Ramirez et al v. LexisNexis Risk Solutions, No. 1:2022cv05384 - Document 49 (N.D. Ill. 2024)

Court Description: MEMORANDUM OPINION AND ORDER Signed by the Honorable LaShonda A. Hunt on 4/8/2024. Emailed notice. (cdh, )

Download PDF
Ramirez et al v. LexisNexis Risk Solutions Doc. 49 IN THE UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF ILLINOIS EASTERN DIVISION Maria Fernanda Castellanos Ramirez, et al., Plaintiffs, Case No. 22 C 5384 v. Hon. LaShonda A. Hunt LexisNexis Risk Solutions, Defendant. MEMORANDUM OPINION AND ORDER Plaintiffs Maria Fernanda Castellanos Ramirez, Rosa Carrasco, Claudia Marchan Torres, (collectively, “Individual Plaintiffs”), along with Mijente Support Committee and Organized Communities Against Deportations (collectively, “Organizational Plaintiffs”), are self-described advocates for immigrants and immigration reform. Defendant LexisNexis Risk Solutions uses an online platform to collect and aggregate sensitive personal information about consumers in the United States that it sells to corporations, law enforcement, and government agencies. Plaintiffs allege that Defendant’s collection and sale of data without consent or compensation violates the privacy and consumer protection rights of Illinois residents. In this action, Plaintiffs have sued Defendant for violation of the Illinois Consumer Fraud and Deceptive Business Practices Act (“ICFA”) (Count I), unjust enrichment (Count II), intrusion upon seclusion (Count III), and declaratory relief (Count IV). Defendant moves to dismiss the complaint for failure to state a claim, and the Organizational Defendants for lack of standing. For the following reasons, the motion to dismiss [12] is granted. 1 1 Defendant contends that Plaintiffs have not named the proper entity as a defendant in this case. (Def. Mem. at 1, n.2, Dkt. 13). Because the Complaint is being dismissed, the Court need not address this issue. However, if Plaintiffs elect to file an amended complaint, they should name the proper defendant. 1 Dockets.Justia.com BACKGROUND According to the Complaint [Dkt. 1-1], Individual Plaintiffs are political activists and community organizers who have had sensitive information about their identities and locations compiled and sold by Defendant to public and private entities. Organizational Plaintiffs are membership-based community organizations focused on policy issues affecting immigrants. Both Individual Plaintiffs and Organizational Plaintiffs, on behalf of their members, maintain that Defendant is engaging in unfair business practices that subject them and vulnerable immigrant populations, in particular, to a heightened risk of targeting by law enforcement, identity theft, stalking, and other injuries. Defendant owns Accurint, an online database of public and non-public information about nearly every consumer in the United States. The data is organized into searchable dossiers that include names, addresses, emails, criminal histories, phone numbers, past jobs, former marriages, relatives, associates, motor vehicle information, bankruptcies, liens, judgments, real property records, social media information, and business and employment information. Most information is derived from public records, such as voter registration rolls, property records, and motor vehicle registrations, as well as other public sources, including newspapers, magazine articles, and telephone directories. However, information may be derived from private sources, such as utility accounts, cell phone records, or law enforcement records. Defendant sells access to the Accurint database to 400,000 public and private customers, including Immigration and Customs Enforcement (“ICE”). Plaintiffs fear that ICE can and will use Accurint to rapidly build a detailed dossier on individuals it may be targeting for deportation. Plaintiffs assert that by providing access to its database, Defendant is helping ICE circumvent state 2 and local laws, and thus Defendant’s partnership with ICE poses grave threat to their constitutional rights. Plaintiffs further allege that Defendant does not inform individuals about its data-collection activities, nor does it attempt to obtain their advance consent. Defendant provides limited opt-out measures, which require Defendant to only consider, but not necessarily approve, an individual’s request to opt-out of having their information included within the database. Defendant makes significant profits from the collection, aggregation, and sale of individuals’ personal information, while the affected individuals do not receive any compensation. As a result of Defendant’s practices, Plaintiffs