criminal penalties Archives - Tauler Smith LLP Los Angeles Trial Attorneys

Posts

Electronic Communications Privacy Act (ECPA)

September 9, 2025/in Consumer Protection /by taulersmith

The Electronic Communications Privacy Act (ECPA) is a federal law enacted in the mid-1980s just as cell phones, the internet, and other digital technologies were becoming prevalent throughout the United States. Many Americans began to use email, prompting lawmakers to put stringent privacy protections in place for those types of communications. Today, data privacy concerns remain a major concern in industries where customer records shared online typically involve sensitive material, including the financial and healthcare industries. The need for strong internet privacy protections like those provided by the ECPA and by California’s privacy laws is greater than ever as more and more third-party companies and data brokers use website data to profile users and create targeted advertising strategies. An ECPA lawsuit is often the best way for consumers to protect their data and hold companies liable for digital privacy breaches.

Legislative History of the Electronic Communications Privacy Act (ECPA)

The U.S. Congress passed the Electronic Communications Privacy Act (ECPA) in 1986 for the purpose of:

Expanding the scope of the prohibition against government wiretaps from just telephone calls to also include computer transmissions.
Adding new prohibitions against access to stored electronic communications.
Adding provisions addressing the tracing of telephone calls via pen registers and trap & trace devices.

The ECPA amended the Omnibus Crime Control and Safe Streets Act of 1968, which was intended to limit government access to private electronic communications. The older law explicitly dealt with telephone calls, while the ECPA extended those privacy protections to more modern forms of electronic communication like the internet.

Since its passage, the ECPA has been amended by several other laws, including the USA PATRIOT Act (increasing government surveillance authority in the wake of 9/11) and the FISA Amendments Act (allowing for government surveillance of non-U.S. citizens who pose terrorism threats).

What Is the Electronic Communications Privacy Act?

The Electronic Communications Privacy Act (ECPA) protects privacy rights in electronic communications, with “electronic communications” defined broadly to include telephone calls, emails, text messages, social media posts, and website communications.

The statute consists of three provisions:

Title I: The Federal Wiretap Act
Title II: The Stored Communications Act (SCA)
Title III: The Pen Register Act

Title I: Federal Wiretap Act

Title I of the ECPA is known as the Federal Wiretap Act, which protects certain electronic communications against interception via wiretapping while in transit. The statute specifically prohibits the interception, use, or disclosure of real-time electronic communications without the consent of at least one of the parties involved.

Importantly, the Federal Wiretap Act only applies to electronic data that is intercepted in real time as it is being transmitted. In other words, Title I protects against live surveillance.

Title II: Stored Communications Act

Title II of the ECPA is the Stored Communications Act (SCA), which protects data held in electronic storage by third-party service providers. (E.g., emails stored on computer servers or files on a cloud drive.)

When a person, company, or other entity gains access to stored electronic data such as emails on a server, it may constitute a Title II privacy violation. For example, employers cannot access and then read employees’ personal emails without notice, consent, or a court order.

Title III: Pen Register Act

Title III of the ECPA is also known as the Pen Register Act. This part of the statute prohibits the use of pen registers and trap & trace devices to capture and record dialing, routing, addressing, and signaling information – unless a court order has been issued to allow for the recording of the information. Title III created clear restrictions on how and when anyone can use a pen register or trap and trace device to trace telephone and other communications.

While Title I protects the content of electronic communications, Title III places limits on metadata about electronic communications. This matters because metadata – such as cell phone traffic, call logs, and IP addresses – can still reveal highly sensitive information about a communication and raise privacy concerns.

Employee Privacy Rights Protected Under the ECPA

The Electronic Communications Privacy Act (ECPA) enhanced the protections for employee privacy rights that already existed under the Omnibus Crime Control and Safe Streets Act, which placed restrictions on employers who monitor employee phone calls. The ECPA added workplace privacy protections for electronic communications and cell phone communications by prohibiting employers from secretly monitoring their employees’ personal emails or phone calls without consent.

However, there has been some criticism of the ECPA for making it too easy for employers to monitor employee communications in the workplace. Courts have found that employers simply need to provide notice to the employee via an employment contract that their work emails will be monitored, and then the employer can access all electronic communications. Another avenue for employers to monitor worker emails under the ECPA is to have a supervisor report that the worker’s activity is suspicious and their actions are not in the best interest of the company; again, this would allow the employer to monitor the employee’s emails.

