Does a plaintiff’s use of a website constitute consent to a privacy policy linked in the website’s footer? A Pennsylvania federal court answered yes in Popa v. Harriet Carter Gifts, Inc., 2025 WL 896938 (W.D. Pa. Mar. 24, 2025), granting summary judgment in favor of an online retailer (Harriet Carter Gifts) and its marketing partner (NaviStone) accused of collecting data about plaintiff’s website visit in violation of the Pennsylvania Wiretapping and Electronic Surveillance Control Act (“WESCA”).Continue Reading Implied Consent to Privacy Policy in Webpage Footer Forecloses Website Wiretapping Claim
Another California Court Rejects Privacy Claims Targeting Online Chat Feature
Plaintiffs’ lawyers have continued to bring privacy claims targeting businesses that use vendors to help provide beneficial chat features on their website, as we last reported here. Late last year, a Southern District of California judge dismissed another set of privacy claims challenging the routine use of these vendor services by Tonal, a popular smart home gym company named as the sole defendant in the lawsuit. Jones v. Tonal Systems, Inc., 751 F. Supp. 3d 1025 (S.D. Cal. 2024).
Plaintiff Julie Jones, a California resident, claimed that she had visited Tonal’s website and used its chat feature to communicate with a Tonal customer service representative. This chat feature allegedly incorporated an API run by another company to create and store transcripts of website visitors’ chats with Tonal’s customer service representatives. According to the complaint, this alleged conduct constituted wiretapping, which Tonal purportedly aided and abetted in violation of Sections 631 and 632.7 of the California Invasion of Privacy Act (“CIPA”). Plaintiff also asserted other privacy claims based on the same alleged conduct, including the California Unfair Competition Law (“UCL”) and the California Constitution’s right to privacy provision.
The Court granted Tonal’s motion to dismiss each of plaintiff’s claims on multiple grounds.Continue Reading Another California Court Rejects Privacy Claims Targeting Online Chat Feature
California Court Holds Plaintiffs’ Consent Defeats Claims Involving Use of Website Pixel
Early this month, a Northern District of California judge dismissed, with prejudice, a putative class action complaint asserting five privacy-related causes of action, concluding the “issue of consent defeat[ed] all of Plaintiffs’ claims.” Lakes v. Ubisoft, Inc., –F. Supp. 3d–, 2025 WL 1036639 (N.D. Cal. Apr. 2, 2025). Specifically, the Court dismissed plaintiffs’ claims under the (1) Video Privacy Protection Act (“VPPA”); (2) Federal Wiretap Act; (3) California Invasion of Privacy Act (“CIPA”) § 631; (4) common law invasion of privacy; and (5) Article I, Section 1 of the California Constitution. Continue Reading California Court Holds Plaintiffs’ Consent Defeats Claims Involving Use of Website Pixel
Recording of Customer Service Call “Not Private or Personal Enough” to Confer Article III Standing
Many businesses use customer support software that may include call recording features to help ensure a better customer service experience. A California federal court dismissed a wiretapping lawsuit filed against a software company offering this software tool (TalkDesk), holding that TalkDesk’s alleged recording of customers’ conversations with clothing retailers “is simply not private or personal enough to confer [Article III] standing.” See Lien, et al., v. Talkdesk, Inc., No. 24-CV-06467-VC, 2025 WL 551664 (N.D. Cal. Feb. 19, 2025).Continue Reading Recording of Customer Service Call “Not Private or Personal Enough” to Confer Article III Standing
Courts Hold CIPA’s Pen Register Provision Does Not Apply to Internet Communications or to Alleged Data Collection “About Visitors’ Devices, From Visitors’ Devices”
