Peter Maldini v. Accenture LLP, No. 22-1744 (4th Cir. 2023)
Annotate this Case
Justia Opinion Summary
Want to stay in the know about new opinions from the Fourth Circuit US Court of Appeals?
Sign up for free summaries delivered directly to your inbox. Learn More ›
You already receive new opinion summaries from Fourth Circuit US Court of Appeals. Did you know we offer summary newsletters for even more practice areas and jurisdictions? Explore them here.
In November 2018, Marriott International, Inc., announced that hackers had breached one of its guest reservation databases, giving them access to millions of guest records. Customers across the country began filing lawsuits, which were consolidated into multidistrict litigation in Maryland. Plaintiffs then moved to certify multiple class actions against Marriott and Accenture LLP, an IT service provider that managed the database at issue. The district court obliged in part. It certified classes for monetary damages on breach of contract and statutory consumer-protection claims against Marriott under Rule 23(b)(3) of the Federal Rules of Civil Procedure. It also certified “issue” classes on negligence claims against Marriott and Accenture under Rule 23(c)(4), limited to a subset of issues bearing on liability.
The Fourth Circuit granted Defendants’ petitions to appeal the district court’s certification order and now concludes that the order must be vacated. The court found that the district court erred in certifying damages classes against Marriott without first considering the effect of a class action waiver signed by all putative class members. And because the existence of damages classes against Marriott was a critical predicate for the district court’s decision to certify the negligence issue classes, that error affects the whole of the certification order. Accordingly, the court vacated the district court’s certification order.
Download PDF
PUBLISHED UNITED STATES COURT OF APPEALS FOR THE FOURTH CIRCUIT No. 22-1744 In re: MARRIOTT INTERNATIONAL, INC., CUSTOMER DATA SECURITY BREACH LITIGATION, ----------------------------PETER MALDINI; PAULA O’BRIEN; ROBERT GUZIKOWSKI; DENITRICE MARKS; MARIA MAISTO; IRMA LAWRENCE; MICHAELA BITTNER; KATHLEEN FRAKES HEVENER; BRENT LONG; DAVID VIGGIANO; ERIC FISHON; ANNEMARIE AMARENA; ROGER CULLEN, all proceeding individually and on behalf of all others similarly situated, Plaintiffs - Appellees, v. ACCENTURE LLP, Defendant - Appellant. ----------------------------THE CHAMBER OF COMMERCE OF THE UNITED STATES OF AMERICA; THE NATIONAL RETAIL FEDERATION, Amici Supporting Appellants. THE NATIONAL ASSOCIATION OF CONSUMER ADVOCATES; PUBLIC JUSTICE; ELECTRONIC FRONTIER FOUNDATION; ELECTRONIC PRIVACY INFORMATION CENTER, Amici Supporting Appellees. No. 22-1745 In re: MARRIOTT INTERNATIONAL, INC., CUSTOMER DATA SECURITY BREACH LITIGATION. ----------------------------PETER MALDINI; ROGER CULLEN; PAULA O’BRIEN; ROBERT GUZIKOWSKI; DENITRICE MARKS; MARIA MAISTO; IRMA LAWRENCE; MICHAELA BITTNER; KATHLEEN FRAKES HEVENER; ANNEMARIE AMARENA; BRENT LONG; DAVID VIGGIANO; ERIC FISHON, all proceeding individually and on behalf of all others similarly situated, Plaintiffs - Appellees, v. MARRIOTT INTERNATIONAL, INCORPORATED, Defendant - Appellant. ----------------------------THE CHAMBER OF COMMERCE OF THE UNITED STATES OF AMERICA; THE NATIONAL RETAIL FEDERATION, Amici Supporting Appellants. NATIONAL ASSOCIATION OF CONSUMER ADVOCATES; PUBLIC JUSTICE; ELECTRONIC FRONTIER FOUNDATION; ELECTRONIC PRIVACY INFORMATION CENTER, Amici Supporting Appellees. Appeal from the United States District Court for the District of Maryland, at Greenbelt. Paul W. Grimm, Senior District Judge. (8:19-md-02879-PWG) Argued: May 3, 2023 Decided: August 18, 2023 Before NIEMEYER, KING, and HARRIS, Circuit Judges. 2 Vacated and remanded by published opinion. Judge Harris wrote the opinion, in which Judge Niemeyer and Judge King joined. ARGUED: Matthew S. Hellman, JENNER & BLOCK LLP, Washington, D.C.; Devin S. Anderson, KIRKLAND & ELLIS, LLP, Washington, D.C., for Appellants. Amy Elisabeth Keller, DICELLO LEVITT GUTZLER LLC, Chicago, Illinois, for Appellees. ON BRIEF: Craig S. Primis, Emily M. Long, Katherine E. Canning, KIRKLAND & ELLIS LLP, Washington, D.C., for Appellant Accenture LLP. Daniel R. Warren, Lisa M. Ghannoum, Dante A. Marinucci, Kyle T. Cutts, Cleveland, Ohio, Gilbert S. Keteltas, BAKER & HOSTETLER LLP, Washington, D.C.; Lindsay C. Harrison, Zachary C. Schauf, Kevin J. Kennedy, Mary E. Marshall, Raymond B. Simmons, JENNER & BLOCK LLP, Washington, D.C., for Appellant Marriott International, Inc. James J. Pizzirusso, Washington, D.C., Megan Jones, HAUSFELD LLP, San Francisco, California; Andrew N. Friedman, COHEN MILSTEIN SELLERS & TOLL PLLC, Washington, D.C.; Norman E. Siegel, Kasey Youngentob, STUEVE SIEGEL HANSON LLP, Kansas City, Missouri; Jason L. Lichtman, Sean A. Petterson, LIEFF CABRASER HEIMANN & BERNSTEIN, LLP, New York, New York; MaryBeth V. Gibson, THE FINLEY FIRM, P.C., Atlanta, Georgia; Megan Jones, HAUSFELD LLP, San Francisco, California; Timothy Maloney, Veronica Nannis, JOSEPH GREENWALD & LAAKE, P.A., Greenbelt, Maryland; Gary F. Lynch, LYNCH CARPENTER, LLP, Pittsburgh, Pennsylvania; James Ulwick, KRAMON & GRAHAM PA, Baltimore, Maryland; Daniel Robinson, ROBINSON CALCAGNIE, INC., Newport Beach, California; Ariana J. Tadler, TADLER LAW LLP, New York, New York, for Appellees. Jennifer B. Dickey, Jordan L. Von Bokern, UNITED STATES CHAMBER LITIGATION CENTER, Washington, D.C., for Amicus Chamber of Commerce of the United States of America. Stephanie A. Martz, NATIONAL RETAIL FEDERATION, Washington, D.C., for Amicus National Retail Federation. Ashley