Photo of Steven Boranian

We have taken a daily multivitamin ever since our doctor told us that we were chronically deficient in a particular vitamin, the one you can get from being out in the sun.  Given our chosen line of work, we should not be surprised that we don’t get enough sunlight.  We should also not be surprised that dietary supplements—such as our daily chewable multivites—generate substantial litigation, usually based on the premise that the supplements don’t do what their sellers say they are supposed to do.

Plaintiffs often file these kinds of lawsuits in California because of California’s liberal consumer protection laws, but many of them find out that the FDA regulates dietary supplements as food.  Regular readers of the blog can see where this is headed.

That’s right.  Federal preemption.

Take for example the Ninth Circuit’s recent opinion in Dachauer v. NBTY, Inc., No. 17-16242, 2019 WL 150016 (9th Cir. Jan. 10, 2019).  In that case, the plaintiff purchased vitamin E supplements that claimed on their labels to “support cardiovascular health” and to “promote[ ] immune function.”  Id. at *1.  The court noted that the plaintiff “purchased one bottle of the supplements for health reasons.”  Id.  We think it is more likely that the plaintiff’s attorneys had an expert who questioned the value of vitamin E supplements and sent the plaintiff to buy his “one bottle” for litigation reasons, rather than “health reasons.”  But we don’t really know and are probably just being cynical.

Regardless, the plaintiff sued under California’s consumer statutes alleging that the supplements do not present cardiovascular disease and might increase the risk of all-cause mortality, rather than promote “immune function.”  Id.

Here is where the FDA’s regulation of dietary supplements comes into play, and there are only two things you really need to know.  First, the FDCA has an express preemption provision for certain food labeling claims, under which federal law preempts any state law that establishes “any requirement respecting any claim . . . made in the label or labeling of food that is not identical to [federal requirements].”  Id. at *3 (citing 21 U.S.C. § 343-1(a)(5)).  This is a strong preemption provision, and the “identical to” language is arguably even stronger than the “different from or in addition to” language that we are used to in the medical device context.”

Second, when it comes to dietary supplement labeling, the FDCA distinguishes between “disease claims” and “structure/function claims.”  A “structure/function claim” describes the role of a nutrient or ingredient intended to maintain the structure or function of the body.  By comparison, a “disease claim” claims to diagnose, mitigate, treat, cure, or prevent disease.”  Id. at *2.  An FDA guidance provides that structure/function claims can use general terms, such as “strengthen,” “improve,” and “protect,” so long as the claims “do not suggest disease prevention or treatment.”  Id. (quoting Regulations on Statements Made for Dietary Supplements Concerning the Effect of the Product on the Structure or Function of the Body, 65 Fed. Reg. 1000-01 (Jan. 6, 2000)).  Apropos to this case, the guidance identifies “helps maintain cardiovascular function” as an example of a permissible structure/function claim.  Id.

Having made labeling claims that are quite clearly permissible structure/function claims, the defendant moved for summary judgment on the basis that the plaintiff’s claims were preempted.  In other words, the plaintiff was asserting that state law required labeling different from the federally approved labeling.  The district court granted summary judgment, and the Ninth Circuit affirmed.  With regard to the labeling claim that the supplement “support[ed] cardiovascular health,” the plaintiff had an expert who disagreed, but the federal requirement was what it was, and the plaintiff’s expert could not just erase it:

The FDA allows manufacturers of supplements to make general claims—such as “promotes heart health”—and to substantiate them with evidence that a supplement has some structural or functional effect on a given part of the human body.  Manufacturers need not also have evidence that those structural or functional effects reduce the risk of developing a certain disease.  Plaintiff disagrees with the federal statutory scheme for dietary supplements, but we cannot accept his invitation to upend it.

Id. at *3 (emphasis added, citations omitted).  The Ninth Circuit came to a similar conclusion with regard to the plaintiff’s arguments targeting the “promoted immune function” claims.  The FDCA does not require that manufacturers substantiate structure/function claims about immune health with proof that their supplements reduce the risk of all-cause mortality.  Thus, “[b]ecause any such requirement under California law would differ from the FDCA’s labeling requirements, the FDCA preempts Plaintiff’s claim to the extent that he argues that Defendants make a false structure/function claim because their supplements fail to reduce the risk of all-cause mortality.”  Id. at *4.

The only claim that survived was the plaintiff’s claim that the defendant’s structure/function claim about immune health was misleading because the supplements actually increase the risk of all-cause mortality.  Because that claim would be misleading under either federal or state law, it was not expressly preempted.  Id.  The plaintiff, however, did not submit evidence sufficient to raise a triable issue of fact.  His expert cited four meta-analyses, but none concluded that vitamin E supplements caused an increased risk.  Id.  With no substantial evidence that the defendant’s “promoted immune function” claim was misleading, the plaintiff was not entitled to proceed.  Summary judgment affirmed.

The Dachauer opinion comes to the right result for the right reasons.  For our part, we will continue to take our daily multivitamin with modest expectations, and maybe we will try to get out into the sun more often.

A federal court in Utah ruled the other day that it had no personal jurisdiction over a corporate parent, even though the plaintiffs alleged that the defendant subsidiary was the “alter ego” of its owner.  We read the order with great interest for a couple of reasons.  First, one of our first assignments out of law school was to respond to discovery and write motions for an insurance company’s parent—a holding company that held considerable assets, but did not underwrite insurance policies.  We have learned over the years that some companies don’t care so much about corporate parents being sued, and others care a great deal.  Our insurance company client was in the “cared a great deal” bucket, leaving us to parse endlessly how the “company” differed from the “group,” how the company did all the business and had all the employees, and how they all scrupulously observed every corporate formality.  It usually worked, because it was all true.  The holding company was a holding company, and the insurance company had the wherewithal to answer for his own debts.  Ever since this experience, we have held a persistent (perverse?) interest in alter ego, agency, and other ploys to “pierce the corporate veil.”

The second reason the recent District of Utah case caught our interest is because one of the underappreciated aspects of the Supreme Court’s reset of general personal jurisdiction in Bauman is how the Court discarded so-called “agency jurisdiction.”  That was where a court could impute a subsidiary’s forum contacts to the corporate parent by applying a relaxed “agency” standard.  That form of jurisdiction does not exist anymore.  See Daimler AG v. Bauman, 571 U.S. 117, 134-36 (2014).  The Supreme Court closed the loop when it recalibrated specific personal jurisdiction in BMS and held that specific jurisdiction cannot be based on another defendant’s forum contacts.  See Bristol-Myers Squibb Co. v. Superior Court, 137 S. Ct. 1773, 1783-84 (2017).

So where did that leave the plaintiff in the recent Utah case who was trying to sue a medical device company and its corporate parent?  Because there was no general jurisdiction over the non-resident parent, the plaintiff had to prove specific jurisdiction through the rigorous and difficult-to-prove “alter ego” standard.  The case is Jorgensen v. Wright Medical Group, Inc., No. 2:18-cv-366, 2018 WL 6250606 (D. Utah. Nov. 29, 2018), and the plaintiff sued the medical device manufacturer (the “company”) and its holding company (the “parent”) alleging injuries resulting from treatment with the device.

