Opinion
21-cv-10063-PJH
09-02-2022
HADONA DIEP, et al., Plaintiffs, v. APPLE, INC., Defendant.
ORDER GRANTING DEFENDANT'S MOTION TO DISMISS RE: DKT. NO. 43
PHYLLIS J. HAMILTON, United States District Judge.
Defendant Apple, Inc.'s motion to dismiss the first amended complaint came on for hearing before this court on August 4, 2022. Plaintiffs appeared through their counsel, Elliott Conn and Joshua Whitaker. Defendant appeared through its counsel, Isabelle L. Ord, Ellen E. Dew, and Emily M. Steiner. Having read the papers filed by the parties and carefully considered their arguments and the relevant legal authority, and good cause appearing, the court hereby rules as follows.
BACKGROUND
Plaintiff Hadona Diep is a resident of the State of Maryland. Dkt. 33, First Amended Complaint (“FAC”), ¶ 5. Plaintiff Ryumei Nagao is a resident of Japan. FAC, ¶ 6. Defendant Apple, Inc. (“Apple”), is a California corporation with its principal place of business in Cupertino. FAC, ¶ 7.
Plaintiffs allege that Apple has engaged in a long-standing campaign of representing that its App Store is “a safe and trusted place” and that Apple ensures “that the apps we offer are held to the highest standards for privacy, security, and content. Because we offer nearly two million apps - and we want you to feel good about using every single one of them.” FAC, ¶¶ 2, 14-17.
Diep alleges that she downloaded the Toast Plus app in March 2021 and linked her cryptocurrency to the app by inputting her “private XRP key” into Toast Plus. FAC, ¶¶ 5, 25. Diep shared that personal information with Toast Plus only. Diep later discovered that her cryptocurrency was gone and alleges “that Toast Plus was not in fact a version of the legitimate Toast Wallet application, but a ‘spoofing' or ‘phishing' program” that “obtain[ed] consumers' cryptocurrency account information and thereafter rout[ed] the same to the hackers' personal accounts.” FAC, ¶ 29. Diep lost some $5,000 in cryptocurrency. FAC, ¶ 55.
Similarly, Nagao alleges that he downloaded the Toast Plus app on his iPhone in December 2020. FAC, ¶¶ 6, 31. There are no allegations in the FAC that Nagao downloaded, used, or accessed Toast Plus in the United States. Nagao deposited his cryptocurrency into the Toast Plus app, and later discovered the cryptocurrency had been stolen. FAC, ¶¶ 31-34. There is no allegation that he shared his private XRP key with Apple or that Apple knew he provided the key to Toast Plus before Nagao reported to Apple in April 2021 that his XRP had been stolen. FAC, ¶ 34. Nagao lost some $500,000 in cryptocurrency. FAC, ¶ 56.
Plaintiffs bring this lawsuit on behalf of themselves and others similarly situated, and they seek to represent the following classes:
The Class
All persons who downloaded or otherwise used Toast Plus from the Apple Store within the relevant statutory period and suffered actual loss of cryptocurrency as a result, regardless of the amount of lost cryptocurrency.
The Maryland Subclass
All Maryland residents who downloaded or otherwise used Toast Plus from the Apple Store within the relevant statutory period and suffered actual loss of cryptocurrency as a result, regardless of the amount of lost cryptocurrency.FAC, ¶ 39. Plaintiffs advance the following causes of action labeled as “counts” in the FAC:
• Count 1: violations of the Computer Fraud & Abuse Act, 18 U.S.C. § 1030, et
seq. (“CFAA”),
• Count 2: violations of the Electronic Communications Privacy Act, 18 U.S.C. § 2510, et seq. (“ECPA”),
• Count 3: violations of the California Consumer Privacy Act of 2018, Cal. Civ. Code § 1798.100, et seq. (“CCPA”),
• Count 4: violations of the Unfair Competition Law, Cal. Bus. & Prof. Code § 17200, et seq. (“UCL”),
• Count 5: violations of the Consumers Legal Remedies Act, Cal. Civ. Code § 1750, et seq. (“CLRA”),
• Counts 6 & 7: interception and disclosure of electronic communications in violation of Maryland Code, Wiretap & Electronic Surveillance Act § 10-402(a),
• Count 8: violation(s) of the Maryland Personal Information Protection Act, Maryland Annotated Code, Commercial Law, § 14-3501, et seq. (“PIPA”),
• Count 9: violation(s) of the Maryland Consumer Protection Act, Maryland Code, Code, Commercial Law, § 13-101, et seq. (“MCPA”), and
• Count 10: negligence.
