`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`IN THE UNITED STATES DISTRICT COURT
`
`FOR THE DISTRICT OF OREGON
`
`IN RE: INTEL CORP. CPU MARKETING,
`SALES PRACTICES AND PRODUCTS
`LIABILITY LITIGATION
`______________________________________
`
`This Document Relates to All Actions.
`
`
`
`Case No. 3:18-md-2828-SI
`
`OPINION AND ORDER GRANTING
`MOTION TO DISMISS WITH LEAVE
`TO AMEND
`
`Christopher A. Seeger, SEEGER WEISS LLP, 55 Challenger Road, Ridgefield Park, NJ 07660;
`Rosemary M. Rivas, GIBBS LAW GROUP LLP, 505 14th Street, Suite 1110, Oakland, CA 94612;
`Steve D. Larson and Jennifer S. Wagner, STOLL STOLL BERNE LOKTING & SHLACHTER PC, 209
`SW Oak Street, Suite 500, Portland, OR 97204; Gayle M. Blatt, CASEY GERRY SCHENK
`FRANCAVILLA BLATT & PENFIELD LLP, 110 Laurel Street, San Diego, CA 92101; Stuart A.
`Davidson, ROBBINS GELLER RUDMAN & DOWD LLP, 120 East Palmetto Park Road, Suite 500
`Boca Raton, FL 33432; Melissa R. Emert, KANTROWITZ, GOLDHAMER & GRAIFMAN, P.C., 747
`Chestnut Ridge Road, Suite 200, Chestnut Ridge, NY 10977; Richard M. Hagstrom, HELLMUTH
`& JOHNSON PLLC, 8050 West 78th Street, Edina, MN 55439; Jennifer L. Joost, KESSLER TOPAZ
`MELTZER & CHECK LLP, One Sansome Street, Suite 1850, San Francisco, CA 94104; Adam J.
`Levitt, DICELLO LEVITT & CASEY LLC, Ten North Dearborn Street, 11th Floor, Chicago, IL
`60602; and Charles E. Schaffer, LEVIN SEDRAN & BERMAN LLP, 510 Walnut Street, Suite 500,
`Philadelphia, PA 19106. Of Attorneys for Plaintiffs.
`
`Daniel F. Katz, David S. Kurtzer-Ellenbogen, David Krinsky, and Samuel Bryant Davidoff,
`WILLIAMS & CONNOLLY LLP, 725 Twelfth Street NW, Washington, D.C. 20005; and Steven T.
`Lovett and Rachel C. Lee, STOEL RIVES LLP, 760 SW Ninth Avenue, Suite 3000, Portland, OR
`97205. Of Attorneys for Defendant.
`
`
`PAGE 1 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 2 of 31
`
`
`
`Michael H. Simon, District Judge.
`
`In this multidistrict proceeding, Plaintiffs bring a putative nationwide class action against
`
`Defendant Intel Corporation (Intel) relating to certain security vulnerabilities in Intel’s
`
`microprocessors. Plaintiffs allege that Intel knew for decades about certain design defects in its
`
`microprocessors that created security vulnerabilities and that Intel failed to disclose or mitigate
`
`these vulnerabilities. Plaintiffs further allege that the ways in which these security vulnerabilities
`
`could be exploited became publicly known beginning in January 2018, with new ways
`
`continuing to be discovered and publicized. These forms of exploit have become generally
`
`known as “Spectre,” “Meltdown,” “Foreshadow,” “ZombieLoad,” “SwapGS,” “RIDL,”
`
`“LazyFP,” “CacheOut,” and “Vector Register Sampling,” among others. Plaintiffs contend that
`
`until Intel fixes the alleged defects at the hardware level, additional ways to exploit these security
`
`vulnerabilities will likely continue to be discovered.