C. Parrish, Julianne L. Duran, KING & SPALDING LLP, Washington, D.C., for Amici Chamber of Commerce of the United State of America and National Retail Federation. Ira Rheingold, NATIONAL ASSOCIATION OF CONSUMER ADVOCATES, Washington, D.C., for Amicus National Association of Consumer Advocates. Shelby Leighton, PUBLIC JUSTICE, Washington, D.C., for Amicus Public Justice. Hassan A. Zavareei, Glenn E. Chappell, Spencer S. Hughes, Cameron Partovi, Schuyler Standley, TYCKO & ZAVAREEI LLP, Washington, D.C., for Amici National Association of Consumer Advocates and Public Justice. Cindy A. Cohn, Adam Schwartz, ELECTRONIC FRONTIER FOUNDATION, San Francisco, California, for Amicus Electronic Frontier Foundation. Chris Frascella, Megan Iorio, Tom McBrien, ELECTRONIC PRIVACY INFORMATION CENTER (EPIC), Washington, D.C., for Amicus Electronic Privacy Information Center. Jean Sutton Martin, John A. Yanchunis, Kenya J. Reddy, MORGAN & MORGAN COMPLEX LITIGATION GROUP, Tampa, Florida, for Amici Electronic Frontier Foundation and Electronic Privacy Information Center. 3 PAMELA HARRIS, Circuit Judge: In November 2018, Marriott International, Inc., announced that hackers had breached one of its guest reservation databases, giving them access to millions of guest records. Customers across the country began filing lawsuits, which were consolidated into multidistrict litigation in Maryland. The plaintiffs then moved to certify multiple class actions against Marriott and Accenture LLP, an IT service provider that managed the database at issue. The district court obliged in part. After extensive proceedings, it certified classes for monetary damages on breach of contract and statutory consumer-protection claims against Marriott under Rule 23(b)(3) of the Federal Rules of Civil Procedure. It also certified “issue” classes on negligence claims against Marriott and Accenture under Rule 23(c)(4), limited to a subset of issues bearing on liability. We granted the defendants’ petitions to appeal the district court’s certification order and now conclude that the order must be vacated. The district court erred, we find, in certifying damages classes against Marriott without first considering the effect of a classaction waiver signed by all putative class members. And because the existence of damages classes against Marriott was a critical predicate for the district court’s decision to certify the negligence issue classes, that error affects the whole of the certification order. Accordingly, we vacate the district court’s certification order and remand for further proceedings consistent with this opinion. 4 I. A. In November 2018, Marriott International, Inc., disclosed that it had been subject to a massive data breach: From July 2014 to September 2018, hackers had access to the guest reservation database of a hotel chain, Starwood Hotels & Resorts Worldwide, that Marriott had purchased mid-breach in September 2016. Through the Starwood database, the hackers were able to view customers’ personal information, including names, mailing addresses, birth dates, email addresses, phone numbers, and, in some cases, passport and payment card information. The compromised information was associated with both regular guests and those who were members of the Starwood Preferred Guest Program. In total, the breach affected roughly 133.7 million guest records within the United States. Consumer plaintiffs across the country began filing lawsuits against Marriott. The suits claimed, in collective effect, that Marriott failed to take reasonable steps to protect its customers’ personal information against the foreseeable risk of a cyberattack, giving rise to tort liability. They also alleged that Marriott had breached contractual and statutory duties the company owed to its customers. Those actions were ultimately consolidated in multi-district litigation in the District of Maryland, where Marriott is headquartered. The plaintiffs added as a defendant Accenture LLP, a third-party provider of IT services to Starwood and then Marriott during the relevant period. In their operative complaint, the plaintiffs asserted various state-law contract and statutory consumer-protection claims against Marriott, along with state-law tort claims for 5 negligence against both Marriott and Accenture. 1 Marriott and the plaintiffs then identified ten “bellwether” claims to test the sufficiency of the pleadings; each was keyed to the law of a particular state, with the named plaintiffs from the selected state serving as the bellwether plaintiffs. The plaintiffs and Accenture followed a similar process to identify test jurisdictions and named plaintiffs for the state-law negligence claims against that defendant. Marriott and Accenture then moved to dismiss the representative plaintiffs’ claims. The district court denied the defendants’ motions in relevant part, allowing the plaintiffs’ claims to proceed. See In re Marriott Int’l, Inc., Customer Data Sec. Breach Litig. (Marriott I), 440 F. Supp. 3d 447 (D. Md. 2020); In re Marriott Int’l, Inc., Customer Data Sec. Breach Litig. (Marriott II), No. 19-md-2879, 2020 WL 6290670 (D. Md. Oct. 27, 2020). Most important here, the district court held that the named plaintiffs had adequately alleged “injury in fact” for purposes of Article III standing, and in so doing, it identified the theories of harm that would go on to guide the class certification litigation. Marriott I, 440 F. Supp. 3d at 456–66; Marriott II, 2020 WL 620670, at *4–5 (incorporating reasoning of Marriott I). Everyone agreed that plaintiffs who had experienced actual “fraudulent misuse of their personal information” had suffered a cognizable injury. Marriott I, 440 F. Supp. 3d at 456 n.4, 460 n.6. But the district court also found, as relevant here, that the remaining plaintiffs had advanced three other forms The plaintiffs brought claims for both negligence and negligence per se. For the sake of convenience, we refer to them together here as negligence claims. 