Trans Union LLC et al v. Equifax Information Services LLC et al, No. 1:2017cv08546 - Document 52 (N.D. Ill. 2018)
Court Description: OPINION AND ORDER. Signed by the Honorable Sara L. Ellis on 6/19/2018:Mailed notice(rj, )
Download PDF
<![CDATA[
Trans Union LLC et al v. Equifax Information Services LLC et al Doc. 52 UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF ILLINOIS EASTERN DIVISION TRANS UNION LLC and TRANSUNION INTERACTIVE INC., Plaintiffs, v. EQUIFAX INFORMATION SERVICES LLC, EQUIFAX INC., and EQUIFAX CONSUMER SERVICES LLC f/k/a EQUIFAX CONSUMER SERVICES, INC., Defendants. ) ) ) ) ) ) ) ) ) ) ) ) ) No. 17 C 8546 Judge Sara L. Ellis OPINION AND ORDER Plaintiffs Trans Union LLC and TransUnion Interactive Inc. (collectively, “TransUnion”) have filed suit against Defendants Equifax Information Services LLC (“EIS”), Equifax Inc., and Equifax Consumer Services LLC (“ECS”), formerly known as Equifax Consumer Services, Inc., (collectively, “Equifax”) over a dispute regarding contract interpretation. The parties have contracted to share data at a certain price, which they amend from time to time, and they disagree over whether a specific pricing amendment applies to data sharing resulting from the major breach that Equifax suffered in the summer of 2017. Unsurprisingly, Equifax’s interpretation of the amendment results in it paying TransUnion less money that it would under TransUnion’s interpretation of the amendment. Equifax moves to dismiss, arguing that the plain language of their agreement precludes TransUnion’s suit and that Equifax Inc. is not a proper defendant. Because the Court finds that, at least for the purposes of this motion, the plain language of the agreement allows TransUnion’s suit to proceed, it denies Equifax’s motion to dismiss the Dockets.Justia.com complaint overall. However, the Court agrees that TransUnion’s claims do not apply to Equifax Inc., and so it grants Equifax’s motion to dismiss Equifax Inc. from the suit. BACKGROUND1 Equifax and TransUnion are two of the three major credit reporting agencies. The agencies provide consumer credit reports and identity theft protection products, including “3-in1” or “Tribureau” reports that pull information from all three of the national credit reporting bureaus. When a company is the victim of a data breach, it may contract with one of the credit reporting agencies to provide “3-in-1” monitoring to the company’s affected consumers. To facilitate this monitoring, EIS and TransUnion entered into a Reciprocal Data Supply Agreement, effective October 1, 2011 (the “Agreement”). The Agreement set forth pricing terms for various data products supplied between the two credit bureaus. One of the products covered by the Agreement is credit monitoring, which the parties supply to each other at an agreed and occasionally amended price on a per subscriber per month basis (the “Standard Rate”). The parties negotiated an amendment to the Agreement (the “Amendment”) that became effective on July 9, 2017. In the Amendment, the parties added a new product to the Agreement for credit monitoring specifically. The new product applied only for “subscriptions resulting from new breach events occurring after July 1, 2017.” Doc. 25 ¶ 5. The parties agreed to provide the new product at a significantly reduced price per subscriber per month (the “New Breach Rate”) for credit monitoring contracts with companies offering credit monitoring services to their customers or consumers after a data breach event. According to the Amendment, the New Breach Rate is “not to be retroactively applied nor applied to existing Consumers.” Id. 1 The facts in the background section are taken from TransUnion’s complaint and exhibits attached thereto and are presumed true for the purpose of resolving Equifax’s motion to dismiss. See Virnich v. Vorwald, 664 F.3d 206, 212 (7th Cir. 2011); Local 15, Int’l Bhd. of Elec. Workers, AFL-CIO v. Exelon Corp., 495 F.3d 779, 782 (7th Cir. 2007). 