`
`Intel previously moved to dismiss this action, and the Court granted that motion with
`
`leave to amend. See In re Intel Corp. CPU Mktg., Sales Practices & Prod. Liab. Litig., No. 3:18-
`
`MD-2828-SI, 2020 WL 1495304 (D. Or. Mar. 27, 2020). Plaintiffs then filed an Amended
`
`Consolidated Class Action Allegation Complaint (Amended Complaint) (ECF 181), and Intel has
`
`moved against that pleading. In their Amended Complaint, Plaintiffs allege that Intel’s
`
`processors have two primary design defects. First, the design of the processors heightens the risk
`
`of unauthorized access to protected memory secrets. Second, the design does not completely
`
`delete, or undo, the memory’s recent retrieval of those secrets, also increasing the risk of
`
`unauthorized access. Plaintiffs contend that these design defects create security vulnerabilities
`
`that could lead to a breach of confidential data. Plaintiffs also allege that Intel cannot fix these
`
`defects after-the-fact, and that the software patches created or distributed by Intel to mitigate
`
`these defects substantially diminish the speed of Intel’s processors.
`
`PAGE 2 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 3 of 31
`
`
`
`Based on the alleged defects and Intel’s allegedly inadequate and untimely disclosures
`
`and responses, Plaintiffs assert the following nationwide class claims: (1) fraud by concealment
`
`or omission; (2) breach of California’s Consumers Legal Remedies Act (CLRA), Cal. Civ. Code
`
`§§ 1750, et seq.; (3) breach of California’s Unfair Competition Law (UCL), Cal. Bus. & Prof.
`
`Code §§ 17200, et seq.; (4) breach of California’s False Advertising Law (FAL), Cal. Bus. &
`
`Prof. Code §§ 17500, et seq.; and (5) unjust enrichment, or quasi-contract. Plaintiffs also assert
`
`separate state subclass claims for each state except California, Kentucky, and Massachusetts,
`
`plus the District of Columbia, under each jurisdiction’s deceptive or unfair trade practices act or
`
`consumer protection law. Plaintiffs seek both money damages and injunctive relief.
`
`Against the Amended Complaint, Intel challenges Plaintiffs’ nationwide class claims,
`
`Counts I-V, which Intel argues under California law.1 Intel asserts that Plaintiffs fail to state a
`
`claim for fraud and that Plaintiffs may not pursue equitable remedies under California statutes
`
`because Plaintiffs allege legal remedies. Intel also contends that Plaintiffs fail to state a claim for
`
`unfair or unlawful trade practices and for unjust enrichment or quasi-contract. Intel also
`
`challenges Plaintiffs’ state subclass claims. Intel argues that Plaintiffs fail to state a claim for any
`
`of the six bellwether state counts that the parties agreed to litigate in the pending motion.2 For the
`
`reasons explained below, the Court grants Intel’s motion to dismiss the Amended Complaint.
`
`
`1 Intel adds that it reserves the right to argue at a later time that California law does not
`govern claims asserted by persons who are not residents of California.
`
`2 The parties chose Plaintiffs’ claims under the Florida Deceptive and Unfair Trade
`Practices Act (FDUTPA), the Illinois Consumer Fraud and Deceptive Business Practices Act
`(ICFA), the New Jersey Consumer Fraud Act, (NJCFA), the New York General Business Law
`(NYGBL), the Ohio Consumer Sales Practices Act (OCSPA), and the Texas Deceptive Trade
`Practices Act (TDTPA).
