Friday, December 19, 2014

Marijuana, the Automobile Exception and the Text Messages

After Dwight Corey Kennedy was charged – in a “seven-count information” – with “possession of methamphetamine while armed with a loaded gun (Health & Safety Code § 11370.1(a), possession of methamphetamine for sale (Health & Safety Code § 11378), two counts of the sale or transportation of marijuana (Health & Safety Code § 11360(a), two counts of possession of marijuana for sale (Health & Safety Code § 11359) and cultivation of marijuana (Health & Safety Code § 11358), he filed a motion to suppress.  Kennedy v. Superior Court, 2014 WL 5468967 (California Court ofAppeals 2014).
To understand the motion to suppress, it is necessary to understand how the case arose.  As the Court of Appeals explains, on August 5, 2011,
at around 7:30 p.m., Alameda County Sheriff's Deputy Michael Dalisay saw [Kennedy] drive into the parking lot of a liquor store in San Leandro. There was no one else in the car with [him]. [Kennedy] parked in front of the store. His car occupied two parking spaces in the store's parking lot. Deputy Dalisay recognized [him] from two previous encounters in which [Kennedy] had been arrested.

The deputy recalled that one of the previous encounters occurred earlier in 2011. Dalisay knew [Kennedy]'s criminal behavior consisted of driving with a suspended license and reckless driving, but he did not know why [his] license had been suspended. Before making any contact with [Kennedy], Dalisay checked to see if [he] had a suspended license by contacting dispatch. The deputy had no reason to believe [Kennedy] was armed or that he was involved in any drug-related activity.

Dalisay and another officer, Sergeant Schuler, waited until [Kennedy] left the liquor store before approaching him. Schuler walked to the driver's side of the vehicle as [he] opened the door while Dalisay approached from the passenger side. Dalisay smelled a `very strong odor’ of unburned marijuana coming from the inside of [Kennedy]'s vehicle.

The sergeant spoke first and asked [him] for his driver's license. [Kennedy] was upset and protested that he had never been arrested before. After further discussion and another request for [Kennedy]'s license, [he] produced a California identification card but not a driver's license. [Kennedy]'s identification showed he resided at 573 Empire Street in San Lorenzo (hereafter `573 Empire’). It was later determined that 573 Empire was the home of [his] mother, Lisa Romero.

Schuler placed [Kennedy] in handcuffs. The deputy confirmed [Kennedy]'s license was suspended and told [him] that he was under arrest for driving on a suspended license in violation of Vehicle Code section 14601.1. [Kennedy] was in handcuffs for about five minutes before being placed under arrest.

The officers performed a search of [Kennedy]'s vehicle. They found packages of marijuana in a storage compartment located in the driver's door as well as a cell phone in the same area. The marijuana was packaged in two clear baggies that were tied at the top. One baggie contained about two grams of marijuana while the other contained 15 grams. The officers also found empty Ziploc baggies in the trunk. The vehicle's registration, which was recovered during the search, revealed the car was registered to [Kennedy]'s mother at 573 Empire.
Kennedy v. Superior Court, supra.  We will come back to the vehicle search.
After they arrested Kennedy for driving with a suspended license, the officers searched him, finding and seizing
a cell phone from his pants pocket as well as $5,941 in cash. [Kennedy] claimed he had earned the cash while working for a moving company. A few minutes after retrieving the cell phone, Dalisay began looking at its contents. One thing that caught his attention was a series of text messages from the previous day. One text message was from someone identified as `Rooser’ and read, `I am going to need a [whole one] in a min.’ A responsive text message read, `I will be there in a min.’
Kennedy v. Superior Court, supra. 
The court explains that Dalisay knew from
his experience in law enforcement that a `whole one’ on the street refers to one ounce of an illicit drug. He concluded that the phone recovered from [Kennedy] served as the means for communicating with potential buyers. Dalisay testified that he had been involved in over 100 marijuana sales cases in the seven years he had been in the sheriff's department.
Kennedy v. Superior Court, supra. 
Since Dalisay “believed there would be further evidence relating to drug sales at a suspected drug trafficker's residence, including more drugs, money, and items such as scales”, he also believed had had probable cause to get a warrant to search 573 Empire. Kennedy v. Superior Court, supra.  But instead of getting a warrant (which would involve “time and trouble”), he and other officers went to 573 Empire to see if the owner of the premises would consent to a search.  Kennedy v. Superior Court, supra.  When the officers arrived there, they spoke with Kennedy’s mother, Lisa Romero, who refused to consent to let the officers search the house. Kennedy v. Superior Court, supra. 
Dalisay decided he had reason to believe there could be weapons and/or someone who might destroy evidence, so the officers conducted a protective sweep of the premises, finding a black pistol lying on Kennedy’s bed.  Kennedy v. Superior Court, supra.  One officer then went to obtain a search warrant; when he returned, the officers searched the house, finding “methamphetamine, ecstasy, a scale, a gun, two mature marijuana plants, and a large bag containing marijuana, among other items.”  Kennedy v. Superior Court, supra.  These items provided the basis for “the first five counts of the seven-count information against” Kennedy. Kennedy v. Superior Court, supra. 
After he was charged in the information noted earlier, Kennedy filed motions to suppress (i) the evidence found in his vehicle and (ii) the evidence found in the search of his mother’s house.  Kennedy v. Superior Court, supra.  This post only examines the first motion, i.e., the one seeking suppression of evidence found in his vehicle.
In that motion to suppress, Kennedy argued, to begin with, that the search of his
vehicle was illegal. He first argues it was not a valid search incident to arrest under Arizona v. Gant, 556 U.S. 332 (2009), in which the U.S. Supreme Court held that an arrest for a traffic violation generally does not justify a search of an arrestee's vehicle absent genuine safety or evidentiary concerns. Arizona v. Gant, supra. We agree with [Kennedy] that, without more, merely being arrested for driving with a suspended license did not justify a search of the vehicle incident to petitioner's arrest. The Attorney General does not dispute this conclusion.
Kennedy v. Superior Court, supra. 
Kennedy  argued that “the `supposed’ smell of marijuana did not constitute probable cause to support a warrantless search of the vehicle.” Kennedy v. Superior Court, supra.  So,  he claimed the search violated the 4th Amendment.  Kennedy v. Superior Court, supra. 
As Wikipedia notes, the 4th Amendment prohibits “unreasonable” searches and seizures, which means that “reasonable” searches and seizures are not unconstitutional.  As Wikipedia also explains, the default way in which a search and/or seizure can be “reasonable” if it is conducted pursuant to a warrant – a search warrant or an arrest warrant (a seizure warrant).  But, as i tgoes on to explain, the Supreme Court has held that searches and seizures can also be “reasonable” if they fall into one of the “exceptions” to the warrant requirement it has recognized over the years.
One of those exceptions is the “motor vehicle exception” which, as Wikipedia notes
allows an officer to search a vehicle without a search warrant as long as he or she has probable cause to believe that evidence or contraband is located in the vehicle. The exception is based on the idea that there is a lower expectation of privacy in motor vehicles due to the regulations under which they operate. Additionally, the ease of mobility creates an inherent exigency to prevent the removal of evidence and contraband. In Pennsylvania v. Labron, 518 U.S. 938 (1996), the U.S. Supreme Court said 