Court decisions addressing “pen register” claims brought under the California Invasion of Privacy Act (“CIPA”) have started trickling in after last year saw an uptick in these claims targeting businesses’ use of website tools. Two more California courts recently joined a growing trend dismissing pen register claims, but they did so on new grounds: one confirmed that CIPA’s pen register provision was not intended to cover “internet communications,” and another held that a website tool that allegedly collected “identifying information about visitors’ devices, from visitors’ devices” does not constitute a “pen register” or “trap and trace device.” See Aviles v. Liveramp, Inc., 2025 WL 487196 (Cal. Super. Jan. 28, 2025); Sanchez v. Cars.com Inc., 2025 WL 487194 (Cal. Super. Jan. 27, 2025).Continue Reading Courts Hold CIPA’s Pen Register Provision Does Not Apply to Internet Communications or to Alleged Data Collection “About Visitors’ Devices, From Visitors’ Devices”
Ninth Circuit Affirms Dismissal of CIPA and Wiretap Act Claims Against Celebrity Platform
A fan of celebrity LL Cool J filed a wiretapping suit against Community.com (“Community”), claiming that Community accessed her text message to LL Cool J in violation of the federal Wiretap Act and the California Invasion of Privacy Act (“CIPA”). In an unpublished opinion highlighting that Section 632 of CIPA does not protect communications that are by nature a recorded medium, the Ninth Circuit affirmed dismissal of the plaintiff’s claims. See Boulton v. Community.com, Inc., No. 23-3145, 2025 WL 314813 (9th Cir. Jan. 28, 2025).Continue Reading Ninth Circuit Affirms Dismissal of CIPA and Wiretap Act Claims Against Celebrity Platform
Website Wiretapping Litigation: Recent Decisions and Developments
Website analytics and advertising tools, such as pixels, are regularly targeted in lawsuits brought under various wiretap laws, including the federal Wiretap Act and the California Invasion of Privacy Act (“CIPA”). Over the last several months, we have featured posts discussing an important decision from Massachusetts’ highest court about the availability of website wiretap suits under Massachusetts law, an opinion from a California court about a new “pen register” theory under CIPA, and more. These posts, and other highlights, include the following:Continue Reading Website Wiretapping Litigation: Recent Decisions and Developments
New Jersey Court Applies CIPA’s Party Exception to Pixel Wiretap Complaint
Last month, a New Jersey federal judge applied Third Circuit precedent to hold that the California Invasion of Privacy Act (“CIPA”) does not impose liability for commonplace use of website marketing/analytics pixels under the well-established party exception. Cole v. Quest Diagnostics, Inc., 2025 WL 88703 (D.N.J. Jan. 14, 2025).Continue Reading New Jersey Court Applies CIPA’s Party Exception to Pixel Wiretap Complaint
Pennsylvania Court Dismisses A Trio of Defendants in Website Wiretapping Suit Challenging Email Marketing Program
A Pennsylvania court recently dismissed a wiretapping complaint filed against a trio of defendants for lack of Article III standing, lack of personal jurisdiction, and failure to state a claim in Ingrao v. Addshoppers, Inc., 2024 WL 4892514 (E.D. Pa. Nov. 25, 2024).
The two plaintiffs in this case
Continue Reading Pennsylvania Court Dismisses A Trio of Defendants in Website Wiretapping Suit Challenging Email Marketing ProgramCalifornia Federal Court Allows Software Vendor to Enforce Website Operator’s Arbitration Agreement in Privacy Lawsuit
Plaintiffs sometimes try to sidestep an arbitration agreement with one company by suing only a second company for interrelated conduct. Last month, a California federal court applied principles of fairness under the doctrine of “equitable estoppel” to reject this tactic, holding that a software vendor (Twilio) could enforce a plaintiff’s arbitration agreement with a website operator (Keeps) that was not named as a defendant. Perry-Hudson v. Twilio, Inc., 2024 WL 493333 (N.D. Cal. Dec. 2, 2024).Continue Reading California Federal Court Allows Software Vendor to Enforce Website Operator’s Arbitration Agreement in Privacy Lawsuit