`
`PAGE 3 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 4 of 31
`
`
`
`STANDARDS
`
`A motion to dismiss for failure to state a claim may be granted only when there is no
`
`cognizable legal theory to support the claim or when the complaint lacks sufficient factual
`
`allegations to state a facially plausible claim for relief. Shroyer v. New Cingular Wireless Servs.,
`
`Inc., 622 F.3d 1035, 1041 (9th Cir. 2010). In evaluating the sufficiency of a complaint’s factual
`
`allegations, the court must accept as true all well-pleaded material facts alleged in the complaint
`
`and construe them in the light most favorable to the non-moving party. Wilson v. Hewlett-
`
`Packard Co., 668 F.3d 1136, 1140 (9th Cir. 2012); Daniels-Hall v. Nat’l Educ. Ass’n, 629
`
`F.3d 992, 998 (9th Cir. 2010). To be entitled to a presumption of truth, allegations in a complaint
`
`“may not simply recite the elements of a cause of action, but must contain sufficient allegations
`
`of underlying facts to give fair notice and to enable the opposing party to defend itself
`
`effectively.” Starr v. Baca, 652 F.3d 1202, 1216 (9th Cir. 2011). The court must draw all
`
`reasonable inferences from the factual allegations in favor of the plaintiff. Newcal Indus. v. Ikon
`
`Office Sol., 513 F.3d 1038, 1043 n.2 (9th Cir. 2008). The court need not, however, credit the
`
`plaintiff’s legal conclusions couched as factual allegations. Ashcroft v. Iqbal, 556 U.S. 662, 678-
`
`79 (2009).
`
`A complaint must contain sufficient factual allegations to “plausibly suggest an
`
`entitlement to relief, such that it is not unfair to require the opposing party to be subjected to the
`
`expense of discovery and continued litigation.” Starr, 652 F.3d at 1216. “A claim has facial
`
`plausibility when the plaintiff pleads factual content that allows the court to draw the reasonable
`
`inference that the defendant is liable for the misconduct alleged.” Iqbal, 556 U.S. at 678 (citing
`
`Bell Atl. Corp. v. Twombly, 550 U.S. 544, 556 (2007)). “The plausibility standard is not akin to a
`
`probability requirement, but it asks for more than a sheer possibility that a defendant has acted
`
`PAGE 4 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 5 of 31
`
`
`
`unlawfully.” Mashiri v. Epstein Grinnell & Howell, 845 F.3d 984, 988 (9th Cir. 2017) (quotation
`
`marks omitted).
`
`BACKGROUND
`
`Plaintiffs’ Amended Complaint is 409 pages long and contains 1,544 separately
`
`numbered paragraphs. It contains much technical detail on the many so-called exploits (or ways
`
`in which the security vulnerabilities can be exploited) that have been discovered and become
`
`publicly known during the past three years. The Amended Complaint explains how these security
`
`vulnerabilities affect Intel’s microprocessors, also called “chips” or simply “processors.” It also
`
`details the history of Intel’s chip development and competition with Advanced Micro Devices,
`
`Inc. (AMD). In this section, the Court summarizes the facts most relevant to the pending motion.
`
`Intel manufactures microprocessors. A microprocessor is an integrated electronic circuit
`
`that contains the functions of a central processing unit (CPU) of a computer. The CPU is the
`
`“brains” of the computing device, performing the necessary computations for programs or
`
`applications, such as Microsoft Word, and peripheral devices, such as printers. Each program
`
`communicates with a processor through instructions, with each instruction representing a
`
`calculation or operation that the CPU must execute on behalf of the requesting program. For each
`
`calculation, the CPU “fetches” an instruction from the computer’s memory, “decodes” the
`
`instruction, “executes” it, and, finally, “writes-back” the result. The time that it takes a CPU to
`
`process instructions is measured in “clock cycles.” Each step in the process—fetch, decode,
`
`execute, and write-back—takes at least one clock cycle. The number of clock cycles that a CPU
`
`completes per second is known as the “clock rate.” The speed of a CPU often is measured in
`
`“clock speed.”
`
`Plaintiffs allege that clock speed “is a material attribute for consumers purchasing”
`
`devices, that consumers “really care about speed,” and that “milliseconds matter.” Am. Compl.
`
`PAGE 5 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 6 of 31
`
`
`
`¶¶ 454, 683, 687 (emphasis in original). Intel markets its microprocessors as having faster clock
`
`speed than the processors of its competitors (including AMD) and charges a premium for its
`
`fastest processors. To obtain higher clock speed, modern processors usually implement two
`
`techniques—branch prediction and speculative execution. These techniques allow the CPU to
`
`predict what actions might be needed, perform those actions “out of order,” and later reconcile
`
`what actions were needed versus what actions were not needed and may be discarded. The CPU
`
`then properly orders the actions that were needed.