`If a car is readily mobile and probable cause exists to believe it contains contraband, the 4th Amendment permits the police to search the vehicle without more.’

`The scope of the search is limited to only what area the officer has probable cause to search. . . . The . . . also allows officers to search any containers found inside the vehicle that could contain the evidence or contraband being searched for. The objects searched do not need to belong to the owner of the vehicle.'
The Court of Appeals therefore noted  that the critical issue in determining whether the search of Kennedy’s vehicle violated the 4th Amendment was whether Dalisay had probable cause to believe contraband or other evidence of a crime was in the vehicle.  Kennedy v. Superior Court, supra.  It began its analysis by explaining that the California courts have
`concluded the odor of unburned marijuana . . . may furnish probable cause to search a vehicle under the automobile exception to the warrant requirement.’ (People v. Waxler, (California Court of Appeals 2014) 224 Cal.App.4th 712. . . . Under established California law, the deputies in this case had probable cause to search petitioner's vehicle as a result of detecting a strong odor of marijuana. [Kennedy] advances a number of arguments why we should not apply this longstanding precedent in his case. His arguments lack merit. . . . 
Kennedy v. Superior Court, supra.
Kennedy claimed the odor of marijuana does not establish probable cause for a
warrantless vehicle search in light of the recent `decriminalization’ of the possession of small amounts of marijuana. Under Health and Safety Code section 11357, subdivision (b), the possession of 28.5 grams or less of marijuana is punishable as an infraction. A person who possesses more than 28.5 grams of marijuana is guilty of a misdemeanor. (Health & Safety Code, § 11357(c)). [Kennedy] also points out that certain individuals who transport or process marijuana intended for personal medical use may be immune from prosecution for drug-related offenses. (See People v. Mentch (California Court of Appeals 2008) 45 Cal.4th 274). . . .

[A]ccording to [Kennedy], the mere fact officers detect the odor of marijuana does not provide probable cause to believe contraband is present or that a crime has been committed. [He] relies upon a decision of the Supreme Judicial Court of Massachusetts in Commonwealth v. Cruz (2001) 459 Mass. 459. In Cruz, the Massachusetts court concluded the odor of burned marijuana alone did not justify a warrantless vehicle search because the state had changed the possession of one ounce or less of marijuana . . . to a civil violation. Commonwealth v. Cruz, supra. The court reasoned that the mere smell of marijuana did not give rise to suspicion of a `criminal offense.’ Commonwealth v. Cruz, supra.
Kennedy v. Superior Court, supra.
This Court of Appeals noted that California courts had rejected Kennedy's claims:
In People v. Strasburg, 148 Cal. App. 4th 1052, 56 Cal.Rptr.3d 306 (California Court of Appeals 2007), the court rejected the notion that probable cause for a search is lacking when marijuana odor is present and the defendant possesses a physician's recommendation for medical marijuana or a state-issued medical marijuana card. The court reasoned that the medical marijuana laws provide a `limited immunity—not a shield from reasonable investigation.; People v. Strasburg, supra. An officer with probable cause to search is entitled to `determine whether the subject of the investigation is in fact possessing the marijuana for personal medical needs, and is adhering to the eight-ounce limit on possession.’ People v. Strasburg, supra.

