Judge Boots Privacy Lawsuit Against Pandora but Plaintiffs Can Replead – Yunker v. Pandora
[Post by Venkat Balasubramani]
Yunker v Pandora Media, Inc., 2013 US Dist LEXIS 42691 (N.D. Cal. Mar. 26, 2013)
Pandora has been sued before for allegedly revealing listening preferences, but this is a more run-of-the-mill privacy lawsuit against Pandora. Pandora represents to its users that it will not disclose personally identifiable information to third parties. (The representation is implied as the quoted portion of its privacy policy says that it would share non-PII to third parties.)
Standing: the court concludes about standing: (1) dimunition in the value of PII is not sufficient to confer standing; (2) the allegations regarding decrease in memory space are insufficient; (3) the prospect of future harm from non-anonyized PII is too speculative; and (4) he has standing to pursue violations of his constitutional privacy rights.
Wiretap Claim: the court dismisses Yunker’s wiretap claim on familiar grounds: (1) there is no interception of any communication (using a separate device); and (2) as the recipient of any communication, Pandora could divulge it without running afoul of the Wiretap Act.
Stored Communications Act: the SCA claim has similar definitional problems. Yunker does not identify anything in “storage” that was wrongly disclosed. Cookies don’t fall within the SCA’s protection for stored communications because they are temporary. Yunker also tried to argue that Pandora provided remote computing services but, other than parroting the statutory definition, he did not identify what Pandora offered that fit within this definition. Although he cited to the discovery ruling in the YouTube case, the court distinguishes this on the basis that, unlike YouTube, nothing is uploaded and stored to Pandora by the user.
CFAA claim: the CFAA claim fails due to Yunker’s failure to allege loss sufficient to satisfy the $5,000 jurisdictional threshold. The court says there are other problems with this claim, but dismisses on the basis of failure to satisfy this element.
State law claims: Yunker’s state law claims also suffer from a variety of deficiencies. He cannot advance a claim under the Unfair Competition Law because he has not lost “money or other property” (and PII is not property); Yunker is not a “consumer” under the CLRA because he has not leased or purchased anything; his contract claim is deficient because he fails to allege damages; his privacy claim fails because Pandora’s conduct does not constitute an “egregious breach of social norms”; his disclosure of private facts claims because no personal/intimate facts were disclosed to anyone; and finally, his trespass and conversion claims also fail.
__
Yunker has the chance to file an amended complaint, but given the skepticism expressed by the court, his chances of curing the deficiencies are fairly slim.
This is a fairly unsurprising result, and in line with numerous recent cases that have tried to assert claims against networks or companies for failing to anonymize information before disclosing to advertisers. As I mentioned in my post about Hoang v. IMDB, that’s a case where a plaintiff actually has some chance of proving harm. Unless plaintiff comes forward with an “Insider”esque smoking gun, these lawsuits are doomed to fail from the start.
Previous privacy lawsuit against Pandora: Judge Dismisses Claims Against Pandora for Violating Michigan’s Version of the VPPA – Deacon v. Pandora Media
Related posts:
IMDB’s Disclosure of Actress’s Age Will Go To Trial – Hoang v. Amazon
Court Declines to Dismiss Video Privacy Protection Act Claims against Hulu
Class Action Against Path Over Cellphone Address Book Access Keeps Going
Judge Koh Whittles Down iPhone App Privacy Lawsuit
Sony Network Data Breach Class Action Suffers Setback — In re Sony Gaming Network
Starbucks Data Breach Plaintiffs Rebuffed by Ninth Circuit — Krottner v. Starbucks
9th Circuit Affirms Rejection of Data Breach Claims Against Gap — Ruiz v. Gap
LinkedIn Beats Referrer URL Privacy Class Action on Article III Standing Grounds–Low v. LinkedIn
Third Circuit Says Data Breach Plaintiffs Lack Standing Absent Misuse of Data — Reilly v. Ceridian
First Circuit Rejects Data Insecurity Claims on the Basis of Article III Standing–Katz v Pershing
New Essay: The Irony of Privacy Class Action Lawsuits
Another Data Loss Case Tossed on Article III Grounds–Whitaker v. Health Net
Reidentification Theory Doesn’t Save Privacy Lawsuit–Steinberg v. CVS Caremark
The Cookie Crumbles for Amazon Privacy Plaintiffs – Del Vecchio v. Amazon
A Look at the Commercial Privacy Bill of Rights Act of 2011
Flash Cookies Lawsuit Tossed for Lack of Harm–La Court v. Specific Media
Another Lawsuit over Flash Cookies Fails — Bose v. Interclick
Facebook and Zynga Privacy Litigation Dismissed With Prejudice [Catch up Post]
[image credit: Shutterstock]