The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
In an increasingly data-driven digital landscape, businesses are constantly seeking tools to better understand and optimize user experiences. One such tool is session replay—a powerful technology that allows organizations to...more
The Northern District of California recently dismissed, with prejudice, a purported class action against Royal Caribbean Cruises Ltd. (Royal Caribbean), alleging a violation of the California Invasion of Privacy Act (CIPA)...more
A California bill aimed at curbing the explosion of lawsuits filed against businesses using common website tools like cookies, pixels, and session replay software has stalled out in the 2025 legislative session, meaning your...more
Healthline Media has agreed to pay $1.55 million to resolve allegations that it violated the California Consumer Privacy Act (CCPA) – which is the largest settlement to date under the state’s landmark privacy law. The...more
In a significant win for Royal Caribbean Cruises, a federal judge dismissed a lawsuit that alleged the cruise line’s website violated a California privacy law by using a TikTok tracking tool. The case, Kishnani v. Royal...more
The Ninth Circuit recently issued two back-to-back memoranda of dispositions addressing claims under the California Invasion of Privacy Act (“CIPA”) Section 631 and the common law tort of intrusion upon seclusion. First, on...more
In a significant decision for privacy class action litigation, a federal judge in California recently denied the certification of a proposed class action involving claims under the state’s invasion of privacy law. The May 29...more
Over the last several years, California appellate courts have begun to align the threshold standing analysis under California law with the federal Article III standing requirements, presenting an emergingly viable...more
This week, the U.S. District Court for the Northern District of California ruled in favor of children’s clothing retailer Janie & Jack, which sought to enjoin over 2,400 individual arbitration claims resulting from alleged...more
Readers may recall prior pieces in which we discussed a pair of law firms responsible for bringing California Invasion of Privacy Act (“CIPA”) arbitration demands against online businesses. These CIPA arbitration demands...more
Businesses just received some good news when a federal court dismissed a California Invasion of Privacy Act (CIPA) claim that aimed to expand the reach of the state’s wiretapping law to cover internet communications. The...more
In a big win for businesses, a California federal court just held that a “tester” plaintiff – someone who visits websites for purposes of initiating litigation – cannot bring a claim under the California Invasion of Privacy...more
As the privacy litigation landscape continues to take shape, search bars have quietly become a Trojan horse in online data collection, carrying new legal theories into the California Invasion of Privacy Act (CIPA) arena. The...more
Readers of this blog know about the never-ending barrage of consumer privacy litigation commenced against online companies in connection with their collection of consumer data. Several of these cases have recently been filed...more
Three recent federal court cases consider whether the use of third party trackers embedded in websites can be the basis of class action lawsuits alleging violations of statutes enacted before the internet existed. These...more
While readers of this blog are familiar with the proliferation of California Invasion of Privacy Act (“CIPA”) wiretapping claims, our readers may be less familiar with CIPA-related GET Request claims. Below, we explain what...more
Privacy litigation has taken California (and the country) by storm. In the past twenty-four months, the focus of privacy litigation has shifted from data breaches to data use, and the number of class actions filed grows by...more
On February 18, 2025, US District Judge Edgardo Ramos of the United States District Court of the Southern District of New York granted the defendant’s motion to dismiss against a plaintiff bringing claims under California...more
Beware of demand letters from plaintiffs’ attorneys for allegations of illegal use of pen registers, trap and trace pixels, and search bar pixels—why? This “trap and trace” litigation is a growing trend for plaintiffs’...more
In 2024, plaintiffs across the United States filed various class action cases related to web tracking technology employed by companies to enhance user experience on their websites and to improve the efficacy of their...more
Welcome to the twentieth installment in our monthly data privacy litigation report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. After our expansive...more
Two recent court decisions have provided businesses with long-awaited clarity on the reach of the California Invasion of Privacy Act (CIPA) – and could begin to redefine digital privacy litigation for the better. Two separate...more
A California federal district court recently granted class certification in a lawsuit against a financial services company. The case involves allegations that the company’s website used third-party technology to track users’...more
Our readers are well aware of the proliferation of lawsuits alleging California Invasion of Privacy Act (“CIPA”) violations against companies that use third-party tracking technology to collect consumer data on their...more
Despite some favorable rulings, lawsuits alleging California Invasion of Privacy Act (“CIPA”) claims against companies that use third-party tracking technology to collect consumer data on their websites show no signs of...more