Opperman v. Path, Inc.

84 F. Supp. 3d 962, 2015 U.S. Dist. LEXIS 36137, 2015 WL 1306494

• Court: District Court, N.D. California
• Decided: March 23, 2015
• Docket: Case No. 13-cv-00453-JST
• Status: Published

Opinion

ORDER GRANTING IN PART AND DENYING IN PART MOTIONS TO DISMISS

Re: ECF Nos. 493, 495, 496, 497, 498, 499, 500, 501, 503

THIS ORDER RELATES TO ALL CASES

JON S. TIGAR, District Judge

Before the Court are nine motions to dismiss Plaintiffs’ Second Consolidated Amended Complaint (“SCAC”) filed by Defendants Twitter, Inc.; Foodspotting, Inc. and Yelp! Inc.; Foursquare Labs, Inc.; Chillingo Ltd., Electronic Arts Inc., Rovio Mobile Oy, and ZeptoLab UK Limited; Gowalla Incorporated; Instagram, LLC; Kik Interactive, Inc.; Apple Inc.; and Path, Inc. ECF Nos. 493, 495, 497, 498, 499, 500, 501, 503. For the reasons set forth below, the Court will grant the Motions in part and deny them in part.

I. BACKGROUND¹

A. Factual History

This is a putative class action challenging conduct by Apple and various developers of applications for Apple devices (“App Defendants”). SCAC, ECF No. 478, ¶ 1. Plaintiffs allege that, during the class period (July 10, 2008 through February 2012), they owned one or more of the three Apple products at issue here — -the iPhone, iPad, and/or iPod touch (collectively, “iDevices”). Id., ¶2. Plaintiffs allege that Apple engaged in a mass marketing campaign, whereby it “consciously and continuously misrepresented its iDevices as secure, and that the personal information contained on iDevices — including, specifically, address books, could not be taken without their owners’ consent.” Id., ¶ 3.

1. The “Contacts” App

Each iDeviee comes pre-loaded with a “Contacts” mobile software application (or “App”), which iDeviee owners may use as an address book to input and store the following information about the owner’s contacts:

(1) first and last name and phonetic spelling of each, (2) nickname, (3) company, job title and department, (4) address(es), (5) phone number(s), (6) email address(es), (7) instant messenger contact, (8) photo, (9) birthday, (10) related people, (11) homepage, (12) notes, (13), ringtone, and (14) text tone.

Id., ¶ 54, 55. The “information in the Contacts App is among the most private and personal of such information a user maintains on an iDeviee. The address book data reflects the connections, associations, and relationships that are unique to the owner of the iDevice.” Id., ¶ 56. Further, the information stored therein “is highly personal and private,” and “is not shared, is not publicly available, is not publicly accessible, and is not ordinarily obtainable by a third party unless the owner physically relinquishes custody of his or her iDev-ice to another individual.” Id.

2. Apps’ Use of Contact Information

According to Plaintiffs, and notwithstanding Apple’s representations about the security of its iDevices, Apple knew that the devices permitted the App Defendants’ Apps “to secretly upload, store, and in some cases disseminate [Plaintiffs’] personal and private address books as stored in the ‘Contacts’ App from the iDevices without [Plaintiffs’] knowledge or consent.” Id., ¶2. In fact, Plaintiffs allege, Apple provided its “assistance and cooperation” to the App Defendants in accessing and misusing iDevice owners’ address-book information. Id. And despite Apple’s “unique knowledge that its iDevices were not as secure as represented,” Apple “consistently and deliberately failed to reveal its products’ security flaws to consumers.... ” Id., ¶ 4. Because of “Apple’s conduct, Plaintiffs and millions of other people purchased iDevices reasonably believing that they were secure when, in fact, they are not, and then downloaded Apps, including the Apps manufactured by App Defendants, and suffered the unexpected and unauthorized theft of their personal data.” Id. Plaintiffs allege that they would not have paid as much for their iDevices had they known of the devices’ security flaws. Id., ¶¶ 142, 148, 154, 161, 168, 174, 180, 186, 192, 197, 203, 210, 216, 223, 230.

3. The App Store and App Development

Apple offers Apps solely through its App Store, which Apple launched in July 2008. Id., ¶ 39. “Apple has exclusive control over what Apps are available in the App Store, and the iDevices are designed to only accept software downloads from the App Store.... ” Id. According to Plaintiffs, “[t]he App Store and the availability of numerous Apps to perform different functions are key parts of Apple’s marketing strategy and the popularity of the iDevices.” Id. ¶ 40.

In order to offer an App through the App store, “a third-party developer must be registered as an ‘Apple Developer,’ agree to the iOS Developer Program License Agreement with Apple, and pay a $99 yearly registration fee.” Id., ¶ 44. To further control the Apps offered through its store, “Apple provides third-party developers with review guidelines, and conducts a review of all applications submitted for inclusion in the App Store for compliance with these documents.” Id. In addition, Apple provides a host of tools, as well as support services and guidelines to third-party developers who are licensed to provide Apps through the App Store. Id., ¶¶ 44, 45, 49, 53. The result of these circumstances, according to Plaintiffs, is that “all iDevice Apps were built, in part, by Apple.” I'd, ¶46.

Apple’s guidelines provide that “Apps ‘cannot transmit data about a user without obtaining the user’s prior permission and providing the user with access to information about how and where the data will be used.’” Id., ¶47. And “Apple has sole discretion over the App approval process and may reject any App at any time and for any reason,” including a violation of the terms and conditions of the licensing agreement, providing Apple with inaccurate information, or if Apple learns the App “violates, misappropriates, or infringes the rights of a third party.” Id.

Plaintiffs further contend that,

[d]espite Apple’s public statements that it protects its iDevice owners’ privacy, Apple’s App Developer Program tutorials and developer sites (which Apple does not make available to consumers) teach App developers just the opposite-how to code and build Apps that non-consensually access, use and upload the mobile address books maintained on Apple iDevices — precisely what these App Defendants’ identified Apps did. As App developers, the App Defendants were exposed to and aware of these tutorials and developer sites and, on information and belief, their personnel utilized them to build the identified Apps.

Id., ¶ 52. In particular, Plaintiffs allege that Apple’s iOS Human Interface Guidelines include the following statements:

Get information from iOS, when appropriate. People store lots of information on their devices. When it makes sense, don’t force people to give you information that you can easily find for yourself, such as their contacts or calendar information.

It’s often said that people spend no more than a minute or two evaluating a new app.... Avoid displaying an About window or a splash screen. In general, try to avoid providing any type of start-up experience that prevents people from using your application immediately. Delay a login requirement for [as] long as possible. Ideally, users should be able to navigate through much of your app and understand what they can do with it before logging in.

If possible, avoid requiring users to indicate their agreement to your [end-user license agreement] when they first start your application. Without an agreement displayed, users can enjoy your application without delay.

Id., ¶ 88 (emphases omitted).,

B. Procedural History

This action began as several class actions filed both in California and Texas.² The four actions were consolidated here, where Plaintiffs filed their Consolidated Amended Complaint (“CAC”), ECF No. 362, on September 3, 2013.

Defendants filed several motions to dismiss the CAC, and on May 14, 2014, the Court granted the motions in part. ECF No. 471. The Court dismissed Plaintiffs’ false and misleading advertising, consumer legal remedies/misrepresentation, deceit, Unfair Competition Law (“UCL”), and conversion claims, which Plaintiffs continue to assert in their SCAC, and also dismissed several other claims, which Plaintiffs no longer assert. Id. The Court also denied the motions to dismiss Plaintiffs invasion of privacy (intrusion upon seclusion) claim. Id.

Plaintiffs then filed their SCAC. In the SCAC, Plaintiffs allege conversion and invasion of privacy (intrusion upon seclusion) claims against all Defendants³, and the following claims against only Apple: (1) violation of California’s False and Misleading Advertising Law (“FAL”), Business and Professions Code § 17500 et seq.; (2) violation of California’s Consumer Legal Remedies Act (“CLRA”), Civil Code § 1750 et seq.; (3) deceit, California Civil Code § 1709 et seq.; and (4) violation of California’s UCL, Business and Professions Code § 17200 et seq. ECF No. 478, ¶¶ 243-323. Plaintiffs request certification of a class; an injunction prohibiting Defendants from continuing the challenged conduct; actual, compensatory, statutory, presumed, punitive, and/or exemplary damages; declaratory relief; restitution; the imposition on Defendants of constructive trusts; and fees, costs, and interest. Id. at 78-79.

In August 2014, Defendants filed these motions to dismiss. See ECF Nos. 493, 495, 497, 498, 499, 500, 501, 503. All of the motions challenge all claims alleged against each defendant, except that Path does not challenge the invasion of privacy (intrusion upon seclusion) claim alleged against it. Id.

II. JURISDICTION

This Court has jurisdiction over this case under the Class Action Fairness Act of 2005 because the amount in controversy' exceeds $5 million, exclusive of interest and costs, there are 100 or more class members, and the parties are minimally diverse. 28 U.S.C. § 1332(d).

