technology

We have routinely highlighted the proliferation of wiretapping class actions, and the variety of approaches courts have taken to address them.  One common pitfall for plaintiffs in these types of cases is standing, an issue highlighted in a recent Third Circuit case throwing out a proposed federal class action against Harriet Carter Gifts and NaviStone Inc., and remanding it to state court.  

The case, Popa v. Harriet Carter Gifts, Inc., No. 25-1760 (3d. Cir. 2026), involved plaintiff’s allegations that Harriet Carter Gifts and NaviStone tracked her browsing activity on Harriet Carter’s website while she shopped for pet stairs, purportedly in violation of the Pennsylvania Wiretapping and Electronic Surveillance Control Act.  After removal, the district court twice granted summary judgment for the defendants, and both decisions were appealed to the Third Circuit. 

Continue Reading Stand Aside:  Third Circuit Throws Out Harriet Carter Gifts Federal Wiretapping Case On Standing Grounds

Many California-based privacy claims have turned on the application of longstanding statutes to modern technologies, with courts frequently holding that certain online tracking technologies can qualify as impermissible trap-and-trace devices in violation of California Penal Code section 638.51, part of the California Invasion of Privacy Act (CIPA).  A recent decision from the Central District of California, however, signals that these arguments will not always succeed.

Continue Reading Federal Court Rejects Claim that Cookies Are Illegal Trap and Trace Devices

Another recent federal court decision endorsed the “heightened intent requirement” for satisfying the crime-tort exception of the federal Wiretap Act.  Progin v. UMass Mem’l Health Care, Inc., 2026 WL 632770, at *4–5 (D. Mass. Mar. 6, 2026).

In Progin, the plaintiffs claimed that the defendants, healthcare and hospital

Continue Reading Another Federal Court Dismisses Wiretapping Claims Premised on Crime-Tort Exception

A recent Washington federal court decision emphasizes two key federal Wiretap Act principles. First, the Act’s crime-tort exception only applies if there are plausible allegations that a party to the communication intercepted communications specifically to commit a separate wrongdoing. Second, the statute does not allow secondary liability for “procuring” an interception by a third party. Nichols v. PeaceHealth Networks on Demand LLC, 2026 WL 607763, at *3-4 (W.D. Wash. Mar. 4, 2026).

Continue Reading Court Dismisses Federal Wiretap Claim Premised on Crime-Tort Exception, Rejects Aiding-and-Abetting Liability

Are AI prompts, and their generative outputs, discoverable in litigation? A handful of recent district court cases suggest the answer depends on whether the AI prompts and outputs constitute attorney work product.

In Tremblay v. OpenAI, Inc., 2024 WL 3748003 (N.D. Cal. Aug. 8, 2024), the court held that AI prompts written by lawyers can constitute opinion work product when used for litigation-related purposes. The court explained that AI “prompts were queries crafted by counsel and contain counsel’s mental impressions and opinions about how to interrogate [an AI tool], in an effort to vindicate Plaintiffs’ copyrights against the alleged infringements.” In so doing, the court squarely rejected defendant’s argument that AI prompts and outputs only rise to the level of fact work product as opposed to opinion work product. That distinction is important, as opinion work product is offered near-absolute protection from disclosure whereas fact work product is discoverable upon a showing of substantial need for the materials and an inability to secure a substantial equivalent without undue hardship.

Continue Reading A Closer Look: The Discoverability of Artificial Intelligence Prompts

In an effort to overcome hurdles to Article III standing, many website wiretapping suits today accuse businesses of unlawfully sharing sensitive health or financial data with third parties.  However, Federal Rule of Civil Procedure 11(b) requires plaintiffs’ lawyers to ensure that these “factual contentions” in a complaint “have evidentiary support.”  A California federal judge gave teeth to this requirement in a recent sanctions order, admonishing the plaintiff’s lawyers for “advancing unfounded and irrelevant allegations” about a business’s sharing of “health information.”  Mitchener v. Talkspace Network LLC, No. 2:24-CV-07067-JAK (BFMX), 2026 WL 84466, at *3-4 (C.D. Cal. Jan. 7, 2026).

Continue Reading Sanctions Order in Website Wiretapping Suit Reinforces Importance of Early Fact Investigation

In 2025, courts continued to issue significant decisions concerning the application of wiretap and privacy laws to pixels, session replay, and other website technologies. Over the past year, we have featured posts discussing claims regarding website analytics and advertising tools brought under the federal Wiretap Act, the California Invasion of Privacy Act (“CIPA”), the Video Privacy Protection Act (“VPPA”), and other laws.  A selection of posts highlighting important developments in this area is below. 

Continue Reading Website Wiretapping Roundup: 2025 Decisions and Developments 

Courts continue to grapple with the type of “concrete harm” that is required to confer Article III standing under TransUnion LLC v. Ramirez, 594 U.S. 413 (2021), particularly in data breach and privacy class actions.  On October 14, the Fourth Circuit contributed to this debate, holding that allegations that plaintiffs’ driver’s license data had been leaked and appeared on the dark web were sufficient to establish standing.

Holmes v. Elephant Ins. Co., — F.4th —, 2025 WL 2907615 (4th Cir. 2025), started with a 2022 data breach of Elephant Insurance Company’s networks.  Id. at *1.  Plaintiffs were Elephant customers whose driver’s license numbers were compromised in the breach.  Id.  They sued Elephant for alleged harms stemming from the breach.  Id. at *3.  Two plaintiffs specifically alleged that they had found their driver’s license numbers on the dark web; the others did not.  Id. at *2.  The district court dismissed plaintiffs’ claims, holding that none of the alleged injuries were sufficient to confer standing.  Id.  But the Fourth Circuit disagreed in part, reversing the lower court’s dismissal of the two plaintiffs who alleged that their driver’s license information appeared on the dark web, but affirming dismissal of the other two. 

Continue Reading Standing in the Dark:  Fourth Circuit Finds Standing for Driver’s License Information on the Dark Web

A federal court in North Carolina dismissed a putative data breach class action against Bojangles because the plaintiffs failed to show that there was an actual or imminent misuse of their personal information as a result of the breach.  Dougherty v. Bojangles’ Restaurants, Inc., 2025 WL 2810673 (W.D.N.C. Sept. 30, 2025).

Continue Reading Federal Court Fries Data Breach Class Action for Lack of Standing

On August 15, the Ninth Circuit Court of Appeals affirmed the dismissal of a class action complaint in Gibson v. Cendyn Group, No. 24-3576, rejecting plaintiffs’ arguments that Las Vegas hotels violated Section 1 of the Sherman Act through their common use of revenue management software.  The decision follows

Continue Reading Ninth Circuit Rejects Vegas Hotel Algorithmic Price Fixing Claims