In re Google Inc. Cookie Placement Consumer Privacy Litigation, 2013 WL 5582866 (D. Del. Oct. 9, 2013)

Posted byShawn E. Tuma Leave a comment on In re Google Inc. Cookie Placement Consumer Privacy Litigation, 2013 WL 5582866 (D. Del. Oct. 9, 2013)

In re Google Inc. Cookie Placement Consumer Privacy Litigation, 2013 WL 5582866 (D. Del. Oct. 9, 2013)

Plaintiffs brought multidistrict consolidated litigation against Google and several online advertisers that work with Google arguing that the Defendants used coding in advertisements that “‘tricked’ their Apple Safari and/or Internet browsers into accepting cookies, which then allowed defendants to display targeted advertising.”Plaintiffs asserted claims under the Wiretap Act, Stored Communications Act and Computer Fraud and Abuse Act, inter alia.

The Court granted a motion to dismiss all claims. Of note, the Court found the Plaintiffs did not meet the Article III standing requirement because, while they were able to articulate some modicum of identifiable value to each individual Plaintiff’s PII, the Plaintiffs did not sufficiently allege that Defendants’ activities diminished that value.

The Court granted the motion to dismiss the CFAA claim because Plaintiffs failed to adequately plead the jurisdictional threshold loss even though the Court seemed to improperly use the terms loss as damages interchangeably. In footnote 11 the Court noted that it did not view Google’s actions as a “single act” that would permit the aggregation of damages (note, § 1030(c)(4)(A)(i)(1) that discusses aggregation refers to loss not damages) and found the Plaintiffs could not meet this threshold:

Plaintiffs have not alleged the kind of damage or loss required to maintain a CFAA claim. More specifically, plaintiffs have not identified any impairment of the performance or functioning of their computers. Generally, courts have rejected the contention that the unauthorized collection, use, or disclosure of personal information constitutes economic damages for the purposes of the CFAA. As discussed above under the Article III standing analysis, plaintiffs have not shown individual economic loss. Therefore, the court concludes that plaintiffs have not sufficiently alleged the threshold loss of $5,000 required by the CFAA. Defendants’ motion to dismiss this claim is granted. (internal citations omitted)

Published by Shawn E. Tuma

Shawn Tuma is an attorney who is internationally recognized in cybersecurity, computer fraud and data privacy law, areas in which he has practiced for nearly two decades. He is a Partner at Spencer Fane, LLP where he regularly serves as outside cybersecurity and privacy counsel to a wide range of companies from small to midsized businesses to Fortune 100 enterprises. You can reach Shawn by telephone at 972.324.0317 or email him at stuma@spencerfane.com.

Leave a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from Business Cyber Risk

Subscribe now to keep reading and get access to the full archive.

Continue reading