MARIE HAMMERLING, ET AL V. GOOGLE, LLC, No. 22-17024 (9th Cir. 2024)
Annotate this Case
Download PDF
FILED NOT FOR PUBLICATION UNITED STATES COURT OF APPEALS MAR 5 2024 MOLLY C. DWYER, CLERK U.S. COURT OF APPEALS FOR THE NINTH CIRCUIT MARIE HAMMERLING; KAY JACKSON, No. 22-17024 individually and on behalf of all others similarly situated, D.C. No. 3:21-cv-09004-CRB Plaintiffs-Appellants, MEMORANDUM* v. GOOGLE, LLC, a Delaware limited liability company, Defendant-Appellee. Appeal from the United States District Court for the Northern District of California Charles R. Breyer, Senior District Judge, Presiding Argued and Submitted February 14, 2024 San Francisco, California Before: MILLER, BADE, and VANDYKE, Circuit Judges. In this putative class action, Plaintiffs-Appellants Marie Hammerling and Kay Jackson sued Defendant-Appellee Google, LLC, alleging that Google (1) surreptitiously collected personal information from Android users by tracking * This disposition is not appropriate for publication and is not precedent except as provided by Ninth Circuit Rule 36-3. their download and use of third-party mobile applications (“apps”) and (2) used that data for purposes other than those contemplated by the Privacy Policy. Plaintiffs brought ten claims for relief, including claims for fraud, breach of contract, and invasion of privacy, and accompanying requests for injunctive and declaratory relief. The district court dismissed the amended complaint with prejudice under Federal Rule of Civil Procedure 12(b)(6), and Plaintiffs appealed. We have jurisdiction under 28 U.S.C. § 1291. We review Rule 12(b)(6) dismissals de novo, Ballinger v. City of Oakland, 24 F.4th 1287, 1292 (9th Cir. 2022), and we affirm. 1. Plaintiffs allege three related fraud claims under California’s various consumer protection statutes. See Cal. Civ. Code § 1709 (“section 1709”); Cal. Bus. & Prof. Code §§ 17200 et seq. (Unfair Competition Law or “UCL”); Cal. Civ. Code §§ 1750 et seq. (Consumer Legal Remedies Act or “CLRA”). To plead a fraud claim under any of these statutes, Plaintiffs must allege (among other elements) that Google made an actionable misrepresentation. Lazar v. Superior Ct., 909 P.2d 981, 984–85 (Cal. 1996) (section 1709); Durell v. Sharp Healthcare, 108 Cal. Rptr. 3d 682, 687, 697 (Ct. App. 2010) (UCL and CLRA). An actionable misrepresentation can result from either an affirmative misstatement of a material fact or an omission of a material fact. Hodsdon v. Mars, Inc., 891 F.3d 857, 861 (9th Cir. 2018); Durell, 108 Cal. Rptr. 3d at 697. 2 Google urges that it has not made an actionable misstatement or omission because it affirmatively disclosed the challenged data collection practices in its Privacy Policy. The Policy, which applies broadly to all Google’s products and services, explains that Google collects data about users’ “[a]ctivity on third-party sites and apps that use [Google’s] services.”1 The Policy defines Google’s “services” to include the “Android operating system.” Given that express definition of “services,” Google contends that by explaining it collects data on “thirdparty … apps that use [Google’s] services” it has sufficiently explained that Google collects activity data in third-party apps downloaded to Android devices because those third-party apps “use” the Android operating system. We agree. The district court, in its first dismissal order, rejected Google’s reading of the operative phrase “apps that use [Google’s] services” because, in its view, “it [wa]s at least as plausible that a reasonable consumer would read” the phrase to mean “apps ‘that require users to sign into Google services.’” When considering the operative complaint, the district court did not revisit its analysis of that phrase, explaining that it could not conclude that Plaintiffs were aware of and consented to 1 Plaintiffs also fault Google for using the data “in order to unfairly compete with rivals and develop competing products.” Google’s product development efforts fit comfortably within the Policy’s explanation that Google reserved the right to use the data to “[m]aintain & improve [its] services,” “[d]evelop new services,” and “[p]rovide personalized services, including content and ads.” Plaintiffs thus fail to state a claim based on any alleged misrepresentation regarding Google’s use of the data it collected. 