CERTIFICATION FROM THE UNITED STATES DISTRICT COURT FOR THE WESTERN DISTRICT OF WASHINGTON IN KENNETH WRIGHT, on his own behalf and on behalf of other similarly situated persons, Plaintiff, v. LYFT, INC., a Delaware corporation, Defendants.
Kenneth Wright received an unsolicited text message that appeared to come from an acquaintance inviting him to download Lyft's cell phone application. Wright sued as a putative class member. The federal district court has asked this court to answer two certified questions relating to the state “Consumer Electronic Mail Act” (CEMA) and the Consumer Protection Act (CPA). Chs. 19.190, 19.86 RCW.
Lyft operates a ridesharing service in which customers use cell phone applications to request rides from nearby drivers. Lyft's application invites users to initiate text messages to a user's contacts, inviting them to download the application and receive a Lyft ride credit. This process involves a Lyft user opening the application, clicking on the “Settings” menu, selecting “Invite Friends,” then selecting one or multiple individuals from the user's contacts or “Select All,” and, finally, agreeing to “Send Invites.”
On March 20, 2014, Kenneth Wright received such a text message. The message invited him to download Lyft's application to his cell phone, offering him a ride worth $25.1 Days later, Wright sued Lyft in federal court, seeking to represent a national class and a Washington subclass encompassing anyone who received an unsolicited Lyft text message. Wright alleged, among other things, the text message generated by Lyft violated state law. Lyft moved to dismiss Wright's claims. The district court granted in part, declining to dismiss Wright's state CEMA and CPA claims. The district court then certified two questions for this court's consideration.
1. Does the recipient of a text message that violates the Consumer Electronic Mail Act, Chapter 19.190 RCW (“CEMA”), have a private right of action for damages (as opposed to injunctive relief) directly under the statute?
2. Does the liquidated damages provision of CEMA, RCW 19.190.040(1), establish the causation and/or injury elements of a claim under the Washington Consumer Protection Act, Ch. 19.86 RCW (“CPA”), as a matter of law or must the recipient of a text in violation of CEMA prove injury in fact before he or she can recover the liquidated amount?
Am. Order Granting Stipulated Mot. to Certify Questions to Wash. Supreme Ct. at 1-2.
STANDARDS OF REVIEW
Certified questions are matters of law we review de novo. Parents Involved in Cmty. Schs. v. Seattle Sch. Dist. No. 1, 149 Wn.2d 660, 670, 72 P.3d 151 (2003) (citing Rivett v. City of Tacoma, 123 Wn.2d 573, 578, 870 P.2d 299 (1994)). We consider the legal issues presented based on the certified record provided by the federal court. Bradburn v. N. Cent. Reg'l Library Dist., 168 Wn.2d 789, 799, 231 P.3d 166 (2010) (citing RCW 2.60.030(2)).
We review questions of statutory interpretation de novo. City of Pasco v. Pub. Emp't Relations Comm'n, 119 Wn.2d 504, 507, 833 P.2d 381 (1992). On matters of statutory interpretation, our “fundamental objective is to ascertain and carry out the Legislature's intent.” Dep't of Ecology v. Campbell & Gwinn, LLC, 146 Wn.2d 1, 9, 43 P.3d 4 (2002). “[I]f the statute's meaning is plain on its face, then the court must give effect to that plain meaning as an expression of legislative intent.” Id. at 9-10.
We conclude that the plain language of chapter 19.190 RCW creates a private cause of action with damages only for phishing violations. RCW 19.190.080, .090. We also conclude that while the plain language of CEMA's liquidated damages provision does not explicitly replace the causation or injury elements of a CPA claim, because the provision provides automatic damages for violations without condition, injury and causation do not need to be proved to receive damages. Accordingly, we answer no to the first certified question and yes to the second.
1. Private Cause of Action under CEMA
We are first asked whether RCW 19.190.040(1) provides a private cause of action for violations of CEMA. Wright contends that it does, while Lyft argues it provides the measure of any damages recoverable under a CPA suit. We agree with Lyft that RCW 19.190.040 does not provide an independent cause of action. We hold that CEMA creates a private cause of action with damages limited to phishing violations.