2 While the parties were negotiating and executing the Amendment, Equifax was in the midst of a massive data breach (the “Equifax Breach”) that lasted from mid-May through July 2017. On September 7, 2017, Equifax publicly announced that the breach occurred and that it first discovered the breach on July 29, 2017. Equifax also announced that it would offer all U.S. consumers a free one-year subscription to its TrustedID Premier monitoring product. Because the TrustedID Premier product includes 3-in-1 monitoring, Equifax must purchase credit monitoring from TransUnion to provide the service. A few days after Equifax’s announcement, TransUnion informed Equifax that the New Breach Rate did not apply to credit monitoring used as a result of the Equifax Breach because the breach commenced prior to July 1, 2017. As a result, TransUnion has billed credit monitoring services obtained for the Equifax Breach at the Standard Rate. Prior to the execution of the Amendment, Equifax used two Customer IDs for purchasing credit monitoring from TransUnion, one ending in 22 (the “22 Account”) and one ending in 26 (the “26 Account”). Additionally, prior to the execution of the Amendment, Equifax paid for TrustedID credit monitoring under the 26 Account. After announcing its free year-long subscription to TrustedID, Equifax began paying the New Breach Rate for all credit monitoring services incurred through the 26 Account, which included services other than those related to the Equifax Breach. In a phone call between TransUnion’s Vice President of Indirect Sales and Equifax’s Enterprise Alliance Manager, Equifax expressed that it intended to apply the New Breach Rate to credit monitoring services derived through the Equifax Breach. Equifax Inc. reaffirmed this intent in a letter dated November 20, 2017. In spite of the dispute between the credit bureaus over the proper rate, TransUnion has continued to provide credit monitoring services to Equifax. 3 LEGAL STANDARD A motion to dismiss under Rule 12(b)(6) challenges the sufficiency of the complaint, not its merits. Fed. R. Civ. P. 12(b)(6); Gibson v. City of Chicago, 910 F.2d 1510, 1520 (7th Cir. 1990). In considering a Rule 12(b)(6) motion to dismiss, the Court accepts as true all wellpleaded facts in the plaintiff’s complaint and draws all reasonable inferences from those facts in the plaintiff’s favor. AnchorBank, FSB v. Hofer, 649 F.3d 610, 614 (7th Cir. 2011). To survive a Rule 12(b)(6) motion, the complaint must not only provide the defendant with fair notice of a claim’s basis but must also be facially plausible. Ashcroft v. Iqbal, 556 U.S. 662, 678, 129 S. Ct. 1937, 173 L. Ed. 2d 868 (2009); see also Bell Atl. Corp. v. Twombly, 550 U.S. 544, 555, 127 S. Ct. 1955, 167 L. Ed. 2d 929 (2007). “A claim has facial plausibility when the plaintiff pleads factual content that allows the court to draw the reasonable inference that the defendant is liable for the misconduct alleged.” Iqbal, 556 U.S. at 678. ANALYSIS I. Interpretation of the Amendment The question at the heart of this motion is how to interpret a relatively short phrase in the Amendment: “for subscriptions resulting from new breach events occurring after July 1, 2017.” Equifax is emphatic that this phrase includes data breaches2 that began occurring before July 1 but continued occurring after July 1; TransUnion is equally emphatic that the phrase only includes data breaches that commenced after July 1. The parties agree that disputes regarding the Agreement and the Amendment are governed by Delaware law. Under Delaware law, the proper construction of a contract is purely a question of law. Rhone-Poulenc Basic Chems. Co. v. Am. Motorists Ins. Co., 616 A.2d 1192, 2 For the purposes of its motion, Equifax agrees with TransUnion’s definition of “breach event” as referring to the underlying data breach or intrusion, and so this is the definition that the Court will use. 4 1195 (Del. 1992). In light of this, courts may properly address the meaning of contract language on a motion to dismiss. See Allied Capital Corp. v. GC-Sun Holdings, L.P., 910 A.2d 1020, 1030 (Del. Ch. 2006). “[W]hen interpreting a contract, the role of a court is to effectuate the parties’ intent. In doing so, [the courts] are constrained by a combination of the parties’ words and the plain meaning of those words where no special meaning is intended.” AT&T Corp. v. Lillis, 953 A.2d 241, 252 (Del. 2008) (citation omitted) (internal quotation marks omitted). Delaware law requires that courts consider “what a reasonable