The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
Websites are ubiquitous, and so are cookies and tracking pixels (a/k/a web beacons). A web browser uses cookies to store login details and preferences; the cookies also track and profile user behavior. When visiting a...more
The Ninth Circuit heard oral arguments on June 10, 2025, in three closely watched appeals—Gutierrez v. Converse Inc., Mikulsky v. Bloomingdale’s, LLC, and Thomas v. Papa John’s International, Inc.—that could shape the future...more
In a prior alert, we predicted an uptick in class action complaints brought under the California Invasion of Privacy Act (CIPA) alleging that modern website analytical tools such as pixels, cookies and session replay software...more
California Invasion of Privacy Act (“CIPA”) wiretapping claims against online businesses are topics with which our readers are well-versed. Inconsistent court decisions about whether wiretapping claims under CIPA apply to the...more
Courts across the country are becoming skeptical of data breach and web tracking claims that assert theoretical privacy violations without alleging any actual injury to the plaintiffs. Recent decisions underscore that courts...more
Keypoint: In this post: (1) California considers a “commercial exception” to wiretapping and pen registry laws; (2) a rise in federal wiretapping claims against websites; (3) more courts impose “knowledge or intent”...more
On April 2, 2025, the United States District Court for the Northern District of California granted Defendant’s Motion to Dismiss in Lakes et al. v. Ubisoft, Inc. In Lakes, Among other eavesdropping claims, Plaintiffs alleged...more
Keypoint: In this post: (1) How a privacy policy can defeat a plaintiff’s “delayed discovery” argument; (2) Two CA state courts reject plaintiffs’ allegations concerning personal jurisdiction; (3) Three courts dismiss PR/TT...more
Generative AI continued to be a hot topic for privacy-related litigation in 2024. In the US, companies using and deploying this technology saw themselves subject to lawsuits under various state and federal theories of...more
On February 18, 2025, US District Judge Edgardo Ramos of the United States District Court of the Southern District of New York granted the defendant’s motion to dismiss against a plaintiff bringing claims under California...more
Welcome to the twentieth installment in our monthly data privacy litigation report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. After our expansive...more
A California federal district court recently granted class certification in a lawsuit against a financial services company. The case involves allegations that the company’s website used third-party technology to track users’...more
Keypoint: California district courts continue to split over whether “knowledge” is required to plead liability under Section 631(a)’s fourth prong while two decisions show courts taking different approaches to VPPA claims at...more
Keypoint: The Central District of California issued several wiretapping decisions in May while two decisions on the VPPA illustrate how claims fail or succeed at the pleading stage. Welcome to the fourteenth installment in...more
Keypoint: The Central District of California issues a major victory for website owners facing CIPA-arbitration demands, two decisions address whether a plaintiff consented as a defense to wiretapping claims, three courts in...more
Two recent developments highlight the challenges companies may face as they explore ways to incorporate AI-based chatbots into their customer service offerings: - A putative class action filed in California federal...more