To determine whether RCW 19.190.040 is directly actionable, we look to the language of the provision. RCW 19.190.040 does not exist in isolation and must be read in the context of the larger statutory scheme. See Campbell & Gwinn, LLC, 146 Wn.2d at 11 (reviewing courts derive plain meaning from the context of the act and related statutes); ITT Rayonier, Inc. v. Dalman, 122 Wn.2d 801, 807, 863 P.2d 64 (1993) (“Statutory provisions must be read in their entirety and construed together, not piecemeal.” (citing Donovick v. Seattle-First Nat'l Bank, 111 Wn.2d 413, 415, 757 P.2d 1378 (1988)). As Judge Pechman noted, CEMA's statutory scheme is “rather labyrinthine.” Wright v. Lyft, 2016 WL 7971290, at *3 (W.D. Wash. Apr. 15, 2016) (court order). The most effective way to navigate this complexity and place RCW 19.190.040 in context is to trace the legislative development of the act and its subsequent amendments.
Since its enactment in 1998, CEMA has been amended three times to increase the scope of prohibited electronic practices. LAWS OF 1999, ch. 289; LAWS OF 2003, ch. 137; LAWS OF 2005, ch. 378. The statute was created to address unwanted e-mail messages referred to as “spam.” FINAL B. REP. ON SECOND ENGROSSED SUBSTITUTE H.B. 1888, 59th Leg., Reg. Sess. (Wash. 2005) (defining “spam”); LAWS OF 1998, ch. 149, § 4 (codified in RCW 19.190.030). Sending a commercial e-mail containing false or misleading information constitutes a “violation of the consumer protection act.” LAWS OF 1998, ch. 149, § 4(1). The statute also established the first three elements of a CPA claim ((1) unfair or deceptive act (2) occurring in trade or commerce that affects (3) the public interest), and included a provision specifying damages to recipients of these improper e-mails. As originally passed, CEMA did not contain language creating a separate cause of action.2
Lawmakers first amended CEMA in 1999. This legislative fix changed little in the original statute. Its most notable effect was to clarify that assisting the transmission of a commercial e-mail violates the CPA.
2003 marked the first substantive amendment to CEMA. Recognizing the rise of unsolicited commercial text messages sent to cell phones, lawmakers sought to “limit the practice.” LAWS OF 2003, ch. 137, § 1. The statute precluded the initiation or facilitation of sending a commercial text message to Washington residents. Id. § 3(1). RCW 19.190.060(2) included an identical legislative finding to RCW 19.190.030(3), the commercial e-mail provision:
that the practices covered by this section are matters vitally affecting the public interest for the purpose of applying the consumer protection act, chapter 19.86 RCW. A violation of this section is not reasonable in relation to the development and preservation of business and is an unfair or deceptive act in trade or commerce and an unfair method of competition for the purpose of applying the consumer protection act, chapter 19.86 RCW.
The damages provision in RCW 19.190.040 was amended to include “commercial electronic text message[s].” Id. § 5. Again, the legislature did not include an express cause of action.
The third and final amendment to CEMA occurred in 2005. In this amendment, the legislature added protections against the practice of “phishing.” See FINAL B. REP. ON SECOND ENGROSSED SUBSTITUTE H.B. 1888, at 1-2 (defining “phishing”); LAWS OF 2005, ch. 378, § 2. “Phishing” generally refers to Internet activity using fraudulent e-mails and websites to induce someone to reveal personally identifying information under false pretenses.
The 2005 amendment is the first instance in which the legislature specifically recognized a “civil action” for violations of CEMA:
A person who is injured under this chapter may bring a civil action in the superior court to enjoin further violations, and to seek up to five hundred dollars per violation, or actual damages, whichever is greater. A person who seeks damages under this subsection may only bring an action against a person or entity that directly violates [RCW 19.190.080].
LAWS OF 2005, ch. 378, § 3 (emphasis added) (codified in RCW 19.190.090(1)).