The district court rejected jurisdiction over the parent, and there are three interesting points.

First, the district court considered evidence, even though it was ruling on a motion to dismiss.  In an attempt to establish sufficient forum contacts, the plaintiffs alleged that both the company and the parent “sold, distributed, and marketed” the device within Utah.  Id. at *2.  But the parent submitted uncontroverted affidavits explaining that it did no business in Utah and had no place or business or property there.  Id.  The plaintiff submitted press releases and SEC filings where the parent spoke of its medical device business generally, but the district court found that consolidated statements are a “common business practice” that did not undermine the specific facts in the sworn affidavits.  Id. at *3.  The lesson is that unproven allegations will not carry the jurisdictional day.  Even on a motion to dismiss, courts can and should consider evidence.

Second, the alter ego standard is difficult to meet.  In attempting to attribute the company’s forum contacts to the parent, the plaintiff relied on the same press releases and SEC filings as before, but they were not sufficient.  Rather, “(1) there must be such unity of interest and ownership that the separate personalities of the corporation and the individual [shareholder] no longer exist . . . and (2) the observance of the corporate form would sanction a fraud, promote injustice, or an inequitably result would follow.”  Id at *4.  This standard is based on Utah law, but it is similar to standards we have seen in other states.  Here, the parent’s affidavits again held sway:  They attested that the parent “maintains separate accounting and banking records from the accounting and banking records of [the company].”  Id.  The plaintiff neither rebutted this evidence, nor alleged that any fraud or injustice would result from observance of the corporate form.  Id.

Third, in what might be the most useful part of the order, the district court denied “jurisdictional discovery.”  Id. at 5.  The following standard applied:  “‘The district court does not abuse its discretion by denying jurisdictional discovery where there is a very low probability that the lack of discovery’ would affect the outcome of the case.”  Id.  The plaintiff had to suggest specific discovery that would lead to a different result, and he came up with just one set of documents that purportedly would show the parent’s “direct involvement” in the medical device at issue.  But another plaintiff had offered those same documents to establish liability against the parent in another case, and the parent was dismissed, making is “highly unlikely” that the documents would make a difference here.  Id.

All is not lost for this plaintiff.  He still has jurisdiction over the medical device company, although we know nothing from this order about the arguable merits of his claims.  He will not, however, be allowed to reach into the parent company’s pockets.

We celebrated National Cybersecurity Awareness Month a few weeks ago by bringing you the FDA’s newly published Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook, with a promise to cover the Agency’s promised update on its Guidance for Content of Premarket Submissions for Management of Cybersecurity in Medical Devices, which was first published in 2014.

Well, the Agency has now published the Draft Guidance (you can review it here), and it is really interesting for a few reasons.  First, the FDA continues to view medical device cybersecurity risks through the same lens as it views any other risk.  That is to say, treatment with any medical device presents potential risks, and premarket submissions for connected medical devices should permit analysis of cybersecurity risks compared against the device’s benefits.  Second, the Draft Guidance generally follows the philosophy and framework set forth in the FDA’s current guidance, but places considerably greater flesh on the bone.  Third, the Draft Guidance places a much greater emphasis on medical device warnings, including suggesting the inclusion of a long list of detailed information—so much information that we wonder about usefulness and feasibility.

So what does the Draft Guidance say?  The theme is that the increasing use of connected medical devices and portable media in medical devices makes effective cybersecurity more important than ever to ensure device functionality and safety.  The Draft Guidance’s mission is clear:  “Effective cybersecurity management is intended to decrease the risk of patient harm by reducing device exploitability which can result in in intentional or unintentional compromise of device safety and essential performance.”  (Draft Guidance, at p.3)  “Intentional or unintentional.”  In other words, we are talking here not only about bad actors and malicious attacks, but also accidents and other situations where no harm to a device’s function was intended at all.

One new feature is the creation of two tiers of medical devices:  A device is “Tier 1, Higher Cybersecurity Risk” if (1) the device is capable of connecting to another medical or non-medical product, or to a network, or to the Internet; AND (2) a cybersecurity incident affecting the device could directly result in patient harm to multiple patients.  All other devices are “Tier 2, Standard Cybersecurity Risk.”  (Id. at 10)  The catch-all nature of Tier 2 seems odd at first blush because it would appear to include devices for which there is no conceivable cybersecurity risk, such as orthopedic implants.  Also note that these tiers cut across the FDA’s existing statutory device classifications, such that a Tier 1 device could be Class II or Class III device.  They are separate criteria.  (Id.)

The consequence of falling into Tier 1 is that the Draft Guidance calls for considerably more exacting information in premarket submissions.  More specifically, premarket submissions for Tier 1 devices should “include documentation demonstrating how the device design and risk assessment” incorporate certain design controls that accomplish the following:

  • Identify and Protect Device Assets and Functionality – The focus here is on the design of “trustworthy” devices and the presentation of documentation demonstrating “trustworthiness.” A trustworthy device should prevent unauthorized use through sufficient authentication and encryption; should ensure the trustworthiness of content by maintaining “code, data, and execution integrity” through such measures as software/firmware updates and enabling secure data transfer; and should maintain confidentiality.  ( at 11-16)
  • Detect, Respond, Recover – As the Draft Guidance puts it, “appropriate design should anticipate the need to detect and respond to dynamic cybersecurity risks.” This includes designing the device to detect cybersecurity events promptly.  It also includes designing the device to respond to and contain the impact of cybersecurity incidents and to recover its capabilities.  This would be though such measure as routine security updates and patches, systems to detect and log security compromises, features that protect critical functionality, and measures for retention and recovery of system configurations.  It also includes something called a “CBOM”—a Cybersecurity Bill of Materials, essentially a list of hardware and software components that are or could become susceptible to vulnerabilities.  ( at 16-18)

Perhaps the most interesting part of the Draft Guidance is the recommendation for device labeling.  As product liability litigators, medical device labeling is near and dear to our hearts because a manufacturer’s potential liability often depends on the adequacy of the risk information and instructions for use.