III. LEGAL STANDARD

A complaint may be dismissed for lack of jurisdiction under Federal Rule of Civil Procedure 12(b)(1). In resolving a challenge to the adequacy of the jurisdictional allegations in a complaint, a court assumes that the allegations in the complaint are true, and draws all reasonable inferences in the plaintiffs favor. Wolfe v. Strankman, 392 F.3d 358, 362 (9th Cir.2004) (citations omitted). If, viewing the allegations in the light most favorable to plaintiff, the Court finds that a plaintiffs claim does not meet the Article III case- or-controversy requirement, and therefore that the plaintiff does not have standing to bring the claim, the Court must dismiss the claim for lack of jurisdiction. See Steel Co. v. Citizens for a Better Env’t, 523 U.S. 83, 101-04, 118 S.Ct. 1003, 140 L.Ed.2d 210 (1998).

A court may also dismiss a complaint or claims asserted therein pursuant to Federal Rule of Civil Procedure 12(b)(6). The court should grant a motion to dismiss for failure to state a claim under Rule 12(b)(6) if the complaint does not proffer “enough facts to state a claim to relief that is plausible on its face.” Bell Atl. Corp. v. Twombly, 550 U.S. 544, 570, 127 S.Ct. 1955, 167 L.Ed.2d 929 (2007). “A claim has facial plausibility when the plaintiff pleads factual content that allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged.” Id. In considering a motion to dismiss, the court accepts the material facts alleged in the complaint, together with all reasonable inferences to be drawn from those facts, as true. Navarro v. Block, 250 F.3d 729, 732 (9th Cir.2001). But “the tenet that a court must accept a •complaint’s allegations as true is inapplicable to threadbare recitals of a cause of action’s elements, supported by mere con-clusory statements.” Ashcroft v. Iqbal, 556 U.S. 662, 678, 129 S.Ct. 1937, 173 L.Ed.2d 868 (2009). The Court will dismiss a claim when it is not based on a cognizable legal theory or the plaintiff has not pleaded sufficient facts to support that theory. Balistreri v. Pacifica Police Dep’t, 901 F.2d 696, 699 (9th Cir.1990).

In addition, fraud-based claims are subject to a heightened pleading standard under Federal Rule of Evidence 9(b). This heightened standard applies when evaluating a Rule 12(b)(6) motion to dismiss. Semegen v. Weidner, 780 F.2d 727, 731 (9th Cir.1985). Fraud allegations must be specific enough to give the defendant notice of the particular misconduct alleged to constitute the fraud so that the defendant may defend against the charge. Id. In general, allegations sounding in fraud must contain “an account of the time, place, and specific content of the false representations as well as the identities of the parties to the misrepresentations.” Swartz v. KPMG LLP, 476 F.3d 756, 765 (9th Cir.2007). On the other hand, “[m]alice, intent, knowledge, and other conditions of a person’s mind may be alleged generally.” Fed. R. Civ. Pro. 9(b). Similarly, facts that are within the defendants’ sole knowledge may be pleaded generally. Moore v. Kayport Package Express, Inc., 885 F.2d 531, 540 (9th Cir.1989).

If a court dismisses the complaint or a claim alleged therein, it must grant leave to amend unless amendment would be futile. Lucas v. Dep’t of Corrections, 66 F.3d 245, 248 (9th Cir.1995). But where a court has previously granted a plaintiff leave to amend, the court’s discretion to deny leave to amend and dismiss a claim with prejudice is “particularly broad.” See Salameh v. Tafsadia Hotel, 726 F.3d 1124, 1133 (9th Cir.2013), cert. denied, — U.S. —, 134 S.Ct. 1322, 188 L.Ed.2d 306 (2014). When a plaintiff has been granted leave to amend, but has failed to cure the deficiencies identified in an earlier complaint, a district court may find that the plaintiff has no additional facts or theories to plead, and may therefore dismiss with prejudice. Zucco Partners, LLC v. Digimarc Corp., 552 F.3d 981, 1007 (9th Cir.2009) (citations omitted).

IV. APPLE’S MOTION TO DISMISS

A. Judicial Notice

In support of its motion, Apple has asked the Court to take judicial notice of the following: (1) the English-language portions of Apple’s Software License Agreements, iPad, iPhone, and iPod touch Terms and Conditions for iOS 4.1, 5.0, 5.1, 6.0, and 7.0 software; (2) a document entitled “Apple Answers the FCC’s Questions”; (3) Apple’s Customer Privacy Policy; (4) Apple’s iOS Human Interface Guidelines; (5) Apple’s App Store Approval Process instructions for developers; (6) the complaint in Apple Inc. v. Paul S. Devine, No. 10-cv-03563 EJD; and (7) the civil docket for Case No. 10-cv-03563 EJD. ECF Nos. 502, 516. Plaintiffs have not objected to Apple’s requests.

The Court may take judicial notice of facts that are “not subject to reasonable dispute” because they are either “generally known within the trial court’s territorial jurisdiction” or “can be accurately and readily determined from sources whose ac-, curacy cannot reasonably be questioned.” Fed.R.Evid. 201.

The Court will take judicial notice of the Software License Agreements, Privacy Policy, iOS Human Interface Guidelines, and Apple’s App Store Approval Process instructions, as they are publicly available, standard documents that are capable of ready and accurate determination, and they are relevant to Plaintiffs’ UCL and FAL claims. See Datel Holdings, Ltd. v. Microsoft Corp., 712 F.Supp.2d 974, 983-84 (N.D.Cal.2010) (taking judicial notice of an Xbox software license, terms of use, and packaging); McMahon v. Take-Two Interactive Software, Inc., No. EDCV 13-02032-VAP (SPx), 2014 WL324008, at *2 (C.D.Cal. Jan. 29, 2014) (citation omitted). Moreover, the SCAC references the License Agreements, Privacy Policy, Human Interface Guidelines, and “Apple- Answers the FCC’s Questions,” and for that independent reason, those documents are judicially noticeable. See Id. at 983; In re Adobe Sys., Inc. Privacy Litig., 66 F.Supp.3d 1197, 1206-07, 2014 WL 4379916, at *2 n. 2 (N.D.Cal. Sep. 4, 2014) (taking judicial notice of Adobe’s terms of use and privacy policies, which were incorporated by reference into the complaint). The Court takes judicial notice of the fact that these documents exist, “not whether, for example, the documents are valid or binding contracts.” Datel, 712 F.Supp.2d at 984. And with respect to the document entitled “Apple Answers the FCC’s Questions,” the Court will take notice that the document was in the public realm at the relevant time, but not take notice of the truth of the facts in that document. McMahon, 2014 WL324008, at *2 (citation omitted).

The Court also will take judicial notice of the two court documents, as they are matters of public record, which are generally subject to notice. Lee v. City of L.A., 250 F.3d 668, 688-89 (9th Cir.2001).

B. Misrepresentation Claims

Apple seeks to dismiss Plaintiffs’ fraud-based⁴ FAL, CLRA, deceit, and UCL claims on several grounds. First, Apple argues that Plaintiffs, in their SCAC, fail to plead reliance on any particular representation by Apple. ECF No. 501 at 7. Second, Apple contends that its alleged misrepresentations are not sufficiently alleged to have been part of “an extensive and long-term advertising campaign,” In re Tobacco II Cases, 46 Cal.4th 298, 328, 93 Cal.Rptr.3d 559, 207 P.3d 20 (2009), such that Plaintiffs should be excused from pleading reliance. Id. at 8.

With regard to the first point, Apple contends that Plaintiffs have failed adequately to plead reliance because the named Plaintiffs have not identified which alleged misrepresentations they viewed, heard, or read, and therefore which they relied on in purchasing their iDevices. ECF No. 501 at 7-8. Plaintiffs effectively concede this point. See ECF No. 509 at 3. Plaintiffs respond, however, that they have sufficiently alleged a Tobacco II-type extensive and long-term advertising campaign, such that they should be excused from pleading reliance. Id. at 3-10.

In Tobacco II, the California Supreme Court held that, while a plaintiff alleging a UCL claim “must plead and prove actual reliance,” the plaintiff “is not required to necessarily plead and prove individualized reliance on specific misrepresentations or false statements where, as here, those misrepresentations and false statements were part of an extensive and long-term advertising campaign.” 46 Cal.4th at 328, 207 P.3d at 41. Thus, a plaintiff may plead “an extensive and long-term advertising campaign,” rather than pleading reliance on specific misrepresentations.

In its order on the previous motions to dismiss in this case, the Court identified six factors from the prior case law that bear on whether a plaintiff has pleaded an advertising campaign in accordance with Tobacco II. ECF No. 471 at 27-31. First, a plaintiff must allege that she actually saw or heard the defendant’s advertising campaign. Second, the advertising campaign must be sufficiently lengthy in duration, and widespread in dissemination, that it would be unrealistic to require the plaintiff to plead each misrepresentation she saw and relied upon. Third, the plaintiff must describe in the complaint, and preferably attach to it, a representative sample of the advertisements at issue so as to adequately notify the defendant of the precise nature of the misrepresentation claim — what, in particular, defendant is alleged to have said, and how it was misleading. Fourth, the plaintiff must allege, and the court must evaluate, the degree to which the alleged misrepresentations contained within the advertising campaign are similar to each other. Fifth, each plaintiff must plead with particularity, and separately, when and how they were exposed to the advertising campaign, so as to ensure the advertisements were representations consumers were likely to have viewed, rather than representations that were isolated or more narrowly disseminated. And finally, sixth, the court must be able to determine when a plaintiff made his or her purchase or otherwise relied on defendant’s advertising campaign, so as to determine which portion of that campaign is relevant. Id.

Apple argues, that Plaintiffs’ allegations do not satisfy Tobacco II. It first argues that Tobacco II did not relax the heightened pleading requirements of Rule 9(b), so Plaintiffs must still identify the representations on which they relied. ECF No. 501 at 8. Next, Apple contends that Plaintiffs have failed adequately to plead a long-term advertising campaign and have , “plainly flunk[ed] the six-factor test set out in this Court’s [prior] MTD order.”⁵ ECF No. 501 at 9.

1. The Relationship Between Tobacco II and Rule 9(b)

As a preliminary matter, Apple argues that Plaintiffs must still identify the specific advertisements they saw and relied on, notwithstanding the holding in Tobacco II. According to Apple, Tobacco II held that “reliance need not be proved through exposure to particular advertisements; [but that] the ease does' not stand for, nor could it, a general relaxation of the pleading requirements under Rule 9(b).” ECF No. 501 at 8 (quoting In re iPhone 4S Consumer Litig., No. C 12-1127 CW, 2013 WL 3829653, at *12 (N.D.Cal. July 23, 2013)) (emphasis added by Apple). A number of district courts within the Ninth Circuit have reached similar conclusions. See Herrington v. Johnson & Johnson Consumer Cos., Inc., No. C 09-1597 CW, 2010 WL 3448531, at *8 (N.D.Cal. Sept. 1, 2010); In re Actimmune Mktg. Litig., No. C 08-02376 MHP, 2009 WL 3740648, at *8-10 (N.D.Cal. Nov. 6, 2009), aff'd, 464 Fed.Appx. 651 (9th Cir.2011); Garcia v. Sony Computer Entm’t Am., LLC, 859 F.Supp.2d 1056, 1063 (N.D.Cal.2012); In re WellPoint, Inc. Out-of-Network UCR Rates Litig., 865 F.Supp.2d 1002, 1048 (C.D.Cal.2011); Goldsmith v. Allergan, Inc., No. CV 09-7088 PSG EX, 2011 WL 2909313, at *4 (C.D.Cal. May 25, 2011); Germain v. J.C. Penney Co., No. CV 09-2847CAS(FMOX), 2009 WL 1971336, at *4 (C.D.Cal. July 6, 2009); Stanwood v. Mary Kay, Inc., 941 F.Supp.2d 1212, 1219-20 (C.D.Cal.2012).

This Court, however, has previously reached the opposite conclusion. Haskins v. Symantec Corp., No. 13-CV-01834-JST, 2013 WL 6234610 (N.D.Cal. Dec. 2, 2013).⁶ It concluded that once a plaintiff sufficiently alleges exposure to a long-term advertising campaign as set forth in Tobacco II, she did not need to plead specific reliance on an individual representation. The Court’s reasons for reaching that conclusion were as follows:

It is very difficult to reconcile [federal case law requiring pleading fraud with particularity] with Tobacco //. If Plaintiff can prevail at trial without demonstrating that she saw any specific advertisement, it would make little sense to interpret Rule 9(b) to require dismissal of her claim at the pleading stage for failing to include a specific allegation that she saw a specific advertisement. The Court does not read [prior case law] as quietly establishing that Rule 9(b) requires a plaintiff to plead specific facts regarding the viewing of a specific advertisement even when a plaintiff need not prove that fact to prevail under the underlying substantive law. If interpreted in this manner, Rule 9(b) would become more substantive than procedural, since it would “abridge” or “modify” a “substantive right” granted to plaintiffs under the UCL and CLRA.

Id. at *5.

The Court still believes this conclusion to be the correct one. The holding of Tobacco II was substantive, not procedural: “a plaintiff ... is not required to necessarily plead and prove individualized reliance on specific misrepresentations or false statements where, as here, those misrepresentations and false statements were part of an extensive and long-term advertising campaign.” 46 Cal.4th at 328, 207 P.3d at 41 (emphases added). To require Plaintiffs now to plead their claims more particularly than they are required to prove them at trial would abridge and modify their substantive legal rights. If a plaintiff sufficiently alleges exposure to a long-term advertising campaign as set forth in Tobacco II, she need not plead specific reliance on an individual representation.

2. Application of the Six-Factor Tobacco II Test

The Court next turns to the six factors it previously identified as most significant to the Tobacco II analysis.

a. Allegations that Plaintiffs actually saw or heard Apple’s advertising campaign

As to the first Tobacco II factor, Apple argues that Plaintiffs have alleged no facts in support of their allegation that they were “exposed” to its alleged advertising campaign. ECF No. 501 at 9. Apple also states that, to the extent Plaintiffs have alleged facts regarding their exposure to particular advertisements, those advertisements are not specific to the subject of Plaintiffs’ claims.⁷///. Plaintiffs respond that they have. alleged that they actually saw Apple’s advertising campaign in “granular detail.” ECF No. 509 at 4 (citing SCAC, ECF No. 478, ¶¶ 144, 150, 156, 163, 170, 176, 182, 187, 193, 199, 205, 212, 218, 225, 232).

The Court finds that Plaintiffs have adequately alleged that the individual named Plaintiffs saw or heard Apple’s advertising campaign. Each set of allegations specific to individual Plaintiffs alleges, among other things, that he or she viewed, heard, or read Apple’s advertisements, or statements in news reports, articles, blogs, and/or statements by Apple’s former CEO, Stephen Jobs; attended Apple conferences, presentations or product-release events; and/or received emails or other communications from Apple touting its devices’ security and/or its respect for its customers’ privacy. See, e.g., ECF No. 478, ¶¶ 144, 170. These allegations significantly improve upon the single and bare allegation that “Plaintiffs ‘viewed Apple’s website, saw in-store advertisements, and/or [were] aware of Apple’s representations regarding the safety and security of the iDeviees prior to purchasing their own iDevices.’” ECF No. 471 at 33 (citing CAC, ¶ 126). The pleading stage is not summary judgment; to the extent that allegations regarding individual Plaintiffs’ exposure to Apple’s advertising campaign are sparse, they can be tested after discovery allows the parties further factual development. See, e.g., Id., ¶ 176.

The SCAC satisfies the first Tobacco II factor.

b. The advertising campaign is sufficiently lengthy in duration, and widespread in dissemination, that it would be unrealistic to require Plaintiffs to plead each misrepresentation they saw and relied on

Plaintiffs have alleged that the relevant portion of Apple’s advertising campaign lasted “from before the time the iPhone was first announced in 2007 continuing through the present day.” ECF No. 509 at 6. Thus, the relevant period for purposes of this motion is approximately five years — from before the iPhone was first announced in 2007 until the end of the class period in February 2012. Apple contends that this duration is insufficient under Tobacco II. ECF No. 501 at 9 (citing Haskins v. Symantec Corp., No. 13-cv-01834-JST, 2014 WL 2450996, at *2 (N.D. Cal. June 2, 2014), and Pfizer, Inc. v. Super. Ct., 182 Cal.App.4th 622, 633-34, 105 Cal.Rptr.3d 795 (2010)).

Plaintiffs point out that where courts have found that media campaigns are more targeted or extensive, shorter periods of time — even as short as nine months — have been considered “longterm.” ECF No. 509 at 6-7 (citing Makaeff v. Trump Univ., LLC, No. 3:10-ev-0940-GPC-WVG, 2014 WL 688164, at *13 (S.D.Cal. Feb. 21, 2014), and Morgan v. AT & T Wireless Servs., Inc., 177 Cal.App.4th 1235, 1245-46, 1258, 99 Cal.Rptr.3d 768 (2009)). Further, Plaintiffs contend that, given the short lifespans of technological products, a bright-line rule requiring that an advertising campaign span more than five years would “essentially immunize much of the tech industry from Tobacco II claims.... ” Id. at 7.

The Court cannot find, as a matter of law, that the five-year duration of the alleged advertising campaign is insufficient for the purposes of Tobaccp II. While the alleged campaign certainly is shorter than the “decades-long” campaign analyzed in Tobacco II, as Plaintiffs have pointed out, at least one court has also held that the “long-term” requirement is met by a shorter timeframe.⁸ See Morgan, 177 Cal.App.4th at 1258 (“Although the advertising campaign alleged in this case was not as long-term a campaign as the tobacco companies’ campaign discussed in Tobacco II, it is alleged to have taken place over [eighteen] months, in several different media....”).

Apple also argues that Plaintiffs have failed to allege that Apple’s advertising campaign was sufficiently “extensive” because Plaintiffs have only specifically identified a handful of advertisements per year during the relevant period. ECF No. 501 at 10-11.

But, as Plaintiffs point out, the identified advertisements are merely “examples, ... and are incomplete.” ECF No. 509 at 7. Plaintiffs identify dozens of specific examples of what they believe represents the advertising campaign, and those examples span eighteen pages of the SCAC (not including the numerous examples attached to the complaint, ECF No. 478, Exs. ACC). Construing the facts in the light most favorable to Plaintiffs, these examples demonstrate an “extensive” campaign. See ECF No. 478, ¶¶ 61-78.