1 6 of injury sufficient to establish standing: (1) that they had spent time and money mitigating a non-speculative threat of identity theft (the “mitigation” theory); (2) that the cyberattack had deprived them of the inherent market value of their personal identifying information (the “loss of market value” theory); and (3) that they had paid more for their hotel rooms than they would have had they known of Marriott’s allegedly lax data-security practices (the “overpayment” theory). Id. at 460–66. B. The plaintiffs moved to certify various classes, and in the decision now before us, the district court granted that motion in part. See In re Marriott Int’l, Inc., Customer Data Sec. Breach Litig. (Marriott III), 341 F.R.D. 128 (D. Md. 2022). On the plaintiffs’ contract and consumer-protection claims against Marriott, the court certified three state-specific damages classes under Rule 23(b)(3) of the Federal Rules of Civil Procedure. Id. at 172–73. And on the plaintiffs’ negligence claims against Marriott and Accenture, the court certified four state-specific “issue” classes under Rule 23(c)(4), limited to the elements of duty and breach, with individualized proceedings on injury, causation, and the amount of damages to follow. Id. at 173. Our ruling today turns primarily on the import of a classaction waiver signed by members of the damages classes against Marriott. But that issue is intertwined with others in this complex proceeding, and the defendants’ objections are wide-ranging, so we lay out much of the district court’s comprehensive opinion below. 1. The district court began by returning to the question of the class representatives’ standing. Id. at 140–43. The court relied mostly on its prior analysis from the motion to 7 dismiss stage, reasoning that the same evidentiary burden applied through class certification and until summary judgment, at which point the defendants could raise further standing challenges. Id. at 141. The district court did, however, make one adjustment to the scope of the damages classes against Marriott in response to standing concerns. Those classes, the court explained, relied in critical part on an alleged “overpayment” injury: The class members paid more for their hotel rooms than they were worth, given Marriott’s datasecurity deficiencies. But as defined by the plaintiffs, Marriott argued, the classes also included customers, like those traveling for work, who were reimbursed for their stays and thus did not themselves incur the hypothesized economic injury. Id. at 142. The district court agreed, and thus limited the classes proceeding on the overpayment theory of injury – the contract and consumer-protection classes against Marriott – to “persons who bore the economic burden for hotel room[s]” and were not reimbursed for their stays. Id. at 142–43. That raised a second concern for Marriott: that the classes, so defined, were insufficiently “ascertainable” because there was no administratively feasible way of determining who was and was not a class member. See EQT Prod. Co. v. Adair, 764 F.3d 347, 358 (4th Cir. 2014) (discussing Rule 23’s “implicit threshold requirement” that members of a proposed class be “readily identifiable” (internal quotation marks omitted)). Here, the district court disagreed, finding no reason to think – at least at present – that identifying class members who had paid their own way would call for any “exceptionally complicated administrative review.” Marriott III, 341 F.R.D. at 144. But the court cautioned that it would continue to monitor this process, redefining the classes or even decertifying them altogether if identifying members proved too unwieldy. Id. at 146. 8 2. The court turned then to the issue implicating the class-action waivers at the heart of this appeal: Rule 23(a)’s “typicality” requirement, under which a class representative’s claims and defenses must be typical of those of the class. See Fed. R. Civ. P. 23(a)(3); Marriott III, 341 F.R.D. at 149. The problem here, as Marriott saw it, was that the class representatives, all members of the Starwood Preferred Guest Program (“SPG”), had a contractual relationship with Marriott that differed critically from that of other class members. As SPG members, every class representative had signed a “Terms & Conditions” contract with a provision purporting to waive his or her right to pursue class litigation. See J.A. 727 (“Any disputes arising out of or related to the SPG Program or the[] SPG Program Terms will be handled individually without any class action . . . .”). But as the plaintiffs had defined them, the consumer-protection and negligence classes against Marriott included non-SPG members, who had not signed such waivers. 2 And that, the district court concluded, did indeed “raise[] serious typicality concerns,” because Marriott had indicated that it would rely on the waiver to argue that SPG members – like the class representatives, but unlike many class members – could not pursue class litigation at all. Marriott III, 341 F.R.D. at 149. To address that concern, the district court redefined all classes against Marriott to include only SPG members, bringing the class representatives into alignment with class The plaintiffs’ proposed contract classes, by contrast, already included only SPG members. Marriott III, 341 F.R.D. at 149 & n.24. 