All of the claims are based on Apple's part in authorizing and negligently distributing a “phishing” / “spoofing” app in its App Store, the Toast Plus application, while continuing to affirmatively represent that the App Store is a “a safe and trust[ed] place.” FAC, ¶ 2. Procedural History
This case was originally filed by Diep in the U.S. District Court for the District of Maryland on September 16, 2021. Dkt. 1. Diep filed a motion for transfer of venue under Title 28 U.S.C. § 1404(a) &(b), noting that Apple's user agreements include a forum selection clause requiring that any litigation take place in Northern California. Dkt. 13. The parties additionally stipulated to transfer. Dkt. 16. The Maryland court granted Diep's motion and ordered the case transferred to this district. Dkt. 19.
Plaintiffs filed the now-operative FAC following transfer, on March 15, 2022. Dkt. 33. The amended complaint adds Nagao as well as the California consumer claims.
Apple responded to the FAC with the instant motion on April 29, 2022. Dkt. 43.
In the instant motion, Apple requests that the court dismiss plaintiffs' FAC with prejudice on the grounds that plaintiffs fail to state a claim upon which relief can be granted and because Nagao failed to name the proper party against whom his claims may be asserted.
REQUEST FOR JUDICIAL NOTICE
Apple requests that the court take judicial notice of the Apple Media Services Terms and Conditions (“Terms”) because they govern the relationship between Apple and App Store users-the Terms impact Apple's exposure to liability and thus weigh on the motion to dismiss.
Federal Rule of Evidence 201 permits a court to notice a fact if it is “not subject to reasonable dispute.” Fed.R.Evid. 201(b). A fact is “not subject to reasonable dispute” if it is “generally known,” or “can be accurately and readily determined from sources whose accuracy cannot reasonably be questioned.” Fed.R.Evid. 201(b)(1)-(2). Under the incorporation by reference doctrine, the court has discretion to consider on a motion to dismiss “documents whose contents are alleged in a complaint and whose authenticity no party questions, but which are not physically attached to the [plaintiff's] pleading.” Davis v. HSBC Bank Nevada, N.A., 691 F.3d 1152, 1160 (9th Cir. 2012); see also United States v. Ritchie, 342 F.3d 903, 908 (9th Cir. 2003) (“Even if a document is not attached to a complaint, it may be incorporated by reference into a complaint if the plaintiff refers extensively to the document or the document forms the basis of the plaintiff's claim.”).
Here, Apple requests that the court take notice of a copy of the Terms in effect when Diep allegedly downloaded the Toast Plus app. Ord Decl., Ex. A (Dkt. 43-3). Apple additionally requests that the court take notice of a copy of the Apple Media Services Terms and Conditions for Japanese users (“Japan Terms”) in effect when Nagao allegedly downloaded the Toast Plus app. Ord Decl., Ex. B (Dkt. 43-4). Apple advances that both exhibits should be considered by the court in its assessment of the motion to dismiss because (1) the Terms are incorporated by reference in the allegations of the FAC, and (2) the Terms are publicly available and capable of accurate and ready determination from sources whose accuracy cannot reasonably be questioned. See Fed.R.Civ.P. 201(b). The Terms are expressly referenced in paragraphs 35-38 of the FAC (referring to “App Store . . . terms and conditions” that contained “limitations on liability”). See Dkt. 33 at 7. Plaintiffs do not object to the court's consideration of the Terms. The court therefore GRANTS defendant's request for judicial notice of both the Terms and the Japanese Terms.