Plaintiffs’ allegations satisfy this Tobacco II factor.

c. Plaintiffs must describe in the complaint, and preferably attach to it, a representative sample of the advertisements at issue

As described in the preceding section, Plaintiffs have extensively described, and attached representative samples of, the advertisements at issue.

Apple argues that the advertisements and marketing materials that Plaintiffs have identified are not actionable because many of the identified materials: (1) are too general, (2) are not relevant, (3)- are not contained in the types of materials that consumers are likely to view, and (4) cannot be attributed to Apple. ECF No.- 501 at 11-14.

As to generality, Apple makes two arguments. First, Apple contends that many of the alleged advertisements only generally discuss the “security” of Apple iDevices and protections for consumers’ “privacy.” The Court addresses this argument in section IV.B.2.g., infra. Second, Apple argues that some of the identified advertisements are too general to support a. “specific and measurable claim, capable of being proved false or of being reasonably interpreted as a statement of objective fact.” ECF No. 501 at 11-12 (quoting Rasmussen v. Apple, Inc., 27 F.Supp.3d 1027, 2014 WL 1047091, at *9 (N.D.Cal. Mar. 14, 2014), and citing Minkler v. Apple, Inc., 65 F.Supp.3d 810, 821, 2014 WL 4100613, at *7 (N.D.Cal. Aug. 20, 2014)). But both cases Apple cites for this proposition are inapposite; in neither case did Plaintiffs invoke Tobacco II, and in both circumstances, the Plaintiffs were therefore instead required to identify, in their pleadings, specific misrepresentations on which they relied. Further, while Plaintiffs do cite a number of general statements regarding “security” and “privacy,” they also cite more specific statements regarding sandboxing and consumer-data protection. See, e.g., ECF No. 478, ¶¶ 76(ix) (“Apple issued a statement that it was ‘readying a software update to the iPhone, fixing a security flaw in the device that gives unauthorized access to contacts and e-mails.’ ”), 76(xxi) (“Apps cannot transmit data about a user without obtaining the user’s prior permission and providing the user with access to information about how and where the data will be used.”) (emphasis omitted), 77(ii) (“Applications on the device are ‘sandboxed’ so they cannot access data stored by other applications.”) (emphasis omitted). These statements are capable of being proven false, and therefore the above-cited cases do not defeat Plaintiffs’ Tobacco II allegations.

Apple also argues that certain elements of the alleged advertising campaign that Plaintiffs rely on are not relevant because they were either alleged prior to (though in anticipation of) the App Store’s launch or were directed to corporate networks and device passcodes. ECF No. 501 at 12-13.

As an initial matter, the Court finds that elements of Apple’s alleged marketing campaign that pre-dated the launch of the App Store, but anticipated that impending launch, are relevant to Plaintiffs’ Tobacco II allegations. Statements and advertising concerning corporate security networks and device passwords, however, are not the most probative examples of the alleged advertising campaign. They do, however, provide context for the more general campaign and tend to show the consistency of the message that Apple allegedly intended to convey—i.e., that Apple’s iDevices are “secure” and include comprehensive consumer-privacy protections.

Apple also explains that consumers are not likely to view or be aware of Apple’s licensing agreements with App developers, which Plaintiffs have identified as part of the alleged advertising campaign. Plaintiffs argue, generally, that statements in the licensing agreements, guidelines, and those directed to at least purportedly limited audiences have a cumulative effect on “buzz” or “earned media.” ECF No. 509 at 9.

Apple’s point in this regard is well-taken. Without having indicated why consumers would be aware of Apple’s licensing agreements with App developers-and having elsewhere suggested that Apple intended the information in those agreements to remain private-the Court finds that Apple’s representations in licensing agreements should not be counted as part of the overall advertising campaign.

Finally, Apple claims that representations made by third parties in the media are not properly attributable to the alleged advertising campaign. But to the extent Apple commissioned these messages or took advantage of the opportunity to put its message into the media, these statements can be attributed to Apple for the purposes of Tobacco II. Further, Plaintiffs have adequately alleged and further explained that many of these messages are examples of “buzz marketing” or “earned media,” whereby Apple “capitalized on its ubiquitous presence and the immense public attention given anything Apple does” to spread its messages by the “eagerly following] ... media and the public.” ECF No. 478, ¶¶ 3, 62-66. Plaintiffs even allege that Apple employed a “Worldwide Global Director of Buzz Marketing” to take advantage of this type of media, which is largely spread by third parties. Id., ¶ 63. At the very least, even purely third-party messages are circumstantial evidence of Apple’s advertising campaign; without such a campaign, the messages are less likely to be picked up and expressed by third parties. The third-party documents Plaintiffs have identified as part of the Tobacco II campaign are sufficiently probative to be counted as part of the alleged campaign. The precise relationship between Apple’s “buzz marketing” and third party advertisements is a subject better left for summary judgment or trial.

Even excising the materials as to which ' Apple’s objections are well-taken, the SCAC contains ample discussion of advertisements, marketing materials, and equivalent activity to .satisfy this Tobacco II factor.

d. The degree to which the alleged misrepresentations contained within the advertising campaign are similar to each other

Apple. argues that the materials Plaintiffs have identified as constituting the Tobacco II campaign are too dissimilar: “Plaintiffs fail to allege a ‘single set of messages.... [The] SAC-alleged statements address security or privacy in a wide range of contexts—including corporate ' network applications, App Store transactions, device passcodes, storage, location data, and others.” ECF No. 501 at 14. Apple’s main contention is that the portions of the alleged advertising campaign that Plaintiffs have identified largely do not pertain specifically to address book data. Id. at 14-15. Plaintiffs respond that, “[a]s set forth in the SCAC, Apple’s statements about security and privacy in all aspects of its iDevices constitute characteristics that, if false, [are] actionable under Tobacco II.” ECF No. 509 at 10.

The Court finds that, despite being directed to different audiences and being of varying degrees of specificity, the materials that Plaintiffs have identified are sufficiently similar for the purposes of Tobacco II. All of the statements relate to Apple’s concern for its devices’ security, and its customers’ privacy, and thus they send a unified and consistent message. To the extent that Apple challenges the generality of certain statements, that concern is addressed in section IV.B.2.g, infra.

e. Each Plaintiff must plead with particularity, and separately, when and how they were exposed to the advertising campaign

As discussed in section PV.B.2.a., supra, with respect to the first Tobacco II factor, Plaintiffs have particularly and separately pleaded how they were exposed to the alleged advertising campaign. The Court must also address the “when” allegations.

Most Plaintiffs allege that they viewed the alleged advertising campaign “prior to” their purchase of their iDevices. ECF No. 478, ¶¶ 144(H), 160(H), 156(H), 163(H), 170(H), 182(H), 187(H), 193(H), 199(H), 205(v), 212(H), 218, 226(H), 232(H). They do not allege specific dates, or even timeframes, during which they were exposed to the campaign. See Id. This failure weighs against a finding that Plaintiffs’ allegations are sufficient under Tobacco II.

On the other hand, the majority of Plaintiffs have averred that they viewed the alleged campaign prior to their purchase of their iDevices. The exact dates of viewing are less relevant than is the fact that Plaintiffs viewed the campaign before they purchased their iDevices — the implication being that they, therefore, relied on the campaign in choosing them purchases.

Except as to Plaintiff Jason Green, who has not alleged any “when,” the gaps in Plaintiffs’ “when” allegations are not fatal to Plaintiffs’ Tobacco II claims. Instead, individual Plaintiffs’ exposure to Apple’s campaign can be tested after discovery permits further factual development.

f. When Plaintiffs purchased their iDevices or otherwise relied on Apple’s advertising campaign

Apple does not argue that Plaintiffs have failed to meet this factor. Each Plaintiff has alleged a timeframe in which he or she purchased one or more iDevices. See ECF No. 471, ¶¶ 139, 145, 151, 157, 158, 164, 165, 171, 177, 183, 188, 189, 194, 200, 206, 207, 213, 219, 220, 226, 227.

Plaintiffs have satisfied this Tobacco II factor.

g. The specificity required of the advertising campaign vis-a-vis Plaintiffs’ misrepresentation allegations

Apple raises a seventh and final concern, namely: how specifically must the campaign address the particular characteristics of the product that Plaintiffs allege were misrepresented? Here, the question is whether the statements Plaintiffs point to that generally tout the iDevices’ “security” and Apple’s emphasis on consumer “privacy” are sufficient evidence — in conjunction with the advertisements and marketing materials Plaintiffs have pointed to that specifically identify protections for address book data or “sandboxing” — to show that Apple engaged in a Tobacco II campaign advertising that Apple protected, in particular, Plaintiffs’ address book data.

Plaintiffs’ response to this concern is to point out that “[njothing in the Court’s prior order, Tobacco II, or any relevant case law immunizes Apple from the effect of a misleading advertising campaign touting the ‘safety and reliability’ of its product because its statements may not have uniformly specified safety from ‘address book data ... collected and used by third party applications.’ ” ECF No. 509 at 5. Further, say Plaintiffs, Apple’s contention that the advertising campaign must be specific to the protection of address book data is “like saying the tobacco companies were immunized from their statements about the ‘safety and health effects’ of smoking because their statements did not uniformly specify safety ‘from tar and chemical additive intake in the development of lung cancer’ or specify the effect ‘from nicotine intake in the development of addiction.’ ” Id.