In People v. Waxler, 224 Cal.App.4th 712, 168 Cal.Rptr.3d 822 (California Court of Appeals 2014), the court held that `[t]he automobile exception is not limited to situations where the officer smells or sees more than 28.5 grams of marijuana in the vehicle [citation]; the observation of any amount of marijuana . . . establishes probable cause to search pursuant to the automobile exception.’ The Waxler court specifically declined to follow the Massachusetts court in Cruz and explained its reasoning as follows:

`Cruz does not apply here for at least two reasons. First, in contrast to Massachusetts, possession of up to an ounce of nonmedical marijuana in California is a “crime.”’ (California Penal Code § 16).  Second, neither the California Supreme Court nor the U.S. Supreme Court has limited the automobile exception to situations where the defendant possesses a ‘criminal amount of contraband.’ People v. Waxler, supra. [Kennedy] has presented no compelling grounds for this court to depart from the holdings in Strasburg or Waxler.
Kennedy v. Superior Court, supra (emphasis in the original).
Finally, the Court of Appeals  took up Kennedy’s argument that the automobile exception
should not apply here because his vehicle was not `readily mobile.’ Presumably, [his] point is that the vehicle was not mobile because there was no one else to drive the vehicle away after he was placed under arrest. The contention is meritless.
Ready mobility is not the sole basis for the exception to the warrant requirement. (Californiav. Carney, 471 U.S. 386 (1985)) The exception is also based on a lesser expectation of privacy in one's vehicle as opposed to one's home. Califoria v. Carney, supra. Further, the application of the exception `is not contingent upon whether the particular automobile could actually be moved at the time of the search.’ People v. Superior Court (Overland), 203 Cal.App.3d 1114, 250 Cal.Rptr. 458 (California Court of Appeals 1988).
Kennedy v. Superior Court, supra.
The Court of Appeals therefore affirmed the denial of Kennedy’s motion to suppress.  Kennedy v. Superior Court, supra.

Wednesday, December 17, 2014

The Debit Card, the Grandfather and the Sneakers

This post examines a recent opinion from the Supreme Court, Appellate Division – New York concerning a juvenile delinquency proceeding:  In the Matter of Luis C., 2014 WL 6779210. The court begins its opinion by explaining how the case arose:
The facts in this juvenile delinquency proceeding are undisputed. The appellant, Luis C., used his grandfather's debit card number, without permission, to buy sneakers on the Internet. There is no evidence that Luis ever took or possessed the card itself.

After a fact-finding hearing, the Family Court found that Luis had committed acts which, if committed by an adult, would have constituted the crimes of grand larceny in the fourth degree under Penal Law § 155.30(4) and criminal possession of stolen property in the fourth degree under Penal Law § 165.45(2). Those sections, as relevant here, relate to the theft or possession of property that `consists of a . . . debit card’ (Penal Law § 155.30[4]; see Penal Law §165.45[2]).
In the Matter of Luis C., supra. The court put Luis “on probation for a period of 12 months.”  In the Matter of Luis C., supra. 
In his appeal, Luis argued that “he could not be found to have violated those particular statutory provisions with respect to his grandfather's debit card in the absence of any evidence that he took or possessed the card itself.”  In the Matter of Luis C., supra. The Appellate Division began its analysis of argument by noting that “[t]his issue . . . is one of first impression in this Department.”  In the Matter of Luis C., supra.  It also noted that
[t]he Presentment Agency now agrees with Luis that the petition should be dismissed. While contending that the evidence of Luis's larcenous intent is “compelling,” the Presentment Agency concedes that without evidence that Luis took or possessed the card itself, the fact-finding rests on legally insufficient evidence. 
In the Matter of Luis C., supra. 
The Appellate Division also, however, pointed out that
in a decision issued after the briefs were filed in this case, the Appellate Division, First Department, upheld a conviction for criminal possession of stolen property in the fourth degree under facts that are analogous to the undisputed facts here. In People v. Barden (117 AD3d 216, lv granted 24 NY3d 959), the defendant's conviction was based on his use of a credit card number, despite undisputed evidence that he never possessed the card itself. Thus, even given the Presentment Agency's concession in the appeal before us, the law is unsettled.
In the Matter of Luis C., supra. 
As to the facts that gave rise to this case, the Appellate Division explained that
[a]t the fact-finding hearing, Luis's grandfather testified that when he tried to use his debit card on March 19, 2013, he found that the balance was insufficient to make his purchase. He called the card issuer and learned that a $120 purchase had been made on the card. When he returned home, he found a package addressed to Luis, who was staying with him. The package contained a pair of sneakers and a receipt. The receipt indicated that the [grandfather’s] debit card had been charged for the purchase.

