Google Faces State Law Claims in Cookie Trickery Suit

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Jimmy H. Koo

Nov. 10 — Google Inc. and other defendants will have to face California tort law claims in a consolidated class action alleging that the search engine giant tricked Internet users' browsers into accepting advertising cookies, the U.S. Court of Appeals for the Third Circuit held Nov. 10.

The appeals court, however, affirmed the dismissal of claims under the Wiretap Act; the Stored Communications Act; and the Computer Fraud and Abuse Act.

According to the plaintiffs, when a consumer using a Safari Web browser or Micrsoft Internet Explorer browser visited a website using third-party tracking cookies from the defendants, those tracking cookies allegedly circumvented the consumer's Internet browsers settings that blocked such cookies. The defendants allegedly used the cookies to intercept the consumers' Internet communications and activities, according to the plaintiffs.

The appeals court said that Google agreed to pay a $22.5 million civil penalty to settle similar Federal Trade Commission claims and a California district court approved that settlement in December 2012. An online advertising company not named in the lawsuit agreed to pay $1 million in July 2013 to settle similar claims by the New Jersey Division of Consumer Affairs.

California Invasion of Privacy Claim

In October 2013, the U.S. District Court for the District of Delaware dismissed the class action at hand, finding that the plaintiffs failed to satisfy Article III's injury in fact requirement because they didn't sufficiently allege that their ability to monetize their information was diminished or lost by Google's collection of it.

The appeals court, however, disagreed, finding that “contrary to the contentions of the defendants, a plaintiff need not show actual monetary loss for purposes of injury in fact.” Nonetheless, the appeals court affirmed the dismissal of the plaintiffs' claims under the three federal statutes.

Because the defendants were parties to “all electronic transmissions,” plaintiffs state no Wiretap Act violation, the appeals court said. “The Wiretap Act is a wiretapping statute, and just because a scenario sounds in fraud or deceit does not mean it sounds in wiretapping,” it said. Similarly, the appeals court found that the alleged intrusion upon the consumer's personal computing devices fail to implicate a “facility” that is protected by the Stored Communications Act. Finally, it said that the plaintiffs failed to plead “cognizable losses” as required to plead a violation of the Computer Fraud and Abuse Act.

However, the appeals court found that a reasonable factfinder could conclude that the means by which the defendants accomplished the tracking—by overriding the cookie blockers—“marks the serious invasion of privacy contemplated by California law.” As such, the appeals court vacated the lower court's dismissal of the plaintiffs' “freestanding privacy claims” under the California Constitution and California tort law.

Judge Julio M. Fuentes wrote the majority opinion.

Barnes & Associates, Bartimus Frickleton Robertson & Gorny, Finger & Slanina, Keefe Bartels, Bryant Law Center, Seeger Weiss, Kaplan Fox & Kilsheimer and Strange & Carpenter represented the plaintiffs. Wilson, Sonsini, Goodrich & Rosati represented Google. Venable and Richards, Layton & Finger represented Vibrant Media Inc. Ropes & Gray represented Media Innovation Group LLC. Morris, Nichols, Arsht & Tunnell and Ropes & Gray and WPP Plc.

To contact the reporter on this story: Jimmy H. Koo in Washington at jkoo@bna.com

To contact the editor responsible for this story: Donald G. Aplin at daplin@bna.com