3 its breadth. We review questions of contract interpretation de novo, Doe I v. WalMart Stores, Inc., 572 F.3d 677, 681 (9th Cir. 2009), and we disagree with the district court. Read in the context of the Policy as a whole, the phrase “apps that use [Google’s] services” unambiguously discloses Google’s collection of user activity data in third-party apps. Essential to the district court’s reasoning was its observation that under Google’s reading, “somewhat counterintuitively, every single app could be construed as an ‘app[] that use[s] our services’ because … the Policy defines Google’s services to include the operating system itself.” But where a contract expressly defines a term, we cannot reject that definition simply because it may deviate from our expectations. “The words of a contract are to be understood in their ordinary and popular sense … unless used by the parties in a technical sense, or unless a special meaning is given to them by usage, in which case the latter must be followed.” Cal. Civ. Code § 1644 (emphasis added); see also L.A. Lakers, Inc. v. Fed. Ins. Co., 869 F.3d 795, 801 (9th Cir. 2017). The Policy’s broad definition of “service” clearly includes the Android operating system, which all apps on an Android phone use. Nor, as Plaintiffs contend, does Google’s reading render the phrase “apps that use [Google’s] services” mere surplusage. The Privacy Policy, which applies to Google’s entire “range of services” used by “millions of people daily,” must be read 4 in context and construed as a whole. See Whittlestone, Inc. v. Handi-Craft Co., 618 F.3d 970, 975 n.2 (9th Cir. 2010) (quoting Cal. Civ. Code § 1641). While it is true that every third-party app on an Android device uses Google’s services because all such apps depend on the Android operating system, that is not necessarily true for every third-party app on other, non-Android devices. The Policy provides many other examples of Google services—including Maps, YouTube, and Chrome—that might just as easily be used, for example, on an iPhone or a laptop running Windows. Thus, the phrase “apps that use [Google’s] services” both (1) provides an important limitation on Google’s ability to collect data and (2) unambiguously applies to all third-party apps that use Android. Because Google disclosed the challenged data collection efforts in the Policy, Plaintiffs’ fraud claims fail to allege an actionable misrepresentation and were therefore properly dismissed. 2. Plaintiffs’ contract claims were correctly dismissed for the same reason. Under California law, a breach-of-contract claim has four elements: (1) existence of a contract, (2) plaintiff’s performance, (3) defendant’s breach, and (4) damages. In re Facebook, Inc. Internet Tracking Litig. (“Facebook Tracking”), 956 F.3d 589, 610 (9th Cir. 2020). Plaintiffs contend that Google breached the contract by collecting their activity data from third-party apps, but as explained above, the contract expressly contemplates such collection. Plaintiffs thus fail to state a claim 5 for breach of contract. And because the parties have an express contract governing the subject matter, Plaintiffs cannot seek to hold Google accountable for an implied contract in the alternative. “California courts have made clear that these two causes of action are mutually exclusive: ‘There cannot be a valid, express contract and an implied contract, each embracing the same subject matter, existing at the same time.’” Berkla v. Corel Corp., 302 F.3d 909, 918 (9th Cir. 2002) (quoting Wal-Noon Corp. v. Hill, 119 Cal. Rptr. 646, 650 (Ct. App. 1975)). 3. Google’s disclosure similarly precludes Plaintiffs’ claims for invasion of privacy under common law and the California Constitution.2 “Because of the similarity of the tests, courts consider the claims together and ask whether: (1) there exists a reasonable expectation of privacy, and (2) the intrusion was highly offensive.” Facebook Tracking, 956 F.3d at 601 (citing Hernandez v. Hillsides, Inc., 211 P.3d 1063, 1073 (Cal. 2009)). “[T]he relevant question” as to the first element “is whether a user would reasonably expect that [Google] would have access to the user’s individual data.” Id. at 602. Unlike Facebook Tracking, where the “privacy disclosures at the time allegedly failed to acknowledge” the challenged data collection practices, id., the Policy here expressly disclosed Google’s intention to track their activity on third-party apps. As a result, Plaintiffs have no reasonable 2 Because Plaintiffs did not appeal the dismissal of their claim under California’s Invasion of Privacy Act, we do not consider that claim. 6 expectation of privacy in that data.3 Their invasion of privacy claims were therefore properly dismissed. AFFIRMED. 3 That leaves only Plaintiffs’ claims for unjust enrichment and for injunctive and declaratory relief. Assuming an independent claim for unjust enrichment exists under California law, it cannot lie where the defendant has not committed some predicate actionable wrong. McBride v. Boughton, 20 Cal. Rptr. 3d 115, 121–22 (Ct. App. 2004) (“[R]estitution may be awarded where the defendant obtained a benefit from the plaintiff by fraud, duress, conversion, or similar conduct.”). Here, where Plaintiffs have identified no actionable wrong, their derivative claim for unjust enrichment claim fails, as do their claims for injunctive and declaratory relief. 7
Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You should read the full case before relying on it for legal research purposes.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.