2 9 membership. Id. The result, of course, was that now every proposed class member litigating against Marriott would be someone who had purportedly given up the right to engage in just such class litigation. But the district court did not further consider the import of the class waiver on its certification decision. Instead, in a footnote, it first observed that the plaintiffs had raised a “strong argument” that Marriott had waived its right to enforce the class-action waiver; though it was included as a “one-line, boilerplate affirmative defense” in Marriott’s answer, Marriott had not otherwise pressed the issue as “part of the bellwether negotiation process” or in any separate motion. Id. at 149 n.26. And in any event, the court concluded, it could address the class-action waiver, along with other affirmative defenses, after discovery and at the merits stage of the litigation. Id. 3. After addressing other threshold Rule 23(a) requirements not at issue on appeal, the court proceeded to certify several state-specific Rule 23(b)(3) damages classes against Marriott on the plaintiffs’ contract and consumer-protection claims. Here, the focus was on Rule 23(b)(3)’s predominance requirement, see Fed. R. Civ. P. 23(b)(3), which in this context meant that damages must be “capable of measurement on a classwide basis.” Marriott III, 341 F.R.D. at 161 (quoting Comcast Corp. v. Behrend, 569 U.S. 27, 34 (2013)). Though damages need not be calculated on a classwide basis, that is, the plaintiffs had to demonstrate that there was a “common, classwide method for determining individual damages.” Id. (internal quotation marks omitted). And as the court explained, it had approved just such a common method for calculating the plaintiffs’ alleged overpayment 10 injuries in a companion Daubert opinion 3 issued the same day. Id. at 161–62 & n.48 (citing In re Marriott Int’l, Inc., Customer Data Sec. Breach Litig. (Marriott IV), 602 F. Supp. 3d 767 (D. Md. 2022)). The plaintiffs’ expert, the court concluded, had developed an admittedly “complex” model that nevertheless allowed each class member to use the same statistical formula to calculate his or her overpayment damages, relying on the same set of variables for each hotel stay. Id. at 161–62. Though some individual data would be required as an input, that information would be “objective and administrative in nature,” raising no “individualized issues of a substantive nature.” Id. at 162. And the expert model satisfied the Comcast requirement that it measure only those damages attributable to the identified theory of harm, isolating the overpayment theory of harm and attendant damages from the plaintiffs’ other theories of injury. Id. at 163 (applying the “Comcast requirement that a plaintiff’s damages case be consistent with its liability case” (cleaned up)). But here again, the court cautioned that its decision was not final: As of yet, the plaintiffs’ model had been tested only against the bellwether plaintiffs. Id. at 163. If it turned out that individual inquiries threatened to overwhelm the analysis when applied more broadly, the court would adjust or decertify the classes. Id. In Daubert v. Merrell Dow Pharmaceuticals, Inc., 509 U.S. 579 (1993), and its progeny, the Supreme Court set forth the standard for admitting expert testimony in federal trials. See also Fed. R. Evid. 702; Kumho Tire Co. v. Carmichael, 526 U.S. 137 (1999); Gen. Elec. Co. v. Joiner, 522 U.S. 136 (1997). 3 11 4. That left the proposed negligence classes against both Marriott and Accenture. The court first denied the plaintiffs’ motion for certification of full damages classes under Rule 23(b)(3), concluding that there was no common, classwide basis for calculating damages caused by the defendants’ alleged negligence. Id. at 153. Here, the plaintiffs rested on the “loss of market value” theory of injury, arguing that all class members lost the value of their personal information when it was exposed to hackers and presenting an expert model for measuring that market value across all class members. But in its accompanying Daubert order, the district court rejected that model, leaving the plaintiffs with no classwide theory of injury or measure of damages. Id. at 153–54 & n.32. The court recognized, however, that the plaintiffs were pursuing a different methodology for measuring market value, anchored to Marriott’s own valuation of its reward customers’ personal data, and denied the plaintiffs’ motion without prejudice, allowing for further proceedings on that matter. Id. at 154. The court did, however, certify “issue” negligence classes against Marriott and Accenture under Rule 23(c)(4). Id. at 167–71; see Fed. R. Civ. P. 23(c)(4) (“When appropriate, an action may be brought or maintained as a class action with respect to particular issues.”). These classes proceeded under theories of injury – actual fraud losses and the mitigation costs of guarding against such losses – that were concededly individualized. See id. at 168; see also id. at 169 n.62 (observing that the plaintiffs did not dispute that individualized issues predominated as to whether they had suffered actual injury, “a fourth consistent element . . . required to establish liability”). Moreover, the 12 court concluded, individualized issues predominated on the question of causation, requiring “substantial individualized inquiry” as to whether class members’ data may have been exposed through something other than the Starwood breach or whether it was indeed the defendants’ alleged negligence that proximately caused their injuries. Id. at 169. By contrast, the court found, it was clear (and Marriott did not seriously dispute) that common issues predominated as to the other elements of the plaintiffs’ negligence claims – the