Although the California Invasion of Privacy Act (“CIPA”) lawsuit train shows no signs of slowing down, a California federal judge recently derailed a CIPA email tracking lawsuit when it dismissed claims mirroring those asserted in other CIPA online tracking lawsuits. Below, we discuss the decision and its implications for future email tracking CIPA claims.
Email Tracking CIPA Wiretapping Claims
In Ramos v. The GAP, Inc., Plaintiff alleged, on behalf of himself and a putative class, that The GAP, Inc. (“The Gap”) contracted with a third-party to embed invisible pixels in its marketing emails to track the message interactions of consumers. Specifically, Plaintiff alleged that the pixels in The Gap’s marketing emails tracked: (1) times at which consumers opened emails; (2) the exact images and words consumers clicked on; (3) consumers’ email addresses; (4) email open rates; and (5) content click rates. Aggregating all this data through the use of email tracking, the Complaint alleged, allowed the third-party to create highly detailed personal profiles of consumers. Because of the alleged email tracking, Plaintiff asserted, among other things, that The Gap illegally wiretapped his communications in violation of CIPA.
In its carefully reasoned decision, the Court dismissed Plaintiff’s wiretapping claims, finding that Plaintiff did not plausibly plead that The Gap’s email tracking was actionable under CIPA’s anti-wiretapping provisions. First, the Court found that The Gap was not directly liable under CIPA because The Gap cannot, by definition, wiretap its own communications, and email open rates are not contents of communications under CIPA. Second, the Court found that the first clause of CIPA’s wiretapping provisions did not apply to internet communications.
Evaluating whether the data The Gap collected through email tracking were “contents” of communications under CIPA, the Court was not persuaded that users’ clicks on URLs contained within The Gap’s emails were contents of communications. Equally unavailing was Plaintiff’s argument that the URLs themselves revealed contents of communications such that the third-party could read the actual emails. In support of this assertion, Plaintiff argued that the URLs, when broken down “into the scheme, domain name, path, and query parameters,” revealed the contents of communications. The Court held that “none of these elements allegedly ‘read’ the contents of the email such that they intercept the actual substance, purport, or meaning of The Gap’s emails.” As the Court noted, “[w]hile a robust policy debate could be had about whether it is a net positive or negative that so much online activity can be tracked, the Court’s task is solely to determine whether doing so is a violation of CIPA.” Accordingly, the Court dismissed Plaintiff’s CIPA email tracking wiretapping claims.
Email Tracking Lawsuits Will Continue
This decision comes on the heels of the Ninth Circuit’s decision earlier this month in which one of the judges on the panel stated that CIPA did not apply to internet communications. When coupled with the decision discussed above, California courts now appear to be viewing CIPA claims, in the context of internet communications, with increased skepticism. Nevertheless, given the lack of uniformity amongst California courts, the plaintiffs’ bar will continue filing CIPA email tracking lawsuits unless and until California courts establish a bright-line rule for internet communications. As such, companies should carefully review their websites to ensure that they are providing adequate notice of the use of third-party tracking tools. In addition, online businesses should regularly review and update their privacy policies to reflect changes to their data collection, use and sharing practices.
Consulting with experienced counsel to ensure compliance with applicable consumer data privacy regulations can help companies avoid significant liability. The attorneys at Klein Moynihan Turco (“KMT”) regularly assist companies with federal and state marketing and consumer privacy law compliance. In addition, the KMT litigation team has successfully defended countless businesses against federal and state privacy law claims nationwide.
If you require assistance in connection with consumer privacy law compliance, or if you have been named in a CIPA-related lawsuit, please e-mail us at info@kleinmoynihan.com, or call us at (212) 246-0900.
The material contained herein is provided for informational purposes only and is not legal advice nor is it a substitute for seeking legal advice from an attorney. Each situation is unique, and you should not act or rely on any information contained herein without seeking the advice of an experienced attorney.
Attorney Advertising
Photo by CHUTTERSNAP on Unsplash
Similar Blog Posts:
