DANA PICA V. DELTA AIR LINES, INC., No. 19-55300 (9th Cir. 2020)

Annotate this Case

Download PDF

FILED NOT FOR PUBLICATION JUL 16 2020 UNITED STATES COURT OF APPEALS MOLLY C. DWYER, CLERK FOR THE NINTH CIRCUIT DANA PICA, individually and on behalf of all others similarly situated; GABRIELLE GROFF, individually and on behalf of all others similarly situated, Plaintiffs-Appellants, No. U.S. COURT OF APPEALS 19-55300 D.C. No. 2:18-cv-02876-MWF-E MEMORANDUM* and ARTHI NAINI, Plaintiff, v. DELTA AIR LINES, INC., a Delaware Corporation; et al., Defendants-Appellees. Appeal from the United States District Court for the Central District of California Michael W. Fitzgerald, District Judge, Presiding Submitted July 9, 2020** Pasadena, California * This disposition is not appropriate for publication and is not precedent except as provided by Ninth Circuit Rule 36-3. ** The panel unanimously concludes this case is suitable for decision without oral argument. See Fed. R. App. P. 34(a)(2). Before: PAEZ and BADE, Circuit Judges, and ZOUHARY,*** District Judge. Plaintiffs-Appellants Dana Pica and Gabrielle Groff (collectively, Plaintiffs) appeal the district court’s Federal Rule of Civil Procedure 12(b)(6) dismissal of their putative class claims for breach of contract and violation of the Stored Communications Act (SCA) against Defendant-Appellee Delta Air Lines, Inc. (Delta), and their SCA and state law claims against Defendant-Appellee [24]7.ai, Inc. ([24]7). We have jurisdiction under 28 U.S.C. § 1291 and review de novo a Rule 12(b)(6) dismissal. See Curtis v. Irwin Indus., Inc., 913 F.3d 1146, 1151 (9th Cir. 2019). We affirm. 1. The district court properly dismissed Plaintiffs’ claim for breach of contract against Delta. The contract authorized Delta to “transmit” Plaintiffs’ personal data to certain third-party “providers” of “services,” e.g., “providers” of “ancillary services.” Plaintiffs alleged Delta disclosed their personal data to [24]7 but failed to plead non-conclusory factual allegations plausibly demonstrating that [24]7 is not a listed provider of services. See Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009); Bell Atl. Corp. v. Twombly, 550 U.S. 544, 555 (2007). 2. The district court also properly dismissed Plaintiffs’ SCA claims against Delta and [24]7. As to Delta, Plaintiffs’ claim under 18 U.S.C. § 2701(a) *** The Honorable Jack Zouhary, United States District Judge for the Northern District of Ohio, sitting by designation. 2 fails because Plaintiffs failed to allege that Delta did not have authorization to access its own servers—the alleged “facility” “through which an electronic communication service” was provided. See 18 U.S.C. § 2701(a), (c)(1). Further, § 2701(a) prohibits illicit “access” to a “facility,” it does not prohibit disclosure of information. See id. § 2701(a). With respect to Plaintiffs’ § 2702 claim against Delta, because Plaintiffs failed to plead non-conclusory facts plausibly demonstrating Delta did not have authority to disclose the information to [24]7, Delta is immune under § 2702(b)(3), which protects Delta for disclosing the data “with the lawful consent of the originator.” Likewise, because Plaintiffs intentionally sent the information to Delta, Delta could lawfully consent to disclose it to [24]7 pursuant to § 2702(b)(3). Plaintiffs also failed to allege facts plausibly demonstrating Delta provided an electronic communication service (ECS) to the public. See id. § 2702(a)(1). Plaintiffs’ § 2701(a) claim against [24]7 fails because Plaintiffs did not allege [24]7 “access[ed]” Delta’s “facility” without Delta’s authorization. See id. § 2701(a). Plaintiffs allege Delta disclosed the data to [24]7, but by passively receiving the data, [24]7 did not “get at” or “gain access to” the facility. See United States v. Smith, 155 F.3d 1051, 1058 (9th Cir. 1998) (citation omitted). Further, it is Delta—as the alleged ECS provider—that can authorize access to its facility, not Plaintiffs. Thus, even assuming [24]7 accessed Delta’s facility by 3 receiving the data from Delta, [24]7 did not lack authorization. As to Plaintiffs’ § 2702 claim against [24]7, Plaintiffs did not plead facts plausibly demonstrating that [24]7 provides an ECS to the public or that [24]7 “knowingly divulge[d]” Plaintiffs’ personal data to the third-party hackers. See 18 U.S.C. § 2702(a)(1). 3. The Airline Deregulation Act (ADA) preempts Plaintiffs’ three state- law claims against [24]7 for negligence, violation of California Civil Code § 1798.81.5(b) (i.e., failure to protect personal information), and violation of California Civil Code § 1798.82 (i.e., failure to timely notify of a data breach) because these claims, if enforced, “relate[] to” Delta’s services or prices. See 49 U.S.C. § 41713(b)(1); see also Morales v. Trans World Airlines, Inc., 504 U.S. 374, 383–84, 386 (1992) (describing clause as having a “broad pre-emptive purpose” and “expansive sweep,” and rejecting argument that ADA only preempts “state laws specifically addressed to the airline industry” and not “laws of general applicability”). Thus, the district court properly dismissed these claims. AFFIRMED. 4

Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You should read the full case before relying on it for legal research purposes.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.