Judge Pechman opined on RCW 19.190.090 in this case. Wright, 2016 WL 7971290, at *4. In her ruling on Lyft's motion to dismiss, Judge Pechman adopted Judge Lasnik's analysis of the provision as set out in Gragg v. Orange Cab Company, Inc., 145 F. Supp. 3d 1046, 1050-53 (W.D. Wash. Nov. 9, 2015). RCW 19.190.090(1) allows anyone injured “under this chapter” to bring a civil action to enjoin further violations and seek certain damages. Standing alone, this sentence implies a direct civil action was created for any violation of the chapter, including e-mails and, notably, text messages. Id. However, Judge Pechman further explained that the next sentence in the statute says that “ ‘[a] person who seeks damages under this subsection may only bring an action against a person or entity that directly violates RCW 19.190.080 (i.e., the phishing statute).’ ” Wright, 2016 WL 7971290, at *4 (alteration in original) (quoting RCW 19.190.090(1)). Thus, now a plaintiff cannot bring a civil action if injured under the chapter unless he or she is a victim of phishing under RCW 19.190.080. Id. To resolve this tension, Judge Lasnik reasoned, and Judge Pechman accepted, that the 2005 amendment created a cause of action for money damages limited to phishing. Id. We agree.
Turning to the first certified question, the plain language of CEMA's liquidated damages provision provides the answer. RCW 19.190.040 does not create a private cause of action. The provision itself contains no language concerning a cause of action. RCW 19.190.040. Nor did the legislature include a cause of action in the original 1998 legislation or in the 2003 amendment prohibiting unsolicited text messages. Instead, the plain language indicates it was the legislature's intent for CEMA violations to be brought under the CPA. LAWS OF 1998, ch. 149, § 4 (stating violations of the act constituted “violation[s] of the consumer protection act”).
Washington lawmakers did not create any cause of action until 2005. The 2005 amendment shows the legislature knew how to institute a cause of action and how to circumscribe its scope. This amendment did not alter CEMA's text message provision to recognize a cause of action therein, nor did it contain language including text message violations in a phishing claim. We presume the legislature means exactly what it says. Davis v. Dep't of Licensing, 137 Wn.2d 957, 964, 977 P.2d 554 (1994) (quoting State v. McCraw, 127 Wn.2d 281, 288, 898 P.2d 838 (1995)). Omissions are deemed to be exclusions. In re Det. of Williams, 147 Wn.2d 476, 491, 55 P.3d 597 (2002); see also Landmark Dev., Inc. v. City of Roy, 138 Wn.2d 561, 571, 980 P.2d 1234 (1999) (“the expression of one is the exclusion of the other”). CEMA's plain language demonstrates a direct cause of action for money damages exits only for phishing violations.
Alternatively, Wright argues that if a CEMA violation is not actionable under RCW 19.190.040, the statute implies a cause. For the following reasons, we disagree.
To determine whether the legislature intended to imply a private right of action, a reviewing court applies a three-part test established in Bennett v. Hardy, 113 Wn.2d 912, 920-21, 784 P.2d 1258 (1990). First, we determine whether the plaintiff is within the class for whose “especial” benefit the statute was enacted; second, whether the explicit or implicit legislative intent supports creating or denying a remedy; and third, whether implying a remedy is consistent with the underlying purpose of the legislation. Id.
Even assuming Wright falls within the protected class of the statute, he cannot meet the additional Bennett factors. Id. at 921. As discussed above, CEMA's plain language demonstrates the legislature's intent that the recipient of unsolicited text messages bring a CPA claim. This legislative intent does not support creating a remedy where one already exists. CEMA does not imply a cause of action here.
RCW 19.190.040 does not create an independent cause of action for monetary damages under CEMA. The plain language of chapter 19.190 RCW provides a direct cause of action with damages limited to phishing violations. RCW 19.190.090. The statute similarly does not imply a cause of action for monetary damages aside from phishing violations.3 Importantly, a recipient of unsolicited commercial text messages is not bereft of legal remedy—he or she may pursue redress under the CPA. We therefore answer no to the first certified question.
2. Injury and Causation under the CPA
The CPA prohibits unfair methods of competition and unfair or deceptive trade or commerce acts. RCW 19.86.020. A person injured in his or her business or property by a violation of this act may bring a civil suit for injunctive relief, actual damages, attorney fees, and up to treble actual damages. RCW 19.86.090.