The FDA seems to agree that device labeling is important.  After citing the governing statutes and regulations, the Agency counsels that “when drafting labeling for inclusion in a premarket submissions, a manufacturer should consider all applicable labeling requirements and how informing users through labeling may be an effective way to manage cybersecurity risks.”  (Id. at 18-19)  The Draft Guidance then lists 14 separate factors that it recommends for inclusion in the labeling.  We paraphrase them below not because we expect you to study them, but more so you can get a sense of how exacting these recommendations could be.  Here goes:

  • Device instructions and product specifications related to recommended cybersecurity controls appropriate for the intended use environment;
  • A description of the device features that protect critical functionality;
  • A description of backup and restore features;
  • Specific guidance to users regarding supporting infrastructure requirements;
  • A description of how the device is or can be hardened using secure configuration;
  • A list of network ports and other interfaces that are expected to receive and/or send data, and a description of port functionality and whether the ports are incoming or outgoing;
  • A description of systematic procedures for authorized users to download version-identifiable software and firmware;
  • A description of how the design enables the device to announce when anomalous conditions are detected (e., security events);
  • A description of how forensic evidence is captured, including but not limited to any log files;
  • A description of the methods for retention and recovery of device configuration;
  • Sufficiently detailed system diagrams for end users;
  • “A CBOM including but not limited to a list of commercial, open source, and off-the-shelf software and hardware components to enable device users . . . to effectively manage their assets, to understand the potential impact of identified vulnerabilities to the device (and the connected system), and to deploy countermeasures to maintain the device’s essential performance”;
  • Where appropriate, technical instructions to permit secure network deployment and servicing, and instructions on how to respond upon detection of a cybersecurity vulnerability or incident; and
  • Information, if known, concerning device cybersecurity end of support, e., the time when the manufacturer may no longer be able to reasonably provide software patches and updates.

We support providing adequate information to device users, and we doubly support taking medical device cybersecurity seriously.  These recommendations, however, raise several questions.  For one thing, who is the intended audience?  The learned intermediary doctrine in most every state holds that medical device warnings are for the prescribing physicians—and no one else.  Is this information to be written for physicians, or IT professionals, or even patients?  We don’t know.

We also wonder about whether it is feasible to provide all this information, or even useful.  Maybe it would be both, or maybe neither.  But we think it is fair to ask whether providing “sufficiently detailed system diagrams” and lists of “commercial, open source, and off-the-shelf software and hardware components” is the most helpful information for protecting patient health and safety.  What is a “CBOM”?  We also wonder how the adequacy of this information would be judged.  Unlike medical risk information, this information is beyond what most physicians (the learned intermediaries) would readily appreciate.  In the so-far-extremely-unlikely event that a cybersecurity incident results in harm to a patient, will we have a new category of experts to depose?

To round it out, the Draft Guidance recommends including design documentation and risk management documentation that demonstrates device trustworthiness and the design’s connection to “threat models, clinical hazards, mitigations, and testing.”  (Id. at 21-22)

The above questions and more can be presented to the regulators as they consider the Draft Guidance and put it in final form.  Comments and suggestions are currently due sometime next March, although these deadlines tend to slip.  We will eagerly see what people have to say.  Stay tuned.

What happens when you have a class action where some putative class members suffered an injury while others did not? Can such a proposed class even be certified? The answer depends on whom you ask. The plaintiffs/class representatives will surely point out that whether any individual class member actually suffered a compensable injury is a mere administrative detail that can be sorted out after the fact. Trust us, Judge. Just certify the class, and we’ll make sure the right people get paid.

The defendants on the other hand will emphasize (correctly) that there is this little thing called due process, which prohibits certifying a class where individual class members have contested injuries or no injuries at all. That was the dilemma that the First Circuit addressed in In re Asacol Antitrust Litig., No. 18-1065, 2018 WL 4958856 (1st. Cir. Oct. 15, 2018), and the court came to the correct conclusion that a class that includes uninjured class members cannot be certified. The First Circuit also poured buckets of cold water on questionable concepts of aggregated proof and statistical modeling.

Here is what happened. The plaintiffs sued the defendant claiming that its discontinuation of one drug and introduction of similar substitute drugs violated the consumer protection and antitrust laws of twenty-six jurisdictions. Id. at *1. The district court later certified a class of “all Asacol purchasers who subsequently purchased [the alleged substitute drugs] in one of those twenty-six jurisdictions.” Id.

But here is the rub. In certifying the class, the district court found that approximately 10 percent of the class members (mostly if not entirely third-party payers) had not suffered any injury attributable to the defendants’ alleged wrongful conduct. Id. And here is the further rub. The defendants claimed that uninjured class members actually made up more than 10 percent of the class, and the plaintiffs claimed that the number actually was less. In other words, it was undisputed that some portion of the class had no compensable injury, and the fact of injury was contested for some additional and unknown portion of the class.

The district court determined nonetheless that the uninjured class members could be removed “in a proceeding conducted by a claims administrator.” Id. When someone suggests relying on a post-certification “claims process” to smooth over disputed individual issues in a class action, the red flags start to wave in our heads. The submission of a form to a “claims administrator” is not an adequate substitute for the due process to which defendants are entitled absent an agreement, such as with a class settlement.

Red flags waived in the heads of the First Circuit too, resulting in an opinion reversing class certification. First, there was the issue of standing. The defendants argued that the class representatives had never made purchases within twenty-two of the jurisdictions and thus lacked standing to sue under those states’ laws. Id. at *3. In the First Circuit’s view, the issue was whether the class representatives had the proper incentive to advance claims under all those states’ laws, and it ruled that they did. Id. at **3-5. The only carve out was New York, which uniquely requires proof of deception. Id.

Second, the First Circuit considered Rule 23(c)(3)’s requirement that common issues predominate over individual issues, and this is where this class action failed. It was undisputed that some number above or below ten percent of the certified class suffered no compensable injury. Id. at *6. The district court’s major error was its assumption that it would be possible “to establish a mechanism for distinguishing the injured from the uninjured class members” and that “Class members will be asked to submit a claim form, along with data and documentation that may be deemed necessary for consideration.” Id. at *7.

That process would not be sufficient, in part because “[o]ne can only guess what data and documentation may be deemed necessary, what the formula will be, and how the claims administrator will decide who suffered no injury.” Id. The First Circuit distinguished the situation where class members would establish their claims through “’unrebutted testimony’ contained in affidavits.” Id. (distinguishing In re Nexium Antitrust Litig., 777 F.3d 9 (1st Cir. 2015)). Here, the plaintiffs did not intend to rely on unrebutted testimony to eliminate uninjured class members, and the defendants had expressed their intention to challenge any affidavits that might be gathered. Id. Because such disputed individual issues cannot be resolved under Rule 23, the First Circuit’s “inability to fairly presume that these plaintiffs can rely on unrebutted testimony in affidavits to prove injury-in-fact is fatal to plaintiffs’ motion to certify this case.” Id. at *8.

This is an important holding. The predominance of individual issues should preclude class certification under Rule 23(c) in every instance, and that rule applies with no less force when the predominating individual issue is whether each class member has suffered an injury in fact. It is not sufficient, as the First Circuit held, to certify the class based on vague promises of sorting it out later.

Nor is it acceptable to promise proof of “class-wide impact” through purported expert testimony. According to the plaintiffs, proof of “class-wide impact” would result in some uninjured class members receiving compensation, but it will all “net out” in the end and “should be of no concern” to the defendants. Id. at *9. Such rough justice ignores that when a defendant is not liable to particular individuals because they suffered no injury, the amount of total damages should be reduced. Id. Moreover, when relief depends on determining whether an individual has been injured, the defendant must have an opportunity to challenge each class member’s proof. Id.

