Butler v. Bancorp
Christopher Butler, individually and on behalf of all others similarly situated v. U.S. Bancorp
- Jeffrey Bryan
- 0:24-cv-03700
- U.S. District Court · District of Minnesota
- 12
Counsel of record per CourtListener. Firm names are approximate.
In Butler v. U.S. Bancorp, Judge Jeffrey M. Bryan dismissed without prejudice a lawsuit accusing U.S. Bank of secretly sharing customers' personal information with Meta through tracking technology embedded in its website, because the plaintiff failed to allege facts showing he suffered a concrete injury sufficient to give him the legal right to bring a federal lawsuit.
Current and former U.S. Bank customers who used its website or mobile app and may have had their personal or financial information collected by Meta Pixel tracking technology and transmitted to Meta/Facebook. Also relevant to plaintiffs and attorneys pursuing similar privacy claims under state consumer protection laws, federal wiretapping statutes, and common-law privacy torts against companies using third-party tracking technology on their websites.
What happened
In Butler v. U.S. Bancorp (Case No. 24-CV-03700), California resident Christopher Butler sued U.S. Bank on behalf of himself and a nationwide class, claiming the bank embedded a piece of tracking software called Meta Pixel into its website and mobile app, which secretly collected and sent users' personal and financial information to Meta (the company behind Facebook) without their knowledge or consent. Butler alleged he had applied for a credit card on U.S. Bank's website, noticed an increase in targeted Facebook ads afterward, and claimed he suffered both intangible privacy harms and an economic loss from the reduced value of his personal information. He brought seven legal claims, including violations of California privacy and consumer protection laws, a federal wiretapping law, and common-law claims for invasion of privacy, breach of implied contract, and unjust enrichment.
The central legal issue was whether Butler had 'standing'—meaning a sufficient personal stake in the case—to bring his claims in federal court. Federal courts can only hear real disputes involving concrete, actual injuries, not hypothetical or vague ones. U.S. Bank argued that Butler's alleged harms were too general and unspecified to count as real injuries under the law, and the court agreed. Butler never identified exactly what personal information was shared, whether Pixel was even active on the website when he applied for the credit card, or whether he actually completed and submitted the application. On the economic harm side, Butler failed to allege any facts about a market for his personal information or that his ability to participate in such a market was actually damaged.
Judge Jeffrey M. Bryan granted U.S. Bank's motion to dismiss the entire case without prejudice, meaning Butler is not permanently barred from refiling if he can allege more specific facts. The court found that Butler's vague references to 'personal information' and 'highly sensitive' data did not meet the legal standard requiring that disclosed information be the kind a reasonable person would find highly offensive—distinguishing this case from others involving medical records or detailed browsing histories. Because Butler was the only named plaintiff and lacked standing, the court also declined to address his request to certify a class action.
The detailed version
- Butler v. Bancorp · No. 0:24-cv-03700
- Jeffrey M. Bryan
- Mar. 31, 2026
Background
U.S. Bancorp (referred to in the opinion as U.S. Bank) is a national financial services company headquartered in Minnesota. Plaintiff Christopher Butler, a California resident, alleged that U.S. Bank integrated a third-party tracking tool called Meta Pixel into its website and mobile application. Meta Pixel is a piece of code that businesses can embed on their websites to track user activity in real time and collect user data, which is then transmitted to Meta (the parent company of Facebook). According to the First Amended Complaint (FAC), the data Pixel collects includes pages visited, information entered into product applications, browsing behavior, time spent on pages, IP addresses, and browser identifiers. This data allows Meta to build detailed profiles of users and serve them targeted advertisements, and also benefits the businesses that deploy the technology.
Butler alleged that at some unspecified time, he applied for a credit card on U.S. Bank's website and entered unspecified 'personal information' during that process, using the same browser he used to log into Facebook. He alleged he was unaware that Pixel was transmitting his information to Meta. Shortly after filling out the application, he noticed an increase in targeted Facebook advertisements related to U.S. Bank's Money Market account products. Butler did not specify what information he entered, whether he completed and submitted the application, or whether U.S. Bank had actually integrated Pixel into its website at the time of his application.