Luis admitted he had ordered the sneakers and used his grandfather's debit card number to pay for them. There was . . . no evidence that Luis ever possessed the debit card itself. Indeed, when asked at the fact-finding hearing whether Luis ever possessed the debit card itself, the [grandfather] answered: `I never said he had the card in his hand.’
In the Matter of Luis C., supra. 
The Appellate Division then began its analysis of Luis’ argument, noting that it involved the process of statutory interpretation.  In the Matter of Luis C., supra. It explained that
[s]tatutory interpretation is an inquiry into legislative intent (see Matter of Albany Law School v. New York State Office of Mental Retardation & Dev. Disabilities, 19 NY3d 106, 120). The clearest evidence of that intent is in the statutory text (see Majewski v. Broadalbin–Perth Cent. School Dist., 91 N.Y.2d 577; Matter of DaimlerChrysler Corp. v. Spitzer, 7 NY3d 653). Context, however, is also important: `inquiry must be made of the spirit and purpose of the legislation, which requires examination of the statutory context of the provision as well as its legislative history’ (Matter of Sutka v. Conners, 73 N.Y.2d 395. . .). Courts must also respect the principle that a statute is to be construed as a whole. . . . Accordingly, `its various sections must be considered together and with reference to each other’ (People v. Mobil Oil Corp., 48 N.Y.2d 192).
In the Matter of Luis C., supra. 
The court went on to explain that the “relevant statutory provisions” are
Penal Law § 155.30 Grand larceny in the fourth degree
A person is guilty of grand larceny in the fourth degree when he steals property and when . . .
4. The property consists of a credit card or debit card (Penal Law § 155.30[4]).

Penal Law § 165.45 Criminal possession of stolen property in the fourth degree
A person is guilty of criminal possession of stolen property in the fourth degree when he knowingly possesses stolen property, with intent to benefit himself or a person other than an owner thereof or to impede the recovery by an owner thereof, and when: . . .
 2. The property consists of a credit card, debit card or public benefit card” (Penal Law § 165.45[2]).

Penal Law § 155.00 Larceny; definitions of terms
The following definitions are applicable to this title: . . .
7. Credit card means any instrument or article defined as a credit card in section five hundred eleven of the general business law.
7—a. Debit card’ means any instrument or article defined as a debit card in section five hundred eleven of the general business law (Penal Law § 155.00[7], [7–a]).
In the Matter of Luis C., supra. 
The Appellate Division then pointed out that the
texts of the statutes speak only in terms of physical items; intangibles such as accounts or account numbers are not included. Even the catch-all phrases -- `other identification card or device’ and `other similar device’ -- refer to physical items (General Business Law § 511[1], [9]). Thus, a purely textual reading of the statutes that Luis was alleged to have violated supports the conclusion of Luis and the Presentment Agency that `debit card’ means the physical card or device itself.

This conclusion is reinforced when the provisions are viewed in context. The common structure of article 155 (larceny) and article 165 (`Other Offenses Relating to Theft’) evinces the legislature's careful consideration of how various thefts and possessions of stolen property should be classified. For the most part, the article 155 and article 165 crimes are classified by the value of the property taken or possessed (see Penal Law §§ 155.25, 155.30[1]; 155.35[1]; 155.40[1]; 155.42, 165.40, 165.45[1]; 165.50, 165.52, 165 .54).
In the Matter of Luis C., supra. 
But it also noted that some
classifications . . . depend not on the value of the property, but on the kind of property. Most of these provisions elevate, to felony classification, thefts or possessions that would have been misdemeanors had they been measured based solely on the value of the property. These provisions relate to public records, writings, or instruments (Penal Law § 155.30[2]); secret scientific material (Penal Law § 155.30[3]); firearms, rifles, or shotguns (Penal Law §§ 155.30[7], 165.45[4]); access devices that the person intends to use unlawfully to obtain telephone service (Penal Law § 155.30[10]); and certain substances that may be used to manufacture methamphetamine (Penal Law §§ 155.30[11], 165.45[7]). They also include the enhancement at issue in this case, debit cards, as well as credit cards (Penal Law §§ 155.30[4], 165.45[2]).
In the Matter of Luis C., supra (emphasis in the original).
The court went on to explain that
[o]ne important reason for the automatic enhancement in classification of certain larceny and possession crimes is a difficulty in establishing a value for some types of property. Even though the larceny or possession of the property is regarded as inherently serious, a solely value-based classification would often result in misdemeanor classification.

Thus, as one commentator noted with respect to grand larceny in the fourth degree, `[i]t is for these reasons that the section at hand arbitrarily classifies any such theft as grand larceny and felonious’ (Arnold D. Hechtman, Practice Commentaries, McKinney's Cons Laws of NY, Book 39, Penal Law § 155.30 at 156 [1975 ed]).
In the Matter of Luis C., supra. 
It then returned to the issue at hand, explaining that
[i]t was precisely this valuation problem that prompted the legislature to enact the first versions of what are now Penal Law §§ 155.30(4) and 165.45(2). A credit card -- the card itself -- was seen as having only negligible value, so the theft of a credit card could not be punished as a felony based on valuation. In approving Chapter 115 of the Laws of 1969, Governor Nelson A. Rockefeller explained that credit cards had become a major factor in the consumer economy only over the past decade, but the laws had not kept pace with this change. Organized crime had taken advantage of loopholes. 
In the Matter of Luis C., supra. 
The court went on to explain that then-Governor Rockefeller said Chapter 115 was intended to close those loopholes:
`Specifically the bill would:

—make the theft of a credit card grand larceny in the third degree. (Under existing law, when applying the larceny statutes, the value of a credit card is deemed to be no more than the value of the plastic or paper on which it is printed, resulting in a minimal penalty for conviction when compared to the gravity of the subsequent crimes its theft facilitates)’ (Governor's Mem approving L 1969, ch 115, 1969 McKinney's Session Laws of N.Y. at 2541 [emphasis added]).
In the Matter of Luis C., supra. 
It therefore found that
in accord with the legislative intent, the theft of a credit card has been, since 1969, a completed felony upon the taking of the card. There is no need for the People to prove that the thief actually used the card, nor any need for the People to prove the `value’ of the card. Since 1988, the same has been true with respect to debit cards (see L 1987, ch 556). The purpose of the addition of debit cards was to give holders of debit cards the same protection that holders of credit cards already enjoyed (see Letter of L. Paul Kehoe, July 2, 1987, at 5, Bill Jacket, L 1987 ch 556 [urging Governor's approval of A3279]).

In summary, given the text of the provisions at issue, the context of the law and its development over the years, we agree with Luis and the Presentment Agency that `debit card’ as used in Penal Law §§ 155.30(4) and 165.45(2) means the physical card, not the intangible account information associated with it. We also agree that, at bottom, this case involves errors made when the petition was drafted. Luis's acts undoubtedly violated provisions of the Penal Law, but not the provisions charged in the petition.
In the Matter of Luis C., supra. 
The Appellate Division went on to explain that someone who
appropriates account information is not immune from punishment. The legislature has enacted laws to protect account information, in addition to the laws relating to the cards themselves. Specifically, in chapter 619 of the Laws of 2002, the legislature amended or added sections to various statutes in order to address the problem of people who engage in identity theft or use other people's personal information without authorization. That legislation added the crimes of identity theft in the third, second, and first degrees (Penal Law §§ 190.78, 190.79, and 190.80), as well as unlawful possession of personal identification information in the third, second, and first degrees (Penal Law §§ 190.81, 190.82, and 190.83). Later, the legislature added `aggravated identity theft’ (Penal Law § 190.80–a; see L 2008, ch 226, § 2). These provisions . . .  make the criminal possession of account information a completed crime; no proof is required that the information was actually used.
In the Matter of Luis C., supra. 
It also pointed out that
[o]ne of the crimes added in 2002, unlawful possession of personal identification information in the third degree (Penal Law § 190.81), directly proscribes what Luis did in this case when he used his grandfather's debit card number, without permission, to buy sneakers:

`A person is guilty of unlawful possession of personal identification information in the third degree when he or she knowingly possesses a person's financial services account number or code, savings account number or code, checking account number or code, brokerage account number or code, credit card account number or code, debit card number or code, automated teller machine number or code, personal identification number, mother's maiden name, computer system password, electronic signature or unique biometric data that is a fingerprint, voice print, retinal image or iris image of another person knowing such information is intended to be used in furtherance of the commission of a crime defined in this chapter ‘ (emphasis added).

Thus, just as the legislature added credit cards to the penal provisions of the law when the use of credit cards became widespread, and added debit cards when the use of debit cards became widespread, it also added provisions related to the unauthorized possession of the intangible account information when technology demanded.
In the Matter of Luis C., supra (emphasis in the original).
The Appellate Division, therefore agreed with Luis and the Presentment Agency that “Luis's theft and possession of his grandfather's debit card number, and not the debit card itself, was insufficient to support a finding that he stole or possessed property that consisted of a `debit card.’” In the Matter of Luis C., supra. It therefore reversed
the order of disposition . . . insofar as reviewed, on the law, the fact-finding order is vacated, the petition is dismissed, and the matter is remitted to the Family Court, Kings County, for further proceedings in accordance with Family Court Act § 375.1.
In the Matter of Luis C., supra.  

Monday, December 15, 2014

The Target Hack, Negligence and the Class Action

As you may recall, in December of 2013 Target was the victim of a “major hack” of credit and debit card data.  And as you may or may not know, in May of 2014 of 2014, the Judicial Panel on Multidistrict Litigation consolidated the “[d]ozens of class action lawsuits” that followed the hack into “three groups”, all of which were assigned to a U.S. District Court Judge in Minnesota.  You can read more about that here.           
This post examines an order that judge issued on December 2, 2014, in which he ruled on a motion to dismiss a subset of those lawsuits.  In re Target Corporation Customer Data Security Breach Litigation (“ In re Target”), 2014 WL 6775314 (U.S.District Court for the District of Minnesota 2014).  He began the opinion on which he ruled on the motion by noting that
[i]n December 2013, Defendant Target Corporation, a Minnesota-headquartered retailer that is one of the nation's largest retail chains, announced that over a period of more than three weeks during the busy Christmas holiday shopping season, computer hackers had stolen credit- and debit-card information for approximately 110 million of Target's customers. Lawsuits soon followed this announcement, and ultimately the Judicial Panel on Multidistrict Litigation consolidated all federal lawsuits into this litigation. The multidistrict litigation consists of two distinct types of claims: those brought by consumers and those brought by financial institutions. The Motion at issue here seeks to dismiss only the Consolidated Amended Class Action Complaint . . . filed in the financial institution cases.
In re Target, supra.
The judge went on to explain that the plaintiffs whose lawsuits are at issue in the motion to dismiss he is ruling on are a
putative class of issuer banks whose customers' data was stolen in the Target data breach.