`
`Plaintiffs allege that Intel’s design implements branch prediction, speculative execution,
`
`out-of-order execution, and an unsecured cache subsystem in a way that contains the two alleged
`
`defects. The first alleged defect (Unauthorized Access) creates windows of time during which an
`
`unauthorized user could have the processor allow unnecessary or unauthorized memory access to
`
`copies of sensitive or privileged data. This essentially allows the return of “secrets” to a
`
`“transient instruction.” The second alleged defect (Incomplete Undo) allows the accessed
`
`privileged information (or data about that privileged information sufficient to allow an
`
`unauthorized user to retrieve the privileged information) to remain in the CPU’s cache after the
`
`mistaken or unauthorized access is discovered during the “reconciliation” step.
`
`Processors contain, among other things, an “instruction set” and “microarchitecture.” The
`
`instruction set serves as an interface between a computer’s software and hardware. The
`
`microarchitecture governs the various parts of the processor and how they work together to
`
`implement the instruction set. Plaintiffs describe the history of Intel’s chip development,
`
`including its changes in microarchitecture and instruction sets, which the Court need not
`
`summarize here. It is enough to say that Intel designed different privilege levels in its instruction
`
`set in its 1982 processor that protect a computer’s most privileged information. In 1985 Intel
`
`PAGE 6 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 7 of 31
`
`
`
`improved the functionality of key aspects of this design—protected mode and virtual memory.
`
`Plaintiffs allege that all modern processors use these functionalities. Plaintiffs also allege that
`
`when Intel incorporated branch prediction and speculative execution in its chips in 1996 with its
`
`P6 architecture, Intel’s chips did not return “real values” but instead returned a random number,
`
`which was the way that AMD processors worked. Plaintiffs allege that this type of processor is
`
`not vulnerable to most of the security exploits that have been recently discovered, except for
`
`Spectre.
`
`Plaintiffs allege that in July 1999 AMD “took the ‘speed crown’” for developing a faster
`
`processor than Intel. Plaintiffs describe Intel and AMD’s ongoing competition and speed “wars,”
`
`and allege that Intel faced product and market difficulties for a few years. Plaintiffs allege that
`
`these problems led to Intel designing and releasing in 2006 a new chip based on a new
`
`microarchitecture that went back to its P6 microarchitecture. This new microarchitecture was
`
`called “Core.” The Core chips increased the use of out-of-order execution, speculative execution,
`
`branch prediction, and cache subsystems, and significantly increased clock speed. According to
`
`Plaintiffs, Core, unlike P6, uses an allegedly unsafe practice of returning “real values” instead of
`
`dummy, or random, values, thereby creating the Intel-only Unauthorized Access defect. Thus,
`
`allege Plaintiffs, Intel made critical design choices with Core to focus on improving clock speed
`
`to the detriment of security.
`
`Plaintiffs assert that the two alleged defects, resulting from Intel’s decision to prioritize
`
`processing speed rather than security, make users’ confidential information more susceptible to
`
`cache timing “side-channel attacks.” Side-channel attacks are based on information gleaned from
`
`operating the computer system and are not reliant on software bugs. Plaintiffs allege that the
`
`Unauthorized Access defect has existed since 2006, and the Incomplete Undo defect has been
`
`PAGE 7 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 8 of 31
`
`
`
`present for at least 20 years. Plaintiffs also allege that Intel knew that its processors had
`
`increased vulnerability to cache timing side-channel attacks resulting from these two alleged
`
`design defects. Plaintiffs further allege that the fact that Intel’s processors were susceptible to
`
`cache timing side-channel attacks was described in highly technical literature and in Intel’s
`
`patent filings beginning in the mid-1990s. Plaintiffs describe the various articles, white papers,
`
`and patent filings containing this information.