This court has concluded that a CPA claimant must establish five elements: (1) an unfair or deceptive act or practice (2) in trade or commerce (3) that affects the public interest, (4) injury to plaintiff's business or property, and (5) causation. Hangman Ridge Stables, Inc. v. Safeco Title Ins. Co., 105 Wn.2d 778, 780, 719 P.2d 531 (1986).
Here, Lyft and Wright do not dispute that transmission of a text message in violation of CEMA establishes the first three elements of a CPA claim. See, e.g., Lyft, Inc.'s Opening Br. at 24-25 (citing RCW 19.190.060). They disagree whether RCW 19.190.040 establishes the injury and causation elements.
Thus, the second certified question asks if CEMA's liquidated damages provision, RCW 19.190.040, establishes the causation and/or injury elements of a CPA claim as a matter of law or if the recipient of a text in violation of CEMA must prove injury in fact prior to receiving damages. Am. Order Granting Stipulated Mot. to Certify to Wash. Supreme Ct. at 1-2.
The plain language of RCW 19.190.040 does not definitively resolve the issue. It states:
(1) Damages to the recipient of a commercial electronic mail message or a commercial electronic text message sent in violation of this chapter are five hundred dollars, or actual damages, whichever is greater.
(2) Damages to an interactive computer service resulting from a violation of this chapter are one thousand dollars, or actual damages, whichever is greater.
RCW 19.190.040. This is the complete text of the damages provision. It does not mention injury or causation. The provision does not indicate these elements are replaced, so Lyft urges us to read the section as requiring a CPA plaintiff to prove both to bring a successful claim. Lyft would like the inquiry to end here. But doing so ignores the converse, more reasonable, reading of RCW 19.190.040—the provision does not condition the award of damages on proving either injury or causation. In fact, damages for CEMA violations are automatic. It is nonsensical for the legislature to write a damages provision free of preconditions, only for this court to read in elements that lawmakers did not include. Indeed, our canons of statutory construction warn against such an interpretation. State v. Delgado, 148 Wn.2d 723, 727, 63 P.3d 792 (2003) (reviewing courts cannot add words or clauses to a statute when the legislature has chosen not to include that language).
Though both Wright and Lyft advance arguably reasonable readings of the provision, Wright prevails in this case. Where two interpretations of statutory language are equally reasonable, our canons of construction direct us to adopt “the interpretation which better advances the overall legislative purpose.” Weyerhaeuser Co. v. Dep't of Ecology, 86 Wn.2d 310, 321, 545 P.2d 5 (1976).
In amending CEMA to preclude unsolicited text messages, the legislature recognized
[t]hat the number of unsolicited commercial text messages sent to cellular telephones and pagers is increasing. This practice is raising serious concerns on the part of cellular telephone and pager subscribers. These unsolicited messages often result in costs to the cellular telephone and pager subscribers in that they pay for use when a message is received through their devices. The limited memory of these devices can be exhausted by unwanted text messages resulting in the inability to receive necessary and expected messages.
The legislature inten[d]s to limit the practice of sending unsolicited commercial text messages to cellular telephone or pager numbers in Washington.
LAWS OF 2003, ch. 137, § 1 (emphasis added).
Elsewhere in CEMA's statutory scheme, the legislature made sending spam e-mail a per se violation of the CPA. RCW 19.190.030(1) (“It is a violation of the consumer protection act, chapter 19.86 RCW,․ to initiate the transmission of a commercial electronic mail message”). RCW 19.190.060 contains identical language to .030 that declares practices covered under the sections to be violations of the CPA. Puzzlingly, no “per se violation” phrase was included in the text message provision. Compare RCW 19.190.060, with RCW 19.190.030(1). Lyft argues the lack of this phrase in RCW 19.190.060 is purposeful. Functionally, however, there is no indication in RCW 19.190.060 and .030(1) that the legislature intended to regulate text messages and e-mails differently. See Gragg, 145 F. Supp. 3d at 1053. To the extent this intent is unclear, the bill report on House Bill 2007, which enacted the prohibition on unsolicited text messages, reveals that “[a] violation of the commercial electronic text messaging law provides penalties similar to those for commercial e-mail messages. A recipient of a commercial electronic text message ․ may bring a civil action against a sender.” FINAL B. REP. ON SUBSTITUTE H.B. 2007, at 2, 58th Leg., Reg. Sess. (Wash. 2003); Anthis v. Copland, 173 Wn.2d 752, 756, 270 P.3d 574 (2012) (“If the statute is still ‘susceptible to more than one reasonable interpretation, then a court may resort to statutory construction, legislative history, and relevant case law for assistance in discerning legislative intent.’ ” (quoting Christensen v. Ellsworth, 162 Wn.2d 365, 373, 173 P.3d 228 (2007))).