Finally, the First Circuit condemned the reliance on statistical analysis at the expense of due process. The following quote is long, but you should read it because it is powerful:

Accepting plaintiffs’ proposed procedure for class litigation would also put us on a slippery slope, at risk of an escalating disregard of the difference between representative civil litigation and statistical observations of tendencies and distributions. Once one accepts plaintiffs’ “no harm, no foul” position there would be no logical reason to prevent a named plaintiff from bringing suit on behalf of a large class of people, forty-nine percent or even ninety-nine percent of whom were not injured, so long as aggregate damages on behalf of “the class” were reduced proportionately. Such a result would fly in the face of the core principle that class actions are the aggregation of individual claims, and do not create a class entity or re-apportion substantive claims.

Id. at *10 (emphasis added). Read that last line again because it re-emphasizes that Rule 23 is a rule of procedure. It does not bestow substantive rights, nor could it alter substantive law—such as laws requiring proof of an injury in fact before someone can sue—without running afoul of the Rules Enabling Act.

The First Circuit here applied the predominance requirement in a way that essentially enforces the requirement of ascertainability—i.e., you can’t certify a class if you can’t ascertain who would be in the class before certification. The First Circuit also walked back from the Neurontin trilogy, which pushed concepts of aggregated proof beyond the breaking point, which we discussed here. Both are welcome developments.

Did you know that October is National Cybersecurity Awareness Month?  Neither did we, until we started poking around the FDA’s recent press release announcing that it intends to update its guidance on medical device cybersecurity within the next few weeks.  We also learned that National Cybersecurity Awareness Month has been observed each October since its inception in 2004.  Observed by whom?  We’re not exactly sure.  We picture our IT consultants walking office to office handing out hats and stickers with catchy slogans like “A password is like underwear. Change it!”  Or some lame pun involving the work “phishing.”  If it were up to us, we would default to the simple and classic “Ctrl-alt-delete before you leave your seat.”

All kidding aside, cybersecurity threats have moved in recent years from theoretical to very real, and while there remains no reported instance of anyone hacking into a medical device being used to treat a patient, the potential vulnerability is one to which we need to pay attention.

That includes the FDA.  The FDA has published guidance on cybersecurity with regard to both premarket submissions and post-market submissions.  (You can see our take on the postmarket guidance here)  Based on the FDA’s press release, updates are coming to the premarket guidance, specifically to “highlight the importance of providing customers and users with a ‘cybersecurity bill of materials,’ or in other words, a list of commercial and off-the-shelf software and hardware components of a device that could be vulnerable to attack.”  This jibes with the FDA’s general approach to cybersecurity, which is to undertake a risk-based analysis that identifies vulnerabilities, assesses the potential frequency and severity of the risk, identifies mitigations, and proceeds accordingly.  Such a risk-based analysis should be familiar to anyone who operates in the medical device space, where risks and benefits are weighed on a daily basis.

The other news of the press release is the publication of a Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook, which “describes the types of readiness activities that’ll enable HDOs [healthcare delivery organizations] to be better prepared for a cybersecurity incident involving their medical devices.”  This Playbook was prepared by the MITRE Corporation, a government-sponsored research and development organization.  You can get a copy of the Playbook here, and you can that it is aimed at healthcare providers and critical healthcare infrastructure in which medical devices operate.

The purpose of the Playbook is to help HDOs get ready for cybersecurity threats affecting medical devices that could impact continuity of care and patient safety.  More specifically, the playbooks objectives are to:

  • Provide baseline medical device cybersecurity information that can be incorporated into an HDO’s emergency preparedness and response framework;
  • Outline roles and responsibilities for responders to clarify lines of communication “across HDOs, medical device manufacturers (MDMs), state and local governments, and the federal government”;
  • Describe a standardized approach to response efforts;
  • Serve as a basis for enhanced coordination activities among medical device cybersecurity stakeholders;
  • Inform decision making and the need to escalate response;
  • Identify resources HDOs can leverage as a part of preparedness and response activities; and
  • “Serve as a customizable regional preparedness and response tool for medical device cyber resiliency that could be broadly implemented.”

We put that last one in quotes because we’re not exactly sure what “cyber resiliency” means, but we assume it means the ability to fend off a cybersecurity event or at least mitigate its impact.  Toward that end, the Playbook suggests a four phase approach:  (1) Preparedness; (2) Detection and Analysis; (3) Containment, Eradication, and Recovery; and (4) Post Activity.

“Preparedness” means exactly what it says, with an emphasis on mindfulness of cybersecurity when procuring medical devices and keeping an inventory such that the HDO is always aware of what connected devices it has on hand.  HDOs should engage in “hazard vulnerability analysis” (again, a focus on risk) and plan for communicating and responding during an event.  That includes medical device manufacturers, whom the Playbook places squarely within the communication loop with the HDO and the FDA.

“Detection and Analysis” focuses on identifying when an incident has occurred and assessing its priority on a numerical scare that strangely assigns “Emergency” events to “Category 0.”  Analysis and documentation are important parts of the process, too.

The core of the response falls under “Containment, Eradication, and Recovery,” which appropriately focused on patient safety.  Is the device safe to use?  Is there a reliable way to test the device and confirm it is working correctly?  Are there spare or backup devices?  How quickly can the problem be fixed, and has there been collateral damage to the broader healthcare system?  These are the questions that HDO should be asking.

Finally, the “Post Activity.”  The Playbook recommends attention to lessons learned, including possibly retaining a digital forensics expert and updating the plan.

As we have said before, medical device cybersecurity is here to stay, and the FDA has been busy.  In addition to the Playbook (which is not an FDA document, but still, you get the gist), the FDA has entered into memoranda of understanding to form information sharing analysis organizations (“ISAOs”), which are “groups of experts that gather, analyze and disseminate important information about cyber threats.”  The Agency has participated in cybersecurity exercises and summits, and has engaged discussions with other government agencies, including the Department of Homeland Security.  It has proposed a Center of Excellence for Digital Health, which “would help establish more efficient regulatory paradigms, consider the building of new capacity to evaluate and recognize third-party certifiers, and support a cybersecurity unit to complement the advances in software-based devices.”  We will keep you posted.

Multidistrict litigation is not special. By making this pithy observation, we do not mean to denigrate what has become the mother of all procedural mechanisms.  What we mean is that multidistrict litigation is, at its core, nothing more than a bunch of venue transfers, bringing multiple cases involving common issues before a single district judge for coordinated pretrial proceedings.  The MDL statute does not grant an MDL judge any extraordinary or special powers.  In fact, the statute purports to augment a district judge’s prerogative in only one way:  An MDL judge “may exercise the powers of a district judge in any district for the purpose of conducting pretrial depositions.”  28 U.S.C. § 1407(a).

Not very Earth-shattering stuff, but the point is that whatever exceptional gravitas you might attribute to an MDL comes not from an act of Congress.  It comes from the fact that one judge has all the parties and their attorneys in front of him or her with the power to preside over all their cases at the same time.  That includes deciding which cases will proceed, and which will wait, and how proceedings will be conducted for those chosen to go ahead, maybe a few at a time, or maybe in entire “waves.”