existence of a duty owed by the defendants to the plaintiffs and a breach of that duty. Id. Accordingly, the court certified issue classes on the duty and breach elements of the plaintiffs’ negligence claims alone, to be followed (if the plaintiffs succeeded) by individualized proceedings on the injury and causation elements as well as damages. The court recognized that certification of issue classes under Rule 23(c)(4) calls for special attention to Rule 23(b)(3)’s superiority requirement, under which a class action must be “superior to other available methods for fairly and efficiently adjudicating the controversy.” Fed. R. Civ. P. 23(b)(3). The efficiency gains of certification, that is, must be evaluated in light of the need for individualized proceedings at the back end. See Marriott III, 341 F.R.D. at 170. And here, the court acknowledged, the issue-class litigation it had authorized would leave important elements and issues unresolved, requiring extensive subsequent litigation. Nevertheless, the court concluded, “efficiency gains stemming from certification of the duty and breach issues outweigh this fact,” given that the court already had certified damages classes against Marriott. Id. Because it would “already be analyzing the intertwined factual circumstances relevant to the duty and breach issues” in connection with the Marriott contract and consumer-protection classes, the court 13 reasoned, “[n]ot certifying the duty and breach issue classes” would “result in totally unnecessary duplication.” Id. 5. After the district court entered its certification order, Marriott and Accenture timely petitioned this court for permission to appeal under Rule 23(f) of the Federal Rules of Civil Procedure. We granted the petitions and this appeal followed. II. We review a district court’s class certification decision for abuse of discretion, Gregory v. Finovia Cap. Corp., 442 F.3d 188, 190 (4th Cir. 2006), “cognizant of both the considerable advantages that our district court colleagues possess in managing complex litigation and the need to afford them some latitude in bringing that expertise to bear,” Krakauer v. Dish Network, L.L.C., 925 F.3d 643, 654 (4th Cir. 2019). Nevertheless, “[a] district court per se abuses its discretion when it makes an error of law or clearly errs in its factual findings.” Thorn v. Jefferson-Pilot Life Ins. Co., 445 F.3d 311, 317 (4th Cir. 2006). In their petitions and on appeal, the defendants challenge multiple aspects of the district court’s certification ruling, objecting, inter alia, to its finding that membership in the damages classes against Marriott was sufficiently “ascertainable”; to its approval of the plaintiffs’ model for classwide calculation of overpayment damages; and, on several different grounds, to its certification of negligence “issue” classes limited to the elements of duty and breach. But we need not resolve all these issues – some of which, as noted 14 above, involve district court rulings expressly left open to further consideration – in this interlocutory posture. 4 That is because we agree with Marriott on one threshold and critical point: The district court erred when it declined to consider, before certifying class actions against Marriott, the import of a purported class-action waiver signed by every putative class member. And that error, in turn, affected the certification of the negligence issue classes against Accenture, because the certification of the Marriott damages classes was the linchpin of the district court’s Rule 23(b)(3) superiority analysis. Accordingly, we vacate the certification order in its entirety and remand for proceedings consistent with this opinion. A. We begin with Marriott’s class-action waiver defense. Marriott maintains that every SPG member agreed to resolve disputes against it only “individually [and] without any class action” when they signed the SPG Terms & Conditions contract. See J.A. 727. And because of the district court’s Rule 23(a) typicality ruling, the certified classes against Marriott now consist entirely of SPG members. See Marriott III, 341 F.R.D. at 149. Those The certification order in this complex case incorporates a number of critical and contested rulings, some but not all of which are before us in this Rule 23(f) posture. As outlined above, much of the district court’s certification order is premised on its early adoption, at the motion to dismiss stage, of the plaintiffs’ various theories of injury and Article III standing, which included the overpayment and loss of market value theories. The order also incorporates two Daubert rulings – one in favor of the plaintiffs, one in favor of the defendants – regarding the susceptibility of those theories to classwide proof. We do not reach those issues today, and our narrow decision should not be understood to express any view on aspects of the certification order beyond those directly addressed. 