The Ninth Circuit recently upheld a California district court’s dismissal of a proposed class action against Shopify for lack of personal jurisdiction, cautioning that subjecting web-based platforms to jurisdiction in every forum in which they are accessible would lead to the “eventual demise of all restrictions” on personal jurisdiction.

In Briskin v. Shopify, Inc., 2022 WL 1427324 (N.D. Cal. May 5, 2022), the plaintiff alleged that Shopify, a Canadian-based company that provides online merchants throughout the United States with an e-commerce payment platform, violated California privacy and consumer protection laws by allegedly collecting his sensitive personal information while using a California-based retailer’s website.  The district court in the Northern District of California dismissed the action, finding that it lacked both general and specific personal jurisdiction over Shopify. 

A panel of the Ninth Circuit affirmed the district court’s dismissal of the complaint for lack of personal jurisdiction, holding that Shopify could not be subjected to jurisdiction in California where it did not expressly aim the alleged conduct implicated by the lawsuit toward California.  Briskin v. Shopify, Inc., 2023 WL 8225346 (9th Cir. Nov. 28, 2023).  Briskin confirms the Ninth Circuit’s view that for interactive websites and other web-based services and platforms that operate nationwide, “something more” is needed to satisfy the express aiming requirement for personal jurisdiction.

The Ninth Circuit panel found that Shopify’s general business contacts with California, such as their California fulfilment center and contracts with California merchants, were not relevant to any jurisdictional analysis because those contacts did not cause plaintiff’s alleged harm.  Those allegations of harm were based instead on the alleged collection, retention, and use of his sensitive personal information. 

Focusing only on the alleged conduct implicated by the lawsuit, the panel held that Shopify did not expressly aim that conduct at California.  Instead, it operated “indifferent to the location of either the merchant or the end customer,” did not “alter its data collection activities based on the location of a given online purchase,” and did not “prioritize consumers in California or specifically cultivate them.”  The fact that the plaintiff resided in California and made his online purchases while located in California was insufficient to show that Shopify expressly aimed its conduct at California.  As the panel observed, the plaintiff would have suffered the same alleged injury regardless of whether the retailer was a California company and regardless of whether he was located in California when he made his purchase.

The panel also affirmed the district court’s denial of jurisdictional discovery, noting that the plaintiff failed to explain how discovery would change the jurisdictional analysis.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Kathryn Cahoy Kathryn Cahoy

Kate Cahoy uses her substantial class action experience to help clients develop strategic and innovative solutions to their most challenging litigation matters. She regularly defends clients in complex, high-stakes class action disputes involving privacy, antitrust, and consumer protection claims and has achieved significant victories…

Kate Cahoy uses her substantial class action experience to help clients develop strategic and innovative solutions to their most challenging litigation matters. She regularly defends clients in complex, high-stakes class action disputes involving privacy, antitrust, and consumer protection claims and has achieved significant victories for clients in the technology, entertainment, consumer product, and financial services industries. In addition, Kate has substantial experience litigating cases brought under California’s Section 17200 and other consumer protection, competition, and privacy laws, including the Sherman Act, California Consumer Privacy Act (CCPA), California Invasion of Privacy Act (CIPA), Wiretap Act, Stored Communications Act, Children’s Online Privacy Protection Act (COPPA), Video Privacy Protection Act (VPPA), and common law and constitutional rights of privacy, among others.