ECPA Lawsuits: Companies Can Be Sued for Secretly Collecting Personal Data Online

Consumer privacy litigation, particularly in the category of data privacy, has been on the rise in recent years, with millions of consumers learning that their personal information was secretly collected online and then shared with unscrupulous data brokers. That’s why the Electronic Communications Privacy Act (ECPA) has become a vital tool in the fight to protect consumers against invasions of privacy on the internet.

The ECPA explicitly prohibits different entities – government, companies, individuals – from intercepting a person’s online data without consent. The federal statute may serve as the basis for liability in a civil suit or class action when the unlawful interception affected interstate commerce. In other words, when the sender of the communication is located in one state and the party intercepting the communication is located in another state, the victim of an invasion of privacy may bring an ECPA lawsuit in federal court.

Exceptions to ECPA Liability

There are several exceptions to ECPA liability that allow law enforcement agencies, private companies, and other entities to legally intercept electronic communications in certain contexts:

Consent: Since the ECPA is a single-consent law, it is legal under the statute to intercept a communication as long as at least one party has consented to the interception.
Service Providers: A telecoms company or internet service provider may be allowed to access an electronic communication if doing so is in the normal course of their business and necessary to manage their service. (E.g., email providers may scan users’ messages for spam.)
Law Enforcement: Police and other law enforcement agencies can intercept electronic communications after obtaining a court order, warrant, or subpoena. They may also be allowed to access data in an emergency situation.
Employers: Employers may be allowed to monitor employee communications in the workplace if it is for a legitimate business purpose and the employee has been informed of the monitoring in advance.

What Are the Penalties for Violations of the ECPA?

Violators of the Electronic Communications Privacy Act (ECPA) are subject to both criminal and civil penalties.

Criminal Penalties

A criminal conviction under the federal data privacy law can result in fines of $250,000 for individuals and $500,000 for organizations. Moreover, these fines can be imposed for each ECPA violation. Beyond that, extreme cases may result in the offending party being sentenced to up to five (5) years in prison.

Civil Damages

Victims of an ECPA violation may bring a civil suit and pursue statutory damages: up to $1,000 for each violation or the actual damages, whichever amount is greater. Additionally, it may be possible to recover punitive damages in certain cases, as well as compensation for legal fees.

Class Action Lawsuits

Many ECPA claims are filed as class action lawsuits, with hundreds or even thousands of plaintiffs affected by the same unlawful data collection practices of the defendant. These class actions often result in multi-million-dollar settlements or similarly high damages awards at trial.

Call the Los Angeles Consumer Protection Lawyers at Tauler Smith LLP

The Los Angeles consumer protection attorneys at Tauler Smith LLP represent plaintiffs in both federal and California state courtrooms. We know what it takes to win an ECPA lawsuit because we’ve helped countless clients secure favorable outcomes to their data privacy cases.

Call 310-590-3927 or send an email to schedule a free consultation.

What Is the Federal Wiretap Act?

September 9, 2025/in Consumer Protection /by taulersmith

The explosion of e-commerce websites, internet marketing, and AI technology has raised serious concerns about the privacy of consumers online. Increasingly, courts in California and elsewhere are relying on the Federal Wiretap Act to ensure that consumers’ sensitive personal information remains confidential. What is the Federal Wiretap Act? The federal data privacy law broadly protects consumer data by placing clear limits on how the government and private businesses can go about collecting information about website visitors. The law also gives individuals a private right of action to sue in federal court, which has led to a rise in class action consumer privacy lawsuits. Consumers who visited websites that unlawfully intercepted their personal data may be eligible to join one of these class actions and receive financial compensation.

To learn more about the Federal Wiretap Act, keep reading this blog.

The Federal Wiretap Act Protects Consumer Data Privacy

The Federal Wiretap Act is contained in Title I of the Electronic Communications Privacy Act (ECPA) and codified at 18 U.S.C. § 2510. The wiretapping law was passed by the U.S. Congress in 1986, with the primary intent of the statute being to extend previously enacted restrictions on government wiretaps of telephone calls to other types of electronic data transmissions by computer.

As a federal statute, the wiretap law applies to interstate or international communications. For example, a consumer may bring a Federal Wiretap Act claim when they use the internet from a California IP address to visit a website operated in another state.

