The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
Websites are ubiquitous, and so are cookies and tracking pixels (a/k/a web beacons). A web browser uses cookies to store login details and preferences; the cookies also track and profile user behavior. When visiting a...more
A California bill aimed at curbing the explosion of lawsuits filed against businesses using common website tools like cookies, pixels, and session replay software has stalled out in the 2025 legislative session, meaning your...more
On May 13, 2025, a $19.5 million settlement of a California Invasion of Privacy Act (CIPA) class action against a major financial institution and its telemarketing vendor moved one step closer to final approval. The...more
In an earlier piece, we discussed the increase in recently-filed California Invasion of Privacy Act (“CIPA”) TikTok trap and trace device lawsuits. Generally, TikTok trap and trace actions allege that the use of TikTok...more
In a prior alert, we predicted an uptick in class action complaints brought under the California Invasion of Privacy Act (CIPA) alleging that modern website analytical tools such as pixels, cookies and session replay software...more
On April 2, 2025, the United States District Court for the Northern District of California granted Defendant’s Motion to Dismiss in Lakes et al. v. Ubisoft, Inc. In Lakes, Among other eavesdropping claims, Plaintiffs alleged...more
The California Invasion of Privacy Act continues to be a focal point for privacy litigation, particularly concerning website tracking practices. A recent case, Gabrielli v. Insider Inc. sheds new light on whether collecting...more
Beware of demand letters from plaintiffs’ attorneys for allegations of illegal use of pen registers, trap and trace pixels, and search bar pixels—why? This “trap and trace” litigation is a growing trend for plaintiffs’...more
As the debate simmers about the proper application of the wiretapping provisions of the California Invasion of Privacy Act (CIPA), courts continue to weigh in on what technologies may constitute improper third-party...more
Welcome to the twentieth installment in our monthly data privacy litigation report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. After our expansive...more
A California federal district court recently granted class certification in a lawsuit against a financial services company. The case involves allegations that the company’s website used third-party technology to track users’...more
Plaintiffs are persistently crafting creative legal theories to target tracking technologies. One new approach is to characterize tracking technologies as “pen registers” or “trap and trace devices” used in violation of...more
Over the past year, lawsuits under the California Invasion of Privacy Act (“CIPA”) have gained significant momentum, and there’s no sign of them slowing down. Both state and federal courts in California are seeing a rise in...more
California businesses are experiencing a tsunami of demands and complaints alleging class action status that applies the well-established 1960’s California Invasion of Privacy Act (CIPA) to the internet’s new technology. CIPA...more