`
`Starting in 2017, independent research teams began discovering specific processor
`
`security vulnerabilities. Plaintiffs describe these as “exploits” of the alleged defects. According
`
`to Plaintiffs, the alleged defects created the security vulnerabilities that allowed the exploits to
`
`occur. In April 2017, researchers discovered the first of a series of exploits, known as “Spectre,”
`
`which comes from “speculative execution.” Spectre allows for unauthorized access within the
`
`same process based on branch prediction. Spectre broadly affects processors across
`
`manufacturers.
`
`In July 2017, researchers discovered Meltdown, an exploit that takes advantage of both
`
`Unauthorized Access and Incomplete Undo. In January 2018, a third exploit, Foreshadow, was
`
`discovered. Foreshadow also takes advantage of both Unauthorized Access and Incomplete
`
`Undo. Later in 2018, researchers discovered an exploit named “SwapGS,” which was not
`
`publicly disclosed until August 2019. Plaintiffs allege that only Intel-designed chips are
`
`susceptible to SwapGS. Also in 2018, researchers began revealing a new series of exploits,
`
`categorized by Intel as “microarchitectural data sampling” or “MDS” exploits. These include
`
`RIDL (Rogue in Flight Data Load), ZombieLoad, Fallout, and CacheOut. These exploits have
`
`been described as “powerful.” The MDS exploits obtain sensitive information “in flight” versus
`
`PAGE 8 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 9 of 31
`
`
`
`in the cache. MDS exploits have been revealed in 2019 (LazyFP) and 2020 (CacheOut and
`
`Snoop-Assisted L1).
`
`Plaintiffs assert that the many discovered security exploits “take advantage” of the two
`
`alleged defects in Intel’s chip design. In January 2018, it was publicly revealed that Intel’s
`
`microprocessors were vulnerable to the first of these security risks. Plaintiffs allege that the
`
`microprocessors made by AMD and other competitors of Intel are not vulnerable to any of these
`
`alleged exploits other than Spectre. Plaintiffs also allege that other than Spectre, the exploits
`
`result from Intel’s specific microprocessor design choices. Spectre, on the other hand, is a
`
`widespread vulnerability that allegedly arises from speculative execution and branch prediction,
`
`as it generally is applied in chips and is shared by other microprocessor designs.
`
`Plaintiffs do not allege that they, or anyone else, have had their computers breached or
`
`that any data has been compromised as a result of any of the alleged defects in Intel’s CPUs,
`
`through Spectre, Meltdown, Foreshadow, or any similar exploitation of the alleged defects.
`
`Plaintiffs allege, however, that the exploits have been “weaponized ‘in the wild’” and already
`
`have associated malware. Plaintiffs add that that any breach that may result in the future from
`
`any of these exploits would be undetectable.
`
`Plaintiffs also allege that Intel’s mitigation efforts, including providing software patches,
`
`leave consumers more susceptible to future security breaches, caused Plaintiffs to spend time and
`
`effort researching and implementing multiple mitigation techniques, caused freezing, crashing,
`
`and other computer performance problems, and have significantly reduced the speed or other
`
`performance features of Intel’s CPUs. Plaintiffs contend that Intel has caused damage in the form
`
`of diminished value of Plaintiffs’ computing devices and caused Plaintiffs to be deprived of the
`
`benefit of their bargain. Plaintiffs also assert that they would not have purchased Intel’s CPUs or
`
`PAGE 9 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 10 of 31
`
`
`
`would not have paid as high a price as they paid if Plaintiffs had known about the alleged defects
`
`in the Intel microprocessors that created the alleged security vulnerabilities.
`
`DISCUSSION
`
`A. Nationwide Claims—Fraud and the California Statutes that Sound in Fraud
`
`Plaintiffs’ fraud claim alleges only concealment and omission, not affirmative
`
`misrepresentation. Intel argues that Plaintiffs have not stated a claim for fraud, and thus have not
`
`stated a claim under the CLRA, FAL, or the “fraud” prong of the UCL. Intel contends that
`
`Plaintiffs have not alleged: (1) a defect with allegations that comply with Rule 9(b) of the
`
`Federal Rules of Civil Procedure; (2) materiality; (3) reliance; or (4) a duty to disclose.3 Because
`
`the Court concludes that Plaintiffs have not adequately alleged a duty to disclose, which is
`
`required for claims alleging concealment or omission, the Court need not address Intel’s other
`
`arguments regarding fraud.