Federal Wiretap Law Prohibits the Interception of Personal Communications Without Consent

The Federal Wiretap Act prohibits law enforcement agencies, businesses, and individuals from intercepting a person’s communications without their consent. The law explicitly prohibits the interception, use, or disclosure of a communication. The key term that is often disputed in civil proceedings is “intercept,” which the statute defines as “the aural or other acquisition of the contents of any wire, electronic, or oral communication through the use of any electronic, mechanical, or other device.”

One of the most common ways that a company violates the Federal Wiretap Act is by using online trackers to spy on website visitors and collect data. The personal information unlawfully collected by companies on their websites is often extremely sensitive in nature: it can include confidential medical data, financial information, and other highly personal information about website visitors.

The Federal Wiretap Act Protects Real-Time Communications

The Federal Wiretap Act’s digital privacy protections apply to wire communications, oral communications, and electronic communications. Importantly, the law protects these types of communications while they are in transit. This places a limitation on the law because plaintiffs must show that their information was intercepted and/or read in real time.

Courts will typically examine whether the online communication was collected before, during, or after it was sent. If a company read or learned the contents of a communication while it was in transit, then the action qualifies as an “interception” under the federal wiretap law and exposes the offending party to liability.

Plaintiffs in Federal Wiretap Act claims must be able to allege that their data was collected contemporaneously with the transmission of that data to a third-party’s server. For example, a plaintiff who provides personal medical information on a health website would need to show that the information was intercepted via tracking software as soon as it was input.

The Federal Wiretap Act Protects Internet Communications

Courts have interpreted the Federal Wiretap Act to apply to both internet communications and telephone communications. Although the wiretap law was originally meant to limit the ability of the government to intercept and monitor telephone calls, it is now basically settled law that these kinds of privacy statutes also protect online communications. For example, the federal wiretap law is understood to apply in many different contexts, including when companies embed trackers on their websites. This is significant because the internet era has witnessed the steady proliferation of website cookies, scripts, and pixels that track users’ activity and collect their personal information.

Email Communications

The question of whether the Federal Wiretap Act applies to email messages has been disputed in court. That’s because the statute protects electronic communications only while they are in transit, while practically all emails are put in temporary storage on the way to their final destination. However, courts have ruled that emails must be protected under the Electronic Communications Privacy Act (ECPA) because otherwise the added safeguards of the wiretap law would be meaningless.

Victims of Online Surveillance Have a Private Right of Action to Sue in Federal Court

Although the Federal Wiretap Act was initially passed as a criminal statute to limit government surveillance, the law does provide individuals with a private right of action in civil court.

The Federal Wiretap Act gives consumers the right to bring a civil suit and pursue monetary damages for data privacy breaches. When a company violates federal wiretap laws by unlawfully collecting the personal information of website visitors, the company may be subject to both criminal and civil penalties.

Are There Exceptions to Liability Under the Federal Wiretap Act?

The Federal Wiretap Act has a single-party consent exception to liability. When one of the parties to the communication consents to the interception, then the collection of data is lawful. For instance, if a company consents to the use of tracking code on its website to collect customer data, that could be enough for the one-party consent rule to initially preclude liability under the federal statute.

Crime-Tort Exception

However, even when the single-party consent exception applies, it is still possible for a plaintiff to successfully bring a Federal Wiretap Act claim if the crime-tort exception also applies. The crime-tort exception stipulates that a party may be liable under the wiretap law when they intercepted and/or shared customer data “for the purpose of committing any criminal or tortious act.”

California Invasion of Privacy Act (CIPA): State Law Protects Consumers Against Online Data Collection

The Federal Wiretap Act was actually a model for California’s main consumer privacy law: the California Invasion of Privacy Act (CIPA). The CIPA imposes even stronger data privacy protections than the Federal Wiretap Act, and this is particularly true with respect to consumer data. That’s why many California consumers choose to file invasion of privacy lawsuits under the CIPA. In fact, the CIPA is often the basis for class action lawsuits against companies that unlawfully collect and share consumer data online.

The Federal Wiretap Act can work in tandem with the CIPA and other California state privacy laws to create dual compliance obligations for companies that operate websites. Plaintiffs may file both CIPA claims and ECPA claims together, resulting in enhanced penalties for defendants and additional compensation for victims.

