The ‘Long Arm’ of CIPA and Its Newfound Pen-Trap Claims
If your company uses a third-party tool to power your website chat function or AI-assisted customer service, the 9th Circuit Court of Appeals just delivered a ruling you should know about. On July 9, the court affirmed...more
Readers of this blog may recall a piece in which we discussed an unfavorable Ninth Circuit California Invasion of Privacy Act (“CIPA”) internet wiretapping decision. Interestingly, the Ninth Circuit recently weighed in again...more
In a significant win for Royal Caribbean Cruises, a federal judge dismissed a lawsuit that alleged the cruise line’s website violated a California privacy law by using a TikTok tracking tool. The case, Kishnani v. Royal...more
Readers of this blog are aware of the barrage of California Invasion of Privacy (“CIPA”) claims brought against online companies. Recently, an unfavorable decision from the Ninth Circuit Court of Appeals (“Ninth Circuit”)...more
A national leader in privacy law, California was among the first states to include an express right to privacy in its constitution, create a data breach notification law, and codify robust consumer data protections. ...more
On May 13, 2025, a $19.5 million settlement of a California Invasion of Privacy Act (CIPA) class action against a major financial institution and its telemarketing vendor moved one step closer to final approval. The...more
On April 29, 2025, the Senate Public Safety Committee voted 6-0 to advance legislation that would exempt processing of personal information for a commercial business purpose from coverage by the California Invasion of Privacy...more
California Invasion of Privacy Act (“CIPA”) wiretapping claims against online businesses are topics with which our readers are well-versed. Inconsistent court decisions about whether wiretapping claims under CIPA apply to the...more
In a big win for businesses, a California federal court just held that a “tester” plaintiff—someone who visits websites to initiate litigation—cannot bring a claim under the California Invasion of Privacy Act (CIPA)....more
Keypoint: In this post: (1) California considers a “commercial exception” to wiretapping and pen registry laws; (2) a rise in federal wiretapping claims against websites; (3) more courts impose “knowledge or intent”...more
Readers of this blog know about the never-ending barrage of consumer privacy litigation commenced against online companies in connection with their collection of consumer data. Several of these cases have recently been filed...more
While readers of this blog are familiar with the proliferation of California Invasion of Privacy Act (“CIPA”) wiretapping claims, our readers may be less familiar with CIPA-related GET Request claims. Below, we explain what...more
Generative AI continued to be a hot topic for privacy-related litigation in 2024. In the US, companies using and deploying this technology saw themselves subject to lawsuits under various state and federal theories of...more
Beware of demand letters from plaintiffs’ attorneys for allegations of illegal use of pen registers, trap and trace pixels, and search bar pixels—why? This “trap and trace” litigation is a growing trend for plaintiffs’...more
As the debate simmers about the proper application of the wiretapping provisions of the California Invasion of Privacy Act (CIPA), courts continue to weigh in on what technologies may constitute improper third-party...more
Welcome to the twentieth installment in our monthly data privacy litigation report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. After our expansive...more
If your business operates online and uses common marketing tools, your business is at risk of being targeted for lawsuits under pre-internet wiretapping and video rental privacy laws. It is critical to address and mitigate...more
Those tracking CIPA litigation are familiar with the recent decision holding in favor of a company whose site had an online chat operated by a vendor. The court in that case held (1) that the company had not violated the...more
Keypoint: California district courts continue to split over whether “knowledge” is required to plead liability under Section 631(a)’s fourth prong while two decisions show courts taking different approaches to VPPA claims at...more
Keypoint: Courts have started to issue Pixel-based wiretapping decisions, the Seventh Circuit weighs in on when a manufacturer can be forced to pay arbitration fees, and three courts showed different approaches to dismissing...more
Keypoint: Courts reject personal jurisdiction arguments and suggest the Shopify decision will be overturned; Courts continue to show differing approaches to VPPA claims at the pleading stage with a large VPPA class action...more
Keypoint: The Central District of California issued several wiretapping decisions in May while two decisions on the VPPA illustrate how claims fail or succeed at the pleading stage. Welcome to the fourteenth installment in...more
Central District of California dismisses lawsuit alleging that a third-party’s interception of communications over a website’s live chat feature violated California’s wiretapping and eavesdropping prohibitions. ...more
On May 9, 2024, Paul Hastings participated in a panel on litigation trends and risk management at this spring’s Privacy+Security Forum. Panelists included Carter Simpson (Partner, Paul Hastings) and Matt Gardner (Senior...more
Keypoint: The Central District of California issues a major victory for website owners facing CIPA-arbitration demands, two decisions address whether a plaintiff consented as a defense to wiretapping claims, three courts in...more