Plaintiffs’ comparison to the generality of the advertising campaign alleged in Tobacco II is well-taken. The Court finds that the fifteen or twenty more-specific statements about sandboxing, protection of personal information, and consumer privacy Plaintiffs have identified, combined with the larger and more general campaign expressing Apple’s concern with privacy and security, are sufficiently related to the alleged failing of the iDevices to satisfy Tobacco II’s pleading requirements.

Plaintiffs’ Tobacco II allegations, taken as a whole, are sufficient to survive Apple’s motion to dismiss.

C. Apple’s Alleged Omissions

In addition to Plaintiffs’ claims regarding Apple’s alleged affirmative misrepresentations, they also allege that Apple knew, but failed to disclose (and actively concealed), that users’ private data was not secure on Apple’s iDevices.

As this Court noted in its previous order, “the Ninth Circuit has recently cautioned [that], in the context of product defect claims, California courts have generally rejected a broad obligation to disclose.” Donohue v. Apple, Inc., 871 F.Supp.2d 913, 925 (N.D.Cal.2012) (citing Wilson v. Hewlett-Packard Co., 668 F.3d 1136, 1141 (9th Cir.2012)) (internal quotations omitted). Omission or concealment constitute actionable fraud in three circumstances that are relevant here: when defendants (1) had exclusive knowledge of material facts not known to plaintiffs; (2) actively concealed a material fact from plaintiffs; or (3) made partial representations, but also suppressed some material facts. LiMandri v. Judkins, 52 Cal.App.4th 326, 336, 60 Cal.Rptr.2d 539 (1997). Further, “[a] manufacturer’s duty to consumers is limited to its warranty obligations absent either an affirmative misrepresentation or a safety issue.” Donohue, 871 F.Supp.2d at 925 (quoting Oestreicher v. Alienware Corp., 322 Fed.Appx. 489, 493 (9th Cir.2009)). The Court now examines whether Plaintiffs have sufficiently alleged such circumstances.

a. Apple’s exclusive knowledge of material facts

Plaintiffs allege that Apple had exclusive knowledge of material facts regarding its iDevices’ lack of security, as evidenced by: (1) security breaches involving Path, Inc., the Aurora Feint App, and the Google Voice App; (2) information developed at congressional hearings and before the FTC; (3) its software upgrades in response to specific, identified software vulnerabilities; (4) Apple’s removal from the App Store of an App designed to alert users to other Apps’ stealing of user data; and (5) Apple’s punishment of a privacy researcher, Charlie Miller, who “intentionally passed a non-compliant App through Apple’s review and onto the App Store in a proof-of-concept security test and reported to Apple the gaping security hole that he found in Apple’s App procedures.” ECF No. 478, ¶¶ 79-89.

Apple contends that Plaintiffs’ allegations regarding Apple’s exclusive knowledge of material facts'are inconsistent with Plaintiffs’ other allegations regarding the widespread dissemination of information about Apple in the media, and the discussion in the media of the security flaws in Apple’s iDevices. ECF No. 501 at 18; ECF No. 515 at 10.

Plaintiffs respond that although the media discussed isolated security breaches, Apple effected a campaign to “drown out” reports of those breaches, and Plaintiffs never had knowledge, unlike Apple, “that this address book-related flaw was an inherent defect in the iDevices (as opposed to an itinerant instance of hacking), much less that Apple was aiding App Defendants and teaching and permitting them to exploit the defect.” Id. Further, Plaintiffs point to their allegations that Apple took “affirmative steps to discourage or even disable people’s attempts to determine whether their Contacts were being stolen so as to hide the true facts.” Id.

The Court finds that Plaintiffs have sufficiently alleged that Apple had exclusive knowledge of at least the material fact that its iDevices contained an inherent defect that permitted Apps to access users’ address book data.

b. Active concealment

Plaintiffs allege as active concealment the same facts in support of their claims of Apple’s exclusive knowledge of material facts. See ECF No. 478, ¶¶ 79-89. Apple contends that Plaintiffs have failed to allege active concealment adequately because Apple’s Privacy Policy disclosed that third parties, including those who offer Apps, may collect information such as “data or contact details.” ECF No. 501 at 17-18; ECF No. 515 at 9-10. Thus, argues Apple, “[bjecause Apple disclosed precisely the information that Plaintiffs say was omitted, the omissions claims must be dismissed.” ECF No. 501 at 17 (citations omitted).

Apple’s argument does not foreclose Plaintiffs’ allegations of active concealment. Although Plaintiffs acknowledge that Apple disclosed some of the risks associated with its iDevices, they also allege that Apple failed to disclose all the material facts, and that Apple falsely reassured consumers that its iDevices did not contain security vulnerabilities that Apple knew they contained. See ECF No. 478, ¶¶ 87, 88. Moreover, Plaintiffs allege that Apple did not disclose that it taught or encouraged the App Defendants to access users’ information via the Human Interface Guidelines. See Id., ¶89. At this stage of the proceedings, the Court concludes that Plaintiffs’ allegations of active concealment are legally adequate,

c. Partial representations triggering a duty to disclose

Under California law, the “failure to disclose a fact can constitute actionable fraud ... when the defendant makes partial representations that are misleading because some other material fact has not been disclosed.” Collins v. eMachines, Inc., 202 Cal.App.4th 249, 255-56, 134 Cal.Rptr.3d 588 (2011) (citations omitted).

Plaintiffs allege partial disclosures in the form of: Apple’s (1).alleged advertising- campaign; (2) public acknowledgment of security breaches involving Path, Inc., the Aurora Feint App, and the Google Voice App; (3) statements at congressional hearings and to the FTC; and (4) software upgrades in response to identified software vulnerabilities.⁹ ECF No. 478, ¶¶ 76-77, 7986, 289. Specifically, Plaintiffs contend that while Apple addressed specific security breaches in public, discussed some security concerns at congressional hearings and before the FTC, and released software upgrades in response to identified security breaches, Apple failed ever to reveal the extent to which Apps could and did access information in iDevices’ Contacts App.^

The Court finds that Plaintiffs’ partial-disclosure allegations are insufficient. •Plaintiffs have not alleged that class members saw or heard these partial representations and were misled by them in such a way that Apple should have fully disclosed related information. A partial-representation claim requires Plaintiffs to plead reliance on at least some misleading partial representations. See, e.g., In re Toyota Motor Corp., 785 F.Supp.2d 883, 924 (C.D.Cal.2011). Because Plaintiffs have failed to plead that they saw, heard, or relied on such misrepresentations, Plaintiffs’ partial-representation theory fails,

d. Warranty allegations

“A manufacturer’s duty to consumers is limited to its warranty obligations absent either an affirmative misrepresentation or a safety issue.” Donohue, 871 F.Supp.2d at 925 (citation omitted). The Court, in its prior order on Defendants’ prior motions to dismiss, explained that, because Plaintiffs had failed “to allege when they purchased their iDevices, when the alleged defects arose, what kind of warranty Apple, provided,- the terms of the warranty, and the warranty’s duration,” the Court was “unable to conclude whether the alleged defect manifested within the warranty period” and thus Plaintiffs’ claims were inadequate. ECF No. 471 at 34.

In the SCAC, Plaintiffs’ warranty allegations are contained in two paragraphs, which state: “iDevices come with a written limited warranty with a warranty period of one year from the date of purchase. Additional extended warranties were not available for purchase,” ECF No. 478, ¶ 38, and “[the] deficiencies in the iDevices ... were inherent in the products and existed at the time of purchase and at all times thereafter. Though the iDevices are covered by a limited one-year warranty, the deficiencies at issue were present from the outset, and therefore arose and manifested within the warranty period,” Id., ¶ 291.

Apple points to the obvious defect in Plaintiffs’ allegations — i.e., that Plaintiffs have again failed to identify, the warranty terms applicable to their allegations. Without those warranty terms, the Court cannot assess whether the alleged security defects in Apple’s iDevices somehow contravene those terms.

Accordingly, though Plaintiffs have identified some potentially actionable omissions, they have failed to identify any relevant warranty obligations. For that reason, Plaintiffs’ omissions theories fail.¹⁰

B. Aiding and Abetting Liability

1. Adequacy of Allegations of Aiding and Abetting

To adequately plead aiding and abetting liability under California law, Plaintiffs must allege that Apple (1) knew the App Defendants’ conduct constituted a breach of duty and gave substantial assistance or encouragement to the App Defendants to so act, or (2) gave substantial assistance to the App Defendants in accomplishing either conversion or invasion of privacy, and Apple’s own conduct, separately considered, constituted a breach of the duty to Plaintiffs. Casey v. U.S. Bank Nat’l Ass’n, 127 Cal.App.4th 1138, 1144, 26 Cal.Rptr.3d 401 (2005) (citations omitted); In re First Alliance Morbg. Co., 471 F.3d 977, 993 (9th Cir.2006) (citing Casey)', Laborers’ Local v. Intersil, 868 F.Supp.2d 838, 850 (N.D.Cal.2012).