Two-Party Consent

One of the ways in which the California Invasion of Privacy Act (CIPA) is more robust than the Federal Wiretap Act is that the CIPA is a two-party consent law. This means that it is illegal for anyone to record a conversation without the consent of all parties to that conversation. This is true for many different types of conversations, including telephone calls, in-person conversations, and electronic or online communications.

CIPA Penalties & Damages

Like the federal wiretap law, California’s Invasion of Privacy Act (CIPA) imposes both criminal and civil penalties on offenders. The criminal penalties include fines of up to $10,000 for each violation, depending on the severity of the offense. The civil penalties include statutory damages of $5,000 per violation and actual damages for any financial losses suffered by the victim.

Contact the Los Angeles Consumer Protection Attorneys at Tauler Smith LLP

Did you visit a website that may have unlawfully collected and shared your personal information? Under federal law, you may be able to file a civil suit and get financial compensation. The California consumer protection lawyers at Tauler Smith LLP represent plaintiffs in both state and federal courts. Our legal team is highly skilled in consumer privacy litigation, and we have helped numerous clients win favorable settlements and verdicts in these cases.

Call 310-590-3927 or email us to find out how we can help you.

Did Rack Room Shoes Violate Federal Wiretap Law?

September 4, 2025/in Consumer Protection /by taulersmith

A federal court in California recently issued a key ruling in an important, potentially precedent-setting case, and court observers and legal experts are now asking: Did Rack Room Shoes violate federal wiretap law? The pre-trial ruling, issued by the U.S. District Court for the California Northern District, might have implications for the future of consumer privacy laws nationwide. The case, Smith v. Rack Room Shoes, Inc., could also result in severe consequences for a number of companies, including Meta, Attentive, and Rack Room Shoes. That’s because the companies have been accused of collaborating to collect and share the personal data of online customers in violation of the Federal Wiretap Act.

To find out about this important consumer privacy case and what it could mean for consumer privacy litigants, keep reading.

Rack Room Shoes, Meta, and Attentive Named in Federal Wiretap Lawsuit

Rack Room Shoes, Inc. is a national footwear chain that operates under both the Rack Room Shoes brand and the Off Broadway Shoe Warehouse brand. The chain sells shoes for men, woman, and children both online and in brick-and-mortar stores throughout the United States.

Meta Platforms, Inc. is a global technology company best known for owning and operating major social media platforms such as Facebook, Instagram, and WhatsApp. Meta is one of the largest public companies in the world, with its subsidiary Facebook reporting more than three (3) billion users. The tech company has previously been accused of collecting users’ biometric data without consent.

Attentive is a prominent mobile messaging & email platform. The company provides personalized SMS and email marketing to e-commerce brands that want to automate communications with customers. Attentive markets itself as an AI-powered platform that uses advanced artificial intelligence to capture, store, and activate users’ data.

Smith v. Rack Room Shoes, Inc. is being heard in the United States District Court, Northern District of California. All three companies – Rack Room Shoes, Meta, and Attentive – were named in the digital privacy claim, even though only Rack Room Shoes was named as a Defendant.

Rack Room Shoes Accused of Intercepting Customer Communications Online

Rack Room Shoes has been accused of permitting tech giants Meta, Attentive, and other companies to intercept the communications of visitors to the Rack Room Shoes e-commerce store. This unauthorized surveillance was allegedly done via trackers that Rack Room Shoes embedded on its website.

Perhaps most concerning for California consumers is the allegation that Rack Room Shoes essentially spied on website visitors and then collected their personal information without the users’ knowledge or consent.

Embedded Website Tracking Code

According to the class action suit, Rack Room Shoes embedded the code of third-party companies Meta and Attentive on its website. This code allegedly intercepts the personally identifiable communications of anyone who visits the website, and then the code directs the person’s browser to send a message to Meta or Attentive. Rack Room Shoes allegedly incorporates the data into consumer profiles provided by Meta, Attentive, and other third-party data brokers. These consumer profiles are used by Rack Room Shoes to guide its targeted advertisements. Significantly, these actions would be contrary to commitments in the Rack Room Shoes website privacy policy.

Meta, Attentive, and Data Broker Companies Accused of Collecting and Sharing Customer Data

Meta and Attentive are referenced throughout the class action complaint against Rack Room Shoes. That’s because it is Meta and Attentive tracking code and “scripts” that are allegedly utilized by the Rack Room Shoes website to collect consumer information such as customers’ names, email addresses, phone numbers, and even their online shopping behavior.

