Hatch v. LexisNexis Risk Solutions, Inc. et al, No. 3:2019cv00449 - Document 36 (W.D.N.C. 2020)

Court Description: ORDER denying Defendants LexisNexis Claims Solutions, Inc., LexisNexis Coplogic Solutions, Inc., LexisNexis Risk Solutions, Inc., PoliceReports.US, LLC 28 Motion to Dismiss. Signed by District Judge Kenneth D. Bell on 3/2/2020. (tmg)

Download PDF
IN THE UNITED STATES DISTRICT COURT FOR THE WESTERN DISTRICT OF NORTH CAROLINA CHARLOTTE DIVISION CIVIL ACTION NO. 3:19-CV-00449-KDB-DCK JOHNATHAN HATCH, Plaintiff, v. ORDER LEXISNEXIS RISK SOLUTIONS, INC.; LEXISNEXIS CLAIMS SOLUTIONS, INC.; POLICEREPORTS.US, LLC; AND LEXISNEXIS COPLOGIC SOLUTIONS, INC., Defendants. THIS MATTER is before the Court on Defendants’ Motion to Dismiss the Amended Complaint (Doc. No. 28). Plaintiff’s Amended Complaint alleges that Defendants violated the Driver’s Privacy Protection Act, 18 U.S.C. § 2721 et seq. (“DPPA”) by knowingly obtaining protected personal information from motor vehicle records and then selling that information to law firms and others who Defendants knew would use that information to send unsolicited marketing materials and advertisements. (See, e.g., Doc. No. 2 at ¶¶ 23, 32, 43). Defendants move to dismiss Plaintiff’s claims on the grounds that the Amended Complaint fails to sufficiently allege that Plaintiff’s protected personal information was obtained from a “motor vehicle record” under the DPPA because, they argue, a driver’s license is not a “motor vehicle record” on the facts alleged by Plaintiff. The Court has carefully considered the motion, the parties’ briefs and the Amended Complaint. For the reasons discussed below, the Court will DENY the motion. 1 I. LEGAL STANDARD A motion to dismiss under Federal Rule of Civil Procedure 12(b)(6) for “failure to state a claim upon which relief can be granted” tests whether the complaint is legally and factually sufficient. See Fed. R. Civ. P. 12(b)(6); Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009); Bell Atl. Corp. v. Twombly, 550 U.S. 544, 570 (2007); Coleman v. Md. Court of Appeals, 626 F.3d 187, 190 (4th Cir. 2010), aff'd, 566 U.S. 30 (2012). In evaluating whether a claim is stated, “[the] court accepts all well-pled facts as true and construes these facts in the light most favorable to the plaintiff,” but does not consider “legal conclusions, elements of a cause of action, ... bare assertions devoid of further factual enhancement[,] ... unwarranted inferences, unreasonable conclusions, or arguments.” Nemet Chevrolet, Ltd. v. Consumeraffairs.com, Inc., 591 F.3d 250, 255 (4th Cir. 2009). Construing the facts in this manner, a complaint must only contain “sufficient factual matter, accepted as true, to state a claim to relief that is plausible on its face.” Id. Thus, a motion to dismiss under Rule 12(b)(6) determines only whether a claim is stated; “it does not resolve contests surrounding the facts, the merits of a claim, or the applicability of defenses.” Republican Party v. Martin, 980 F.2d 943, 952 (4th Cir. 1992). II. FACTS AND PROCEDURAL HISTORY Plaintiff Johnathan Hatch was driving his car on September 13, 2015 and became involved in a motor vehicle accident. (Doc. 2 at ¶ 37). An officer of the Charlotte-Mecklenburg Police Department (“CMPD”) responded to the scene to investigate. (Id. at ¶ 38). When he arrived, the officer asked for and received Plaintiff’s North Carolina driver’s license. (Id. at ¶ 38) The officer then used Plaintiff’s driver’s license or a DMV database of driver’s license information to enter Plaintiff’s name, address, date of birth and driver’s license number into a computer program, which 2 generated a North Carolina standard form accident report, known as a DMV-349. (Id. at ¶¶ 16, 39, 48(a)). The officer also confirmed with Plaintiff that the information shown on his driver’s license was correct and checked the box on the DMV-349 report indicating that Plaintiff’s actual address matched the address on his driver’s license. (Id. at ¶ 40). The officer then filed the DMV-349 for the accident with CMPD, which filed the report with the North Carolina Division of Motor Vehicles (“DMV”). (Id. at ¶ 41). Defendants are data aggregation and distribution companies that, among other activities, collect and resell motor vehicle accident reports throughout the country, including in