Judge Alex G. Tse, in the Northern District of California, granted a motion to dismiss all claims against several restaurant brand defendants, but allowed plaintiffs the opportunity to amend their complaint. The decision addresses issues including standing, pleading standards for fraud-based privacy claims, the scope of California’s privacy statutes, and the viability of class allegations at the pleading stage.
Standing and Parent Company Liability
The court found that plaintiffs lacked standing to sue the parent company, because the complaint did not allege facts linking the parent company’s conduct to the alleged privacy violations. The court emphasized that a parent-subsidiary relationship alone is insufficient to establish standing; plaintiffs must plausibly plead harm traceable to the parent’s actions. Inspire was dismissed with leave to amend.
Concrete Privacy Injury
The court held that plaintiffs sufficiently alleged a concrete privacy injury by claiming that defendants caused cookies and tracking technologies to be placed on their devices without consent, resulting in the collection of sensitive information such as browsing history, user input data, and geolocation. The court distinguished the facts from recent Ninth Circuit precedent, finding the alleged data collection here to be more intrusive and potentially highly offensive. However, the court noted that the ultimate question of offensiveness is fact-specific and cannot be resolved at the pleading stage.
Heightened Pleading Standard for Fraud-Based Claims
A significant portion of the order addresses the application of Federal Rule of Civil Procedure 9(b)’s heightened pleading standard. The court found that all of plaintiffs’ claims—including those for invasion of privacy, intrusion upon seclusion, and unjust enrichment—sounded in fraud because they were premised on alleged misrepresentations regarding cookie consent banners. Plaintiffs claimed they were misled into believing they could decline tracking, but were tracked regardless. The court concluded that plaintiffs failed to plead the “when” and “where” of the alleged misconduct with sufficient specificity, particularly given that cookie banners changed over the relevant period. All claims were dismissed for failure to comply with Rule 9(b), but with leave to amend.
Statutory Claims Under CIPA and Related Theories
- CIPA Claims and Statute of Limitations: The court found that certain California Invasion of Privacy Act (CIPA) claims were time-barred and not saved by equitable tolling, particularly where plaintiffs failed to provide timely notice to all relevant defendants or could not justify delays in filing suit after arbitration.
- Wiretapping Claims: Plaintiffs’ wiretapping claims under California Penal Code § 631(a) were dismissed for failure to allege facts showing contemporaneous interception of communications, as required by law.
- Pen Register Claims: The court allowed plaintiffs’ pen register claims under California Penal Code § 638.51 to proceed, finding that the alleged use of tracking cookies could plausibly constitute a pen register under the statute, provided plaintiffs can meet Rule 9(b)’s requirements.
- Trespass to Chattels: The court dismissed the trespass to chattels claim, finding plaintiffs failed to allege facts showing actual harm to their devices beyond conclusory statements.
Class Allegations
Defendants’ request to strike class allegations as overbroad and unworkable was denied as premature. The court reaffirmed that such challenges are rarely granted at the pleading stage and are better addressed after discovery.
BENJAMIN PAUL DE AYORA, et al., v. INSPIRE BRANDS, INC., et al., No. 25-CV-03645-AGT, 2025 WL 3707561 (N.D. Cal. Dec. 22, 2025).