allege that they have suffered, and continue to suffer, immediate and irreparable injuries, including the chilling of their core constitutional rights, violations of their rights to privacy, deprivations of the economic value of their own personal data, and injuries to their peace of mind and well-being. Defendant filed a motion to dismiss Plaintiffs’ complaint under Fed. R. Civ. P. 12(b)(6). The matter is fully briefed and ripe for ruling. LEGAL STANDARDS Rule 12(b)(6) permits a party to move for dismissal based on the opposing party’s failure to state a claim upon which relief can be granted. In determining whether a complaint states a claim, courts must accept all non-conclusory factual allegations as true. Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009). In addition, the Court must construe the complaint in the light most favorable to the plaintiff and draw all reasonable inferences in the plaintiff’s favor. Levy v. W. Coast Life Ins. Co., 44 F.4th 621, 626 (7th Cir. 2022). Applying these principals, a complaint will survive a motion to dismiss if it “states a plausible claim for relief.” Ashcroft, 556 U.S. at 679 (citing Bell Atl. Corp. v. Twombly, 550 U.S. 544, 556 (2007)). To state a plausible claim for relief, a complaint must 3 “permit the court to infer more than the mere possibility of misconduct[.]” Id. at 679. The movant has the ultimate burden to show that dismissal is warranted. Marcure v. Lynn, 992 F.3d 625, 631 (7th Cir. 2021). DISCUSSION Plaintiffs challenge Defendant’s practice of collecting and selling consumers’ information to federal immigration authorities and other entities for a profit. Plaintiffs argue that they have a right to control who has access to their personal information and a right to the economic value associated with such data. Defendant, on the other hand, asserts that it is engaged in a lawful business which benefits law enforcement and furthers public safety, and Plaintiffs’ claims are based on a nonexistent right to privacy. Having considered the pleadings and the arguments of the parties, the Court finds that the complaint fails to state a plausible claim and therefore is dismissed. I. Illinois Consumer Fraud and Deceptive Business Practices Act (Count I) To state a claim under the ICFA, plaintiff must typically allege with particularity that: “(1) the defendant undertook a deceptive act or practice; (2) the defendant intended the plaintiff rely on the deception; (3) the deception occurred in the course of trade and commerce; (4) actual damage to the plaintiff occurred; and (5) the damage complained of was proximately caused by the deception.” Bonilla v. Ancestry.com Operations Inc., 574 F. Supp. 3d 582, 595 (N.D. Ill. 2021) (quoting Davis v. G.N. Mortg. Corp., 396 F.3d 869, 883 (7th Cir. 2005)). Here, Plaintiffs claim that Defendant violated the ICFA by aggregating and selling their personal information without consent or compensation. Defendant argues that Plaintiffs’ ICFA claim fails for three reasons: (1) Plaintiffs cannot establish the required standing to sue under the ICFA; (2) Plaintiffs fail to 4 allege any conduct by Defendant that would constitute an unfair business practice; and (3) Plaintiffs have not pled actual damages. The Court agrees. A. Standing To have standing to bring a claim under the ICFA, a plaintiff must either be a consumer or satisfy the consumer nexus test. Hanley v. XL Towing & Storage, Inc., No. 21C2256, 2023 WL 4298818, at *4 (N.D. Ill. June 30, 2023). “Under the ICFA, a consumer is ‘any person who purchases or contracts for the purchase of merchandise not for resale in the ordinary course of his trade or business but for his use or that of a member of his household.’” Thrasher-Lyon v. Ill. Farmers Ins. Co., 861 F. Supp. 2d 898, 910 (N.D. Ill. 2012) (citing 815 ILCS 505/1(e)). Plaintiffs do not suggest that they fit within the definition of a consumer as defined by the ICFA; however, they do contend that they satisfy the consumer nexus test. Two formulations of the consumer nexus test have been discussed by courts in this district. The Illinois Supreme Court has not opined on which version is correct, and the parties dispute which test should apply here. Plaintiffs propose a broader reading that would require them to show trade practices directed towards the market generally or conduct that otherwise implicates consumer protection concerns. (Pls.’ Resp. at 6, Dkt. 31 (citing Frazier v. U.S. Bank Nat. Ass’n, No. 11C8775, 2013 WL 1385612, at *4 (N.D. Ill. Apr. 4, 2013))). In contrast, Defendant urges the Court to use a more demanding four-factor analysis. (Def. Mem. at 5 (citing Roppo v. Travelers Cos., 100 F. Supp. 3d 636, 651 (N.D. Ill. 2015))). The Court need not resolve their disagreement, though, as Plaintiffs’ allegations fall short under either test. Frazier, the case cited by Plaintiffs, states that the consumer nexus test is established by showing trade practices are directed to the market generally. See Frazier, 2013 WL 1385612, at *4 (citing Athey Prod. Corp. v. Harris Bank Roselle, 89 F.3d 430, 438 (7th Cir. 1996)). Plaintiffs claim that standard is satisfied here because Defendant maintains a dossier on “anyone who has a 5 consumer footprint in the United States.” (Pls.’ Resp. at 6). The Court is not persuaded. In an analogous situation, a plastic surgeon contended that multiple insurers’ scheme of failing to pay interest rates on late-paid and unpaid bills was directed to the market generally because it impacted “every patient and provider in the entire Illinois healthcare market.” Beatty v. Accident Fund Gen. Ins. Co., No. 17C1001, 2018 WL 3219936, at *10 (S.D. Ill. July 2, 2018). The district court rejected that contention, explaining that “while the insurers conduct may have repercussions for Illinois consumers,” the conduct targeted medical providers only, not the market generally. Id. Likewise, while Defendant’s conduct here of collecting and selling personal information of Illinois consumers may have repercussions for those individuals, Defendant’s acts are targeted towards consumers of its products, which Plaintiffs themselves allege are 400,000 entities including private corporations, government agencies, and law enforcement agencies. A plaintiff may also satisfy the consumer nexus test by pointing to conduct that otherwise implicates consumer protection concerns. “To establish an implication of consumer concerns, a plaintiff must plead the following: ‘(1) that [its] actions were akin to a consumer’s actions to establish a link between [it] and consumers; (2) how defendant’s representations . . . concerned consumers other than [plaintiff]; (3) how defendant’s particular [action] involved consumer protection concerns; and (4) how the requested relief would serve the interests of consumers.’” Thrasher-Lyon, 861 F. Supp. 2d at 912. Defendant argues that Plaintiffs do not meet these stringent requirements. Relying on a data breach case, Plaintiffs respond that they have shown that Defendant’s conduct harms consumers, and therefore, implicates consumer protection consumers. (Pls.’ Resp. at 6 (citing In re Michaels Store Pin Pad Litig., 830 F. Supp. 2d 518 (N.D. Ill. 2011))). In Michaels, the district court found the plaintiffs had sufficiently alleged an unfair practice where they claimed 6 defendants violated established security standards related to the protection of consumer financial information and, as a result, plaintiffs’ financial information was stolen. Id. at 525. Notably, the parties in Michaels did not dispute whether the plaintiffs qualified as consumers under the ICFA or satisfied the consumer nexus test. Thus, Plaintiffs’ reliance on Michaels is misplaced. Instead, the Court must look to more applicable cases—namely those alleging “practices designed to mislead consumers about a competitor, or an implication of public health, safety, or welfare issues.” Credit Ins. Consultants, Inc. v. Gerling Glob. Reinsurance Corp. of Am., 210 F Supp. 2d 980, 985 (N.D. Ill. 2002). Plaintiffs have not plausibly alleged that any of those relevant factors are present. For example, in YCB Int’l, Inc. v. UCF Trading Co., Ltd., the district court found allegations that defendant delivered counterfeit and inferior ball bearings which were subsequently incorporated into vehicles and sold to consumers sufficient. No. 09C7221, 2010 WL 4781871, at *5 (N.D. Ill. Nov. 10, 2010). And in Stickle Enters., Ltd. v. CPC Int’l, Inc., the district court found allegations that defendant had promoted the sale of contaminated animal feed which would have resulted in carcinogenic material being introduced into the food chain implicated consumer protection concerns. No. 96C3123, 1997 WL 767301, at *4 (N.D. Ill. Dec. 3, 1997). Unlike those cases, Plaintiffs do not allege that Defendants are engaging in false or illegal or misleading activity. Indeed, Plaintiffs do not cite any case where an alleged infringement of the right to privacy by sharing available consumer information constituted a public health, safety, or welfare issue. Plaintiffs’ contention that Defendant is engaged in a “massive and systematic exploitation of consumers’ personal information” (Pls.’ Resp. at 6) is similar to the argument rejected in Garvey v. Citizens for Rauner, Inc., No. 18C7919, 2020 WL 13512715 (N.D. Ill. Sept. 3, 2020). There, the plaintiff contended that making prerecorded voicemails in violation of the Telephone 7 Consumer Protection Act implicated consumer protection concerns because those voicemails were “an important issue that involved the entire country including citizens and businesses in the State of Illinois.” Id. at *1, 4. The district court soundly rejected that contention, reasoning that if the plaintiff’s allegations “were enough to bring the claim with the ambit of the ICFA . . . the ICFA would apply to nearly all commercial transactions, a result contrary to the intent of the legislature.” Id. (internal citations omitted). The same reasoning applies here—allegations that Plaintiffs may ultimately be affected by Defendant’s actions do not establish an automatic consumer nexus. Accordingly, Plaintiffs have not established standing under the ICFA. B. Unfair Business Practice Turning to the substantive elements of Plaintiffs’ ICFA claim, Defendant argues that Plaintiffs do not allege any conduct by Defendant that would constitute an unfair business practice. “To determine whether a practice is unfair under the ICFA, the court considers whether the practice offends public policy, whether it is immoral, unethical, oppressive, or unscrupulous, and whether it causes substantial injury to consumers.” Michaels, 830 F. Supp. 2d at 525. Plaintiffs contend that Defendant’s conduct violates several of these standards. First, Plaintiffs argue that Defendant’s conduct causes substantial injury to consumers by violating “quintessential privacy rights.” (Pls.’ Resp. 8-9). Plaintiffs do not identify any specific privacy rights which were violated; instead, they cite to a non-binding case interpreting California law. (Pls.’ Resp. at 9 (citing Brooks v. Thompson Reuters Corp., No. 21C1418, 2021 WL 3621837 (N.D. Cal. 2021))). In Brooks, the court concluded that defendant’s unauthorized sale of plaintiffs’ private and personal information constituted an unfair business practice under the California Unfair Competition Law. In its decision, the court relied on the Supreme Court holding that “both the common law and the literal understandings of privacy encompass the individual’s control of information concerning his or her person,” the right to privacy as defined by the California 8 constitution, and the California Consumer Privacy Act. Id. at *8 (citing U.S. Dep’t of Just. v. Reps. Comm. for Freedom of Press, 489 U.S. 749, 763 (1989) and Cal. Const. art. 1, § 1). Like the Brooks court, the Seventh Circuit has acknowledged that the common law recognizes “some right to privacy that encompasses the individual’s control of information concerning his or her person.” See Crabtree v. Experian Info. Sols., Inc., 948 F.3d 872, 879-80 (7th Cir. 2020) (citing Reporters Comm. for Freedom of Press, 489 U.S. at 763) (internal citation omitted). Under common law, an invasion of the right to privacy has traditionally encompassed four distinct torts: intrusion upon seclusion, appropriation of another person’s name or likeness, publicity given to another person’s private life, and publicity that places one in a false light. Nabozny v. Optio Sols. LLC, 84 F.4th 731, 735 (7th Cir. 2023) (citing Restatement (Second) of Torts § 652A (Am. Law Inst. 1977)). Here, only one of the four privacy torts is implicated; however, as discussed infra, Plaintiffs fail to state a claim for intrusion upon seclusion. The Illinois Constitution also provides a right to privacy. “The constitutional right to privacy is not absolute, as only unreasonable invasions of privacy are constitutionally forbidden.” People v. Hollins, 2012 IL 112754, ¶ 31. Still, that right extends to personal medical information and financial information. See Kunkel v. Walton, 179 Ill. 2d 519, 539 (1997); A.G. Edwards, Inc. v. Sec’y of State, Dep’t of Sec. of State of Ill., 331 Ill. App. 3d 1101, 1109 (5th Dist. 2002). But Plaintiffs have not identified any case where the Illinois constitutional right to privacy has been applied to the type of information at issue in this case. Quite the opposite, Illinois courts have found that this type of consumer data is not private. See Busse v. Motorola, Inc., 351 Ill. App. 3d 67, 72 (1st Dist. 2004) (finding that names, telephone numbers, addresses, and social security numbers were not private facts). Thus, Plaintiffs have failed to plausibly allege that Defendant violated their “quintessential privacy rights.” 9 Plaintiffs also contend that Defendant’s conduct upends state and local policies intended to protect immigrant communities, including the Illinois Trust Act, Cook County’s Detainer Ordinance, and Chicago’s Welcoming City Ordinance. (Pls.’ Resp. at 10-11). The Illinois Trust Act prohibits state law enforcement agencies and officials from detaining an individual solely on the basis of an immigration detainer. The Cook County Detainer Ordinance provides that the Cook County Sheriff shall decline ICE detainer requests unless there is a written agreement where the federal government agrees to reimburse all costs incurred. Chicago’s Welcoming City Ordinance codified local policies to help ensure undocumented residents are not prosecuted solely due to their immigration status. In no way, though, do these state and local policies prohibit the monetizing of consumer data. Additionally, Plaintiffs maintain that Defendant’s conduct undermines the public policy goals of the Illinois Personal Information Protection Act (“PIPA”), but as Plaintiffs state in their own words, “[t]he PIPA sets forth detailed steps data collectors must take when ‘personal information’ is breached.” (Pls.’ Resp. at 11). In other words, PIPA does not in any way prohibit Defendant from collecting and tracking data as Plaintiffs allege. Next, Plaintiffs argue that Defendant engages in oppressive or immoral conduct because consumers have “no meaningful opportunity to escape [Defendant’s] data creeping, collecting, and selling.” (Pls.’ Resp. at 12). This argument, however, is belied by the allegations in Plaintiffs’ complaint about the limited opt-out measures Defendant provides. Plaintiffs attempt to rely on Centerline Equip. Corp. v. Banner Pers. Serv., Inc., which found that the practice of sending unsolicited faxes was oppressive because it imposed a lack of meaningful choice. 545 F. Supp. 2d 768, 780 (N.D. Ill. 2008). But the fact that Defendant offers an opt-out option makes this case more like W. Ry. Devices Corp. v. Lusida Rubber Prod., Inc., where the court found that sending 10 unsolicited faxes was non-oppressive because the sender included a “remove” number on the faxes. No. 06C0052, 2006 WL 1697119, at *5 (N.D. Ill. June 13, 2006). Accordingly, Plaintiffs have failed to allege that Defendant engaged in any unlawful business practice. C. Actual Damages Lastly, Defendant argues that Plaintiffs’ ICFA claim fails because Plaintiffs have not alleged actual damages. “The ICFA requires the plaintiff to show they suffered ‘actual damage’ due to defendant’s violation of the act.” Nelson v. Ashford Univ., LLC, No. 16C3491, 2016 WL 4530325, at *3 (N.D. Ill. Aug. 29, 2016) (citing Camasta v. Jos. A. Bank Clothiers, Inc., 761 F.3d 732, 739 (7th Cir. 2014)). The actual damage element of a private ICFA action requires that the plaintiff suffer “actual pecuniary loss.” Kim v. Carter’s Inc., 598 F.3d 362, 365 (7th Cir. 2010). Here, Plaintiffs allege that they lost money because their personal data has economic value and that, but for Defendant’s violation of law, Defendant would have either paid Plaintiffs for consent to sell their data or ceased the sale of their data. But damages under the ICFA are determined by looking at the loss to the plaintiff, not the gain to the defendant. Frye v. L’Oreal USA, Inc., 583 F. Supp. 2d 954, 957 (N.D. Ill. 2008). In Nelson, the plaintiff alleged she received more than 50 unsolicited calls from the defendant, which resulted in increased usage of her telephone services and diminished storage data. 2016 WL 4530325, at *3. The district court found that the plaintiff failed to allege any actual economic harm because the calls did not result in “any monetary costs that would not have otherwise occurred.” Id. Like the plaintiff in Nelson, Plaintiffs here do not allege that the sale of their personal data has caused such a result either. 11 Plaintiffs further allege that they have suffered, and will continue to suffer, other forms of injury, including anxiety, mental anguish, loss of privacy, and threats to public safety. However, emotional damages are not sufficient to plead actual damages as required by the ICFA. Nelson, 2016 WL 4530325, at *3. Plaintiffs thus have not alleged any actual, economic damages stemming from Defendant’s conduct. Because Plaintiffs have not adequately pled an ICFA claim, Count I of the complaint is dismissed. II. Intrusion Upon Seclusion (Count III) “The elements of an intrusion upon seclusion claim under Illinois law are: ‘(1) an unauthorized intrusion or prying into a plaintiff’s seclusion; (2) the intrusion would be highly offensive or objectionable to a reasonable person; (3) the matters upon which the intrusion occurred were private; and (4) the intrusion caused anguish and suffering.”’ Bonilla, 574 F. Supp. 3d at 596 (quoting Vega v. Chi. Park Dist., 958 F. Supp. 2d 943, 959 (N.D. Ill. 2013)). “It is the intrusion itself that creates liability, not any subsequent publication or disclosure.” In re Trans Union Corp., Priv. Litig., 326 F. Supp. 2d 893, 901 (N.D. Ill. 2004). Defendant argues that Plaintiffs have failed to allege any facts necessary to support a claim for intrusion upon seclusion. The Court agrees. A. Unauthorized Intrusion Examples of unauthorized intrusion include “invading someone’s home; an illegal search of someone’s shopping bag in a store; eavesdropping by wiretapping; peering into the windows of a private home; and persistent and unwanted telephone calls.” Dinerstein v. Google, LLC, 484 F. Supp. 3d 561, 594 (N.D. Ill. 2020) aff’d as modified, 73 F.4th 502 (7th Cir. 2023) (quoting Lovgren 12 v. Citizens First Nat. Bank of Princeton, 126 Ill. 2d 411, 417 (1989)). Here, Plaintiffs allege Defendant intruded by collecting, aggregating, and using their sensitive personal and private data. Similarly, the plaintiffs in Trans Union alleged the defendant accessed, disclosed, and sold their private financial, credit, and other confidential information without their knowledge or consent. 326 F. Supp. 2d at 901. The court found that because the plaintiffs had voluntarily disclosed their information to third party creditors who subsequently and lawfully transmitted their information to the defendant, there was no unlawful intrusion. Id. Although Plaintiffs here also do not allege that Defendant unlawfully obtained their data, they try to distinguish Trans Union by arguing that those plaintiffs could have logically assumed that their creditors would provide their information to the defendant, a credit reporting agency. (Pls.’ Resp. at 16). This distinction, however, is insignificant. In Dinerstein, the court found that the plaintiffs failed to state an intrusion upon seclusion claim where a university disclosed lawfully obtained personal health information to Google for research purposes. 484 F. Supp. 3d at 594. Similarly, in Bonilla, the court found that the plaintiff failed to allege an unauthorized intrusion where there were no allegations that the defendant took the plaintiffs’ yearbook information from the owners of the yearbook without permission. 574 F. Supp. 3d at 597. Neither Dinerstein nor Bonilla involved a connection between the defendant and the third party such that the plaintiffs could have expected that their information would be disclosed; nevertheless, those courts still found that plaintiffs failed to allege an unauthorized intrusion. The same is true here. B. Highly Offensive or Objectionable Next, Defendant argues that Plaintiffs have pled no facts regarding any conduct that would be viewed as “highly offensive or objectionable to a reasonable person.” (See Def. Mem. at 12- 13 13). In response, Plaintiffs fault Defendant for not citing any case law in support of its argument. Plaintiffs, however, also fail to cite any legal authority to show that the alleged intrusion was highly offensive and objectionable. Instead, Plaintiffs rely on conclusory allegations in their complaint. (See Pls.’ Resp. at 17 (citing Compl. ¶ 17 “records ‘amasse[d] . . . from the most intimate corners of [Plaintiffs’] lives[,]’” ¶ 18 “collection is done surreptitiously and non-consensually”)). But these allegations do not demonstrate that Defendant collected the information at issue by “prying” into Plaintiffs’ “zone of solitude.” See Horgan v. Simmons, 704 F. Supp. 2d 814, 822 (N.D. Ill. 2010). Thus, Plaintiffs have failed to show that the intrusion was highly offensive to a reasonable person. See Bonilla, 574 F. Supp. 3d at 597 (finding that plaintiff failed to show that the intrusion—the collection of plaintiffs’ information from a yearbook—was highly offensive). C. Private Information Finally, Defendant argues that Plaintiffs’ intrusion upon seclusion claim fails because the information Plaintiffs allege was intruded upon was not private. Under Illinois law, matters of public record, such as a name, address, date of birth, and fact of marriage are not private facts that give rise to a claim for intrusion upon seclusion. Bonilla, 574 F. Supp. 3d at 597; see also Busse, 351 Ill. App. 3d at 72 (finding that names, telephone numbers, addresses, and social security numbers were not private facts). Conversely, “[e]xamples of private facts include ‘family problems, romantic interests, sex lives, health problems, future work plans and criticism of [an employer].’” Vega, 958 F. Supp. 2d at 959 (citing Busse, 351 Ill. App. 