North Carolina. (Id. at ¶¶ 23-24). Plaintiffs allege that Defendant PoliceReports.US, LLC (“PRUS”) had a contract with CMPD to purchase accident reports to resell to others, and, under that contract, the DMV-349 containing Plaintiff’s unredacted personal information was sold to Defendants and uploaded to a website from which it was then sold to Davis & Gelshenen, LLP and other personalinjury law firms for marketing purposes. (Id. at ¶¶ 6, 23, 25, 35, 42-46). Those law firms in turn sent Plaintiff unsolicited advertisements for legal services related to the accident. (Id. at ¶¶ 49, 55) Plaintiff filed this putative class action on September 12, 2019 asserting a private cause of action under the DPPA, 18 U.S.C. §2724, and seeking monetary and injunctive relief under that statute. III. DISCUSSION The DPPA was enacted in 1994 to “limit the release of an individual's personal information contained in his [or her] driver's license record to those who had a legitimate and lawful need for the information.” Kehoe v. Fidelity Fed. Bank & Trust, 421 F.3d 1209, 1210 (11th Cir. 2005). In particular, the DPPA “responded to at least two concerns over the personal information contained 3 in state motor vehicle records.” Maracich v. Spears, 570 U.S. 48, 57 (2013). The first of these concerns was “a growing threat from stalkers and criminals who could acquire personal information from state [departments of motor vehicles].” Id. “The second concern related to the States' common practice of selling personal information to businesses engaged in direct marketing and solicitation.” Id. To address these concerns, the DPPA “establishes a regulatory scheme that restricts the States' ability to disclose a driver's personal information without the driver's consent.” Id. The DPPA thus prohibits the release of certain types of information from motor vehicle records as defined by the statute. “A State department of motor vehicles, and any officer, employee, or contractor thereof, shall not knowingly disclose or otherwise make available to any person or entity: … personal information ... about any individual obtained by the department in connection with a motor vehicle record, except as provided in subsection (b) of this section.” 18 U.S.C. § 2721(a). This prohibition on disclosure is then subject to fourteen exceptions, or “permissible uses,” listed in subsection (b). See 18 U.S.C. § 2721(b). Permissible uses do not include unsolicited advertisements from law firms to prospective clients. See Maracich, 570 U.S. at 76-77. For purposes of the DPPA, “personal information” means “information that identifies an individual, including an individual's photograph, social security number, driver identification number, name, address (but not the 5–digit zip code), telephone number, and medical or disability information, but does not include information on vehicular accidents, driving violations, and driver's status.” 18 U.S.C. § 2725(3). A “Motor vehicle record” is defined as “any record that 4 pertains to a motor vehicle operator's permit, motor vehicle title, motor vehicle registration, or identification card issued by a department of motor vehicles.” 18 U.S.C. § 2725(1). The DPPA makes it unlawful “for any person knowingly to obtain or disclose personal information, from a motor vehicle record, for any use not permitted under section 2721(b) of this title.” § 2722(a). Further, the act creates a private right of action for any individual whose personal information is unlawfully disclosed. See 18 U.S.C. § 2724(a) (“A person who knowingly obtains, discloses or uses personal information, from a motor vehicle record, for a purpose not permitted under this chapter shall be liable to the individual to whom the information pertains, who may bring a civil action in a United States district court.”). Available remedies for the violation are: (1) actual damages, but not less than liquidated damages of $2,500; (2) punitive damages for willful or reckless violations; (3) attorney fees and costs; and (4) “such other preliminary and equitable relief as the court determines to be appropriate.” See 18 U.S.C. § 2724(b). Accordingly, to state a claim for relief under the DPPA, a plaintiff must sufficiently plead facts to establish that the defendant (1) knowingly (2) obtained, disclosed, or used “personal information,” (3) from