Claims Asserted
Butler filed suit in September 2024, later amending his complaint to assert seven claims on behalf of himself and a putative Nationwide Class and California Subclass:
- Two claims under the California Unfair Competition Law (UCL)
- One claim under the California Consumer Privacy Act (CCPA)
- Invasion of privacy (common-law tort)
- Breach of implied contract
- Unjust enrichment
- A claim under the Electronic Communications Privacy Act (ECPA), 18 U.S.C. § 2511 et seq. (a federal wiretapping statute)
Butler alleged two categories of harm: (1) intangible harms from the interception and disclosure of his 'highly sensitive' Personally Identifiable Financial Information (PIFI), and (2) economic harms from the 'diminution in value' of his PIFI.
Legal Standard: Standing
Before reaching the merits of any claim, a federal court must determine whether the plaintiff has 'standing'—a constitutional requirement under Article III of the U.S. Constitution that limits federal courts to deciding actual cases or controversies. To establish standing, a plaintiff must plausibly allege three elements: (1) an injury in fact, (2) a causal connection between the injury and the defendant's conduct (traceability), and (3) the likelihood that the injury will be remedied by the relief sought (redressability). The court applied the same pleading standard used under Federal Rule of Civil Procedure 12(b)(6), accepting Butler's factual allegations as true but requiring that they plausibly establish his right to be in federal court.
An 'injury in fact' must be both 'concrete and particularized' and 'actual or imminent.' The Supreme Court in TransUnion LLC v. Ramirez (2021) confirmed that concrete injuries include tangible harms like physical and monetary losses, as well as intangible harms closely related to traditionally recognized legal wrongs—such as reputational harm, disclosure of private information, and intrusion upon seclusion.
Analysis: Intangible Harms
For intangible harms tied to disclosure of private information, courts look to whether the alleged harm closely resembles a recognized common-law tort. The relevant torts here are intrusion upon seclusion and public disclosure of private facts, both of which require that the information disclosed or intruded upon be 'highly offensive to a reasonable person.'
The court found that Butler failed to plausibly allege the disclosure of highly offensive information for several reasons:
- Butler alleged he applied for a credit card at 'some unspecified time,' but never alleged that Pixel was integrated into U.S. Bank's website at that time. Even in his legal brief opposing dismissal, Butler did not assert this. - Butler alleged he inputted 'personal information' but never specified what that information was. - Butler never alleged whether he actually completed and submitted the application. - The claim in Butler's brief that U.S. Bank shared his Social Security number with Meta was not included in the FAC and was therefore not considered by the court. - The alleged 'uptick in targeted advertising' on Facebook was not supported by any caselaw as a cognizable (legally recognizable) harm, and related cases suggest it is not.
The court distinguished Butler's case from cases where standing was found, such as those involving disclosure of medical records, detailed internet browsing histories (including sensitive topics), or video-viewing histories. It aligned Butler's case more closely with cases where standing was denied because plaintiffs failed to identify specific highly sensitive information that was disclosed—citing cases involving the same Meta Pixel technology where courts reached the same result.
The court also noted a concern about traceability: without specifics about what information was shared and when, the court could not determine whether any harm was fairly traceable to Pixel collection rather than some other source.
Analysis: Economic Harms
Butler also alleged economic injury based on a 'diminution in value' of his PIFI—the idea that his personal information lost monetary value because it was shared without his consent.
The court rejected this theory for two independent reasons:
First, because Butler never specified what information he entered or whether Pixel was active at the time, the court declined to accept the legal conclusion that unspecified information constitutes PIFI with any discernible economic value.
Second, even setting aside the information gap, Butler's FAC contained no factual allegations about: (a) the existence of a market for his personal information, (b) his participation or intent to participate in such a market, or (c) actual loss in value of his information in that market. Courts have generally required plaintiffs to establish both the existence of such a market and an impairment of their ability to participate in it to sustain an economic injury theory.
The court also rejected an argument Butler raised in his brief—that he suffered economic harm analogous to a case where a plaintiff paid for a service they would not have purchased had they known of the defendant's conduct. Butler made no allegation in the FAC that he paid U.S. Bank any money for financial services or to apply for a product.
Class Action
Because Butler was the only named plaintiff and his claims were dismissed for lack of standing, the court declined to address his request for class certification. Federal courts lack jurisdiction over class actions when no named plaintiff has standing.
Ruling
Judge Bryan granted U.S. Bank's Motion to Dismiss (Doc. No. 30) and dismissed the entire action without prejudice, meaning Butler is not permanently barred from filing a new complaint if he can allege more specific facts sufficient to establish standing. Judgment was ordered to be entered accordingly.
Reviewer note from the AI+
Read the full 12-page opinion on CourtListener, the free public archive maintained by the Free Law Project.