3d at 72). Though Plaintiffs argue that much of the data Defendant collects comes from non-public sources, the information Plaintiffs allege Defendant obtains from those non-public sources, including “current and previous 14 addresses, social security numbers, previously used names (e.g., aliases, maiden names, or previous married names), birth dates, and/or telephone numbers[,]” is not considered private. Accordingly, Plaintiffs have not adequately pled intrusion upon seclusion and Count III of the complaint is dismissed. III. Unjust Enrichment (Count II) As a threshold matter, Defendant argues that Illinois law does not permit a freestanding unjust enrichment claim, and therefore Plaintiffs’ unjust enrichment claim fails along with the ICFA and intrusion upon seclusion claims. (Def. Mem. at 8 (citing Horist v. Sudler & Co., 941 F.3d 274, 281 (7th Cir. 2019))). Defendants are correct. “Unjust enrichment is not a separate cause of action under Illinois law.” Dinerstein, 484 F. Supp. 3d at 595. “[I]f an unjust enrichment claim rests on the same improper conduct alleged in another claim, then the unjust enrichment claim will be tied to this related claim—and, of course, unjust enrichment will stand or fall with the related claim.” Id. (citing Cleary v. Philip Morris Inc., 656 F.3d 511, 517 (7th Cir. 2011)). Like Plaintiffs’ ICFA and intrusion upon seclusion claims, Plaintiffs’ unjust enrichment claim alleges that Defendant obtained a benefit by using and profiting from the collection and aggregation of Plaintiffs’ personal data without consent and compensation. Because that is the same allegedly improper conduct as alleged in their ICFA and intrusion upon seclusion claims, it cannot stand. Defendant also argues that Plaintiffs’ unjust enrichment claim also fails because Plaintiffs do not allege the required elements. “To state a cause of action for unjust enrichment, a plaintiff must establish: ‘(1) the defendant has unjustly retained a benefit to the plaintiff’s detriment, and (2) the defendant’s retention of the benefit violates the fundamental principles of justice, equity, and good conscience.”’ MetroPCS v. Devor, 215 F. Supp. 3d 626, 634-35 (N.D. Ill. 2016) (quoting HPI Health Care Servs., Inc. v. Mt. Vernon Hosp., Inc., 131 Ill. 2d 145, 137 (1989)). Plaintiffs are 15 not seeking to recover proceeds given by them to Defendant. Instead, Plaintiffs seek to recover a benefit that was provided to Defendant by a third party, namely the profits Defendant received from the sale of Plaintiffs’ data. To plead a unjust enrichment claim based on third-party behavior, a plaintiff must show “(1) the benefit should have been given to the plaintiff, but the third party mistakenly gave it to the defendant instead, (2) the defendant procured the benefit from the third party through some type of wrongful conduct, or (3) the plaintiff for some other reason had a better claim to the benefit than the defendant.” HPI Health, 131 Ill. 2d at 161-62 (internal citations omitted). Plaintiffs argue that Defendant procured the benefit from the third parties through wrongful conduct. Specifically, Plaintiffs argue that Defendant’s conduct violates the ICFA and is tortious, presumably referring to their intrusion upon seclusion claim. However, as addressed supra, Plaintiffs have not plausibly alleged that Defendant’s conduct violates the ICFA or constitutes intrusion upon seclusion. Plaintiffs go a step further, arguing that even if Defendant’s conduct does not violate the law, it “deeply violates privacy and is therefore wrong and unjust.” (Pls.’ Resp. at 14). This argument also fails because, as discussed above, under Illinois law, the right to privacy has not been extended to the type of information at issue in this case. Plaintiffs also try to establish a claim for unjust enrichment based on third party behavior by asserting that they have a better claim to the value of their data than Defendant because Defendant obtained the profits through acts constituting intrusion upon seclusion and unfair business practices. (Id.). The Court disagrees. Plaintiffs cannot rely on their failed claims to establish that they have a better claim to the value of their data than Defendant. Furthermore, the case law demonstrates that Plaintiffs simply do not have a better claim to their data than Defendant. In Dwyer v. Am. Exp. Co., credit cardholders filed suit against credit 16 card companies, alleging that the companies categorized and ranked the cardholders based on their spending habits and sold the information to third party merchants. 