4 15 putative class members are bound, Marriott contends, by a contractual waiver that applies to all the certified claims, barring the entirety of the class action against it. The threshold question on appeal is whether the district court erred by certifying classes against Marriott without first addressing this class-action waiver defense. See Marriott III, 341 F.R.D. at 149 n.26 (explaining that the court will address the class-waiver defense, along with other affirmative defenses, after certification and at the merits stage of the litigation). Marriott argues vigorously that class waivers must be addressed and (if appropriate) enforced at the certification stage, not after a class action already has been litigated through to the merits. And, notably, the plaintiffs seem not to disagree – at least, not by much. Apart from a half-sentence referring to a district court’s general discretion to manage its docket, the plaintiffs’ brief does not join issue on this timing question at all; instead, it jumps straight to the merits of Marriott’s defense, arguing that Marriott repudiated or otherwise waived the defense and that the class waiver is in any event unenforceable and largely inapplicable. If there is an argument in favor of deferring consideration of a class waiver until after certification, the plaintiffs have not made it, and it may well be forfeited. See Grayson O Co. v. Agadir Int’l LLC, 856 F.3d 307, 316 (4th Cir. 2017) (“A party waives an argument . . . by failing to develop it – even if its brief takes a passing shot at the issue.” (cleaned up)). Regardless, we agree with Marriott that the time to address a contractual class waiver is before, not after, a class is certified. Although it seems no court has had occasion to expressly hold as much, that is the consensus practice. Courts consistently resolve the import of class waivers at the certification stage – before they certify a class, and usually 16 as the first order of business. See, e.g., Kaspers v. Comcast Corp., 631 F. App’x 779, 784 (11th Cir. 2015) (per curiam) (“[B]ecause we have concluded that the class-action waiver was valid, the district court did not need to consider the requirements for class certification under Rule 23.”); Archer v. Carnival Corp. & PLC, No. 2:20-CV-04203, 2020 WL 6260003, at *4, *8 (C.D. Cal. Oct. 20, 2020) (finding that because the plaintiffs’ motion for certification was barred by class waiver there was no need to address whether the plaintiffs’ claims satisfied the requirements for certification set forth in Rule 23(a) and 23(b)(3)); Ranzy v. Extra Cash of Tex., Inc., No. Civ. A. H-09-3334, 2011 WL 13257274, at *8 (S.D. Tex. Oct. 14, 2011) (concluding that class-action waivers precluded plaintiff from asserting claims on behalf of a class, obviating need to reach the Rule 23 requirements); Lindsay v. Carnival Corp., No. C20-982, 2021 WL 2682566, at *4 (W.D. Wash. June 30, 2021) (denying the plaintiffs’ motion for class certification as barred by class waiver without addressing the requirements of Rule 23); cf. Palacios v. Boehringer Ingelheim Pharms., Inc., No. 10-22398-CIV, 2011 WL 6794438, at *2–4 (S.D. Fla. Apr. 19, 2011) (finding that class-action waiver prevented plaintiff from participating in any class action, including collective actions brought pursuant to 29 U.S.C. § 216(b)). 5 We think this is the only approach consistent with the nature of class actions and the logic of class waivers. Under Rule 23, certification is the key moment in class-action The only contrary authority located by the parties is a district court decision declining to resolve a class waiver issue at certification that was subsequently reversed on other grounds on appeal. See Earl v. Boeing Co., 339 F.R.D. 391 (E.D. Tex. 2021), rev’d on other grounds, 53 F.4th 897 (5th Cir. 2022). 5 17 litigation: It is the “sharp line of demarcation” between “an individual action seeking to become a class action and an actual class action.” Shelton v. Pargo, Inc., 582 F.2d 1298, 1304 (4th Cir. 1978). But by signing a valid and enforceable class waiver, as alleged here, a plaintiff promises not to cross that line – to give up, in exchange for some contractual benefit, the right to proceed by way of an “actual class action.” See Laver v. Credit Suisse Sec. (USA), LLC, 976 F.3d 841, 846 (9th Cir. 2020) (“A class action waiver is a promise to forgo a procedural right to pursue class claims.”). If that “sharp line” is to be maintained, then a district court simply cannot certify a class at the behest of plaintiffs who have promised to stay on the “individual action” side of it. Although the district court addressed this issue only parenthetically, it did suggest that it would be appropriate to group Marriott’s class-waiver defense with its other affirmative defenses, all to be resolved at the “merits stage” of the class action litigation it was certifying. Marriott III, 341 F.R.D. at 149 n.26. We disagree. First, a class-waiver defense is not a “merits” issue in the usual sense. Whether a plaintiff may proceed via a class action does not speak to the underlying merits of his claim; it speaks to the process available in pursuit of that claim. Put differently, a class-waiver defense is not a defense to liability but to being required to litigate a class action at all. If that defense is addressed only after a class action already has been litigated to the merits, then it is effectively lost, cf. Mitchell v. Forsyth, 472 U.S. 511, 526 (1985) (discussing qualified immunity as “immunity from suit”), and the defendant is denied the benefit of its contractual bargain. And in any event, even if a class-waiver defense is treated as a merits question, that does not mean it should not be resolved at the certification stage. The Supreme Court has 18 emphasized the “rigorous analysis” that must be performed before a class is certified under Rule 23 – even where that analysis will “entail some overlap with the merits.” Wal-Mart Stores, Inc. v. Dukes, 564 U.S. 338, 351 (2011). There is nothing unusual or counterintuitive, in other words, about requiring courts to consider aspects of the merits in connection with class certification. See id. (“The class determination generally involves considerations that are enmeshed in the factual and legal issues comprising the plaintiff’s cause of action.” (cleaned up)). The district court provided no other reason for declining to rule on Marriott’s waiver defense before certifying a class against it, and