LaCourt v. Specific Media, Inc., 2011 WL 1661532 (Cal. App. Apr. 20, 2011).
Specific Media is an online ad network that delivers targeted advertisements to internet users. This action is the result of a consolidation of class action lawsuits arising from the alleged use by Specific Media of Adobe Flash local shared objects (“LSOs” or “Flash cookies”) to track class members’ use of the internet without their knowledge or consent. Allegedly, Specific Media was able to use these LSOs to circumvent the privacy and security controls of users who had set their browsers to block third-party HTTP cookies, block Specific Media’s HTTP cookies, or who deleted Specific Media’s HTTP cookies.
Plaintiffs purport to represent a class consisting of
[a]ll persons residing in the United States who, during the Class Period, used any web browsing program on any device to access web pages during which time and related to which Specific Media stored Adobe Flash local shared objects (LSOs) on such persons’ computers.
Furthermore, each of the named plaintiffs allege that they specifically set the privacy and security controls on their internet browsers to block third party cookies or that they periodically deleted third-party cookies, and that they still have a "Flash cookie" installed on their computer by Specific Media without notice or consent. Based on their precautionary activities, and the presence of one or more Flash cookies, the Plaintiffs asserted the following causes of action: (1) Violation of the Computer Fraud and Abuse Act, 18 U.S.C. §1030; (2) Violation of California's Computer Crime Law, Cal. Penal Code §502; (3) Violations of California's Invasion of Privacy Act, Cal. Penal Code § 630; (4) Violation of California's Consumer Legal Remedies Act, Cal. Civ. Code §1750; (5) Unfair Competition, Cal. Bus. and Prof. Code § 17200; (6) Trespass to Personal Property/Chattel; and (7) Unjust Enrichment.
Specific Media first challenged Plaintiffs' ability to satisfy the standing requirement of having suffered an injury in fact. According to Defendant's reading the Complaint, Plaintiffs failed to allege that Specific Media ever actually tracked the online activity of any named plaintiff, or that Plaintiffs ever deleted any Specific Media browser cookies. While the court conceded that an inference could be drawn from a reading of a description of Specific Media’s methods of operation and other portions of the complaint, the Plaintiffs did indeed fail to specifically allege that Plaintiffs themselves were affected by Specific Media’s alleged practices.
Furthermore, Defendant called into question the Plaintiffs’ ability to allege an economic injury or harm to their computers as a result of Specific Media’s alleged practices regarding Flash cookies. Plaintiffs allege that “by taking and retaining [Plaintiffs’] personal information,” i.e., their browsing history, Defendant has deprived Plaintiffs of this information’s economic value. While such an argument could be sustained by a showing that Defendant’s possession of such information deprived a Plaintiff of making a value-for-value exchange based on the same, Plaintiffs’ complaint is silent in this regard. As such, the court declined to find a showing of harm under this theory, and similarly rejected Plaintiffs’ second theory of harm that the installed of Flash cookies diminished the performance and capabilities of their computers, also presented without specific evidence of damage.
The court in In re DoubleClick Privacy Litigation, 154 F. Supp. 2d 497 (S.D.N.Y. 2001) held that website visitors do not suffer a cognizable “economic loss” from the collection of their data. While the DoubleClick decision was not binding in this matter, the court noted that the question of Plaintiffs’ ability to allege standing is a serious one. The Plaintiffs in DoubleClick argued both that they suffered damages based on the economic value of their attention to DoubleClick’s advertisements and the value of the demographic information compiled by DoubleClick through the use of browser cookies.
While not necessary to dismiss Plaintiffs’ claims for lack of standing, the court did specifically address some of the Plaintiffs’ specific causes of action. With respect to the Computer Fraud and Abuse Act (“CFAA”) claim, the court noted that the CFAA permits a person that “suffers damage or loss” by reason of a violation of the CFAA, to “maintain a civil action against the violator” for damages and injunctive relief. More specifically, a plaintiff must claim economic loss or damages in an amount “aggregating at least $5,000 in value during any 1-year period to one or more individuals.” After failing to sufficiently allege economic damages or harm required for standing, Plaintiffs could not then reach the threshold damages requirement under the CFAA.
With respect to Plaintiff’s Computer Crime Law claim, which does not have a minimum damages requirement, the court noted that the law still requires the claimant to be the victim of some “damage or loss.” Similarly, Plaintiff’s Trespass to Chattels claim fails without a showing of damages. The California Supreme Court has held that the tort “does not encompass . . . an electronic communication that neither damages the recipient computer system nor impairs its functioning.” Intel Corp. v. Hamidi, 30 Cal. 4th 1342, 1347 (2003).
California’s Invasion of Privacy Act was preempted by the federal Electronic Communications Privacy Act; Plaintiffs failed to defend the legal viability of their Unfair Competition and Consumer Legal Remedies Act claims; and, the court held that the remaining claim for unjust enrichment is not an independent claim.