Here is the text of the Law360 story:

Facebook Hack Alerts Caused Harm, TCPA Suit Leader Says

By Steven Trader
June 28, 2016

The man accusing Facebook of violating the Telephone Consumer Protection Act by allegedly bombarding him with unauthorized text message alerts told a California federal judge on Monday that he suffered real harm and that Facebook’s system constitutes an autodialer, despite the company’s arguments that the proposed class action should be nixed.

Noah Duguid says he suffered actual harm in the form of aggravation and interfered-with cellphone services after the social media giant sent him numerous automated “login notification” and “login approval” messages via text — security features designed to let Facebook users know when their account has been accessed from a different place. The problem is Duguid doesn’t have a Facebook account, never authorized those messages and was ignored by the company when he asked them to stop.

His proposed $5 million privacy class action was nixed once already this year after a California federal judge in March was unconvinced by his allegation that Facebook’s texts were sent using an automatic telephone dialing system (ATDS).

Duguid filed an amended complaint in mid-April, but Facebook argued late last month that he still had not presented any facts supporting his claim the messages were sent through an ATDS. What’s more, the U.S. Supreme Court’s May ruling in Spokeo v. Robins, which found that mere technical statutory violation accusations without actual harm won’t cut it, should also lead to the dismissal of Duguid’s suit.

Duguid struck back Monday, saying he had addressed the court’s previous issue with his complaint head-on. This time around, he alleges specifically that Facebook stored telephone numbers, including his own, in a database, and then sent those numbers template-based login notifications automatically without human intervention, which is exactly what an ADTS encompasses.

What’s more, Facebook’s system also has the capacity to sequentially and randomly dial, or that capacity could be added, and the Federal Communication Commission held in a 2015 TCPA order that the capacity of an ATDS “is not limited to its current configuration but also includes its potential functionalities,” Duguid argued.

As for Facebook’s contention that the Spokeo ruling requires dismissal, Duguid argued that his allegations contain both tangible and intangible harms that would satisfy the high court’s ruling.

For starters, he suffered economic harm in the form of used-up and interfered-with cellular telephone services for which he pays. What’s more, he alleges being “frustrated with Facebook’s text message bombardment” because he was forced to spend time asking the social media giant to stop. Finally, Facebook committed “extreme invasions into the privacy of American consumers,” including himself, which has traditionally been regarded as providing the basis of a suit, Duguid said.

The Montana resident first launched his proposed privacy class action in March 2015, claiming that Facebook started texting him the warning messages the previous year, even though he doesn’t have an account. Duguid alleged that he sent Facebook a number of emails complaining about the messages, but kept receiving automated replies telling him to log into his account to report the problem.

“Facebook operates a sloppy system and in doing so shows complete disregard for the privacy of consumers,” Duguid had written.

Still, even if the system is poorly run, Duguid hadn’t suggested that Facebook sends text messages en masse to randomly or sequentially generated numbers, U.S. District Judge Jon Tigar found in March, axing the suit but granting leave to amend.

Duguid filed his fixed complaint in late April, outlining how Facebook had acquired his number, stored it in a database connected to its telephone or computer system, and then used its system to sent text messages to his cellphone automatically, without human intervention. The messages from Facebook were not placed for “emergency purposes,” Duguid contended.

Facebook disagreed, writing back in its May 27 dismissal motion that its login messages fell squarely within the TCPA’s broad exception for any “calls made for emergency purposes.” Duguid on Monday though said those exceptions related to messages like Amber alerts or natural disaster warnings, not login texts.

“If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck,” Sergei Lemberg of Lemberg Law LLC, an attorney for Duguid, told Law360 via email Tuesday.

Representatives for Facebook didn’t immediately return a request for comment.

Facebook is represented by Andrew B. Clubok, Carrie J. Bodner, Elizabeth L. Deeley and Susan E. Engel of Kirkland & Ellis LLP.

Duguid is represented by Trinette Kent, Sergei Lemberg and Stephen Taylor of Lemberg Law LLC.

The case is Noah Duguid et al. v. Facebook Inc., case number 3:15-cv-00985, in the U.S. District Court for the Northern District of California.