Last week, the Second Circuit affirmed dismissal of a putative class action under the Video Privacy Protection Act (VPPA), holding that the alleged transmission of code containing video titles and a unique user ID to a third-party is not a disclosure of “personally identifiable information” (PII). The decision, Solomon v. Flipps Media, Inc., 23‐7597 (2d Cir. May 1, 2025), aligns the Second Circuit with the Third and Ninth Circuits in holding that the VPPA only prohibits the disclosure of information that would “readily permit an ordinary person to identify a specific individual’s video-watching behavior.” Continue Reading Second Circuit Affirms VPPA Dismissal: Data Is Not “Personally Identifiable Information” If Only Experts Can Decipher It
“Tester” Plaintiff Who “Actively Seeks Out Privacy Violations” Lacks Standing to Pursue CIPA Claim
Lawsuits targeting businesses’ use of website tools under the California Invasion of Privacy Act (“CIPA”) increasingly are filed by so-called “tester” plaintiffs. These plaintiffs seek out websites to “test” for potential CIPA violations and then file lawsuits seeking damages for those alleged violations. A California federal court recently confirmed that…
Continue Reading “Tester” Plaintiff Who “Actively Seeks Out Privacy Violations” Lacks Standing to Pursue CIPA ClaimImplied Consent to Privacy Policy in Webpage Footer Forecloses Website Wiretapping Claim
Does a plaintiff’s use of a website constitute consent to a privacy policy linked in the website’s footer? A Pennsylvania federal court answered yes in Popa v. Harriet Carter Gifts, Inc., 2025 WL 896938 (W.D. Pa. Mar. 24, 2025), granting summary judgment in favor of an online retailer (Harriet Carter Gifts) and its marketing partner (NaviStone) accused of collecting data about plaintiff’s website visit in violation of the Pennsylvania Wiretapping and Electronic Surveillance Control Act (“WESCA”).Continue Reading Implied Consent to Privacy Policy in Webpage Footer Forecloses Website Wiretapping Claim
Another California Court Rejects Privacy Claims Targeting Online Chat Feature
Plaintiffs’ lawyers have continued to bring privacy claims targeting businesses that use vendors to help provide beneficial chat features on their website, as we last reported here. Late last year, a Southern District of California judge dismissed another set of privacy claims challenging the routine use of these vendor services by Tonal, a popular smart home gym company named as the sole defendant in the lawsuit. Jones v. Tonal Systems, Inc., 751 F. Supp. 3d 1025 (S.D. Cal. 2024).
Plaintiff Julie Jones, a California resident, claimed that she had visited Tonal’s website and used its chat feature to communicate with a Tonal customer service representative. This chat feature allegedly incorporated an API run by another company to create and store transcripts of website visitors’ chats with Tonal’s customer service representatives. According to the complaint, this alleged conduct constituted wiretapping, which Tonal purportedly aided and abetted in violation of Sections 631 and 632.7 of the California Invasion of Privacy Act (“CIPA”). Plaintiff also asserted other privacy claims based on the same alleged conduct, including the California Unfair Competition Law (“UCL”) and the California Constitution’s right to privacy provision.
The Court granted Tonal’s motion to dismiss each of plaintiff’s claims on multiple grounds.Continue Reading Another California Court Rejects Privacy Claims Targeting Online Chat Feature
California Court Holds Plaintiffs’ Consent Defeats Claims Involving Use of Website Pixel
Early this month, a Northern District of California judge dismissed, with prejudice, a putative class action complaint asserting five privacy-related causes of action, concluding the “issue of consent defeat[ed] all of Plaintiffs’ claims.” Lakes v. Ubisoft, Inc., –F. Supp. 3d–, 2025 WL 1036639 (N.D. Cal. Apr. 2, 2025). Specifically, the Court dismissed plaintiffs’ claims under the (1) Video Privacy Protection Act (“VPPA”); (2) Federal Wiretap Act; (3) California Invasion of Privacy Act (“CIPA”) § 631; (4) common law invasion of privacy; and (5) Article I, Section 1 of the California Constitution. Continue Reading California Court Holds Plaintiffs’ Consent Defeats Claims Involving Use of Website Pixel
Recording of Customer Service Call “Not Private or Personal Enough” to Confer Article III Standing
Many businesses use customer support software that may include call recording features to help ensure a better customer service experience. A California federal court dismissed a wiretapping lawsuit filed against a software company offering this software tool (TalkDesk), holding that TalkDesk’s alleged recording of customers’ conversations with clothing retailers “is simply not private or personal enough to confer [Article III] standing.” See Lien, et al., v. Talkdesk, Inc., No. 24-CV-06467-VC, 2025 WL 551664 (N.D. Cal. Feb. 19, 2025).Continue Reading Recording of Customer Service Call “Not Private or Personal Enough” to Confer Article III Standing
California Supreme Court Clarifies that CCP Section 998’s Cost-Shifting Rule Applies to Pre-Trial Settlements
One March 20, 2025, the California Supreme Court ruled in Madrigal v. Hyundai Motor America that California Code of Civil Procedure Section 998 can bar plaintiffs from recovering litigation costs if they enter a pre-trial settlement that is less favorable than a prior defense offer.