a “motor vehicle record,” (4) for a purpose not permitted under the statute. See 18 U.S.C. § 2724(a). In their motion to dismiss, Defendants challenge only the third element, whether the personal information obtained by Defendants and used to solicit Plaintiff came from “a motor vehicle record.” More specifically, Defendants argue that a driver’s license is not a “motor vehicle record” under the DPPA and taking information from a driver’s license (rather than from DMV records) is not a DPPA violation. See Doc. No. 29 at 8. Further, Defendants allege that personal information taken from a driver’s license cannot support a DPPA violation even when a person is under a legal obligation to produce his driver’s license to a police officer in connection 5 with a motor vehicle accident and personal information thereby becomes part of an official vehicle accident report. To some courts it seems obvious that a driver’s license is a “motor vehicle record” as a record “that pertains to a motor vehicle operator's permit.” See Eggen v. WESTconsin Credit Union, 2016 WL 4382773, at *3 (W.D. Wis. Aug. 16, 2016) (“On its face, defendant’s argument that a driver’s license is not a ‘motor vehicle record’ is difficult to take seriously… After all, a driver’s license is created by the Department of Motor Vehicles and it is a record of the information on the license.”); Gaston v. LexisNexis Risk Sols., 2017 WL 5340384, at *4 (W.D.N.C. Nov. 13, 2017) (“Applying a modicum of common sense to what is a clearly written statute, being involved in a fender bender on the way to work is clearly an insufficient reason to expose protected ‘personal information’ (especially a person's name and home address) to a web audience increasingly inhabited more by identity thieves than boy scouts”). However, other courts hold otherwise, focusing on the source of the personal information, in particular whether the information originated with the state DMV. See Dahlstrom v. Sun-Times Media, LLC, 777 F.3d 937, 949 (7th Cir. 2015) (“[t]he origin of the personal information is thus crucial to the illegality of its publication”); Siegler v. Best Buy Co. of Minn., 519 F. App’x 604, 605 (11th Cir. 2013) (“[a] plain reading of the DPPA makes clear that the Act was intended to prohibit only the disclosure or redisclosure of information originating from state department of motor vehicles (‘DMV’) records”). Thus, in cases alleging the misuse of personal information that arise in the context of private transactions, courts regularly find that obtaining personal information from a driver’s license that was voluntarily provided to a business does not violate the DPPA. See, e.g., Andrews v. Sirius XM Radio Inc., 932 F.3d 1253 (9th Cir. 2019) (satellite radio provider did not violate the 6 DPPA by knowingly obtaining personal information from car dealerships which obtained the information from the plaintiff’s driver’s license when he purchased a vehicle); O’Brien v. Quad Six, Inc., 219 F. Supp. 2d 933, 934 (N.D. Ill. 2002) (“Congress enacted the DPPA to regulate information collected from citizens by the state, not transactions between private businesses and their customers …. Consumers … can simply decline to disclose [personal information to private businesses] …. Disclosing information to state motor vehicle agencies, by contrast, is significantly less voluntary”). In contrast, obtaining personal information directly from DMV records is plainly a DPPA violation. See Maracich, 570 U.S. at 76-77. Plaintiff alleges that the personal information which he asserts violates the DPPA was obtained from a vehicle accident report prepared by a police officer. While he does not contend that the accident report itself is a “motor vehicle record,” he claims that the personal information in the accident report comes “from” a “motor vehicle record” – his driver’s license or a state DMV database – and therefore cannot be used except for a permitted use under the DPPA. 1 See Dunkin v. Appriss, Inc., 266 F. Supp. 3d 1103, 1107 (N.D. Ind. 2017) (“An accident report isn’t a motor vehicle record, but ‘disclosure of personal information that was obtained by and from the department of motor vehicles may nonetheless violate the DPPA’”). Therefore, whether or not obtaining personal information from an accident report can support a claim under the DPPA requires the Court to analyze a hybrid set of facts, combining elements of both cases in which courts have found that obtaining information outside of the DMV For example, the preparation and use of the accident report by CMPD is clearly a permissible use. See 18 U.S.C. § 2721 (b)(1) (government agency, including any law enforcement agency, may use personal information to carry out its functions). 