none is apparent to us. We thus conclude, for the reasons given above, that the district court erred by certifying multiple classes against Marriott consisting entirely of plaintiffs who had signed a putative class waiver without first addressing the import of that waiver. Accordingly, we vacate the certification of all classes against Marriott and remand to the district court so that it may undertake this inquiry in the first instance. In so doing, we decline the plaintiffs’ invitation to resolve on appeal an issue never ruled on by the district court: whether, as the plaintiffs argue, Marriott repudiated or waived its class-waiver defense. It is true, as the plaintiffs emphasize, that the district court characterized their “waiver of the waiver” argument as a “strong” one. Marriott III, 341 F.R.D. at 149 n.26. But contrary to the plaintiffs’ suggestions, the district court did not purport to resolve the issue, instead limiting itself to an aside. See id. (“Nevertheless, the Court need not rule on this issue at this time.”). Moreover, we have some questions about the court’s commentary. As Marriott argues, it raised its class-waiver defense in its answer 19 to the plaintiffs’ complaint and then again at class certification, and at least as a general rule, it is not obvious that more would be required. But to the extent the court was concerned with the particulars of Marriott’s litigation strategy, see id. (discussing “bellwether negotiation process” and motions practice), that is a matter squarely within the purview of the district court, which has by far the better vantage point. Cf. Stuart v. Huff, 706 F.3d 345, 349–50 (4th Cir. 2013) (explaining that litigation “dynamics” are best evaluated by district courts based on their “on the scene” presence (internal quotation marks omitted)). Accordingly, we leave it to the district court on remand to consider all “arguments related to waiver of the waiver provision,” Marriott III, 341 F.R.D. at 149 n.26, in connection with a new certification determination. Similarly, we will not take up for the first time on appeal questions related to the validity and scope of the Terms & Conditions class waiver. The plaintiffs raise objections to enforcement of that waiver under both state and federal law, and contend in the alternative that the waiver’s scope does not reach their consumer-protection and negligence claims. Marriott, of course, argues to the contrary. But the district court declined to pass on these questions, too. See id. (deferring ruling on “the arguments both parties have made as to the applicability” of the contractual waiver provision until after discovery and a ruling on the merits). That leaves us without any development of those issues, and so we follow our ordinary course and leave to the district court “the first opportunity to perform the applicable analysis.” Fusaro v. Cogan, 930 F.3d 241, 263 (4th Cir. 2019); id. at 264 (“[T]his Court is a court of review, not of first view . . . .” (internal quotation marks omitted)). 20 B. Having vacated the district court’s certification order as to the classes against Marriott, we turn now to the negligence issue classes against Accenture. 6 As described above, the district court certified Rule 23(c)(4) issue classes on two and only two elements of the plaintiffs’ negligence claims against Accenture – whether Accenture owed a duty of care to the plaintiffs and whether it had breached any such duty. The remaining elements – injury and causation, or whether a breach of duty established classwide caused injury to a given plaintiff – would be litigated in follow-on individual proceedings, along with damages. Marriott III, 341 F.R.D. at 167–71. Accenture objects to these issue classes on multiple grounds, arguing, inter alia, that Rule 23(c)(4) does not permit the certification of some but not all elements of a cause of action, and that even if it does, these classes do not satisfy Rule 23(b)(3)’s superiority requirement. As explained below, we agree that the district court’s superiority analysis cannot stand, and on that ground, we vacate the certification of the classes against Accenture. Rule 23(c)(4) provides that “[w]hen appropriate, an action may be brought or maintained as a class action with respect to particular issues.” Fed. R. Civ. P. 23(c)(4). In Gunnells v. Healthplan Services, Inc., 348 F.3d 417 (4th Cir. 2003), we held that this rule allows for certification of a class as to a particular cause of action, even where a lawsuit as a whole would not satisfy Rule 23(b)’s predominance requirement. See 348 F.3d at Those classes remain before us because Accenture, unlike Marriott, has not argued that it may enforce the class waiver provisions in the putative class members’ SPG Terms & Conditions contract. 6 21 439–45. But see id. at 446–48 (Niemeyer, J., concurring in part and dissenting in part). The question here is related but distinct: whether a court may certify certain elements of a cause of action as to which common issues predominate (in this case, duty and breach) when individual issues predominate as to other elements (here, injury and causation). It may be, as the district court concluded, that the case law is “coalesc[ing]” around a “broad view of Rule 23(c)(4) in which common questions need predominate over individual ones only for the specific issues that are certified, not for the entire cause of action.” Marriott III, 341 F.R.D. at 168 (internal quotation marks omitted); see also Naparala v. Pella Corp., No. 2:14-cv-03465, 2016 WL 3125473, at *13–14 (D.S.C. June 3, 2016) (identifying similar “emerging majority” of decisions in favor of “permissive approach” to issue certification); Martin v. Behr Dayton Thermal Prods., LLC, 896 F.3d 405, 411–12 (6th Cir. 2018) (collecting cases). But as the district court explained, our court has yet to rule directly on this issue, and the question is not entirely free from doubt. See Marriott III, 341 F.R.D. at 168 n.60; see also Parker v. Asbestos Processing, LLC, No. 0:11-cv-01800, 2015 WL 127930, at *11 (D.S.C. Jan. 8, 2015) (“[T]he Fourth Circuit has not directly addressed this dispute and the relationship between Rule 23(b)(3) and Rule 23(c)(4) . . . .”). 