Lyft also appears to contend that liability under CEMA turns on whether a cell phone user can demonstrate injury, primarily pecuniary loss. For example, receiving an unsolicited text messages on a prepaid or limited cell phone plan could constitute injury while receipt of a text on an unlimited data plan would not. But the legislature did not delineate between these specific types of injuries. The statute at issue reflects lawmaker's intent to limit the practice of sending any unsolicited commercial text messages because they cause injury to consumers by using limited data and memory of mobile devices and interrupting receipt of necessary and expected messages. See RCW 19.190.060.
Taken together, RCW 19.190.040's automatic damages language, the legislative intent to limit the practice of sending unsolicited commercial text messages, and the legislative intent to treat text messages in the same manner as spam e-mail weigh against requiring a CEMA plaintiff to independently prove injury and causation. Weyerhaeuser Co., 86 Wn.2d at 321.
Modem cell phone users likely receive few unsolicited commercial text messages over the course of a day. State legislatures achieved the current, relatively “spam-free” world by encouraging actors to refrain from sending unwanted electronic messages and providing a mechanism of enforcement. As the Attorney General's Office points out, requiring proof of injury and causation increases the burden on private consumers bringing CPA claims and would likely diminish CEMA's deterrent effect. Br. of Amicus Curiae Att'y Gen. at 17-18; see also State v. McDougal, 120 Wn.2d 334, 351, 841 P.2d 1232 (1992) (the court should avoid an interpretation that “produce[s] an absurd and unjust result and would clearly be inconsistent with the purposes and policies of the act in question.” (quoting NORMAN J. SINGER, 2A STATUTES AND STATUTORY CONSTRUCTION § 45:12 (4th ed. 1984))).
As previously noted, the questions before this court were certified after the federal trial court declined to dismiss Wright's CEMA and CPA claims. Whether Wright is ultimately successful proving Lyft violated RCW 19.190.060 by sending an unsolicited commercial text message is a question of fact to be determined at the district court.
We conclude that RCW 19.190.040 establishes the injury and causation elements of a CPA claim as a matter of law. The answer to the second certified question is yes.
RCW 19.190.040 does not provide an independent cause of action for monetary damages. The plain language of chapter 19.190 RCW creates a private cause for money damages for phishing violations. We answer no to the first certified question.
Though the plain language of RCW 19.190.040 offers two arguably reasonable answers to whether the provision establishes injury and causation for CPA claims, the overall purpose of CEMA and its legislative intent indicate both elements are established. We answer yes to the second certified question.
1. The message appeared to originate from Wright's contact, “Jo Ann C.” The message read:“Jo Ann C. sent you a free Lyft ride worth $25. Claim it at http://lyft.com/getapp/MD15M215.”Lyft, Inc.'s Opening Br. at 7.
2. The legislative history supports the plain language. A bill report on CEMA's 1998 enacting statute explains that a sender using false or misleading e-mail message violates the CPA and in doing so, the “recipient of the commercial electronic mail message may bring a civil action against the sender.” FINAL B. REP. ON ENGROSSED SUBSTITUTE H.B. 2752, at 2, 55th Leg., Reg. Sess. (Wash. 1998).
3. While an action for monetary damages is limited to phishing, we note that a plaintiff may bring an action to enjoin any CEMA violation. RCW 19.190.090(1) (“A person who is injured under this chapter may bring a civil action in the superior court to enjoin further violations.” (emphasis added)).