Keypoint: California district courts continue to split over whether “knowledge” is required to plead liability under Section 631(a)’s fourth prong while two decisions show courts taking different approaches to VPPA claims at the pleading stage.

Welcome to the seventeenth installment in our monthly data privacy litigation report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. In this month’s post, California district courts continue to disagree over whether “knowledge” that the third party’s actions violated the law is required to prove liability under the fourth prong of Section 631(a), with the most recent court to address the question holding such knowledge is required. These district courts also continue to apply different standards to determine whether a third party has the capability to use intercepted communication-content for its own purpose. One court found the plaintiff’s allegations conclusory and dismissed a complaint while another court found the plaintiff sufficiently alleged a third-party had the capability to use the intercepted information for its own purpose when the plaintiff alleged the third party used the communications to train its AI model.

Although we only examine one SRT decision this month, the decision examines wiretapping law in California, Maryland, Minnesota, and Florida. The decision addresses issues of consent, standing, and our more “traditional” reasons for dismissal. We also look at two VPPA decisions that illustrate how courts in different circuits are handling Rule 12(b)(6) motions to dismiss.

Byte Back + members also get a look at two pixel-based wiretapping claims, two pen registry decisions, and two other privacy litigation decisions. Interested in learning more about Byte Back+? Contact the authors or click here.

There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out. The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.Continue Reading U.S. Privacy Litigation Update: August 2024

Keypoint: Courts have started to issue Pixel-based wiretapping decisions, the Seventh Circuit weighs in on when a manufacturer can be forced to pay arbitration fees, and three courts showed different approaches to dismissing VPPA claims at the pleading stage.

Welcome to the sixteenth installment in our monthly data privacy litigation report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. In this month’s post, we are covering two wiretapping decisions based on chat services on website and one based on use of SRT.

If you are a Byte Back+ member, you will also see our coverage on the recent trend of cases brought under pen registry laws and—new this month—multiple “pixel” cases that are disconnected from session replay or chat-based theories and an update regarding an arbitration defendant can be forced to pay arbitration fees. Members also get access to our “other lawsuits” section, where this month we are covering one decision that involves an AI/machine learning based technology used to provide customer support agents with suggested responses to common questions from customers and two decisions from the Seventh Circuit that consider whether a large manufacturer can be forced to pay arbitration fees for thousands of arbitration demands when the manufacturer withheld payment after disagreeing with the merits of the demands.

Interested in learning more about Byte Back+? Click here.

We are also covering four VPPA decisions resolving motions to dismiss that illustrate a plaintiff’s prima facie burden at the pleading stage and the potential for joint and several liability under the statute.

There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out. The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.Continue Reading U.S. Privacy Litigation Update: July 2024

Keypoint: Courts reject personal jurisdiction arguments and suggest the Shopify decision will be overturned; Courts continue to show differing approaches to VPPA claims at the pleading stage with a large VPPA class action settlement recently approved.

Welcome to the fifteenth installment in our monthly data privacy litigation report. We would like to thank Liz Ignowski, a summer associate with Husch Blackwell, for her help with this month’s report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. In this month’s post, we look at several cases that decline to follow the Ninth Circuit’s Shopify decision, which is currently pending rehearing, and then deny motions to dismiss for lack of personal jurisdiction. We also look at how courts are deciding whether the party exception applies to a complaint, and what facts are necessary to survive a motion to dismiss on consent and the contents of a communication. Additionally, we look at three VPPA decisions from June, where courts granted, denied, or deferred motions to dismiss, showing that although new VPPA cases may have decreased, courts are still allowing these claims to proceed past the pleading stage. We also highlight a VPPA class action settlement approval that illustrates how costly these claims can be if they survive the pleading stage.

There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out. The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.Continue Reading U.S. Privacy Litigation Update: June 2024

Keypoint: The Central District of California issued several wiretapping decisions in May while two decisions on the VPPA illustrate how claims fail or succeed at the pleading stage.

Welcome to the fourteenth installment in our monthly data privacy litigation report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. In this month’s post, we look at multiple courts who distinguish the Ninth Circuit’s Shopify decision and deny motions to dismiss for lack of personal jurisdiction and how courts reach opposition conclusions regarding whether the “contents” of a communication were transmitted to a third party. We also take a look at two decisions that granted and denied motions to dismiss VPPA claims, and highlight one case where the federal government has again intervened to defend the VPPA’s constitutionality.

If you are a Byte Back+ member, you will also see our coverage on recent lawsuits beyond the wiretapping and VPPA claims, including the recent trend of cases brought under pen registry laws, efforts against plaintiffs who have brought wiretapping claims in private arbitration rather than the public courts, and—new this month—the recent flood of cases brought under New Jersey’s Daniel’s Law. Interested in learning more about Byte Back+? Click here.

There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out. The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.Continue Reading U.S. Privacy Litigation Update: May 2024

Keypoint: The Central District of California issues a major victory for website owners facing CIPA-arbitration demands, two decisions address whether a plaintiff consented as a defense to wiretapping claims, three courts in different states each dismissed VPPA claims, and another court weighs in on the recent pen registry case theory.

Welcome to the thirteenth installment in our monthly data privacy litigation report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. A lot happened in April. In this month’s post, we look at two decisions from California that addressed whether language in the privacy policy can establish the plaintiff consented to the recording and sharing of chat communications. We also take a look at three VPPA decisions granting motions to dismiss where plaintiffs failed to allege facts that satisfy the definitional prerequisites of the statute. Additionally, we note a recent development in one pending case where the VPPA is being challenged as unconstitutional.