DISCUSSION
I. Legal Standard
A motion to dismiss under Federal Rule of Civil Procedure 12(b)(6) tests for the legal sufficiency of the claims alleged in the complaint. Ileto v. Glock, 349 F.3d 1191, 1199-1200 (9th Cir. 2003). Under Federal Rule of Civil Procedure 8, which requires that a complaint include a “short and plain statement of the claim showing that the pleader is entitled to relief,” Fed.R.Civ.P. 8(a)(2), a complaint may be dismissed under Rule 12(b)(6) if the plaintiff fails to state a cognizable legal theory, or has not alleged sufficient facts to support a cognizable legal theory. Somers v. Apple, Inc., 729 F.3d 953, 959 (9th Cir. 2013).
While the court is to accept as true all the factual allegations in the complaint, legally conclusory statements, not supported by actual factual allegations, need not be accepted. Ashcroft v. Iqbal, 556 U.S. 662, 678-79 (2009). The complaint must proffer sufficient facts to state a claim for relief that is plausible on its face. Bell Atl. Corp. v. Twombly, 550 U.S. 544, 555, 558-59 (2007) (citations and quotations omitted).
“A claim has facial plausibility when the plaintiff pleads factual content that allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged.” Iqbal, 556 U.S. at 678 (citation omitted). “[W]here the well-pleaded facts do not permit the court to infer more than the mere possibility of misconduct, the complaint has alleged-but it has not ‘show[n]'-that the pleader is entitled to relief.” Id. at 679. Where dismissal is warranted, it is generally without prejudice, unless it is clear the complaint cannot be saved by any amendment. Sparling v. Daou, 411 F.3d 1006, 1013 (9th Cir. 2005).
Because plaintiffs' claims sound in fraud, their complaint must also meet the heightened pleading standard of Federal Rule of Civil Procedure 9(b). See Kearns v. Ford Motor Co., 567 F.3d 1120, 1125 (9th Cir. 2009). Rule 9(b) requires a party alleging fraud or mistake to state with particularity the circumstances constituting fraud or mistake. To satisfy this standard, the “complaint must identify the who, what, when, where, and how of the misconduct charged, as well as what is false or misleading about the purportedly fraudulent statement, and why it is false.” Salameh v. Tarsadia Hotel, 726 F.3d 1124, 1133 (9th Cir. 2013) (citation and internal quotation marks omitted).
Review is generally limited to the contents of the complaint, although the court can also consider a document on which the complaint relies if the document is central to the claims asserted in the complaint, and no party questions the authenticity of the document. See Sanders v. Brown, 504 F.3d 903, 910 (9th Cir. 2007). The court may consider matters that are properly the subject of judicial notice, Knievel v. ESPN, 393 F.3d 1068, 1076 (9th Cir. 2005); Lee v. City of Los Angeles, 250 F.3d 668, 688-89 (9th Cir. 2001), and may also consider documents referenced extensively in the complaint and documents that form the basis of the plaintiffs' claims. See No. 84 Emp'r-Teamster Jt. Council Pension Tr. Fund v. Am. W. Holding Corp., 320 F.3d 920, 925 n.2 (9th Cir. 2003).
If dismissal is warranted, it is generally without prejudice, unless it is clear that the complaint cannot be saved by any amendment. Sparling, 411 F.3d at 1013. “Leave to amend may also be denied for repeated failure to cure deficiencies by previous amendment.” Abagninin v. AMVAC Chem. Corp., 545 F.3d 733, 742 (9th Cir. 2008).
II. Analysis
The parties argued the sufficiency of plaintiffs' pleading at length, considering the viability of each of plaintiffs' causes of action as well as potential limitations of liability. The court does not reach all the arguments advanced. The court first addresses whether Apple is immune for its conduct in hosting the Toast Plus app on its App Store. Then, the court addresses whether plaintiffs separately state a claim under the several state consumer protection statutes. Finally, the court considers whether the limitation of liability provision contained within Apple's Terms applies to these claims. Because the claims fail on the merits, the court does not reach the question of whether Nagao has named a proper defendant.
A. Section 230 Immunity
Apple argues that § 230(c)(1) of the Communications Decency Act (“CDA”), Title 47 U.S.C. § 230, provides the company with immunity from liability in this case. “Section 230 immunizes providers of interactive computer services against liability arising from content created by third parties.” Fair Hous. Council of San Fernando Valley v. Roommates.Com, LLC (“Roommates.com”), 521 F.3d 1157, 1162 (9th Cir. 2008) (en banc). Under § 230(c)(1) of the CDA, a party is shielded from liability if the party is: “(1) a provider or user of an interactive computer service (2) whom a plaintiff seeks to treat, under a state law cause of action, as a publisher or speaker (3) of information provided by another information content provider.” Barnes v. Yahoo!, Inc., 570 F.3d 1096, 110001 (9th Cir. 2009). The court considers the three prongs of the Barnes test in turn to assess whether § 230 immunity applies to plaintiffs' claims.
1. Interactive Computer Service
The CDA defines an “interactive computer service” as “any information service, system, or access software provider that provides or enables computer access by multiple users to a computer server, including specifically a service or system that provides access to the Internet and such systems operated or services offered by libraries or educational institutions.” 47 U.S.C. § 230(f)(2). An “information content provider,” on the other hand, is “any person or entity that is responsible, in whole or in part, for the creation or development of information provided through the Internet or any other interactive computer service.” 47 U.S.C. § 230(f)(3). If an “interactive computer service” is responsible for the “creation or development of” the particular information at issue, then the service provider is an “information content provider” unprotected by the CDA. Carafano v. Metrosplash.com, Inc., 339 F.3d 1119, 1124-25 (9th Cir. 2003). Courts “interpret the term ‘interactive computer service' expansively.” Dyroff v. Ultimate Software Grp., Inc., 934 F.3d 1093, 1097 (9th Cir. 2019). Courts have repeatedly determined that platforms for accessing and downloading apps are interactive computer services for purposes of assessing § 230 immunity. See, e.g., Coffee v. Google, LLC, 20-cv-03901-BLF, 2021 WL 493387, at *5 (N.D. Cal. Feb. 10, 2021) (Google's creation and maintenance of a virtual online store where it offered third-party software applications satisfied first prong of the Barnes test).
Plaintiffs acknowledge that Apple creates and maintains the App Store as a virtual marketplace where it makes apps primarily created by other developers available to consumers. FAC, ¶¶ 13-15. Apple qualifies as an interactive computer service provider within the meaning of § 230. These allegations are sufficient to satisfy the first prong of the Barnes test.
2. Seek to Treat as Publisher or Speaker
Under the second prong of the test, the court must determine whether plaintiffs' allegations show that plaintiffs seek to treat Apple as a publisher or speaker with respect to content on the App Store. For purposes of the CDA, a “publisher” may be defined as “‘the reproducer of a work intended for public consumption' and also as ‘one whose business is publication.'” Barnes, 570 F.3d at 1102 (citation omitted). The Ninth Circuit has described that publication includes “reviewing, editing, and deciding whether to publish or to withdraw from publication third-party content.” Barnes, 570 F.3d at 1102. Further, publication includes “any activity that can be boiled down to deciding whether to exclude material that third parties seek to post online.” Roommates.com, 521 F.3d at 1170-71.
Here, plaintiffs' computer fraud and privacy claims are based on Apple's reproduction of an app, Toast Plus, intended for public consumption, via the App Store. Plaintiffs make much of Apple's “rigorous vetting process” and suggest that Apple had a role in the development of the app or at least knew of the developers' malintent. See FAC, ¶ 18. But as Apple notes, its review and authorization of the Toast Plus app for distribution on the App Store (FAC, ¶¶ 51, 53, 61) is inherently publishing activity. As a judge in this district previously found, “Apple's role as an app publisher, including its promulgation of review guidelines, its review of all apps submitted to the App Store, and its enforcement of its guidelines, is fundamental ‘publisher' activity protected by the CDA.” Opperman v. Path, Inc., 87 F.Supp.3d 1018, 1044 n.12 (N.D. Cal. 2014).