Plaintiffs' Complaint consists of four claims against Target. Count One contends that Target was negligent in failing to provide sufficient security to prevent the hackers from accessing customer data. Count Two asserts that Target violated Minnesota's Plastic Security Card Act, and Count Three alleges that this violation constitutes negligence per se. Count Four claims that Target's failure to inform Plaintiffs of its insufficient security constitutes a negligent misrepresentation by omission.
In re Target, supra.
Target’s motion to dismiss, filed under Rule 12(b)(6) of the Federal Rules of Civil Procedure, argued that the financial institutions “have failed to plead sufficient facts to establish any of their claims.” In re Target, supra.  As Wikipedia explains, in the federal court system, someone (the Plaintiff) initiates a lawsuit by filing a “Complaint” with the U.S. District Court.  And as Wikipedia also explains, the Rule 12(b)(6) motion
is how lawsuits with insufficient legal theories underlying their cause of action are dismissed from court. For example, assault requires intent, so if the plaintiff has failed to plead intent, the defense can seek dismissal by filing a 12(b)(6) motion.’ . . .
The Judge who has the Target cases began his analysis of the financial institutions’ Rule 12(b)(6) motion by explaining that when a judge evaluates s motion to dismiss under
Rule 12(b)(6), the Court assumes the facts in the Complaint to be true and construes all reasonable inferences from those facts in the light most favorable to Plaintiffs. Morton v. Becker, 793 F.2d 185 (U.S. Courtof Appeals for the 8th Circuit 1986). However, the Court need not accept as true wholly conclusory allegations, Hanten v. School District of Riverview Gardens, 183 F.3d 799 (U.S. Court of Appeals for the 8th Circuit 1999), or legal conclusions that Plaintiffs draws from the facts pled. Westcott v. City of Omaha, 901 F.2d 1486 (U.S. Court of Appeals for the 8th Circuit 1990).

To survive a motion to dismiss, a complaint must contain `enough facts to state a claim to relief that is plausible on its face.’ Bell Atlantic Corp. v. Twombly, 550 U.S. 544 (2007). Although a complaint need not contain `detailed factual allegations, it must contain facts with enough specificity `to raise a right to relief above the speculative level.’ 

`Threadbare recitals of the elements of a cause of action, supported by mere conclusory statements,’ will not pass muster under Twombly. Ashcroft v. Iqbal, 556 U.S. 662 (2009). . . . In sum, this standard calls for `enough fact[s] to raise a reasonable expectation that discovery will reveal evidence of [the claim].’ Bell Atlantic Corp. v. Twombly, supra.
In re Target, supra. 
He began his analysis of the motion to dismiss at issue here with the Plaintiffs’ negligence claim, explaining that the parties to this litigation agreed that,

at least for the purposes of this Motion, Minnesota law governs Plaintiffs' negligence claim. A claim of negligence under Minnesota law requires a plaintiff to allege four elements: duty, breach, causation, and injury. Schmanski v. Church of St. Casimir of Wells, 243 Minn. 289, 67 N.W.2d 644 (Minnesota Supreme Court 1954). Target contends that Plaintiffs have failed to sufficiently allege that Target owed them a duty or that Target breached any duty.

In re Target, supra. 
The judge then explained that Minnesota law “imposes a duty ‘to act with reasonable care for the protection of others in two situations”.  In re Target, supra.  
`First, . . .  general negligence law imposes a general duty of reasonable care when the defendant's own conduct creates a foreseeable risk of injury to a foreseeable plaintiff.  See 1 J.D. Lee & Barry A. Lindahl, Modern Tort Law: Liability & Litigation § 3.48 (2d edition 2003).’

`Second, a defendant owes a duty to protect a plaintiff when action by someone other than the defendant creates a foreseeable risk of harm to the plaintiff and the defendant and plaintiff stand in a special relationship. See Bjerke v. Johnson, 742 N.W.2d 660 (Minnesota Supreme Court 2007). In other words, although a defendant generally does not have a duty `to warn or protect others from harm caused by a third party's conduct,’ H.B. ex rel. Clark v. Whittemore, 552 N.W.2d 705 (Minnesota Supreme Court1996), an exception to this rule exists when the parties are in a special relationship and the harm to the plaintiff is foreseeable.’

Domagala v. Rolland, 805 N.W.2d 14 (Minnesota Supreme Court 2011). The existence of a duty is a question of law. ServiceMaster of St. Cloud v. GAB Bus. Servs., Inc., 544 N.W.2d 302 (Minnesota Supreme Court 1996).
In re Target, supra. 
He went on to explain that Target argued that the plaintiffs’ claims should be analyzed
as falling under the third-party-harm type of negligence, so that to be liable Target and Plaintiffs must stand in a “special relationship” with one another. Target asks the Court to find as a matter of law that Target had no duty to Plaintiffs because there is no special relationship between Plaintiffs and Target and, in any event, `”a person has no duty under Minnesota law to protect another from the harmful conduct, including criminal conduct, of a third person.”’ (Def.'s Supp. Mem. at 6. . . .)