It also includes naming the plaintiffs’ Lead and Liaison Counsel, a function that is uniquely important for the plaintiffs’ side because there are usually many more plaintiffs’ lawyers involved and they are generally being paid based on the results. That requires a leadership structure with defined responsibilities and a common-benefit compensation structure to go along.

But where do Lead and Liaison Counsel’s responsibilities begin and where do they end? According to the Yaz MDL judge, who as far as we can tell is the first judge anywhere to address this particular issue, they begin and end with the court’s order creating those roles and defining those responsibilities.  That was the ruling in Casey v. Denton, No. 3:17-cv-00521, 2018 WL 4205153 (S.D. Ill. Sept. 4, 2018), where the district judge presiding over the Yaz hormonal contraceptive MDL held that the plaintiffs’ Lead and Liaison Counsel owed no general fiduciary duty to plaintiffs in the MDL, other than their own clients.  After the bulk of the cases in the MDL resolved, the MDL judge entered an order placing the unresolved cases on separate litigation tracks, with all the deadlines that you would expect:  Fact sheets, case-specific expert reports etc. Id. at **2-3.

Here is where is got ugly. Many of the non-settling plaintiffs blew the deadlines, resulting in motions to dismiss.  The plaintiffs blew the deadlines to oppose those motions, too.  Presented with violations of court orders and utter indifference from the plaintiffs (and their individual attorneys) toward their own cases, the MDL judge justifiably dismissed their cases. Id. No one appealed or sought reconsideration. Id.

So, what is a plaintiff to do, after rejecting settlement and opting to litigate, only then to blow off the resulting litigation deadlines? Of course, you sue your lawyer.  But not your own lawyer.  You sue the Lead and Liaison Counsel who created this whole mess, right?  That is exactly what these plaintiffs did, claiming that the Lead and Liaison Counsel “breached purported fiduciary duties by failing to address (or failing to delegate) the directives laid out” in the court’s orders. Id. at *2.  The plaintiffs analogized to duties owed by attorneys representing classes of plaintiffs, i.e., that Lead the Liaison Counsel’s duties arose from and were created by the court’s order creating those positions and “bestowing” certain duties. Id. at *3.

That proposition was a nonstarter for this judge. First, the court found no fiduciary duty:

It is well established that a “fiduciary” is a person, having a duty, created by his undertaking, to act primarily for another’s benefit in matters connected with such an undertaking. The Court finds the ending of that statement to be the pinnacle instruction on this entire dispute: One can only act in a fiduciary capacity, and thus have a fiduciary duty, to the extent his actions comport within the boundaries set by the agreement initially creating the relationship.

Id. at *4 (emphasis added).  In this case, the document creating the relationship was Case Management Order No. 2, which created the roles of Lead and Liaison Counsel and “very clearly set[ ] out what responsibilities the Lead and Liaison Counsel . . . owed to plaintiffs.”  Moreover, “it is clear from the text that Order No. 2 only imposed tasks geared towards facilitating general work product that could be used for the common good of all plaintiffs,” such as coordination of document depositories, preparing agendas, and conducting common discovery. Id. As the MDL judge concluded, “It was never the intention or spirit of Order No. 2 to supersede the authority or importance of each plaintiff’s individually-retained counsel when it came to specific matters unique to each case.” Id. at 5.

That is not to say that Lead and Liaison counsel own no duty to MDL plaintiffs.  The court analogized to a trustee, who owes a duty to pursue the “good of all.” Id. at *6.  As Judge Cardozo reminded us all in law school, “A trustee is held to something stricter than the morals of the market place. Not honesty alone, but the punctilio of an honor the most sensitive, is then the standard of behavior . . . .” Meinhard v. Salmon, 164 N.E. 545 (N.Y. 1928) (emphasis added).  Whatever the “punctilio of an honor” encompasses, it does not extend to representing an individual plaintiff when her or her own lawyer fails to do so.

Second, the court decided it would be a bad idea to create the fiduciary duty that the plaintiffs wanted.  After all, who would want to be Lead and/or Liaison Counsel if those roles came saddled with the duty to respond to every deadline and otherwise represent individuals with whom they have no engagement?  We have no qualm with the idea that the plaintiffs’ leadership in an MDL should earn their pay, and we know from our view from the other side of the aisle that they work very hard.  But even we have to admit that the plaintiffs in this case were asking too much.

The lesson here is that Lead and Liaison Counsel’s duties are defined by court order, and not so much by common law principles governing fiduciaries. So be careful in drafting and presenting those proposed orders for the judge’s signature.  They may be used against you.  A little gratuitous advice to plaintiffs’ attorneys, who are very unlikely to read our blog.

We sometimes sit around trading stories about the dumbest lawsuits we have ever seen. Our personal favorite is a class action that the Drug and Device Law Spouse defended years ago seeking damages against a national shipping company because items sent by “Second Day Air” did not always go in an airplane.  The packages arrived as promised, but the plaintiffs were shocked, shocked to learn that items sent from San Francisco to Palo Alto were carried in an ordinary (and Earth-bound) truck.  There is also the one about the guy who sued his dry cleaner for $67 million after the cleaner lost his pants.  It was reported that the cleaner showed up in court and tendered the trousers—cleaned and pressed.  The plaintiff was unimpressed.

Many cite the famous McDonald’s coffee spill case of the 1990s as a dumb and frivolous lawsuit, but at least that plaintiff suffered a serious injury—third degree burns that required skin grafts and an extended hospital stay. It was uncontested that the coffee drinker had standing to sue, regardless of what you think about the ultimate allocation of fault.

We cannot say the same for the plaintiff in a class action that an MDL judge in New Jersey dismissed last year for lack of standing, which the Third Circuit has now affirmed. In In re Johnson & Johnson Talcum Powder Products Marketing, Sales Practices and Liability Litigation, No. 17-2980, 2018 WL 4225028 (3d Cir. Sept. 6, 2018), the plaintiff used the defendants’ talcum powder, which worked exactly as it was supposed to without any ill effect.  She did not allege any defect in the product; she did not allege any injury or disease; she did not allege any increased risk of injury or disease; and did not allege any fear of developing any injury or disease in the future. Id. at *2.  She also allegedly used up the product. Id. In other words, there was no durable good or remaining product that she claimed she could not use.  Whatever she purchased, she used it until it was gone. Id.

What a frivolous lawsuit that no intelligent and scrupulous lawyer ever should have filed, right? Well, not exactly.  The district court’s order dismissing the case and the Third Circuit’s opinion affirming that result are clearly correct.  And, “frivolous” is probably a fair description.  Be that as it may, this class action was not a random misfire conceived in the minds of attorneys who didn’t know any better.  This class action was a deliberate and calculated attempt to test the limits of Article III standing and to stretch even further the wrongly decided opinion on standing in Cottrell v. Alcon Laboratories, the Third Circuit opinion that we ranked as the fourth worst drug and device decision of 2017.  That was the opinion where the Third Circuit held that purchasers of eye drops had standing to sue, even when the product labeling was indisputably accurate and the product worked exactly as expected.  How then did the eye drop purchasers suffer any compensable injury?  The bottle dispensed drops that were too big, allegedly resulting in the users paying more than they should have.  We are being charitable in our description of Cottrell.  In fact, the allegations of injury there were too speculative to support standing, as other another Circuit has found and as we have explained here, here, and here.