`
`1. Standards
`
`Plaintiffs argue that they have sufficiently alleged material omissions to support claims
`
`under California’s FAL, CLRA, and the fraud prong of the UCL. The CLRA prohibits “unfair
`
`methods of competition and unfair or deceptive acts or practices undertaken by any person in a
`
`transaction intended to result or that results in the sale or lease of goods or services to any
`
`consumer.” Cal. Civ. Code § 1770. The UCL prohibits any “unlawful, unfair or fraudulent
`
`business act or practice and unfair, deceptive, untrue, or misleading advertising.” Cal. Bus. &
`
`Prof. Code § 17200. The FAL prohibits “untrue or misleading” statements in connection with the
`
`sale of real or personal property or the provision of services. Cal. Bus. & Prof. Code § 17500.
`
`
`3 Intel also argues that Plaintiffs fail to adequately allege a nationwide claim of
`affirmative misrepresentation. Plaintiffs, however, do not assert such a claim and confirmed at
`oral argument that they are not alleging a nationwide claim of affirmative misrepresentation.
`
`PAGE 10 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 11 of 31
`
`
`
`These statutes “rely on the same objective test, that is, whether ‘members of the public are likely
`
`to be deceived.’” Bruno v. Quten Rsch. Inst., LLC, 280 F.R.D. 524, 532 (C.D. Cal. 2011)
`
`(quoting In re Tobacco II Cases, 46 Cal. 4th 298, 312 (2009)). For these claims, a plaintiff must
`
`“show not only that a defendant’s conduct was deceptive but that the deception caused them
`
`harm,” which requires a showing of reliance. Mass. Mut. Life Ins. Co. v. Superior Ct., 97 Cal.
`
`App. 4th 1282, 1292 (2002), as modified on denial of reh’g (May 29, 2002).
`
`Plaintiffs also allege common law fraud by concealment or omission. Under California
`
`law, to be liable for fraudulent concealment, “(1) the defendant must have concealed or
`
`suppressed a material fact, (2) the defendant must have been under a duty to disclose the fact to
`
`the plaintiff, (3) the defendant must have intentionally concealed or suppressed the fact with the
`
`intent to defraud the plaintiff, (4) the plaintiff must have been unaware of the fact and would not
`
`have acted as he did if he had known of the concealed or suppressed fact, and (5) as a result of
`
`the concealment or suppression of the fact, the plaintiff must have sustained damage.” Linear
`
`Tech. Corp v. Applied Materials, Inc., 152 Cal. App. 4th 115, 131 (2007). To state a claim for
`
`fraudulent omission, a plaintiff need not show purposeful suppression or concealment, however,
`
`a plaintiff must allege “an omission of a fact the defendant was obliged to disclose.” Daugherty
`
`v. Am. Honda Motor Co., Inc., 144 Cal. App. 4th 824, 835 (2006). Additionally, a plaintiff “must
`
`sufficiently allege that a defendant was aware of a defect at the time of sale.” Wilson, 668 F.3d
`
`at 1145.
`
`Under the California statutes at issue and common law, an omission is actionable “if the
`
`omitted fact is (1) contrary to a [material] representation actually made by the defendant or (2) is
`
`a fact the defendant was obliged to disclose.” Gutierrez v. Carmax Auto Superstores Cal., 19
`
`Cal. App. 5th 1234, 1258 (2018) (alteration in original) (quotation marks omitted) (quoting
`
`PAGE 11 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 12 of 31
`
`
`
`Daugherty, 144 Cal. App. 4th at 835). The omitted fact also must be material. See id. at 1256.
`
`Something is material “if a reasonable consumer would deem it important in determining how to
`
`act in the transaction at issue.” Id. at 1258.