Plaintiffs here seek to hold Apple liable for the same conduct, reviewing and deciding whether to exclude the Toast Plus app-conduct that can only be described as publishing activity. The court thus concludes that the second prong of the Barnes test is satisfied.
3. Information Provided by Another Information Content Provider
Under the third prong of the Barnes test, the court must determine whether plaintiffs' allegations show that the published material, the Toast Plus app, was provided by another content provider. Plaintiffs allege that it was a third party (not Apple) who developed the Toast Plus app. FAC, ¶ 23. This allegation is sufficient to satisfy the third prong.
Plaintiffs contend that this prong is not met because they do not concede that Apple was not responsible for creation of the Toast Plus app. Dkt. 50 at 12. Plaintiffs are correct that a website operator is not entitled to immunity as to content “that it creates itself, or is responsible, in whole or in part for creating or developing.” Roommates.com, 521 F.3d at 1162. However, it is plaintiffs' burden to affirmatively allege the facts that support their claims. See Gardiner v. Walmart Inc., No. 20-cv-04618-JSW, 2021 WL 2520103, at *3 (N.D. Cal. Mar. 5, 2021) (“Although the Court will draw reasonable inferences in Plaintiff's favor at this stage, it cannot read missing allegations into the complaint.”). The act for which plaintiffs seek to hold Apple liable is “allowing the Toast Plus application to be distributed on the App Store,” not the development of the app. See, e.g., FAC, ¶¶ 53, 61. The FAC does not allege that Apple created the Toast Plus app. The court thus concludes that plaintiffs have failed to allege conduct that would render Apple a content provider with respect to the Toast Plus app. The third prong of the Barnes test is thus satisfied.
4. Limitation of Immunity for Violations of Criminal Statutes
Plaintiffs argue that the CDA does not give Apple immunity for its violations of the federal claims asserted (CFAA and ECPA) because of § 230(e)(1), which states that “[n]othing in [§ 230] shall be construed to impair the enforcement of . . . any . . . Federal criminal statute.” In other words, plaintiffs appear to contend that the civil suit provisions of CFAA and ECPA are part of the “enforcement” of a federal criminal statute, and thus fall outside § 230(c)(1)'s protections, in accordance with section 230(e)(1).
This argument has been thoroughly considered and rejected. “Courts have consistently held that § 230(e)(1)'s limitation on § 230 immunity extends only to criminal prosecutions, and not to civil actions based on criminal statutes.” Gonzalez v. Google LLC, 2 F.4th 871,890 (9th Cir. 2021). Plaintiffs here are thus incorrect regarding the applicability of § 230(e)(1). Section 230(e)(1) does not limit immunity in civil actions based on CFAA and ECPA.
5. Section 230 Immunity Conclusion
Plaintiffs' allegations all seek to impose liability based on Apple's role in vetting the app and making it available to consumers through the App Store. Apple qualifies as an interactive computer service provider within the meaning of the first prong of the Barnes test. Plaintiffs seek to hold Apple liable for its role in reviewing and making the Toast Plus app available, activity that satisfies the second prong of the Barnes test as publishing activity. And plaintiffs' allegations do not establish that Apple created the Toast Plus app; rather, it was created by another information content provider and thus meets the third prong of the Barnes test. For each of these reasons, as well as the inapplicability of an exemption, Apple is immune under § 230 for claims based on the conduct of the Toast Plus developers.
B. Consumer Protection Claims
Plaintiffs aver that their consumer protection claims are based on Apple's own misrepresentations and thus fall outside of the § 230 safe harbor. Dkt. 50 at 10. The consumer protection claims include count 4, violation of California's UCL; count 5, violation of California's CLRA; and count 9, violation of Maryland's MCPA.