Apple contends that Plaintiffs have failed to allege Apple’s knowledge of the App Defendants’ tortious conduct. ECF No. 501 at 18-20; ECF No. 515 at 11-13. Plaintiffs point to their allegations that the “iOS Human Interface Guidelines expressly teach and tell App Defendants to take contacts data without seeking permission,” that Apple is “responsible for creating the harmful APIs¹¹ that allowed app access to users’ address books ... and expressly-served as agent for each app on myriad commercial matters,” and that “Apple’s reach extends deep into every aspect in the life of each app and over the entire iDevice consumer ecosystem.” ECF No. 509 at 15-16.

As an initial matter, the Court notes that, even for fraud-based claims, which are subject to the Rule 9(b) heightened pleading standard, scienter allegations may be pleaded generally. Fed. R. Civ. Pro. 9(b) (“Malice, intent, knowledge, and other conditions of a person’s mind may be alleged generally.”). Plaintiffs’ complaint does this. See ECF No. 478, ¶¶ 250, 266 (“Despite its ostensible policies against the collection of iDevice users’ private information ..., Apple in fact ... knowingly and/or recklessly permitted the unauthorized access and collection of Plaintiffs’ and class members’ private address books.”).

Further, Plaintiffs have alleged sufficient facts from which an inference of knowledge can be drawn- — most particularly the language in the iOS Human Interface Guidelines and Apple’s alleged development of APIs that permitted Apps to access address book data, but also because of the extent to which Plaintiffs allege Apple was involved in and controlled the development and functions of Apps offered through its App Store. See Id., ¶¶ 39, 43-53. It is true, as Apple points out, that even the SCAC acknowledges that Apple, at times, withdrew Apps from its App Store that it discovered were accessing consumer data without consent. See ECF No. 501 at 28 n.21 (citing SCAC, ECF No. 478, ¶ 140, among others). But these contrary factual allegations merely point to the need for further factual development of this issue. •

2. Communications Decency Act

Apple seeks to dismiss Plaintiffs’ invasion of privacy and conversion claims on the basis that the Communications Decency Act (“CDA”), 47 U.S.C. § 230, bars those claims.

In its previous order granting in part Apple’s motion to dismiss the CAC, the Court rejected the same argument. See ECF No. 471 at 18-23. Apple contends that the Court should take a fresh look at the CDA because the factual allegations in the SCAC differ from those in the CAC, and “there have been relevant developments in the fast-changing law concerning the CDA.” ECF No. 501 at 24 n.18 (citing Jones v. Dirty World Entm’t Recordings, LLC, 755 F.3d 398 (6th Cir.2014)).

The Court has read the SCAC and Jones. The SCAC’s allegations have not materially changed with regard to whether Apple is an “information content provider” not subject to CDA protection, and Apple does not explain how the allegations of the SCAC are different from those of the CAC in a way that helps Apple. In fact, Apple still relies on allegations from the now-superseded CAC to make its arguments. See ECF No. 501 at 27-28. It also spills a great deal of ink analyzing Fair Housing Council of San Fernando Valley v. Roommates.com, 521 F.3d 1157, 1168 (9th Cir.2008), which was the centerpiece of its prior motion to dismiss. ECF No. 501 at 25-29. Though dressed up in “fresh look” language, this portion of the motion reads more like a belated motion for reconsideration.

Jones, the one new case cited by Apple, does not change the Court’s conclusion that Apple is an “information content provider.” The Jones court merely adopted the Ninth Circuit’s reasoning in Roommates.com, 521 F.3d at 1168, that, if the alleged content provider is not a creator of the challenged content, it must have done more than merely “encourage” the creation of the challenged conduct; the alleged provider must have required another to create that content. ECF No. 501 at 26-27 (quoting Jones, 755 F.3d at 414). The Court previously considered this portion of Roommates, and determined that Plaintiffs’ allegations were sufficient at this stage to survive a CDA challenge.

Here, Plaintiffs allege that Apple effectively was a creator, at least in part, of the App Defendants’ Apps that misappropriated Plaintiffs’ address book data. ECF No. 478, ¶ 46 (“all iDevice Apps were built, in part, by Apple.”). Plaintiffs have also provided factual detail regarding how Apple controlled the development of Apps provided by its App Store, and contributed to the creation of the offensive content, for example, by using its iOS Human Interface Guidelines to instruct App developers to access address book data without prior permission. See, e.g., Id., ¶¶ 39, 43-53, 88. This is all the information-content-provider exemption requires: “The term ‘information content provider’ means any person or entity that is responsible, in whole or in part, for the creation or development” of the offending content. 47 U.S.C. § 230(f)(3). Neither Jones nor the new allegations in the SCAC compel the Court to reverse its prior conclusion.

Apple, as an alleged “information content provider” under the CDA, is not entitled, as a matter of law and at this stage of the proceedings, to blanket CDA immunity for the conduct challenged here.

3. Standing To Assert Conversion Claim

Apple also alleges that Plaintiffs' do not have standing to assert their conversion claim, and have failed to allege the requisite elements of that claim because Plaintiffs have failed to adequately allege an Article III injury, or the element of a property interest, as is required to assert their conversion claim. ECF No. 501 at 21-22. Apple’s argument is materially identical to the App Defendants’, and the Court addresses it in section V.B., infra.

C. Standing To Seek Injunctive Relief

To establish Article III standing, a plaintiff in federal court must meet three requirements. Lujan v. Defenders of Wildlife, 504 U.S. 555, 560-61, 112 S.Ct. 2130, 119 L.Ed.2d 351 (1992). First, the plaintiff must have suffered an “injury in fact” — an invasion of a legally protected interest that is (a) concrete and particularized, and (b) actual or imminent. Id. at 560, 112 S.Ct. 2130 (citations omitted). Second, the injury and the conduct complained of must be causally connected. Id. (citation omitted). Third, it must be likely, as opposed to merely speculative, that a favorable decision would redress the injury. Id. at 561, 112 S.Ct. 2130, (citation omitted).

A plaintiff lacks standing to seek injunctive relief if he or she has not alleged “a real or immediate threat” that he or she will be wronged again; without such an allegation, a plaintiff fails to show an “injury in fact',” and therefore to satisfy the first prong of the standing inquiry. City of L.A. v. Lyons, 461 U.S. 95, 111, 103 S.Ct. 1660, 75 L.Ed.2d 675 (1983). “Past exposure to illegal conduct does not in itself show a present case or controversy regarding injunctive relief ... if unaccompanied by any continuing, present adverse effects.” O’Shea v. Littleton, 414 U.S. 488, 495-96, 94 S.Ct. 669, 38 L.Ed.2d 674 (1974).

Apple argues that Plaintiffs have not adequately pled entitlement to injunc-tive relief. See ECF No. 501 at 22-23. First, Apple argues that Plaintiffs have pled no facts tending to show that the challenged conduct will continue. Rather, says Apple, Plaintiffs allege in the SCAC that Apple “has remedied alleged gaps in its privacy protection,” and Plaintiffs have not identified any privacy-related statements by Apple, nor “any incidents of unauthorized upload of address book data (or any other user data) in the past two years.” Id. Second, Apple argues that Plaintiffs have not adequately alleged a threat of repeated injury because they have not alleged that “they intend to buy any more iPhones, iPads, or iPod Touches.” Id. at 23.

Apple is correct that Plaintiffs must allege some degree of intent to purchase Apple’s iDevices in the future. As the Court recently noted, “the contours of what a plaintiff must claim about a future interest in a product in order to have standing to represent a 23(b)(2) class have not been defined with precision.” Lilly v. Jamba Juice Co., No. 13-CV-02998-JST, 2015 WL 1248027, at *5 (N.D.Cal. Mar. 18, 2015) (footnote omitted). But it is clear that a Plairitiff seeking injunctive relief must allege at least a willingness to consider purchasing the product at issue in the future. Id. Here, Plaintiffs make no such allegation. Accordingly, they lack standing to seek injunctive relief.¹²

Plaintiffs also cannot seek injunctive relief against Apple because no realistic threat exists that the complained-of conduct is ongoing or will be repeated. As the Court noted in its earlier order, Plaintiffs have alleged that Apple has remedied the alleged gaps in its privacy protection. ECF No. 471 39; CAC ¶ 120. Plaintiffs removed those allegations from the SCAC, and now allege that “Apple’s foregoing misconduct is ongoing, and unless restrained by this Court, is likely to recur.” ECF No. 478 at ¶ 281. But because they are contradicted by Plaintiffs earlier allegations, the latest allegations are implausible, and the 'Court will not accept them as true. Smith v. Wilt, No. 12-cv-05451-WHO, 2013 WL 5675897, at *4 n. 5 (N.D.Cal. Oct. 17, 2013).

Because Plaintiffs have failed to plead a real or immediate threat of future injury, they lack standing to seek injunctive relief. Plaintiffs’ prayer for injunctive relief, as it pertains to Apple, is dismissed with prejudice pursuant to Rule 12(b)(1). See Zucco, 552 F.3d at 1007.

II. APP DEFENDANTS’ MOTIONS TO DISMISS¹³

Plaintiffs allege that “[ejach of the App Defendants here created and distributed an App” that “improperly invaded Plaintiffs’ privacy and misappropriated address book data stored in the iDevices’ Contacts App without authorization to do so.” ECF No. 478, ¶ 90. Plaintiffs further allege that they “were not made aware of, nor did they consent to the taking of their data by the App Defendants.” Id., ¶ 92.

A. Copyright Act Preemption

The App Defendants allege that the Copyright Act preempts both the conversion and the invasion of privacy claims that Plaintiffs have alleged.

Copyright Act preemption has two prongs. First, the rights at issue under state law must be equivalent to those protected by the Copyright Act. Kodadek v. MTV Networks, Inc., 152 F.3d 1209, 1212 (9th Cir.1998) (citing 17 U.S.C. § 301(a)). Second, the party alleging preemption must show that the work at issue comes within the subject matter of copyright. Id. (citing 17 U.S.C. §§ 102, 103). Defendants point out that “the scope of preemption is broader than the scope of protection,” so that while a “work” may not actually be protected by the Copyright Act, the Act may nonetheless preempt state-law protection of the work. See, e.g., ECF No. 495 at 8 (citihg Kodadek, 152 F.3d at 1212-13, and Endemol Entm’t B.V. v. Twentieth Television, Inc., 48 U.S.P.Q.2d 1524, 1526 (C.D.Cal.1998)). Defendants clarify that they do not believe the list of address book data contained in Plaintiffs’ Contacts App qualifies for copyright protection, but they do believe that the Copyright Act preempts Plaintiffs’ state-law conversion and intrusion upon seclusion claims, which are premised on accessing, transmitting, uploading, and misusing Plaintiffs’ address book data. See ECF No. 495 at 8 n.6.

The Court finds that The Copyright Act does not preempt Plaintiffs’ conversion and intrusion upon seclusion claims, because the Court finds that both Plaintiffs’ conversion and invasion of privacy claims are not equivalent to those protected by the Copyright Act because they involve something “beyond mere reproduction or the iike.” G.S. Rasmussen & Assocs., Inc. v. Kalitta Flying Serv., Inc., 958 F.2d 896, 904 (9th Cir.1992) (citation omitted). Defendants argue that Plaintiffs have not alleged any act by Defendants beyond mere copying of users’ address book data. See, e.g., ECF No. 501 at 8-9; ECF No. 513 at 6-9. And certain Defendants contend that Plaintiffs consented to the use of their address book information using a “Find Friends” (or equivalent) feature.

The Court finds, however, that Plaintiffs’ allegations involve more than the mere reproduction of Plaintiffs’ address book' data; they include the unauthorized access, transmission, misuse, and misappropriation of that data. While the particular meanings of “misuse” and “misappropriate,” as alleged "in Plaintiffs’ complaint, could be more clear¹⁴ (and could include copying as part of the alleged misconduct), those terms convey meanings beyond mere “reproduction.” As Yelp and Foodspotting acknowledge, “[e]xamples of [] extra elements [preventing Copyright Act preemption] include misappropriation of trade secrets, or improper acquisition of the work at issue....” ECF No. 513 at 6 (emphases added).

Given the information available at this stage of the proceedings, Defendants- have not shown that the Copyright Act preempts Plaintiffs’ conversion and invasion of privacy claims.

B. Conversion

Under California law, a conversion claim has three elements: (1) the plaintiff’s right to possession or ownership of a property interest; (2) the defendant’s conversion of the property by a wrongful act or disposition of property rights; and (3) damages. Firoozye v. Earthlink Network, 153 F.Supp.2d 1115, 1129 (N.D.Cal.2001) (citing Burlesci v. Petersen, 68 Cal.App.4th 1062, 1066, 80 Cal.Rptr.2d 704 (1998)) (alternate citation omitted). Plaintiffs,allege that Defendants converted their address book data by accessing, uploading, transmitting, and/or otherwise misappropriating that information.

Defendants contend that Plaintiffs’ conversion claim must fail. Defendants argue that Plaintiffs do not have standing to assert such a claim without having identified a legally protected interest in their address book data. Second, Defendants assert that Plaintiffs cannot show that.they were dispossessed of any property interest they might have had in the intangible information stored in their address books. And third, Defendants argue that Plaintiffs have failed to allege any devaluation in any property interest, and therefore cannot satisfy the damages element of their conversion claim.

1. Lack of Article III Standing

Defendants assert that Plaintiffs lack standing to bring their conversion claim because they have failed to allege an injury-in-fact. At the pleading stage, Plaintiffs bear the burden of adequately alleging facts that, if proven, would tend to show that they suffered a constitutionally recognized injury. Lujan, 504 U.S. at 561, 112 S.Ct. 2130.

Plaintiffs first respond by re-arguing their contention that the common law of conversion shows that Plaintiffs have a protectable interest in their contacts information that is injured by Defendants’ copying. The Court previously rejected this argument, finding that “Plaintiffs ... [had] failed to allege any details concerning their argument that their address books’ value was diminished by the App Defendants’ conduct.” ECF No. 471 at 40.

The Plaintiffs provide no reason for the Court to change its mind on this question. The sole new authority they cite involves the misappropriation of indisputably commercial intellectual property—the songs of the 1960’s popular music group The Turties.¹⁵ Flo & Eddie, Inc. v. Sirius XM Radio Inc., No. CV 13-5693 PSG RZX, 2014 WL 4725382, at *10 (C.D.Cal. Sept. 22, 2014) (“Flo & Eddie suffered economic harm in the form of foregone licensing or royalty payments for the unauthorized performances of its sound recordings”). The other cases they cite also deal with the misappropriation of commercial intellectual property. E.g., J & J Sports Prods., Inc. v. Ceballos, No. 11-CV-5438LHK, 2012 WL 4009587 (N.D.Cal. Sept. 12, 2012) (Manny Pacquiao v. Antonion Margarito, WBV Light Middleweight Championship Fight Program); DIRECTV, Inc. v. Pahnke, 405 F.Supp.2d 1182 (E.D.Cal.2005) (interception of DIRECTV’S satellite programming). These cases shed no light on the commercial value to the plaintiffs of their contact lists.

Plaintiffs also argue that California statutory law confers standing because “detriment caused by the wrongful conversion of personal property is presumed,” Cal. Civ.Code § 3336, and because nominal damages are always available under California law, Cal. Civ.Code § 3360. These arguments are not persuasive. Section 3336 describes' an appropriate measure of damages, and does not provide that a plaintiff alleging conversion is entitled to a presumption of injury. A conversion plaintiff in California court must still prove “the fact of proximately caused injury.” Lueter v. State of Cal., 94 Cal.App.4th 1285, 1303, 115 Cal.Rptr.2d 68 (2002). Section 3360 sets forth the rule that a plaintiff who has suffered an injury, but whose damages are speculative, is entitled to nominal damages. Hutcherson v. Alexander, 70 Cal.Rptr. 366, 264 Cal.App.2d (1968). But the statute does not relieve the plaintiff of proving injury.

Having not alleged a sufficient injury, Plaintiffs lack standing to bring their conversion claim. Because the Court previously dismissed Plaintiffs’ conversion claim on the same basis, the Court now dismisses the claim with prejudice. See Zucco, 552 F.3d at 1007.

C. Invasion of Privacy (Intrusion Upon Seclusion)

To allege an invasion of privacy by intrusion upon seclusion, a plaintiff must plead: (1) the defendant’s intrusion into a private place, conversation, or matter, (2) in a manner highly offensive to a reasonable person. Shulman v. Grp. W Prods., Inc., 18 Cal.4th 200, 231, 74 Cal.Rptr.2d 843, 955 P.2d 469 (1998). Defendants argue that Plaintiffs have failed to allege those elements adequately on several bases. First, Defendants assert that Plaintiffs lack standing. Second, Defendants contend that Plaintiffs had no reasonable expectation of privacy in their address book information. Third, Defendants argue that Plaintiffs have failed, as a matter of law, to allege “highly offensive” behavior by the App Defendants. Finally, Defendants argue that Plaintiffs’ intrusion upon seclusion claim should be dismissed because Plaintiffs have failed to allege any harm resulting from their actions, and therefore Plaintiffs are unable to prove the element of damages.

Certain App Defendants contend- that ■ Plaintiffs lack standing to bring their intrusion upon seclusion claim because Plaintiffs have failed to identify an injury-in-fact. See ECF No. 497 at 10-11; ECF No. 498 at 5-9; ECF No. 499 at 7-10. As the Court explained in its previous order, however, Plaintiffs here have sufficiently pleaded the injury of an invasion of their privacy by intrusion upon their seclusion. ECF No. 471 at 40-41. Defendants provide no compelling reason for the Court to reconsider its prior order. Accordingly,the Court finds that Plaintiffs have adequately alleged an Article III injury.

2. No Reasonable Expectation of Privacy

The App Defendants argue that Plaintiffs had no reasonable expectation of privacy in their address book data. Certain Defendants argue that Plaintiffs consented to at least the accessing of their data because they navigated through a “Find Friends” feature (or something equivalent) when they signed up for the App’s services, and agreed to use that feature, which informed them that the App would access their address book data.¹⁶ The App Defendants also contend that Plaintiffs could have had no expectation of privacy in their address books because they were aware that the social networking services they signed up for by downloading the Apps required access to Plaintiffs’ contacts.

a. Consent

The Court discussed the Defendants’ consent arguments in its prior order, and reasoned that though Plaintiffs who used a “Find Friends” function may have knowingly consented to the scanning of their address book data, or other use of the data solely for the purpose of “Finding Friends, Plaintiffs alleged that Defendants had exceeded the parameters of that consent by otherwise transmitting, uploading, storing, and using that information for unauthorized purposes or in unauthorized ways. See ECF No. 471 at 44-45. Defendants urge the Court to revisit that determination on two bases: (1) differing allegations in the SCAC, as compared to the CAC; and (2) the court’s decision in In re Yahoo Mail Litigation, 7 F.Supp.3d 1016 (N.D.Cal.2014).