Plaintiffs argue that this is not a third-party-harm case but rather is a straightforward negligence case: Target's own conduct, in failing to maintain appropriate data security measures and in turning off some of the features of its security measures, created a foreseeable risk of the harm that occurred, and Plaintiffs were the foreseeable victims of that harm.

Plaintiffs also argue that, even if this situation is a third-party-harm situation where a special relationship between Plaintiffs and Target is required, they have pled such a special relationship here. But as Target points out, Minnesota has recognized this “separate and distinct” special relationship doctrine, Domagala v. Rolland, 805 N.W.2d 14 (Minnesota Supreme Court 2011), in a very few, limited situations that are not applicable here. . . . Moreover, the Minnesota Supreme Court has cautioned against extending those situations further. See H.B. By and Through Clark v. 552 N.W.2d 705 (1996) (stating that `this court has carefully carved out’ the `outer boundaries’ of the special relationship exception).

At this preliminary stage of the litigation, Plaintiffs have plausibly pled a general negligence case. Although the third-party hackers' activities caused harm, Target played a key role in allowing the harm to occur. Indeed, Plaintiffs' allegation that Target purposely disabled one of the security features that would have prevented the harm is itself sufficient to plead a direct negligence case: Plaintiffs allege that Target's `own conduct create[d] a foreseeable risk of injury to a foreseeable plaintiff.’ Thus, the Court must determine whether Plaintiffs have sufficiently pled Target owed Plaintiffs a duty of care under general negligence principles.
In re Target, supra. 
The judge then explained that the Minnesota courts have considered these factors in
determining whether a defendant owed a duty of care in a general negligence case: (1) the foreseeability of harm to the plaintiff, (2) the connection between the defendant's conduct and the injury suffered, (3) the moral blame attached to the defendant's conduct, (4) the policy of preventing future harm, and (5) the burden to the defendant and community of imposing a duty to exercise care with resulting liability for breach. breach. Domagala v. Rolland, supra. The duty to exercise reasonable care arises from the probability or foreseeability of injury to the plaintiff. Domagala v. Rolland, supra.   `Although in most cases the question of foreseeability is an issue for the jury, the foreseeability of harm can be decided by the court as a matter of law when the issue is clear.’ Foss v. Kincaid, 766 N.W.2d 317 (Minnesota Supreme Court 2009). The Court evaluates Plaintiffs' allegations regarding these factors in the light most favorable to Plaintiffs, keeping in mind that this Motion tests only the sufficiency of those allegations and not the ultimate success of Plaintiffs' legal theories.

Plaintiffs have plausibly alleged that Target's actions and inactions -- disabling certain security features and failing to heed the warning signs as the hackers' attack began -- caused foreseeable harm to Plaintiffs. Plaintiffs have also plausibly alleged that Target's conduct both caused and exacerbated the harm they suffered. And Plaintiffs' allegation that Target was solely able and solely responsible to safeguard its and Plaintiffs' customers' data is also plausible. Imposing a duty on Target in this case will aid Minnesota's policy of punishing companies that do not secure consumers' credit- and debit-card information. See Minn.Stat. § 325E.64. And despite Target's dire warnings about the burden of imposing such a duty, it is clear that the institutional parties to credit- and debit-card transactions have already voluntarily assumed similar duties toward one another. See, e.g., In re Heartland Payment Systems, Inc. Customer Data Sec. Breach Litigation, 834 F.Supp.2d 566 (U.S. District Court for the Southern District of Texas 2011) (noting that Visa and MasterCard Card Operating Regulations, which apply between merchants, issuer banks, and acquirer banks, specify procedures for issuer banks to make claims in the event of data breaches). . . .
In re Target, supra.  So he found that the plaintiffs had adequately pled Target owed them a duty of care, declined to dismiss their claim on this basis.  In re Target, supra. 
The judge went on to note that because the plaintiffs had
plausibly alleged the existence of a duty, there can be no doubt that Plaintiffs have also plausibly alleged that Target breached that duty by failing to safeguard Plaintiffs' customers' information. Because Target does not challenge Plaintiffs' allegations with respect to the elements of causation and damages, Plaintiffs' negligence claim succeeds in stating a claim on which relief can be granted.
In re Target, supra. 
He then took up the defendants’ attempt to have the plaintiffs’ separate cause of action (alleged in Count 4 of their Complaint) for “negligent-misrepresentation-by-omission”.  In re Target, supra.  He explained that in this claim, the plaintiffs alleged that Target had
`failed to disclose material weaknesses in its data security systems and procedures’ that it had an obligation to disclose. . . . According to Target, this claim fails for multiple reasons: Target had no duty to disclose anything to Plaintiffs; Plaintiffs have failed to plead this claim with the particularity Rule 9(b) requires; a negligent misrepresentation claim does not lie with respect to statements about Target's intent; and Plaintiffs have failed to allege reliance, which is an essential element of a negligent-misrepresentation-by-omission claim.
In re Target, supra.  Next, he analyzed each element of the claim. In re Target, supra. 
He began with duty, noting that as a general rule,
`one party to a transaction has no duty to disclose material facts to the other.” Smith v. Questar Capital Corp.,  2014 WL 2560607 (U.S. District Court for the District of Minnesota 2014). This rule applies `unless (1) there existed a fiduciary or confidential relationship between the parties; (2) one party was in possession of special facts that could not have been discovered by the other; or (3) one party who chooses to speak omits information so as to make the information actually disclosed misleading.’ misleading.’ Smith v. Questar Capital Corp., supra.

