Photo of Divya Bhat

Divya Bhat

Divya Bhat is a regulatory associate in the firm’s San Francisco office, where she is a member of the Data Privacy and Cybersecurity group. Before joining Covington, Divya clerked for Judge Kea W. Riggs in the U.S. District Court for the District of New Mexico. Her pro bono practice focuses on reproductive rights and immigration matters.

Contact:Read more about Divya BhatEmail

A recent decision from the Southern District of California underscores a point courts have made increasingly clear after the Ninth Circuit’s precedential decision in Popa v. Microsoft: alleging the disclosure of online activity—even activity touching on sensitive health topics—is not enough, by itself to establish Article III standing.  As the Court put it, the mere allegation that a defendant disclosed “sensitive health related” search terms, without any indication in the search terms that they “were tied to his personal medical history,” cannot establish a concrete injury.  Maghoney v. Dotdash Meredith, Inc., 2026 WL 497402 (S.D. Cal. Feb. 23, 2026) (emphasis added).

Continue Reading Sensitive Search Terms Not Enough To Establish Article III Standing Under Popa

User consent bars website wiretapping claims brought under the California Invasion of Privacy Act (“CIPA”).  As we reported on here, one way users may consent to the use of third-party website technologies is during a checkout process, such as via a checkbox indicating agreement to a website’s privacy policy.  But is consent negated if a 10-minute timer begins counting down the moment a user enters that checkout process?  A California court answered no in Washington v. Flixbus, Inc., 2025 WL 1592961 (S.D. Cal. June 5, 2025), rejecting a plaintiff’s argument that a countdown timer “imposes undue pressure that negates any consent.”

Continue Reading User Consent Provided Under Time Pressure Is Still Consent Barring CIPA Suit

Health-related websites are increasingly targeted with wiretapping suits if they use pixels or other third-party technologies to power their websites.  A few months ago, a California court dismissed on multiple grounds one such suit challenging the use of website pixels by Clearblue, a company that offers home pregnancy and fertility test kits.  Saedi v. SPD Swiss Precision Diagnostics d/b/a Clearblue, 2025 WL 1141168 (C.D. Cal. Feb. 27, 2025).

Continue Reading Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit