Flash Cookies Lawsuit Tossed for Lack of Harm–La Court v. Specific Media
By Eric Goldman
La Court v. Specific Media, Inc., 8:10-cv-01256-GW-JCG (C.D. Cal. April 28, 2011)
Lawsuits over cookies seem so Y2K to me. I thought we’d pretty much concluded that placing cookies wasn’t actionable a decade ago (see, e.g., In re Doubleclick from 2001). But two things have changed in the interim. First, we’re no longer dealing with garden variety cookies. Now we’re dealing with FLASH cookies or SUPER cookies or LORD VOLDEMORT cookies or whatever. Surely, if you add a scary adjective before the word “cookies,” they become much, much more pernicious than the plain ol’ cookies of 2000. See more on my mocking of cookie angst.
Second, and perhaps more importantly, the Internet privacy plaintiffs’ bar is much more organized than it was a decade ago. They have built litigation machines that are ready to rock-and-roll at any privacy provocation, no matter how slight. But just because the privacy plaintiff’s bar is a well-oiled machine doesn’t mean it is doing quality legal work, as this judge notes pointedly–and repeatedly.
Even though the world might be a better place if they did, most judges are too polite and diligent to dismiss a lawsuit with a simple but honest opinion: “Motion to dismiss granted because the lawsuit is asinine.” Instead, this opinion takes 9 single-spaced pages to reach that conclusion and grant the dismissal motion, although the judge does give the plaintiffs the chance to amend (an option they should decline, although they won’t).
The Article III standing issue in privacy cases has gotten murky in the past 6 months in light of the 9th Circuit’s Krottner v. Starbucks opinion and the more recent and much broader (but surprisingly uncited) Claridge v. RockYou opinion, both of which found privacy harms where I would not have. I still think Article III standing is the best way to get rid of the junk privacy lawsuits, so I am happy when courts embrace the doctrine to end unmeritorious cases early. This court says the plaintiffs might have been able to allege some harms sufficient to show Article III standing, but their advocacy sucked.
On the key question of economic harm from placing flash cookies, the court says:
the Complaint does not identify a single individual who was foreclosed from entering into a “value-for-value” exchange as a result of Specific Media’s alleged conduct. Furthermore, there are no facts in the FACC that indicate that the Plaintiffs themselves ascribed an economic value to their unspecified personal information. Finally, even assuming an opportunity to engage in a “value-for-value exchange,” Plaintiffs do not explain how they were “deprived” of the economic value of their personal information simply because their unspecified personal information was purportedly collected by a third party.
In response to the amended complaint, I hope the court will use Rule 11 to police any deliberate overclaims by the plaintiffs trying to respond with new evidence.
The court also rejects the plaintiffs’ conclusory claim that the cookies degraded their computers’ performance. This allegation shows up in a lot of privacy complaints, and good for the judge for rejecting the generic assertion and requiring the plaintiffs to show something more tangible before they survive a motion to dismiss.
The court’s conclusion at the end of the Article III standing discussion isn’t exactly a compliment to the plaintiffs:
It is not obvious that Plaintiffs cannot articulate some actual or imminent injury in fact. It is just that at this point they haven’t offered a coherent and factually supported theory of what that injury might be.
Ugh. Then again, in a footnote, the court shows the whip to defense counsel in response to the assertion that the lawsuit was brought in bad faith:
Defendant’s counsel would be instructed that lawyers should not, just as a matter of basic professionalism, accuse other lawyers of operating a “shakedown” operation unless they can completely support such accusations.
Clearly, not a judge to be trifled with!
Although the judge dismisses the lawsuit on Article III grounds, it provides some early guidance on some of the substantive claims:
* the judge expresses skepticism that the plaintiffs can meet the $5k of damage requirement for a CFAA claim. In a footnote, the judge wonders if the plaintiffs’ harm can be aggregated together to reach the $5k threshold. (I thought it could, so I’m intrigued what prompted the footnote).
* the judge wonders if the ECPA preempts the CA Penal Code 631 claim
* the judge is skeptical of the common law trespass to chattels claim because the plaintiffs didn’t allege any meaningful impairment to their computers
* as usual, the unjust enrichment claim isn’t a standalone claim. The plaintiff also drops its CLRA claim.
Wendy Davis’ coverage of this ruling.