Judge Boots Privacy Lawsuit Against Pandora but Plaintiffs Can Replead – Yunker v. Pandora
[Post by Venkat Balasubramani]
Yunker v Pandora Media, Inc., 2013 US Dist LEXIS 42691 (N.D. Cal. Mar. 26, 2013)
Standing: the court concludes about standing: (1) dimunition in the value of PII is not sufficient to confer standing; (2) the allegations regarding decrease in memory space are insufficient; (3) the prospect of future harm from non-anonyized PII is too speculative; and (4) he has standing to pursue violations of his constitutional privacy rights.
Wiretap Claim: the court dismisses Yunker’s wiretap claim on familiar grounds: (1) there is no interception of any communication (using a separate device); and (2) as the recipient of any communication, Pandora could divulge it without running afoul of the Wiretap Act.
Stored Communications Act: the SCA claim has similar definitional problems. Yunker does not identify anything in “storage” that was wrongly disclosed. Cookies don’t fall within the SCA’s protection for stored communications because they are temporary. Yunker also tried to argue that Pandora provided remote computing services but, other than parroting the statutory definition, he did not identify what Pandora offered that fit within this definition. Although he cited to the discovery ruling in the YouTube case, the court distinguishes this on the basis that, unlike YouTube, nothing is uploaded and stored to Pandora by the user.
CFAA claim: the CFAA claim fails due to Yunker’s failure to allege loss sufficient to satisfy the $5,000 jurisdictional threshold. The court says there are other problems with this claim, but dismisses on the basis of failure to satisfy this element.
State law claims: Yunker’s state law claims also suffer from a variety of deficiencies. He cannot advance a claim under the Unfair Competition Law because he has not lost “money or other property” (and PII is not property); Yunker is not a “consumer” under the CLRA because he has not leased or purchased anything; his contract claim is deficient because he fails to allege damages; his privacy claim fails because Pandora’s conduct does not constitute an “egregious breach of social norms”; his disclosure of private facts claims because no personal/intimate facts were disclosed to anyone; and finally, his trespass and conversion claims also fail.
Yunker has the chance to file an amended complaint, but given the skepticism expressed by the court, his chances of curing the deficiencies are fairly slim.
This is a fairly unsurprising result, and in line with numerous recent cases that have tried to assert claims against networks or companies for failing to anonymize information before disclosing to advertisers. As I mentioned in my post about Hoang v. IMDB, that’s a case where a plaintiff actually has some chance of proving harm. Unless plaintiff comes forward with an “Insider”esque smoking gun, these lawsuits are doomed to fail from the start.
Previous privacy lawsuit against Pandora: Judge Dismisses Claims Against Pandora for Violating Michigan’s Version of the VPPA – Deacon v. Pandora Media
IMDB’s Disclosure of Actress’s Age Will Go To Trial – Hoang v. Amazon
Did California Unintentionally (?) Impose New Statutory Duties on Every Blogger? A Post on the Newly Enacted California Reader Privacy Act
Redbox Can be Liable Under the Video Privacy Protection Act for Failure to Purge Video Rental Records — Sterk v. Redbox
Seventh Circuit: No Private Cause of Action Under the Video Privacy Protection Act for Failure to Purge Information–Sterk v. Redbox
Court Declines to Dismiss Video Privacy Protection Act Claims against Hulu
No Privacy Claim Against Netflix for Disclosing Viewing Histories and Instant Queue Titles Through Netflix-Enabled Devices — Mollett v. Netflix
Court Dismisses Data Breach Lawsuit Against LinkedIn Based on Compromised Passwords – In re LinkedIn User Privacy Litigation
Class Action Against Path Over Cellphone Address Book Access Keeps Going
Judge Koh Whittles Down iPhone App Privacy Lawsuit
Data Breach Claim Survives Based on Allegation of Misuse of Personal Information — Burrows v. Purchasing Power
Sony Network Data Breach Class Action Suffers Setback — In re Sony Gaming Network
Starbucks Data Breach Plaintiffs Rebuffed by Ninth Circuit — Krottner v. Starbucks
9th Circuit Affirms Rejection of Data Breach Claims Against Gap — Ruiz v. Gap
LinkedIn Beats Referrer URL Privacy Class Action on Article III Standing Grounds–Low v. LinkedIn
Third Circuit Says Data Breach Plaintiffs Lack Standing Absent Misuse of Data — Reilly v. Ceridian
First Circuit Rejects Data Insecurity Claims on the Basis of Article III Standing–Katz v Pershing
New Essay: The Irony of Privacy Class Action Lawsuits
Another Data Loss Case Tossed on Article III Grounds–Whitaker v. Health Net
Reidentification Theory Doesn’t Save Privacy Lawsuit–Steinberg v. CVS Caremark
Men’s Journal Beats Lawsuit Alleging Violation of California’s “Shine the Light” Privacy Statute — Boorstein v. Men’s Journal
The Cookie Crumbles for Amazon Privacy Plaintiffs – Del Vecchio v. Amazon
A Look at the Commercial Privacy Bill of Rights Act of 2011
Flash Cookies Lawsuit Tossed for Lack of Harm–La Court v. Specific Media
Judge Recognizes Loss of Value to PII as Basis of Standing for Data Breach Plaintiff — Claridge v. RockYou
Another Lawsuit over Flash Cookies Fails — Bose v. Interclick
Facebook and Zynga Privacy Litigation Dismissed With Prejudice [Catch up Post]
[image credit: Shutterstock]