But at least the plaintiffs in Cottrell attempted to plead an economic injury.  The plaintiff in the J&J Talcum Powder case wanted to take Cottrell one step further by establishing standing to sue while affirmatively pleading no injury at all.  She and her lawyers lost.  The plaintiff in J&J alleged that she suffered an economic injury because, had she been informed that using baby powder could lead to an increased risk of ovarian cancer, she would not have purchased the powder in the first place. Id. at *2.  In other words, she had buyer’s remorse and sincerely wished she had not purchased the product after she consumed it with no harm or worry. Id. at *1.

Those facts did not allege an economic injury. As the Third Circuit explained, there are generally three ways to plead an economic injury.  A plaintiff can allege an “alternate product theory” by alleging that, but for the defendant’s conduct, he or she would have purchased an alternative, less expensive product.  A plaintiff can also allege a “premium price theory,” under which he or she claims that wrongful advertising of a product as “superior” induced the plaintiff to pay an unfair premium.  Finally, a plaintiff can allege that he or she was deprived of the “benefit of the bargain” and did not get what he or she paid for.

The plaintiff’s allegations missed all of these theories. She did not allege that any cheaper alternative existed, and she did not identify any unlawful “premium” paid for her powder. Id. at *2-*3.  As for the “benefit of the bargain,” she alleged only that she was promised that the baby powder was “safe,” when it allegedly was “unsafe” because of an increased risk of ovarian cancer. Id. at *3.

Let’s keep one thing straight. We do not believe there is any reliable scientific evidence that talcum powder can cause ovarian cancer, and we reported on a California court finding exactly that here.  But even taking the plaintiff’s allegations as true, conclusory allegations of purchasing an “unsafe” product did not establish an economic injury sufficient to support Article III standing.  Distinguishing Cottrell, the Third Circuit held that “a plaintiff must do more than offer conclusory assertions of economic injury in order to establish standing.  She must alleged facts that would permit a factfinder to value the purported injury at something more than zero dollars without resorting to mere conjecture.” Id. at *4.

Having used the product, and having failed to allege any injury or even an increased risk or fear of injury, the plaintiff did not have the facts. So what did she offer instead?  A promise of “models for calculating damages and restitution that are linked to her theory or relief and are based on the evidence in the case.” Id. at *6.  Aha, the experts will take care of it all in “models.”  Forgive us for being skeptical, but also give the Third Circuit credit for insisting that a plaintiff still must allege facts:

[E]ven at the pleading stage, a plaintiff must set forth sufficient factual allegations that, if proven true, would permit a factfinder to determine that she suffered at least some economic injury.  . . .

[Plaintiff] fails to allege even that the Baby Powder provided her with an economic benefit worth one penny less than what she paid. We must, therefore, conclude that she received the benefit of her bargain and has suffered no economic injury.

Id. at *7.  The Third Circuit also ruled that an alleged increased risk to others did not count because the plaintiff’s “references to Baby Powder being unsafe to others are not relevant to determining whether [she] has standing herself.” Id. at *8 (emphasis in original).

The Third Circuit found the plaintiff lacked standing to sue for restitution and injunctive relief for similar reasons: Her restitution claim rested on mere conjecture, and her claim for injunctive relief made no sense because she was not at risk of suffering an economic injury.  We don’t blame the plaintiffs’ lawyers for trying to stretch Cottrell beyond the breaking point, but in the end they did not succeed.  The Third Circuit summed it up this way:  “[Plaintiff’s] wish to be reimbursed for a functional product that she has already consumed without incident does not itself constitute an economic injury within the meaning of Article III.”  Amen.

We understand that we write a lot about federal preemption. You might even be rolling your eyes at yet another post on this most powerful of defenses, but we just can’t help ourselves.  Federal regulation runs deep in the drug and medical device world, and the possibility that federal law might preempt state-law claims is an ever-present possibility.  To be sure, there is no shortage of litigation alleging that drug and device companies have violated state law duties, so we don’t want to overstate matters.  Regardless, federal preemption remains the bright shiny object from which we cannot avert our gaze.

Federal preemption demands our attention also because it is so often misunderstood and/or misapplied. We have said at times that some judges are hostile to preemption, and that might be true for some of the obviously result-oriented opinions that we review.  It is more likely that courts confront the many branches of preemption and the spider web of cases applying preemption in its various flavors, and they just get it wrong.  God only knows that the authorities are not always clear.

This is a long lead-in to a recent case that got preemption wrong on so many levels that we’re not completely sure what to make of it. In Tryan v. Ulthera, Inc., No. 2:17-cv-02036, 2018 U.S. Dist. LEXIS 140111 (E.D. Cal. Aug. 17, 2018), the plaintiffs sued the manufacturer of a medical device that uses ultrasound to tighten skin and reduce wrinkles on the face, neck, and chest.  The FDA cleared the device for marketing through the 510(k) premarket notification process, which is different from the more rigorous premarket approval (or “PMA”) process that some other devices go through.  The plaintiffs’ beef was that the manufacturer represented that the device was “FDA approved” (as opposed to “FDA cleared”) in violation of FDA regulations. Id. at **2-4.

The case seems fairly straightforward. Plaintiffs based their claims on an alleged violation of the Food Drug & Cosmetic Act (“FDCA”) and its regulations.  Moreover, the plaintiffs did not allege any complication with their procedures, or even that the device did not work exactly as it was supposed to.  Instead, they alleged that had they known the device was not FDA approved, and that it was merely FDA cleared, they would have paid less for the therapy or considered alternative treatments. Id. at *4.

Whatever you think of those allegations and the likelihood that any consumer would draw any distinction between “FDA cleared” and “FDA approved,” these plaintiffs were suing because of a violation of the FDCA, which runs directly into implied preemption under Buckman and 28 U.S.C. § 337(a).  Whether the device was FDA “approved,” “cleared,” or whatever, without the FDCA, there would be no FDA action at all. Buckman is the Supreme Court case that held that state-law claims conflicting with the FDCA are impliedly preempted, and Section 337 mandates that only the federal government can enforce the FDCA.  Whenever a purported state-law cause of action includes as a “critical” element some sort of FDCA violation, it runs afoul of § 337(a) and is therefore impliedly preempted under Buckman. Buckman involved a 510(k) device, so device categories do not affect implied preemption.

The manufacturer therefore justifiable moved to dismiss on implied preemption, and in denying the motion, the district court got off on the wrong foot, and it got worse from there. The district court began its discussion with the express preemption clause of the Medical Device Amendments, which expressly preempts any state law requirement which is “different from or in addition to” federal requirements. Id. at *10.  This is a valid legal principle as far as it goes, but it is completely irrelevant to this case:  The defendant did not assert that federal law expressly preempted the plaintiffs’ claims.  The defendant asserted implied preemption, under which federal law preempts state law where the state law conflicts with federal law or stands as an obstacle.

