The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
If your company uses a third-party tool to power your website chat function or AI-assisted customer service, the 9th Circuit Court of Appeals just delivered a ruling you should know about. On July 9, the court affirmed...more
In an increasingly data-driven digital landscape, businesses are constantly seeking tools to better understand and optimize user experiences. One such tool is session replay—a powerful technology that allows organizations to...more
Welcome to the Summer of Privacy! As we hit the middle of 2025, California is once again the focus of our attention, as both its legislators and regulators are attempting to square privacy protections with developing...more
Introduction - The intersection of digital customer service tools and privacy law continues to generate high-stakes litigation, especially in California, where the California Invasion of Privacy Act (“CIPA”) has become a...more
Readers of this blog may recall a piece in which we discussed an unfavorable Ninth Circuit California Invasion of Privacy Act (“CIPA”) internet wiretapping decision. Interestingly, the Ninth Circuit recently weighed in again...more
The Northern District of California recently dismissed, with prejudice, a purported class action against Royal Caribbean Cruises Ltd. (Royal Caribbean), alleging a violation of the California Invasion of Privacy Act (CIPA)...more
A California bill aimed at curbing the explosion of lawsuits filed against businesses using common website tools like cookies, pixels, and session replay software has stalled out in the 2025 legislative session, meaning your...more
Healthline Media has agreed to pay $1.55 million to resolve allegations that it violated the California Consumer Privacy Act (CCPA) – which is the largest settlement to date under the state’s landmark privacy law. The...more
In a significant win for Royal Caribbean Cruises, a federal judge dismissed a lawsuit that alleged the cruise line’s website violated a California privacy law by using a TikTok tracking tool. The case, Kishnani v. Royal...more
The Ninth Circuit recently issued two back-to-back memoranda of dispositions addressing claims under the California Invasion of Privacy Act (“CIPA”) Section 631 and the common law tort of intrusion upon seclusion. First, on...more
The U.S. Court of Appeals for the Ninth Circuit has issued a pivotal ruling that is likely to reshape privacy litigation for e-commerce platforms. In Briskin v. Shopify, Inc., the Court held that Shopify, despite being...more
In a significant decision for privacy class action litigation, a federal judge in California recently denied the certification of a proposed class action involving claims under the state’s invasion of privacy law. The May 29...more
It’s 2025, and somehow, we’re still dealing with lawsuits over a law that was born in the pen registers and rotary phones era. That law, the California Invasion of Privacy Act (CIPA), a decades-old statute that’s suddenly...more
Over the last several years, California appellate courts have begun to align the threshold standing analysis under California law with the federal Article III standing requirements, presenting an emergingly viable...more
This week, the U.S. District Court for the Northern District of California ruled in favor of children’s clothing retailer Janie & Jack, which sought to enjoin over 2,400 individual arbitration claims resulting from alleged...more
Readers may recall prior pieces in which we discussed a pair of law firms responsible for bringing California Invasion of Privacy Act (“CIPA”) arbitration demands against online businesses. These CIPA arbitration demands...more
Online businesses are increasingly facing a wave of arbitration demands under the California Invasion of Privacy Act (“CIPA”) and similar laws. Enterprising law firms have been at the forefront of this trend, filing claims on...more
There is never a boring moment in California privacy law, and these past weeks have been no exception. From major modifications to proposed California Consumer Protection Act (CCPA) rulemaking on automated decision-making...more
Businesses need to remain vigilant regarding recent developments in consumer-based data privacy class actions. In recent weeks, the plaintiff class action bar has filed several lawsuits against The Trade Desk Inc. related to...more
Businesses just received some good news when a federal court dismissed a California Invasion of Privacy Act (CIPA) claim that aimed to expand the reach of the state’s wiretapping law to cover internet communications. The...more
Courts across the country are becoming skeptical of data breach and web tracking claims that assert theoretical privacy violations without alleging any actual injury to the plaintiffs. Recent decisions underscore that courts...more
In a big win for businesses, a California federal court just held that a “tester” plaintiff – someone who visits websites for purposes of initiating litigation – cannot bring a claim under the California Invasion of Privacy...more
As the privacy litigation landscape continues to take shape, search bars have quietly become a Trojan horse in online data collection, carrying new legal theories into the California Invasion of Privacy Act (CIPA) arena. The...more
Readers of this blog know about the never-ending barrage of consumer privacy litigation commenced against online companies in connection with their collection of consumer data. Several of these cases have recently been filed...more
Three recent federal court cases consider whether the use of third party trackers embedded in websites can be the basis of class action lawsuits alleging violations of statutes enacted before the internet existed. These...more