Plaintiffs have not alleged there is a fiduciary or confidential relationship between Target and Plaintiffs. Rather, Plaintiffs contend that Target knew facts about its ability to repel hackers that Plaintiffs could not have known, and that Target's public representations regarding its data security practices were misleading. Target takes issue with Plaintiffs' allegations in this regard, but on a Motion to Dismiss, the Court must determine only whether the allegations are plausible. The allegations meet that plausibility standard, and Plaintiffs have adequately pled a duty of care.
In re Target, supra. 
He then took up the defendants’ argument that the Plaintiffs had not satisfied the “stricter pleading requirements” of Rule 9(b) of the Federal Rules of Civil Procedure. In re Target, supra.  The judge explained that Rule 9(b) requires that, in alleging “fraud or mistake,”
`a party must state with particularity the circumstances constituting fraud or mistake.’ Fed.R.Civ.P. 9(b). These heightened pleading requirements apply to negligent-misrepresentation-by-omission claims. Trooien v. Mansour, 608 F.3d 1020 (U.S. Court of Appeals for the 8th Circuit 2010). In the context of a claim of negligent omission, the Rule is satisfied `if the omitted information is identified and “how or when” the concealment occurred.’ In re Bisphenol–A (BPA) Polycarbonate Plastic Prods. Liab. Litig., 687 F.Supp.2d 897 (U.S. District Court for the Western District of Missouri 2009). . . .

Plaintiffs have identified the omitted information, namely Target's failure to disclose that its data security systems were deficient and in particular that Target had purposely disengaged one feature of those systems that would have detected and potentially stopped the hackers at the inception of the hacking scheme. Plaintiffs contend that these omissions were made in representations such as Target's online Privacy Policy and in Target's agreement to comply with Visa and MasterCard's Card Operating Regulations and other security requirements.
In re Target, supra.  He also noted that while “these allegations are not as detailed as Target would like, at this early stage of the litigation they are sufficient to allege the `how or when” the information regarding Target's data security practices was omitted from disclosure”, which means the plaintiffs had satisfied Rule 9(b).  In re Target, supra. 
Next, Target argued that the plaintiffs’ negligent omission claim was not cognizable
because it is founded on alleged omissions regarding what Target intended to do with respect to data security. Target contends that an omission regarding Target's `present intention to act in the future’ is not actionable because it cannot be proved false. . . . . But Target misconstrues Plaintiffs' claim.

Plaintiffs' negligent-omission claim is not premised on any statement about Target's future intentions or even on Target's statements about the data breach itself, but rather on the fact that Target held itself out as having secure data systems when Target knew that it did not have secure systems and had taken affirmative steps to make its systems more vulnerable to attack. At this stage of the case, this allegation is sufficient to state a claim for negligent omission.
In re Target, supra. 
And, finally, the judge took up the issue of “reliance”, noting that Target argued that the
[p]laintiffs have failed to plead any reliance on the alleged omissions. Plaintiffs respond that reliance is not required, citing Judge Nelson's recent Smith decision. . . . But Smith did not hold that reliance is not a required element for a negligent omission claim. Rather, Smith found reliance was a `fact-intensive’ inquiry inappropriate for resolution on a motion to dismiss. Smith v. Questar Capital Corp., supra.  
In re Target, supra. 
He went on to explain that a plaintiff alleging a securities fraud-by-omission claim
need not plead or prove reliance if the omitted information is material -- reliance on that material information is presumed. Affiliated Ute Citizens v. United States, 406 U.S. 128 (1972). But courts have not extended this presumption of reliance outside of the securities-fraud context. Plaintiffs are therefore required to plead reliance on Target's alleged omissions in order to state a claim for relief.

The Complaint contains no indication that Plaintiffs relied on any of the alleged omissions. Rather, the Complaint merely avers that Plaintiffs `suffered injury’ `as a direct and proximate result of Target's negligent misrepresentations by omission.’ . . . This is insufficient to plead reliance, and Plaintiffs' negligent-misrepresentation-by-omission claim must therefore be dismissed. Assuming that there are facts supporting Plaintiffs' reliance on the alleged omissions, Plaintiffs may file an amended complaint within 30 days that fully and plausibly alleges all of the required elements of a negligent-misrepresentation-by-omission claim.
In re Target, supra. 
And, finally, he found that the plaintiffs claim under the Minnesota Plastic Card Security Act survived, which means only one of the plaintiffs’ claims was dismissed. In re Target, supra.