The general rule in California is that a “prevailing party” may recover all litigation costs as a matter of right. CCP Section 998 modifies this general rule in cases where the defense makes a qualifying settlement offer. Under Section 998, if a plaintiff rejects or fails to timely accept a qualifying settlement offer and then “fails to obtain a more favorable judgment or award,” the plaintiff may no longer recover post-offer litigation costs. This rule is designed to encourage reasonable pre-trial settlements. Parties often contract around this rule by providing for the allocation of costs and fees in settlement agreements.Continue Reading California Supreme Court Clarifies that CCP Section 998’s Cost-Shifting Rule Applies to Pre-Trial Settlements
Illinois Federal Court Rejects Fiji Water Microplastics Case
An Illinois federal court recently rejected efforts to bring a consumer class action against the parent company of Fiji brand water over allegations that its plastic water bottles contained microplastics. In doing so, the court added its voice to the growing body of case law about microplastics and offered a window into how to attack similar types of contamination allegations.
In Daly et al. v. The Wonderful Company, LLC, 2025 WL 672913 (N.D. Ill. Mar. 3, 2025) plaintiffs alleged that Fiji’s claim that its water is “natural artesian water” are deceptive because the product bottles contain microplastics. Id. at *1. Plaintiffs brought claims under five state consumer protection laws and sought to represent a class of consumers allegedly harmed by microplastics in the bottles. Id. The company moved to dismiss the complaint, arguing (among other things) that plaintiffs had not plausibly alleged that the Fiji Water bottles actually contained microplastics and that plaintiffs lacked standing to pursue injunctive relief. Id. at *2, *6. Because plaintiffs failed to allege that the water bottles contained microplastics, TWG argued that they could not identify any deceptive statement giving rise to their claims. Id. at *6.
On March 3, the court agreed and dismissed plaintiffs’ complaint for two reasons.Continue Reading Illinois Federal Court Rejects Fiji Water Microplastics Case
New York Proposes New Consumer Protection Law
On Thursday March 13, 2025, New York Attorney General Letitia James announced proposed legislation to expand New York’s consumer protection law: the Fostering Affordability and Integrity through Reasonable (FAIR) Business Practices Act (“the Act”). The Act would update and expand New York’s current consumer protection law, Sections 349 and 350 of the New York General Business Law (“GBL”), to encompass a broader range of practices and claims.
The current versions of Sections 349 and 350 make unlawful certain deceptive business acts and practices and false advertising. The Act would amend Section 349 to cover not only “deceptive” business acts and practices, but also conduct that may fall under vague definitions of “unfair” and “abusive” acts and practices. The Act would further expand Section 349 by making it applicable “regardless of whether or not that act or practice is consumer-oriented [or] has a public impact or impact on consumers ….” The Act would also increase statutory damages to $1,000 and grant standing to organizations and third parties to the fullest extent otherwise permitted by law. However, the Act would also create affirmative defenses that limit plaintiffs to individuals and small entities, and excludes acts or practices that could be addressed by federal securities or intellectual property laws or that involve “high-value experienced commercial transaction[s]” directed exclusively to the parties to such transactions.Continue Reading New York Proposes New Consumer Protection Law
Courts Hold CIPA’s Pen Register Provision Does Not Apply to Internet Communications or to Alleged Data Collection “About Visitors’ Devices, From Visitors’ Devices”
Court decisions addressing “pen register” claims brought under the California Invasion of Privacy Act (“CIPA”) have started trickling in after last year saw an uptick in these claims targeting businesses’ use of website tools. Two more California courts recently joined a growing trend dismissing pen register claims, but they did so on new grounds: one confirmed that CIPA’s pen register provision was not intended to cover “internet communications,” and another held that a website tool that allegedly collected “identifying information about visitors’ devices, from visitors’ devices” does not constitute a “pen register” or “trap and trace device.” See Aviles v. Liveramp, Inc., 2025 WL 487196 (Cal. Super. Jan. 28, 2025); Sanchez v. Cars.com Inc., 2025 WL 487194 (Cal. Super. Jan. 27, 2025).Continue Reading Courts Hold CIPA’s Pen Register Provision Does Not Apply to Internet Communications or to Alleged Data Collection “About Visitors’ Devices, From Visitors’ Devices”