Defendants fault Plaintiffs for condensing the allegations in the SCAC, as compared to those in the CAC, regarding the Apps’ alleged misuse of Plaintiffs’ data. See, e.g., ECF No. 498 at 10-11. Contrary to Defendants’ characterizations, however, Plaintiffs did not “abandon” or “withdraw” the CAC’s allegations that the App Defendants did something more with Plaintiffs’ address book data than merely access it. Plaintiffs continue to allege that the App Defendants did more — by uploading, transmitting, and/or otherwise misusing or misappropriating Plaintiffs’ address book data — than Plaintiffs were aware or consented to. See ECF No. 508 at 3-4.

Also, Yahoo Mail is distinguishable from this case. There, in the context of the federal Wiretap Act, the Court stated that it found “implausible that [Yahoo email] users did not — after agreeing, based on the [Yahoo Terms of Service], to Yahoo’s scanning and analysis of emails — realize that in order to engage in an analysis of emails, Yahoo would have to store the emails somewhere on its servers.” 7 F.Supp.3d at 1031. But in that case, Yahoo’s Additional Terms of Service expressly informed users that, “by scanning and analyzing such communications content, Yahoo collects and stores the data.” Id. at 1022. Yahoo’s consent page also told users that Yahoo would scan their e-mails for a variety of purposes, including to provide “targeted advertising.” Id. No equivalently explicit consent is present here. As the court in Yahoo explicitly acknowledged, in evaluating a consent defense, a court must consider the scope of the alleged consent. Id. at 1028.

Here, in sum, the Court does not find it implausible that, while App users were aware that “Find Friends”-type features would scan the-address book information stored on their iDevices for the sole purpose of finding Mends, they were not aware that those features and the Apps with which they were associated used their address book information in other, unauthorized ways.¹⁷

Neither the changes to the SCAC, nor Yahoo Mail, compel the Court to revisit its earlier determination that Plaintiffs’ intrusion upon seclusion claim survives Defendants’ consent arguments,

b. The App Defendants’ Actions Were Necessary To Provide Social Networking Services

Defendants’ argument that Plaintiffs could not have had a reasonable expectation of privacy in their address book data because the “Find Friends” features they signed up for required access to Plaintiffs’ address book data fails for the same reason that Defendants’ consent argument does. Plaintiffs allege not only that App Defendants accessed their address book information and used it to “Find Friends,” but that the Apps also uploaded, misused, and/or misappropriated that data. To the extent that Apps used Plaintiffs’ information for something other than purely “Finding Friends,” Plaintiffs retained a reasonable expectation of privacy in that information.

3. Offensiveness

The Court previously found that Plaintiffs had sufficiently alleged that the App Defendants’ actions satisfied the “highly offensive” prong of their intrusion, upon seclusion claim. See ECF No. 471 at 45-46. Defendants contend that the Court should revisit that conclusion in light of (1) Plaintiffs’ alleged consent; and (2) allegations in the SCAC that materially differ from those in the CAC. The Court has already rejected both arguments. See section V.C.2.a., supra.

Plaintiffs have also pointed to evidence indicating that at least some iDevice users found the Apps’ accessing of address book information highly offensive — i.e., the response from Congress, the FTC, the public, and the media to learning that Apps were accessing and using address book information in the manner herein alleged.

4. Adequacy of Damages Allegations

In a final bid to seek dismissal of Plaintiffs’ intrusion upon seclusion claim, Defendants contend that the claim must fail because Plaintiffs have failed adequately to allege damages. See, e.g., ECF No. 499 at 17; 500 at 11. The only authority that Defendants cite for this proposition is the Court’s prior order (and citations therein), which found Plaintiffs’ allegations sufficient. ECF No. 471 at 46.

In the SCAC, Plaintiffs allege again, generally, that they suffered “harm and damages” as a result of Defendants’ intrusion upon their seclusion. ECF No. 478, ¶ 248. These allegations remain sufficient for Rule 12(b)(6) purposes.

CONCLUSION

For the reasons set forth above, Plaintiffs conversion. claim and requests for injunctive relief are hereby dismissed with prejudice. In all other respects, the motions to dismiss are denied.

IT IS SO ORDERED.

1 . The Court accepts as true the following facts alleged in the complaint for purposes of resolving these motions to dismiss. See Navarro v. Block, 250 F.3d 729, 732 (9th Cir.2001).

2 . The Court discusses only California law, as it did in its prior order. See ECF No. 471 at 2 n.3.

3 . Default has been entered against Defendant Hipster, Inc. ECF No. 346. Hipster has not filed an answer to the SCAC, or filed or participated in any of these motions to dismiss.

4 . The Court has previously construed these claims as fraud-based, with the exception of any UCL claims not grounded in fraud. See ECF No. 471 at 23 n.13. Plaintiffs have not challenged this construction, and the Court sees no reason to revisit it. Accordingly, these claims are subject to Federal Rule of Evidence-9(b)'s heightened pleading standard.

5 . Apple acknowledges that Tobacco II only permitted the reliance-pleading alternative with respect to UCL and FAL claims, not Plaintiffs’ other misrepresentation claims. ECF No. 501 at 8 ("Plaintiffs seek to avoid reliance pleading requirements for at least their UCL and FAL claims by attempting to alleged a ‘long-term advertising campaign’ within the meaning of In re Tobacco II.’’) (emphasis added). But Apple has not challenged the applicability of Tobacco II to Plaintiffs' other misrepresentation claims. See Id. Thus, the Court addresses Tobacco II without differentiating between those claims.

6 . In their Opposition, Plaintiffs incorrectly cite a different Haskins order. ECF No. 509 at 3.

7 . The Court addresses this issue in section IV.B.2.g., infra.

8 . Plaintiffs cite Makaeff, but as Apple notes, Makaeff was a class-certification decision, so its discussion of Tobacco II is not directly on point here. See 2014 WL 688164, at *13.

9 . In its motion, Apple does not contest that Plaintiffs have failed to plead a partial representation triggering a duty to disclose. See ECF No. 501 at 16-18. Only in its reply does Apple challenge Plaintiffs’ partial-representation allegations. See ECF No. 515 at 10-11. The Court will not address Apple's arguments because they were raised for the first time in reply. See Pirozzi, 966 F.Supp.2d at 918 n. 3 (citations omitted).

10 . Plaintiffs do not allege Apple's omissions as part of a separate cause of action. They include them in the same causes of action with allegations regarding Apple's alleged affirmative misrepresentations.

11 . "API” stands for "application program interface” and means: "A language and message format used by an application program to communicate with the operating system or some other control program such as a database management system (DBMS) or communications protocol.” Encyclopedia. Definition of: API, PC Magazine (January 9, 2015), http ://www.pcmag. com/encyclopedia/term/ 37856/api.

12 . In light of the Court’s conclusion that Plaintiffs lack standing for this reason, it is not necessary for the Court to reach Apple’s alternative arguments.

13 . Many of the App Defendants’ arguments are identical or nearly identical, and various App Defendants adopt the arguments of other App Defendants in their Motions. See, e.g., ECF No. 500 at 13. Thus, except where otherwise noted, the App Defendants’ arguments are addressed as one.

14 . How exactly App Defendants "misused” or "misappropriated” users’ address book data, if they did so, is within those Defendants’ sole knowledge. Accordingly, Plaintiffs’ general pleadings on this point are sufficient. Cf. Moore, 885 F.2d at 540.

15 . The Court uses the phrase "1960’s” even though the band is still touring. See Super Pop! Happy Together Tour 2015, at http:// theturtles.com/tour/, accessed March 23, 2015. But their last album, "Turtle Soup,” was released in 1969, and even their web site describes them as a "1960’s rock group.” http ://theturtles. com/.

16 . Kik makes a similar argument, contending that though Plaintiffs did not navigate through a Find Friends-type screen and affirmatively agree to allow its App to access Plaintiffs' address book information, Plaintiffs were aware almost immediately following the release of Kik's App that the App accessed address book data. See ECF No. 500 at 6-8. Thus, argues Kik, Plaintiffs cannot plausibly allege they were unaware that its App would access that information, especially given that Plaintiffs have not alleged that they downloaded the Kik App prior to the public disclosure of Kik’s access. Id. The Court treats this argument like the other App Defendants' consent arguments because, for the purposes of these motions to dismiss, it is not materially distinct from those arguments in that, while Plaintiffs may have been aware that Kik accessed address book data, they were not aware of other uses to which Kik may have put that information.

17 . After further factual development, Defendants may succeed in demonstrating that the parameters of Plaintiffs’ consent was coterminous with Defendants’ use of that data. But that is a matter that cannot be resolved at this stage of the proceedings.