273 Ill. App. 3d 742, 743 (1st Dist. 1995). The court affirmed the dismissal of the cardholders’ claims, reasoning that the cardholders’ information had “little or no intrinsic value” absent association with the defendants’ list. Id. at 749. The court explained that the defendants “create[d] value by categorizing and aggregating” the cardholders’ information. Id. Additionally, the court stated that the defendants’ practices did not deprive the cardholders of any value of their information. Id. The same reasoning and result apply here. Accordingly, Plaintiffs’ unjust enrichment claim fails and Count II of the complaint is dismissed. IV. Declaratory Relief (Count IV) Defendant argues that Plaintiffs’ declaratory relief claim fails because it is duplicative of the relief sought by Plaintiffs’ other claims. “It is well settled that federal courts have discretion to decline to hear a declaratory judgment action, even though it is within their jurisdiction.” Lineas Aereas Comerciales S.A. de C.V. v. Jet Support Servs., No. 17 C 8666, 2020 WL 1974377, at *18 (N.D. Ill. Apr. 24, 2020) (quoting Tempco Elec. Heater Corp v. Omega Eng’g, Inc., 819 F.2d 746, 747 (7th Cir. 1987) (internal quotations omitted)). Courts regularly exercise this discretion to dismiss declaratory judgment claims that fail to add anything not already raised in other claims. Id. (citing Lansing v. Carroll, 868 F. Supp. 2d 753, 764 (N.D. Ill. 2012)). The allegations in Count IV are very barebones. Plaintiffs do not include any specific factual allegations related to their claim for declaratory relief; rather, Plaintiffs focus on citing the Court’s authority to grant 17 declaratory relief. Therefore, the Court exercises its discretion and Count IV of the complaint is dismissed. V. Organizational Plaintiffs Standing In addition to the substantive arguments challenging Plaintiffs’ causes of action, Defendant also argues that the Organizational Plaintiffs do not meet the requirements of associational standing necessary to state claims on behalf of their members. “An organization has associational standing, and may bring suit on behalf of its members, when (1) its members would otherwise have standing to sue in their own right, (2) the interests it seeks to protect are germane to the organization’s purpose, and (3) neither the claims asserted, nor the relief requested, requires the participation of individual members in the lawsuit.” Disability Rts. Wis., Inc. v. Walworth Cnty. Bd. of Supervisors, 522 F.3d 796, 801-02 (7th Cir. 2008) (citing Hunt v. Wash. State Apple Adver. Comm’n, 432 U.S. 333, 343 (1977)). The parties’ dispute whether the third element is met. Defendant argues that participation of individuals members of the organizations will be required to determine, for example, whether an individual member’s information was unlawfully obtained by Defendant and whether the member is a consumer under the ICFA. Plaintiffs assert, however, that Defendant’s argument “rests on an apparent confusion regarding the relief” sought by the Organizational Plaintiffs, as the Organization Plaintiffs are only seeking declaratory and injunctive relief—not damages. (Pls.’ Resp. at 19). “[W]hether an association has standing to invoke the court’s remedial powers on behalf of its members depends in substantial measure on the nature of the relief sought.” Warth v. Seldin, 422 U.S. 490, 515 (1975). Because the Organization Plaintiffs are only seeking declaratory and injunctive relief, it is likely that individual members will not be required to participate in the lawsuit. See Duncan Place Owners Ass’n v. Danze, Inc., No. 15 C 01662, 2015 WL 5445024, at *3 (N.D. Ill. Sept. 15, 2015) (“Because 18 declaratory, injunctive, or other prospective relief will usually inure to the benefit of the members[,] actually injured individualized proof of damages is often unnecessary, raising no need for member participation in a lawsuit prosecuted by a representative association.”) (internal quotations omitted). However, the Court has already found that each of Plaintiffs’ claims fail, and the presumption of association standing based on the type of relief sought does not alter that analysis. CONCLUSION For all the reasons stated above, Defendant’s Motion to Dismiss the Complaint [12] is granted. Plaintiffs are granted leave to file an amended complaint consistent with this ruling by 4/29/24. Otherwise, this case will be closed. DATED: April 8, 2024 ENTERED: LaShonda A. Hunt United States District Judge 19

Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You should read the full case before relying on it for legal research purposes.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.