7 Nor has this court had occasion to address Accenture’s additional concern regarding bifurcation of liability elements in this context, in which injury and causation elements have been carved out of class proceedings: that the result is inconsistent with Article III standing requirements, because there is no assurance at the certification stage that all class members have suffered the necessary injury in fact at the hands of the defendant. 7 22 What is clear, however, is that if courts certify classes on individual elements of a cause of action, Rule 23(b)(3)’s superiority requirement takes on special importance. As several district courts in our circuit have cogently explained, this kind of issue class will “almost automatically” meet Rule 23(b)(3)’s predominance requirement; once the issues to be certified are “narrowed down to make them sufficiently ‘common,’” it is virtually axiomatic that common issues will predominate. Naparala, 2016 WL 3125473, at *14 (internal quotation marks omitted); see also Parker, 2015 WL 127930, at *15. That puts the “focus [on] Rule 23(b)(3)’s second requirement, superiority,” because the same narrowing process will have cleaved off individualized questions of liability, as well as damages, for separate individual trials, diminishing the efficiency gains of the class proceedings. Naparala, 2016 WL 3125473, at *14; see also Tillman v. Highland Industries, Inc., No. 4:19-cv-02563, 2021 WL 4483035, at *19 (D.S.C. Sept. 30, 2021) (explaining that certification of specific elements of liability, “leaving the remaining pieces of liability and damages to be determined at individual trials,” would “render the significance of the class action easily overwhelmed” by the subsequent individual proceedings (cleaned up)). And although class litigation may address the “incentive problem” that arises when individual plaintiffs do not have enough at stake to justify individual litigation, that benefit, too, is diminished by issue certifications “where the remaining individualized issues will also require significant resources.” Romig v. Pella Corp., No. 14-cv-00433, 2016 WL 3125472, at *17 (D.S.C. June 3, 2016); see also Naparala, 2016 WL 3125473, at *16. For all these reasons, “the superiority component of 23 Rule 23(b)(3) frequently comes into play to defeat issue certification.” Parker, 2015 WL 127930, at *15. The district court here recognized as much. Marriott III, 341 F.R.D. at 170 (explaining need to “additionally consider whether the efficiency gains of certification outweigh the fact that individualized issues requiring significant time and attention remain for later” (cleaned up)). And it acknowledged that the efficiency of class proceedings would be affected by the fact that “important issues related to causation, affirmative defenses, and damages related to Accenture’s conduct [would] not be resolved during issue-class adjudication.” Id. But that loss of efficiency, the court concluded, would be outweighed by one thing: the efficiency benefits of certifying the issue classes together with the damages classes against Marriott. Because it had “certified damages classes against Marriott,” the court explained, it would “already be analyzing the intertwined factual circumstances relevant to the duty and breach issues.” Id. And given the damages classes against Marriot, not certifying issue classes against Accenture “would result in totally unnecessary duplication as Plaintiffs and Defendants litigated the Marriott class action and the presumably numerous individual Accenture-related cases.” Id. As explained above, however, we have now vacated certification of the Rule 23(b)(3) damages classes against Marriott. And without those classes, nothing remains to support the district court’s superiority finding as to the issue classes against Accenture. In the Rule 23(c)(4) issue-class context, as the district court understood and all agree, the superiority of class proceedings simply cannot be taken for granted, even when common questions predominate as to the certified issues. Instead, courts must “evaluate this 24 question of efficiency carefully.” Id. Because the underpinning of the district court’s careful evaluation has been removed, we must vacate the court’s certification of the Rule 23(c)(4) issue classes, as well. On remand, the district court may reconsider that determination, taking into account its ultimate disposition of the plaintiffs’ motion to certify Rule 23(b)(3) damages classes against Marriott. III. For the foregoing reasons, we vacate the district court’s certification order and remand for further proceedings consistent with this opinion. 8 VACATED AND REMANDED After briefing was completed, the plaintiffs moved to supplement the record to include two letter orders issued by the district court concerning discovery related to Marriott’s valuation of its customers’ personal information. The materials in question have no bearing on our grounds of decision, and so we deny the motion as moot. 8 25
Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You should read the full case before relying on it for legal research purposes.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
