On March 15, 2024, a United States District Court for the Southern District of California granted Defendant’s Motion to Dismiss in the matter of Rodriguez v. Ford Motor Company. In her eavesdropping lawsuit, Plaintiff alleged that Defendant violated the California Invasion of Privacy Act (“CIPA”) by enabling a third party to eavesdrop on her conversation with Defendant. As compensation for the alleged harm, Plaintiff sought statutory damages and injunctive relief, together with reasonable attorneys’ fees and costs. Among its other findings in the proceeding, the Court ruled that Defendant did not aid and abet in the illegal collection of Plaintiff’s data and, as such, dismissed Plaintiff’s eavesdropping lawsuit.
As our readers are aware, a flurry of eavesdropping lawsuits have been filed in the wake of the Ninth Circuit decision in Javier v. Assurance IQ, LLC. A common refrain is that businesses are illegally gathering data by tracking and recording consumer website activity without consent. As was the case in Rodriguez, many plaintiffs allege CIPA violations after using website chatbots. Thus far, California federal courts have been unable to assume a unified position with respect to these eavesdropping lawsuits.
The Current Landscape of California Eavesdropping Lawsuits
As online shoppers well-know, chatbots are employed on many websites today. Chatbots offer customer engagement, sales assistance, and 24/7 customer support that would normally require enormous overhead in the form of live call center agents. Many businesses also utilize third-party website visit recordation technology and tracking pixels to monitor consumer behavior on their websites. All of the aforementioned third-party technologies have been the subject of recent eavesdropping lawsuits.
In the Ninth Circuit, an intra-circuit split now exists on the issue of whether companies that offer this tracking software are “third parties” within the meaning of CIPA and, if so, whether the businesses utilizing such technology are aiding and abetting illegal eavesdropping activity. Some Ninth Circuit courts have held that, where a technology provider is doing only what the website operator directs and does not otherwise use the information for its own benefit, then the subject third-party provider should be considered ‘an extension’ of the website operator (akin to a tape recorder). According to this reasoning, the website operator should not be held liable under a statute primarily concerned with unauthorized third party recording. On the other side of the split, software providers are not considered “extensions” of website operators and website operators may be accordingly held liable for permitting third parties to listen in on conversations with consumers. While the Rodriguez decision fell on the latter side of the split, the Court held that: 1) CIPA does not encompass web-based messages sent from the Internet browser of a smart phone; 2) Plaintiff had not proven that the software provider improperly used the recorded data for its own purposes; and 3) even if improper use had been found, Plaintiff had not adequately argued pled Defendant knew of such use and , as such, Plaintiff’s allegations could not support an aiding and abetting claim against Defendant. Accordingly, Plaintiff’s eavesdropping lawsuit against Defendant was dismissed.
Online Retailers Must be Proactive In Guarding Against Wiretapping Lawsuits
Eavesdropping lawsuits are on the rise. Until the intra-circuit split is resolved, we can expect these cases to continue to increase in number. To safeguard against being named in a CIPA lawsuit, online retailers must be proactive in: 1) providing consumers with adequate disclosure of their use of third-party tracking technology; 2) acquiring requisite consumer consent to the use of such tracking technology; and 3) executing contracts with third-party service providers that restrict the scope of provided services to business directives, and explicitly limit the use of collected data to further said directives. Online companies must also remain up to date on the latest defenses that they can employ against these invasion of privacy lawsuits. The attorneys at Klein Moynihan Turco have decades of experience in: 1) keeping clients compliant with federal and state privacy and marketing laws; and 2) defending against novel privacy and deceptive marketing lawsuits.
[View source.]