If you are a Byte Back+ member, you will also see our coverage on recent lawsuits beyond the wiretapping and VPPA claims, including the recent trend of cases brought under pen registry laws, efforts against plaintiffs who have brought wiretapping claims in private arbitration rather than the public courts (including a major victory for website owners), and—new this month—the recent flood of cases brought under New Jersey’s Daniel’s Law. Interested in learning more about Byte Back+? Click here.

There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out. The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.Continue Reading U.S. Privacy Litigation Update: April 2024

Keypoint: Two California state court decisions have addressed motions to dismiss claims under the novel “pen registry” and “tap and trace” theories, but reached different outcomes after finding different policy considerations more important.

In July 2023, a Southern District of California District Court denied a motion to dismiss in Greenley v. Kochava, 2023 WL 4833466 (S.D. Cal. July 27, 2023), in which the plaintiff argued a SDK developer violated California laws that prohibited use of a “pen registry” and “tap and trace” device by building into the SDK code that forwarded location information to the SDK developer.Continue Reading Privacy Litigation Alert: Two California decisions weigh in on pen registry and “tap and trace” tech claims – but reach different results

Keypoint: Multiple decisions from the same judicial district come down differently on wiretapping claims while three courts in different states each reject VPPA-defendants’ arguments that the plaintiffs lacked Article III standing.

Welcome to the twelfth installment in our monthly data privacy litigation report. Not only does this month’s post mean we have been doing this for over a year now (and actually a little longer as there was at least one post that combined two months of updates into one post because, well, holidays), but more importantly we are releasing this post on the eve of heading to Washington, D.C. to attend the IAPP Summit. If you will be there, make sure to come and meet us!

We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. In this month’s post, we look at three decisions from the Southern District of California, each of which addressed nearly identical factual allegations and legal arguments but reached different conclusions. We also take a look at three VPPA decisions denying motions to dismiss regarding claims premised on the Meta Pixel that highlight how district courts are addressing Article III standing objections and the required specificity of a plaintiff’s allegations at the pleading stage.

If you are a Byte Back+ member, you will also see our coverage on recent lawsuits beyond the wiretapping and VPPA claims, including the recent trend of cases brought under pen registry laws and efforts against plaintiffs who have brought wiretapping claims in private arbitration rather than the public courts. Interested in learning more about Byte Back+? Click here.

There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out. The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.Continue Reading U.S. Privacy Litigation Update: March 2024

Keypoint: Courts continue to issue conflicting decisions in wiretapping cases while one court has expanded who may be considered a “video tape service provider” under the VPPA.

Welcome to the eleventh installment in our monthly data privacy litigation report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. In this month’s post, we look at wiretapping decisions from courts that have come out differently on whether plaintiffs have plead facts to sufficiently allege “interception” of chat communications, two decisions that rejected defendant’s arguments concerning plaintiffs’ consent to being recorded, and a failed attempt to compel arbitration. We also look at three session reply technology decisions, all of which grappled with whether the plaintiff had plead the third-party had the capability to use the alleged communications for the third-party’s own benefit. We also take a look at three VPPA decisions that continue to show the balancing act courts have struck when assessing VPPA claims at the pleading stage, including a decision that expands what type of company may be considered a “video tape service provider.”

If you are a ByteBack+ member, you will also see our coverage on recent lawsuits beyond the wiretapping and VPPA claims, including the recent trend of cases brought under pen registry laws and efforts against plaintiffs who have brought wiretapping claims in private arbitration rather than the public courts. Interested in learning more about ByteBack+? Click here.

There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out. The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.Continue Reading U.S. Privacy Litigation Update: February 2024

Keypoint: Courts resolved six motions to dismiss wiretapping claims based on session replay technology in January, while two VPPA decisions highlight balance struck by courts. A new privacy litigation theory based on “pen registries” has emerged as well.

Welcome to the tenth installment in our monthly data privacy litigation report. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. In this post, we examine one chat-based wiretapping claim and six session replay technology (SRT) based wiretapping claims. These decisions demonstrate how courts are still inconsistent in how they resolve wiretapping claims, even in cases where the plaintiff and SRT vendor are the same. We also look at two VPPA decisions that reflect the balance courts have struck in resolving VPPA decisions. Finally, we look at a new emerging trend based on “pen registry” technology (which is commonly associated with logging what phone numbers a monitored phone dials).

There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out. The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.Continue Reading U.S. Privacy Litigation Update: January 2024

Keypoint: Three courts that do not normally see privacy litigation issued decisions in November and December, perhaps forecasting more cases in new districts in 2024.

Welcome to the ninth installment in our monthly data privacy litigation report, which we are releasing just after the New Year. We prepare these reports to provide updates on how courts in the United States have handled emerging data privacy trends. In this post, we look at ten privacy litigation decisions issued in November and December 2023. Three of these decisions were issued by the Western District of Washington, the District of Nebraska, and the Eastern District of Louisiana; all of which do not see the number of privacy cases seen by the California, Florida, and Third Circuit district courts whose decisions we normally cover. This may suggest 2024 will see more decisions issued from courts other than California.

There are many courts currently handling data privacy cases across the nation. Although illustrative, this update is not intended to be exhaustive. If there is another area of data privacy litigation about which you would like to know more, please reach out. The contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following us on LinkedIn.Continue Reading U.S. Privacy Litigation Update: December 2023