`
`In this case, the Court previously determined that in evaluating whether Intel had a duty
`
`to disclose, the Court would apply California’s “central function” standard the Ninth Circuit
`
`discussed in Hodsdon v. Mars, Inc., 891 F.3d 857 (9th Cir. 2018). Under this standard, a
`
`complaint sufficiently pleads a duty to disclose for an “omission claim when: the plaintiff alleges
`
`that the omission was material; second, the plaintiff must plead that the defect was central to the
`
`product’s function; and third, the plaintiff must allege one of the four LiMandri factors.”
`
`Hodsdon, 891 F.3d at 863 (citing Collins v. eMachines, Inc., 202 Cal. App. 4th 249, 255-58
`
`(2011)). The LiMandri factors are: “(1) when the defendant is in a fiduciary relationship with the
`
`plaintiff; (2) when the defendant had exclusive knowledge of material facts not known to the
`
`plaintiff; (3) when the defendant actively conceals a material fact from the plaintiff; and
`
`(4) when the defendant makes partial representations but also suppresses some material facts.”
`
`LiMandri v. Judkins, 52 Cal. App. 4th 326, 336 (1997) (quoting Heliotis v. Schuman, 181 Cal.
`
`App. 3d 646, 651 (1986)).
`
`2. Omissions and Concealment
`
`In its first motion to dismiss, Intel argued that Plaintiffs failed to allege an actionable
`
`omission because the alleged defects were publicly disclosed in the articles, white papers, and
`
`other documents described in Plaintiffs’ Consolidated Class Action Complaint. The Court found
`
`that the publicly available technical articles and white papers discussed what Plaintiffs
`
`previously alleged was “Flaw Two” (Incomplete Undo) and those discussions rendered that
`
`alleged defect not an omission as that term is used in Plaintiffs’ claims. In re Intel Corp., 2020
`
`WL 1495304, at *16-17.
`
`PAGE 12 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 13 of 31
`
`
`
`Plaintiffs previously asserted that “Flaw One” (Unauthorized Access), which Plaintiffs
`
`described at oral argument as involving in part the fact that Intel retrieved “real values” instead
`
`of “dummy values,” was not revealed in any public discussion and was concealed or suppressed.
`
`Previously, the Court relied heavily on counsel’s assertions that the alleged articles, white
`
`papers, and patent filings did not cover this alleged defect and that it was unknown outside Intel.
`
`As a result, the Court found Plaintiffs had adequately this alleged defect to be an omission
`
`because it was not disclosed in the public articles or white papers. Id.
`
`In the Amended Complaint, Plaintiffs call the alleged defects “Unauthorized Access” and
`
`“Incomplete Undo,” instead of “Flaw One” and “Flaw Two.” Plaintiffs also allege more
`
`technical articles and white papers. In ¶¶ 516-526 of the Amended Complaint, Plaintiffs describe
`
`various articles and white papers discussing security risks and potential flaws of
`
`microprocessors, mainly in Intel chips. These publicly available documents mostly discuss the
`
`microarchitecture of chips that create the risk of cache side channel attacks. Plaintiffs allege that
`
`“research papers describe cache side-channel exploits that exploit Intel’s decision to lessen the
`
`security of its CPUs—while seeking additional performance to further marketing claims—and
`
`thus gain access to kernel memory and other privileged information.” Am. Compl. ¶ 527. One
`
`alleged example is an Intel white paper describing how persons could use a side-channel exploit
`
`against AES cryptographic keys with the ability to “seed the cache” and “identify changes in the
`
`cache.” Id. ¶ 517. In another alleged example, a researcher published a paper in which he used
`
`shared memory caches to retrieve confidential information, and warned Intel about the risk. Id.
`
`¶ 519. Plaintiffs allege that this “is one variation of the same basic theme—an unauthorized actor
`
`exploiting the changes a process causes to the micro-architectural state of a CPU (in particular, a
`
`shared memory cache) in order to acquire another’s information.” Id. Plaintiffs also allege that
`
`PAGE 13 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 14 of 31
`
`
`
`“in various patent filings Intel acknowledged the security risks caused by cache side-channel
`
`timing exploits.” Id. ¶ 529 (describing patent filings).
