). Though both of these statements were dicta, we are “bound to follow the
considered dicta as well as the holdings of the California Supreme Court when
applying California law.” Aceves v. Allstate Ins. Co., 68 F.3d 1160, 1164 (9th Cir.
1995) (citing Rocky Mountain Fire & Cas. Co. v. Dairyland Ins. Co., 452 F.2d
603, 603–04 (9th Cir. 1971)). Finally, the California Supreme Court has also
emphasized that all CIPA provisions are to be interpreted in light of the broad
privacy-protecting statutory purposes of CIPA. Ribas, 696 P.2d at 639–41; Smith
v. LoanMe, Inc., 483 P.3d 869, 879 (Cal. 2021) (“The interpretation of section
632.7 we adopt is better aligned with the[] aims and declarations [of CIPA] than a
narrower interpretation would be.”).
Based on these statements by the California Supreme Court, we conclude
that the California Supreme Court would interpret Section 631(a) to require the
prior consent of all parties to a communication. Here, Javier has sufficiently
alleged that he did not provide express prior consent to ActiveProspect’s
wiretapping of his communications with Assurance. According to the complaint,
neither Assurance nor ActiveProspect asked for Javier’s consent prior to his filling
out the insurance questionnaire online, even though ActiveProspect was recording
Javier’s information as he was providing it. Javier has therefore alleged sufficient
5 facts to plausibly state a claim that, under Section 631(a), his communications with
Assurance were recorded by ActiveProspect without his valid express prior
consent.
We reverse the district court’s dismissal of Javier’s Second Amended
Complaint and remand for proceedings accordingly. Because they were not
reached by the district court, we also do not reach Defendants’ other arguments,
including whether Javier impliedly consented to the data collection, whether
ActiveProspect is a third party under Section 631(a), and whether the statute of
limitations has run.
REVERSED and REMANDED.
6 FILED Florentino Javier v. Assurance IQ, LLC, No. 21-16351 MAY 31 2022 Bumatay, J., concurring: MOLLY C. DWYER, CLERK U.S. COURT OF APPEALS I concur with vacating the grant of the motion to dismiss in favor of Assurance
IQ and ActiveProspect Inc. The district court ruled that seeking “retroactive
consent” is acceptable under California Invasion of Privacy Act (“CIPA”), Cal.
Penal Code § 631. In part, the district court relied on California contract principles
in making that determination. While California contract law appears to allow for
after-the-fact ratification, see Cal. Civ. Code § 1588, CIPA codified the common
law tort of invasion of privacy. See In re Facebook, Inc. Internet Tracking Litig.,
956 F.3d 589, 598 (9th Cir. 2020) (“[T]he legislative history and statutory text
demonstrate that . . . the California legislature intended to protect . . . historical
privacy rights when [it] passed . . . CIPA.” (simplified)). So rather than a contracts
lens, we should review this case through a torts lens. And to my knowledge, no case
shows that California has adopted retroactive consent as a defense to an invasion of
privacy tort. So I agree we should return this case to the district court.