Courts have recently been grappling with an influx of class actions alleging that company websites are in violation of wiretapping and other privacy laws when using third-party technology to provide services on their websites. Three different federal courts recently dismissed cases on similar grounds, demonstrating the challenges plaintiffs face with maintaining them and strategies defendants should keep in mind to defeat them.
Two of the cases accuse healthcare providers of improperly sharing personal health information with third-party technology companies through the use of pixel technologies on the healthcare provider’s website. In the first case, Doe v. Davita, Inc., plaintiffs accused Davita—a kidney dialysis provider—of violating the California Invasion of Privacy Act (“CIPA”) and other laws by purportedly collecting “patients’ personal and sensitive medical information on the Online Platforms and … improperly shar[ing] [this information] with the Tracking Technologies without patients’ consent.” 2024 WL 1772854, at *2 (S.D. Cal. April 24, 2024). The court disagreed and dismissed the claims, holding that plaintiffs did “not explain what specific information they provided to Defendant” and calling their claims “conclusory.” Id. The complaint, said the court, was “devoid of any facts supporting” plaintiffs’ contentions that Davita disclosed “personal, confidential, and sensitive medical information; medical treatment; and payment information” with the third party. Id. Continue Reading Lack of Plaintiff-Specific Allegations Dooms California, Pennsylvania Privacy-Based Class Actions