`
`The Amended Complaint alleges that Intel’s knowledge of both Incomplete Undo and
`
`Unauthorized Access is evidenced by the technical articles, white papers, and patent filings.
`
`Plaintiffs’ allegations in the Amended Complaint do not appear to show that only Incomplete
`
`Undo was disclosed in these public filings. When asked at oral argument whether the alleged
`
`technical articles and white papers show Intel’s knowledge of Unauthorized Access, Incomplete
`
`Undo, or both, counsel for Plaintiffs responded that it was his understanding that they are
`
`evidence relating to both. See ECF 202 at 11:19-24. Because Plaintiffs assert that the alleged
`
`articles and white papers show Intel’s knowledge of both alleged defects, it also follows that they
`
`are evidence showing “industry knowledge” of both alleged defects.
`
`Plaintiffs appear to concede this fact, arguing that the articles, white papers, and patent
`
`filings were “unknown to the consuming public” and “are not commonly viewed by the general
`
`public buying Intel’s CPUs and products containing them, given the sophisticated and
`
`specialized nature of the papers. Rather, these types of research papers are often aimed at
`
`industry insiders, such as Intel, and academics.” ¶¶ 516, 528. Although Plaintiffs allege that the
`
`general public are not sophisticated enough to discover or understand such technical information,
`
`that is not enough to allege an actionable omission under the facts of this case.4
`
`Information that was known in the industry is not information that the Court finds under
`
`the facts of this case that Intel fraudulently concealed or suppressed. Nor is it information that
`
`was necessarily unavailable for the general public to discover or understand. Technically
`
`
`4 The Court expresses no opinion on whether, were Intel aware of actual data breaches
`occurring as a result of its microarchitecture design and Intel and others disclosed Intel’s design
`vulnerabilities only in technical papers, that would be sufficient disclosure.
`
`PAGE 14 – OPINION AND ORDER
`
`
`
`Case 3:20-cv-00863-SI Document 30 Filed 03/29/21 Page 15 of 31
`
`
`
`sophisticated persons, such as technical product reviewers, can explain complicated information
`
`(or at least the effects) to the general consuming public. Further, competitors can provide
`
`consumers with information relating to a product’s technical problems in a more understandable
`
`manner. Based on the allegations in the Amended Complaint that broadly allege public
`
`disclosure of the alleged defects and counsel’s admission that the publicly-disclosed information
`
`relates to both alleged defects, the Court finds that Plaintiffs have not sufficiently alleged that
`
`Intel suppressed or concealed the alleged defects. Plaintiffs rely solely on their allegations that
`
`the information, although public, was too technical to be considered “disclosed.” The Court
`
`rejects this contention. Thus, Plaintiffs have not alleged an actionable omission or concealment.
`
`Even if Plaintiffs had alleged an actionable omission, however, as discussed next, Plaintiffs have
`
`not adequately shown that Intel had a duty to disclose the alleged defects.
`
`3. Duty to disclose
`
`Intel had a duty to disclose under California law if the alleged omissions were material,
`
`related to a “central defect,” and at least one of the LiMandri factors was present. Intel argues
`
`that Plaintiffs’ allegations meet none of these requirements. The Court focuses on whether the
`
`alleged omissions relate to a central defect.
`
`The parties dispute what constitutes a “central defect.” In discussing the central
`
`functionality test, the Ninth Circuit has explained that the alleged defect must be “central to the
`
`product’s function.” Hodsdon, 891 F.3d at 864 (emphasis in original). As examples of when a
`
`product’s central function is affected, the Ninth Circuit noted that “[a] computer chip that
`
`corrupts the hard drive, or a laptop screen that goes dark, renders those products incapable of use
`
`by any consumer[.]” Id. In a footnote, the Ninth Circuit, in discussing two California cases, noted
`
`that although they did not mention central functionality, “their facts are consistent with requiring
`
`that the alleged defect be physical and