You might ask what difference that would make? Well, it makes a big difference, because in its next breath, the district court invoked the questionable and often-misunderstood “parallel claim” exception to preemption.  As the “exception” goes, because the MDA’s express preemption clause preempts state-law requirements that are “different from or in addition to” federal requirements, claims based on state-law duties that “parallel” federal requirements are not preempted.

We can debate whether the “parallel claim” exception is a good idea or whether federal authorities actually support its existence. One thing, however, is certain:

There is no parallel claim exception to implied preemption.

The district court’s introduction of express preemption at the outset of its opinion was therefore no harmless error. It started the opinion down a legal path from which the opinion would never recover, as the court forced the plaintiffs’ allegations into an “exception” that does not exist.  For example, the district court noted with approval that the plaintiffs alleged that California law “incorporates and mirrors the FDCA.” Id. at *11.  In the context of implied preemption, that observation alone should have been the death knell of this case because it acknowledged in plain terms that the plaintiffs were suing to enforce the FDCA.  We know from Buckman and section 337(a) that such actions are not allowed.  The “mirroring” of California law matters only in food cases, to which a statutory exception to section 337(a) applies.  That exception does not apply to medical devices (or drugs), which we detailed here.

Unfortunately, the district court misapprehended this point again and again. It noted the “linkage” between state and federal law and cited the plaintiffs’ use of federal “regulatory and statutory violations” as the predicates for their state-law claims. Id. The court noted that California statutes adopt federal regulations as state-law standards. Id. The court observed that California law prohibits false and misleading advertising.  And why is it misleading to say a Class II medical device cleared through the premarket notification process is “FDA approved”?  Because such a statement allegedly violates federal regulations.  All paths lead back to the plaintiffs suing to enforce the FDCA, which is the epitome of implied preemption.

The district court also wrongly cited federal law in support of its opinion. It relied on Medtronic Inc. v. Lohr, 518 U.S. 470 (1996), to describe the FDA’s 510(k) process. Id. at **5-6.  The court certainly is not alone in citing Lohr on this point, but as we have explained here and here, Lohr understates and marginalizes the 510(k) process’ focus on safety and efficacy and was outdated even before it was published.  The district court also stated that “FDCA regulations appear to directly preclude preemption,” but once again the cited regulation defines the scope of the Medical Device Amendment’s express preemption provision.  That provision did not apply, nor did the defendants argue that it should. Id. at *13.

Finally, the court observed that 510(k) clearance does not preempt “state statutes of general application.” Id. at **13-14.  Of course the mere fact of 510(k) clearance does not create a blanket of preemption over “statutes of general application,” and we highly doubt the defendant argued that it did.  However, when the plaintiffs is claiming that a medical device manufacturer violation a state statute of any kind because its conduct violated the FDCA, that’s implied preemption, and that is exactly what the plaintiffs alleged here.

In the end, we have a class action alleging that “FDA approved” and “FDA cleared” are different enough to consumers that the law should require awarding damages to patients who allege no injury and for whom the device may have worked exactly as advertised. We are not so sure, nor are we sure that this order will survive an appeal.

A myth that has regrettably gained some traction lately is that the FDA’s clearance of a medical device under the 510(k) substantial equivalence process is unrelated to safety and efficacy. One notably unfair manifestation of this myth is the entry of orders in limine in a number of recent medical device cases excluding evidence of the devices’ 510(k) regulatory pathway.  Most or all of these orders rely on the Supreme Court’s 1996 opinion in Medtronic, Inc. v. Lohr, where the Court held that federal law did not preempt certain medical device warnings claims involving 510(k) devices.  In so holding, the Court distinguished the pre-1990 510(k) clearance process from the more involved and “rigorous” premarket approval (“PMA”) process and observed that the old 510(k) process was “focused on equivalence, not safety.”  518 U.S. 470, 493 (1996).

The Supreme Court did not hold that 510(k) clearance has no bearing on safety and efficacy, but the language quoted above provides a foothold for those inclined to marginalize the FDA’s role.  Indeed, we believe the Supreme Court’s view of the 510(k) process was already outdated in 1996.  As we have explained multiple times (including here), the 510(k) clearance process is keyed directly to safety and efficacy, and the Supreme Court has been retreating from Medtronic v. Lohr almost since the day the opinion was filed.

A district judge in Los Angeles recently provided what we think is the correct perspective. The case is Otero v. Zeltiq Aesthetics, Inc., No. CV 17-3994, 2018 WL 3012942 (C.D. Cal. June 11, 2018), and it is not a preemption case, or even a product liability case.  Instead, patients sued the manufacturer of a non-invasive fat-reducing system under California’s permissive consumer fraud statutes, claiming that the company made partial statements that were misleading and failed to disclose material information about the product. Id. at **1-2.

What were the misleading partial statements and omitted facts? The plaintiffs alleged that the manufacturer stated (truthfully) that the product was “FDA-cleared” and “FDA-cleared as safe and effective.” Id. at *1.  And the manufacturer failed to explain the difference between “FDA clearance” on the one hand and “FDA approval” on the other.  That’s the omission.

We have unending sympathy for individuals who fight weight gain and for whom the condescending admonition to exercise more and eat less is not helpful. Be that as it may, these claims have no arguable merit, and the district court correctly dismissed them.  With regard to the alleged “partial” representation that the device was “FDA cleared,” the district court ruled that “Plaintiffs fail to explain how that true representation—on its own—could cause reasonable consumers to erroneously believe that the system received FDA approval.” Id. at *2.  The court continued:

Plaintiffs simply point out that under California law, true statements may mislead reasonable consumers if other relevant information is omitted. Although that is an accurate legal proposition, it does not establish that “FDA-Cleared” gives rise to viable [California statutory] claims, especially because the “mere possibility” that some consumers acting unreasonably will conflate FDA-clearance and FDA-approval is insufficient.

Id. So can a true statement ever support a claim?  Under some circumstances not presented here, it appears that one could, although that would be truly exceptional case.  Can a true statement support a claim where it is merely possible that a consumer will unreasonably misconstrue it?  This court ruled that it cannot.

There is more. The plaintiffs also argued that adding the words “safe and effective” to “FDA-cleared” was misleading because that claim can only be made in connection with FDA approval, citing Medtronic v. Lohr.  (See, we were going to get back to Medtronic v. Lohr eventually, and here we are).  In the part of the order that we like the most, the district court convincingly debunked the myth that “safe and effective” is unique to the PMA process:

It appears that this argument relies on Medtronic, Inc. v. Lohr, 518 U.S. 470 (1996), which allegedly establishes that “‘[t]he § 510(k) notification process is by no means comparable to the PMA process’ and in no way warrants that the device is safe and effective.”  [quoting Plaintiffs’ brief.]  Although Medtronic observed that obtaining Section 510(k) clearance is not as onerous as the “rigorous” PMA process, the Supreme Court did not find that the former has no bearing on a device’s safety and effectiveness. In fact, Medtronic acknowledged that “the FDA may well examine § 510(k) applications . . . with a concern for the safety and effectiveness of the device . . .”  The Supreme Court later clarified “the FDA simultaneously maintains the exhaustive MPA and the more limited § 510(k) process in order to ensure . . . that the medical devices are reasonably safe and effective.

Id. at *3 (first emphasis added, second in original).  In other words, the plaintiffs (and others before them) were relying on a snippet to misread Medtronic and overstate its holding.  The district court went on to state that the FDA’s regulations connect 510(k) clearance to safety and effectiveness, too:

Indeed, the FDA regulations provide that if the agency has found that a device is substantially equivalent to—but has “technological characteristics” that are different from—a predicate device, then that means the agency has concluded that “[t]he data submitted . . . contains information, including clinical data if deemed necessary by the Commissioner, that demonstrates that the device is as safe and as effective as a legally marketed device.”

Id. (emphasis in original).  Finally, the district court noted that compliance with general and special controls, which Class II medical devices must do, further provides “reasonable assurance of the safety and effectiveness of the device.” Id. There was no deceptive, no misleading statement.  Only true representations of a medical device’s regulatory pathway.  That is not the basis for a consumer fraud claim.

Nor is it consumer fraud when a manufacturer does not explain the difference between FDA clearance and FDA approval. The district court ruled that a manufacturer’s duty to consumers is limited to warranty obligations, absent an affirmative misrepresentation or a “safety issue.” Id. at *4.  We are not sure this is an accurate statement of a medical device manufacturer’s duty to consumers, especially considering the presence of prescribing physicians (i.e., the learned intermediaries) for many devices.  We also can’t imagine a situation where a medical device manufacturer would be under a legal obligation to explain FDA regulations to consumers.  But even taking the rule at face value, the plaintiffs alleged no safety risk. Id. at *5.  Maybe they were unsatisfied with the results (i.e., effectiveness) and wanted their money back.  Whatever their beef was, it was not about safety.

The plaintiffs walked away with their core claims dismissed without leave to amend. The district court gave them another chance to plead that they actually observed other statements that they claimed were misleading, based on counsel’s representations at argument that their clients might have seen them. Id. at **5-6.  We don’t know.  It seems to us that if those facts existed, the plaintiffs would already have pleaded them.  The takeaway for us is the reality that the 510(k) process does tie into safety and efficacy.  Don’t let anyone tell you otherwise.

We have made it no secret that we think the Ninth Circuit wrongly decided Stengel v. Medtronic.  That is the case where the Ninth Circuit reversed express preemption of claims involving a pre-market approved medical device by divining a “parallel” state-law duty to report adverse events to the FDA.  As we have said here and here (and other places), we are not convinced that such a duty even exists.  That is why we liked the district court’s order from last year dismissing the Complaint in Ebrahimi v. Mentor Worldwide LLC, mainly because the district court emphasized another befuddling aspect of Stengel:  How on Earth can a plaintiff plead and prove that a purported failure to report adverse events to the FDA caused him or her any injury?

The plaintiff in Ebrahimi could not allege causation last year, and despite multiple opportunities to amend, she still can’t, resulting in another order granting another motion to dismiss.  The order is Ebrahimi v. Mentor Worldwide LLC, No. 16-cv-7316 (C.D. Cal. May 25, 2018) (you can view the order here), and the pleading at issue was the Second Amended Complaint.  The plaintiff again alleged injuries resulting from treatment with silicone-gel breast implants, and as in the initial Complaint, she alleged two failure-to-warn theories:  (1) The defendant allegedly failed to report “adverse events” to the FDA, and (2) the defendant allegedly failed adequately to warn patients and doctors. Id. at 3.

But neither of those theories stated a parallel claim sufficient to avoid express preemption. The Medical Device Amendments expressly preempt any state-law requirement that is “different from or in addition to” any federal requirement related to safety or effectiveness. See 21 U.S.C. § 360k(a).  Under the much-misunderstood “parallel claim” exception, a plaintiff can sometimes plead a non-preempted state-law claim if the asserted state law duty “parallels” the federal requirement.  Theoretically, that claim would not be “different from or in addition to” federal requirements.

The alleged failure adequately to warn doctors and patient was clearly preempted. Imposing a state-law duty to warn that is different from what federal law requires runs headlong into the Medical Device Amendments’ express preemption provision.  That is Riegel v. Medtronic to a tee.

As for the alleged failure to report adverse events to the FDA, that was not an actionable “parallel claim.” As the district court observed, “To state a parallel claim under California law, Ebrahimi ‘will ultimately have to prove that if [the manufacturer] had properly reported the adverse event to the FDA as required under federal law, that information would have reached [her] doctors in time to prevent [her] injuries.’” Id. at 3 (quoting Stengel v. Medtronic, Inc., 704 F.3d 1224, 1234 (9th Cir. 2013)).

Of course, this gloss on a parallel claim assumes that a state-law claim for failure to report claim to the FDA actually exists, and we don’t think one does. But setting aside that fundamental disagreement, this district court has again correctly zeroed in on causation as essential to pleading a claim based on an alleged failure to report adverse events.  This plaintiff failed for two reasons.  First, the “adverse events” that she alleged were not “events” at all.  Plaintiff alleged “potential statistical issues” with six post-approval studies, but none of those “issues” was an “ailment or injury resulting from gel bleed.” Id. at 3-4.  Second, and we think more importantly, the plaintiff failed to allege a “causal nexus” between her injuries and the manufacturer’s alleged failure to report:

In particular, she does not allege any specific facts showing that had [the manufacturer] not “covered up” these purported adverse events, the FDA would have required [the manufacturer] to modify its labeling and marketing materials or otherwise warn patients and doctors that “significant gel bleed was a potential risk. . . .” Therefore, Ebrahimi’s failure-to-warn claim cannot escape express preemption because she has not shown that [the manufacturer’s] failure to report adverse events to the FDA resulted in her injury

Id. at 5. We have blogged on parallel claims on multiple occasions, but Ebrahimi is particularly strong on folding causation (or lack thereof) into defining which claims avoid express preemption and which do not.  This is more than TwIqbal.  This is a district court ruling that federal law preempts your claim unless you can allege specific facts showing that the violation of a “parallel” state-law duty actually caused you harm.  Other courts should do this, too.

This time around, the district court dismissed the failure-to-warn claims without leave to amend, which makes sense. The plaintiff filed a First Amended Complaint, and then a Second, and if she has not alleged a non-preempted claim by now, she never will.  The district court did grant leave to amend for the manufacturing defect claim, based on allegations that the implant suffered from “poor workmanship” and the like. Id. at 5-6.  So she gets another chance, but if all she is left with is a manufacturing defect claim in a medical device case, she does not have much.

Kudos to the attorneys at Tucker Ellis for achieving this result, and our thanks to Dustin Rawlin for sending the order our way.