Plaintiffs argue that their claims under the state consumer protection laws are premised solely upon Apple's own misrepresentations as to App Store safety. Dkt. 50 at 10. Plaintiffs' argument does not reflect what they have alleged, however. Throughout their pleading, plaintiffs repeatedly avoid basing their claims solely on Apple's representations of App Store safety, instead contending that it is the combination of Apple's representations along with its review and publication of apps on the App Store that underlies the company's liability. See, e.g., FAC, ¶¶ 2, 90-94, 101-03, 147-50. This makes sense because the alleged misrepresentations regarding App Store safety standing alone would not give rise to liability in the absence of Apple's having reviewed and published the apps. Because plaintiffs fail to delineate between Apple's conduct in publishing the Toast Plus app and Apple's conduct in touting the safety of the App Store, and because those allegations are inextricably intertwined, it is not possible to consider these allegations separately as plaintiffs suggest in their opposition. The consumer protection claims, as pleaded, seek to hold Apple liable for its publication of the Toast Plus app, but as discussed above, Apple is immune for such conduct pursuant to § 230.
Additionally, Federal Rule of Civil Procedure 9(b)'s heightened pleading requirement applies to plaintiffs' California and Maryland consumer protection claims because all three of these claims are based on Apple's allegedly fraudulent course of conduct: Apple's alleged misrepresentations that the App Store is safe and/or its failure to warn users about the dangers of the Toast Plus app. See Kearns, 567 F.3d at 1125 (“[W]e have specifically ruled that Rule 9(b)'s heightened pleading standards apply to claims for violations of the CLRA and UCL.”); Spaulding v. Wells Fargo Bank, N.A., 714 F.3d 769, 781 (4th Cir. 2013) (“[T]he MCPA claim, which sounds in fraud, is subject to the heightened pleading standards of Federal Rule of Civil Procedure 9(b)”). Rule 9(b) requires a party alleging fraud or mistake to state with particularity the circumstances constituting fraud or mistake. “To satisfy Rule 9(b)'s particularity requirement, the complaint must include an account of the time, place, and specific content of the false representations as well as the identities of the parties to the misrepresentations.” Depot, Inc. v. Caring for Montanans, Inc., 915 F.3d 643, 668 (9th Cir. 2019) (internal quotation marks omitted). In other words, “[a]verments of fraud must be accompanied by ‘the who, what, when, where, and how' of the misconduct charged.” Kearns, 567 F.3d at 1124 (citation omitted).
However, plaintiffs' allegations do not specify “the who, what, when, where, and how” of Apple's wrongdoing sufficient to meet the particularity of Rule 9(b). Plaintiffs instead advance muddy and conclusory arguments about Apple's role in the misappropriation of their cryptocurrency. See, e.g., FAC, ¶¶ 90-94. The lack of particularity in this pleading supports dismissal of the consumer protection claims sounding in fraud. Therefore, these claims are dismissed for both reasons-the failure to plead with particularity the claims sounding in fraud as well as the application of § 230 immunity to all causes of action which are premised on Apple's publication of a third-party app.
Though not argued by the parties, plaintiffs' consumer protection claims may additionally suffer from a lack of proximate cause where the intervening fraud of the Toast Plus developers complicates a showing that the loss of cryptocurrency was the result of Apple's allegedly unfair conduct. See Kwikset Corp. v. Superior Ct., 51 Cal.4th 310, 326 (2011).
C. Apple Terms' Limitation of Liability
“As a general matter, ‘limitation of liability clauses have long been recognized as valid in California.'” Darnaa, LLC v. Google LLC, 756 Fed.Appx. 674, 675 (9th Cir. 2018) (quoting Lewis v. YouTube, LLC, 244 Cal.App.4th 118, 197 (2015)) (cleaned up). However, contractual “releases of future liability for fraud and other intentional wrongs are invariably invalidated” pursuant to California Civil Code section 1668. Farnham v. Super. Ct., 60 Cal.App.4th 69, 71 (1997); see also McQuirk v. Donnelley, 189 F.3d 793, 796 (9th Cir. 1999) (quoting the rule from Farnham). California Civil Code section 1668 provides: “All contracts which have for their object, directly or indirectly, to exempt anyone from responsibility for his own fraud, willful injury to the person or property of another, or violation of law, whether willful or negligent, are against the policy of the law.”