person in the position of the parties would have thought the language of a contract means.” Lorillard Tobacco Co. v. Am. Legacy Found., 903 A.2d 728, 738 (Del. 2006). “‘Clear and unambiguous language . . . should be given its ordinary and usual meaning.’” Id. at 739 (quoting Rhone-Poulenc, 616 A.2d at 1195). The dispute here is whether a breach event that the parties agree (for the purposes of this motion) commenced before July 1, 2017 but continued to occur after July 1, 2017 could be considered a “new breach event occurring after July 1, 2017.” Under the plain language of the Amendment, the Court finds that the Equifax Breach could not be considered a “new breach event occurring after July 1, 2017.” The answer to this question turns on the application of the word “new” in the relevant language. A reasonable person in the position of the parties would interpret this to mean a breach event that does not occur until after July 1, 2017. Otherwise, it would be unnecessary for the parties to include the word “new.” See Zimmerman v. Crothall, 62 A.3d 676, 691 (Del. Ch. 2013) (“Courts . . . attempt to give meaning and effect to each word in a contract, assuming that the parties would not include superfluous verbiage in their agreement.”). If the Court read “new breach event occurring after July 1, 2017” to mean all breach events that 5 began prior to July 1 but continued to occur after July 1, the word “new” would have no meaning. Equifax stresses that the Amendment is silent as to when a breach event must begin. But this is not so: by qualifying that a breach event must be “new” as of July 1, 2017, the Agreement clearly timestamps when a breach event must begin in order to fall within the Agreement’s coverage. Equifax also focuses on the dictionary definition of “new.” “Under well-settled case law, Delaware courts look to dictionaries for assistance in determining the plain meaning of terms which are not defined in a contract.” Lorillard, 903 A.2d at 738. However, the Court finds that the definition favors TransUnion’s interpretation of the Amendment. According to Black’s Law Dictionary, “new” means “recently come into being” or “recently discovered.” Black’s Law Dictionary (10th Ed. 2014). Looking at Equifax’s preferred dictionary, “new” means “[p]roduced, introduced, or discovered recently or now for the first time; not existing before.” Oxford Dictionary, https://en.oxforddictionaries.com/definition/new (last visited June 15, 2018). Equifax, of course, favors the definitions of new that focus on the discovery of whatever is new, rather than the existence itself being new. But looking at the plain language of the Amendment, and what a reasonable person would understand it to mean in this context, the most logical interpretation of “new” in this context is a breach event that did not exist before. As noted, the parties agree that “breach event” refers to the actual event of the breach. The plain language of when a “new event occurs” refers to when the event first exists, not when someone later discovers that the event happened. If the focus of the adjective were instead on modifying the parties’ knowledge of breach events (“breach events new to Equifax,” for example), then Equifax’s definition would be sensible. However, in the context of the Amendment, the Court finds Equifax’s definition contrary to the plain language. 6 Equifax also tries to draw attention away from the word “new” in the Amendment by pointing to the word “occurring.” They argue that, had the parties wanted to limit the Amendment to breach events that had only started after July 1, 2017, they would have used a word such as “beginning” rather than “occurring.” The Court does not take issue with Equifax’s definition of “occurring,” and this would be a convincing argument, had the parties not included the word “new” to modify the type of breach event that they wanted the Amendment to cover. A new event that occurs after a certain date is just a different way to describe an event that has begun after a certain date. Although perhaps more wordy, its meaning is no different. Equifax has not demonstrated that, as a matter of law, the Amendment’s New Breach Rate applies to the Equifax Breach. As this is its only objection to TransUnion’s