1 7 context is not a DPPA violation and cases where the disclosure of personal information involuntarily provided to a government official may give rise to DPPA liability.2 So, perhaps not surprisingly, courts have come to different conclusions on these types of claims. Compare Wilcox, 360 F. Supp. 3d at 1147 (denying motion to dismiss where plaintiff alleged improper use of personal information obtained from an accident report which was prepared using Plaintiff’s driver’s license); Dunkin, 266 F. Supp. 3d at 1107 (personal information on an accident report written down or scanned from a driver’s license handed over by the license-holder isn’t personal information from a motor vehicle record). However, at this early stage of this action the Court does not need to resolve the split in authority for two reasons. First, taking the allegations of the Amended Complaint as true and construing all inferences in the light most favorable to Plaintiff as required in considering a motion to dismiss under Rule 12(b)(6), Plaintiff has alleged in the alternative that personal information in the accident report may have come from “a DMV database of driver’s license information.” See Doc. No. 2 at ¶ 48. If it did, then the Amended Complaint plainly states a claim under the DPPA regardless of whether or not a DPPA claim could be asserted if Plaintiff’s personal information in the accident report came from his driver’s license alone. Several cases have noted that the circumstances of a driver being required to provide his driver’s license to a police officer is quite different from a person voluntarily providing his driver’s license to a business for identification. See Pavone v. Law Offices of Anthony Mancini, Ltd., 205 F. Supp. 3d 961, 966 (N.D. Ill. 2016) (“a reasonable jury could find that Pavone’s handing of his license to the officer was anything but voluntary”); Wilcox v. Swapp, 360 F.Supp. 3d 1140, 1147 (E.D. Wash. 2019) (the situation of a customer offering “his or her identification to effectuate the customer’s goal; i.e., the purchase of tobacco … is far different from a driver giving a police officer his or her license and registration, as mandated by state law, and then a third party obtaining and using the information from the license and registration down the line”). 8 2 Also, because the particular facts underlying the preparation of an accident report may be critical in determining DPPA liability, many courts that have ruled on the issue have done so on a motion for summary judgment rather than on a motion to dismiss. See Pavone, 205 F. Supp. 3d at 966 (ruling on motion for summary judgment that “information obtained from a driver's license is information obtained from a motor vehicle record” (emphasis in original)); Dunkin, 266 F. Supp. 3d at 1106 (denying motion to dismiss then granting summary judgment in favor of defendants); Andrews, 932 F.3d at 1254 (appeal of grant of summary judgment). Accordingly, it is most appropriate for the Court to defer ruling on this disputed issue until after discovery is concluded, when the Court can resolve all disputed issues on a full record. Therefore, the Court finds that Plaintiff has plausibly stated a DPPA claim against Defendants and will deny Defendants’ motion to dismiss, without prejudice to their ability to raise the issues presented again in a motion for summary judgment. 9 IV. ORDER NOW THEREFORE IT IS ORDERED THAT: 1. Defendant’s Motion to Dismiss Amended Complaint (Doc. No. 28) is DENIED; 2. This case shall proceed to discovery and further proceedings to determine the merits of Plaintiff’s claims in the absence of a voluntary resolution of the dispute among the parties. SO ORDERED ADJUDGED AND DECREED. Signed: March 2, 2020 10

Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You should read the full case before relying on it for legal research purposes.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.