In a recent case in this district, the court considered the validity of the limitation of liability provision in the Terms and Conditions applicable to Apple's iTunes gift cards. Barrett v. Apple Inc., 523 F.Supp.3d 1132, 1154-55 (N.D. Cal. 2021) (“Barrett I”). Plaintiffs in that case sought to hold Apple liable for the conduct of third-party scammers who used iTunes gift cards to defraud unsuspecting consumers. Id. at 1139-42. The Barrett plaintiffs, like plaintiffs here, acknowledged that the operative Terms and Conditions included a provision limiting liability, but they cited to section 1668 to invalidate the provision on the basis that Apple was prohibited from contractually disclaiming liability for the company's intentional conduct or violation of law. Id. at 1154. The court disagreed, holding that the provision was not used to shield Apple's own wrongful conduct; rather, plaintiffs' claims sought to attribute third-party conduct to Apple, but plaintiffs failed to establish that Apple was liable for third-party tortfeasors. Id. at 1154-55. In a subsequent order in the same case, after finding that plaintiffs' amended pleading had stated claims for Apple's own unlawful conduct, the court determined that the limitation of liability provision was substantively unconscionable as to those claims. Barrett v. Apple Inc., No. 5:20-CV-04812-EJD, 2022 WL 2119131, at *12-13 (N.D. Cal. June 13, 2022) (“Barrett II”). Apple could not use the limitation of liability provision as a shield for its own unlawful conduct the way it could to shield itself from third-party liability-the provision was unenforceable under section 1668. Id. at *14.
Apple argues in the instant motion that the limitation of liability provision within the Terms applies to all of plaintiffs' claims. See RJN, Ex. A, § G(f) (Dkt. 43-3 at 9). Plaintiffs do not dispute that their use of the App Store is subject to the Terms and expressly acknowledge that the Terms contain the limitation of liability provision (FAC ¶ 35), but they argue that the limitation of liability is unenforceable under section 1668.
Here, the subsection of the Terms referenced by Apple provides that the company is not liable for damages “arising out of or related to use of” third-party apps. See RJN, Ex. A, § G(f) (Dkt. 43-3 at 9). Though plaintiffs contend that this limitation of liability is unenforceable under section 1668, that section is only implicated where a party seeks to avoid liability for its own misconduct. Where plaintiffs seek to hold Apple liable for conduct of a third party, the Toast Plus app developers, the limitation of liability clause “does not attempt to avoid California unfair competition statutes or otherwise contract around the law.” Barrett I, 523 F.Supp.3d at 1154-55. The limitation of liability provision does not seek to waive Apple's liability for its own fraud, and it is thus enforceable to bar claims against Apple for harms caused by third-party tortfeasors. See Barrett II, WL 2119131, at *12-14. Plaintiffs fail to establish that the limitation of liability provision is unenforceable. Apple's limitation of liability provision is thus valid and enforceable.
Though plaintiffs hint that the Terms amount to a contract of adhesion (FAC ¶¶ 35-36), they stop short of showing the unenforceability of the Terms. Plaintiffs do not argue that the Terms are both procedurally and substantively unconscionable, both of which are necessary to prevent enforcement. See Sanchez v. Valencia Holding Co., LLC, 61 Cal.4th 899, 910 (2015).
Further, the limitation of liability provision applies to all of plaintiffs' claims, which clearly arise from their use of the Toast Plus app. As discussed above, all of plaintiffs' claims, including the consumer protection claims they contend are based solely upon Apple's own misrepresentations, are based on a combination of Apple's representations along with its review and publication of the Toast Plus app. Therefore, in addition to the applicability of § 230 immunity, plaintiffs' claims must be dismissed because of the applicability of the Terms' limitation of liability for third-party apps.
CONCLUSION
For the foregoing reasons, the court GRANTS Apple's motion to dismiss the FAC in its entirety. Because all of plaintiffs' claims are premised on Apple's role as a publisher of the Toast Plus app, any amendment would be futile given Apple's immunity afforded by § 230. All of the claims are therefore DISMISSED WITH PREJUDICE.
IT IS SO ORDERED.