declaratory judgment and breach of contract claims, the Court denies Equifax’s motion regarding those claims. II. Anticipatory Repudiation Equifax raises an additional argument in its reply brief regarding TransUnion’s anticipatory repudiation claim. Equifax argues that its payments of the New Breach Rate for data received for the Equifax Breach constituted a good faith offer to perform in accordance with its interpretation of the Amendment, and so TransUnion has failed to state a claim for anticipatory repudiation. The Court declines to reach this argument, because Equifax has raised it for the first time in reply. See Dyson, Inc. v. Sharkninja Operating LLC, No. 14-cv-779, 2016 WL 4720019, at *1 (N.D. Ill. Sept. 9, 2016) (“Arguments raised for the first time in a reply brief are waived.”). In light of this, the Court also denies Equifax’s motion with regard to TransUnion’s anticipatory repudiation claim. 7 III. Equifax, Inc. Equifax also argues that TransUnion has failed to state a claim against Equifax Inc. because Equifax Inc. is not a signatory to the Agreement or Amendment, and therefore, the Court should dismiss Equifax Inc. from the complaint. TransUnion responds that Equifax Inc. implicitly adopted the Agreement, and alternatively, that it has pleaded sufficient facts to justify piercing the corporate veil and holding Equifax Inc. liable for the actions of its subsidiaries. First, the Court finds that TransUnion has not pleaded sufficient facts to show that Equifax Inc. implicitly adopted the Agreement. Generally, a defendant that is not a party to a contract cannot be sued for breach of that contract. Summit Investors II, L.P., v. Sechrist Indus., Inc., No. Civ.A. 19400, 2002 WL 31260989, at *5 (Del. Ch. Sept. 20, 2002). There are certain exceptions to this rule, however: a third party who has not signed a contract can later adopt that contract and become bound by it, if such adoption is contemplated in the contract. Am. Legacy Found. v. Lorillard Tobacco Co., 831 A.2d 335, 343–44 (Del. Ch. 2003). TransUnion does not argue that the Agreement or the Amendment contemplated such an arrangement with Equifax Inc., and so its argument that Equifax Inc. implicitly adopted the contract is unpersuasive. As a second basis for liability, TransUnion argues that it has pleaded sufficient facts to establish a basis for piercing the corporate veil and holding Equifax Inc. liable for its subsidiaries’ obligations. Fraud is not the only basis for piercing the corporate veil, but such an action is appropriate “only upon a showing of fraud or something like fraud,” and “it may be done only in the interest of justice, when such matters as fraud, contravention of law or contract, public wrong, or where equitable consideration[s] . . . are involved.” Mobil Oil Corp. v. Linear Films, Inc., 718 F. Supp. 260, 268 (D. Del. 1989) (citations omitted) (internal quotation marks omitted). Although any breach of contract is, in some sense, an injustice, this is not the type of 8 injustice contemplated. Id. TransUnion has not pleaded any facts that indicate that Equifax Inc. used the corporate form to perpetrate fraud or injustice, and so the Court rejects TransUnion’s argument that it has adequately supported piercing the corporate veil. Because TransUnion has not provided a sufficient basis on which the Court could hold Equifax Inc. liable for the Agreement or the Amendment, the Court grants this portion of Equifax’s motion to dismiss. Equifax urges that the Court grant its motion to dismiss with prejudice. However, the Court finds it appropriate to dismiss Equifax Inc. from the complaint without prejudice, because the deficiencies with TransUnion’s complaint against Equifax Inc. are potentially curable and TransUnion has only amended its complaint once before. See Bausch v. Stryker Corp., 630 F.3d 546, 562 (7th Cir. 2010) CONCLUSION For the foregoing reasons, the Court grants in part and denies in part TransUnion’s motion to dismiss [33]. Dated: June 19, 2018 ______________________ SARA L. ELLIS United States District Judge 9
]]>
Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You
should read the full case before relying on it for legal research purposes.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.