Meta Pixel Code

According to the lawsuit, one of the website tracking codes embedded on the Rack Room Shoes site is known as Meta Pixel. This code will allegedly track a site visitor’s communications and then secretly send messages to Meta with the visitor’s personal information, including:

The visitor’s search queries.
The name of any webpage visited.
The name of any button clicked by the site user.
Items placed in the user’s online cart.
Hashed values corresponding to the visitor’s name, address, phone number, and email.

Additionally, if the person who visits the Rack Room Shoes website happens to have a Facebook profile, the embedded Meta Pixel code will also allegedly send messages containing the person’s Facebook ID.

Attentive Tag Code

Another tracking tool allegedly embedded on the Rack Room Shoes website is known as Attentive Tag. This code allegedly tracks user activity on the site and sends messages to Attentive containing the user’s personal data, including:

The full URL string visited.
Any products purchased.
The user’s unencrypted phone number and email.

Data Broker Companies

The lawsuit against Rack Room Shoes also alleges that the popular shoe chain has similar “data collection” and “data sharing” arrangements with several other third-party companies beyond Meta and Attentive, including data brokers trying to sell personal information obtained from intercepted communications online.

Lawsuit: Rack Room Shoes Violated the Federal Wiretap Act

The plaintiffs filed a class action lawsuit against Rack Room Shoes in the United States District Court for the Northern District of California. The complaint specifically alleges that Rack Room Shoes “knowingly uses intercepted communications” for website visitors for the company’s own commercial purposes, including to “run targeted advertisements.” These actions would constitute serious violations of the Federal Wiretap Act.

The plaintiffs asked the federal court for equitable relief because they suffered harm from the unlawful collection and sharing of their data. The complaint provides support for the contention that their personally identifiable browsing activity has significant financial worth. That’s because this is an era in which browser history data and other personal information obtained online can be extremely valuable to data brokers and other entities that are looking to profit through personalized marketing.

Court Denies Motion to Dismiss: Federal Wiretap Suit Against Rack Room Shoes Can Move Forward

The Rack Room Shoes litigation has already seen multiple pre-trial rulings because the Defendant filed two motions to dismiss the privacy claims.

First Motion to Dismiss

The first motion to dismiss was denied because the federal court found that the plaintiffs “adequately alleged that Rack Room’s privacy policy failed to disclose that a third party may collect, store, and analyze a visitor’s browsing and purchase history in a way that is personally identifiable or that a third party could use that data for its own commercial purposes.” Therefore, said the court, the data collection was plausibly done without consent of website visitors.

Additionally, the court found that the plaintiffs stated valid claims for violations of California consumer privacy laws, including invasion of privacy under both the California Constitution and the California Invasion of Privacy Act (CIPA).

Second Motion to Dismiss

The U.S. District Court heard arguments from both sides before ruling against the Defendant’s motion to dismiss with respect to alleged violations of two statutes: the California Comprehensive Computer Data and Access Fraud Act (CDAFA) and the Federal Wiretap Act.

Although the court granted the motion to dismiss with respect to the California Unfair Competition Law (UCL) and the Consumers Legal Remedies Act (CLRA), the pre-trial ruling was still a major win for the plaintiffs because it means the class action against Rack Room Shoes can proceed on the two most significant claims: alleged violations of California’s computer data fraud law and the federal wiretap law.

Court: Rack Room Shoes May Have Violated the CDAFA

The California Comprehensive Computer Data and Access Fraud Act (CDAFA) is a state law that provides broad protection against the unauthorized use or taking of a person’s data online. As set forth by Cal. Penal Code § 502(c)(2), a person who “knowingly accesses and without permission takes, copies, or makes use of any data from a computer” violates the statute. Section 502(e)(1) further states that any “owner of a computer who suffers damage or loss by reason of a violation of the CDAFA may bring a civil action against the violator.”

In its order declaring that the wiretapping lawsuit against Rack Room Shoes may proceed, the court noted that the plaintiffs had sufficiently alleged that they suffered economic injury because Rack Room Shoes caused Meta, Attentive, and data broker companies to unjustly profit from the personal information and online activity of website visitors.

The court also noted the plaintiffs’ allegation that Rack Room Shoes used customer profiles that integrated the customers’ personally identifiable browsing history, and this allowed the company to run targeted marketing campaigns. (Moreover, Rack Room Shoes told customers in its website Privacy Policy that it would not collect this type of information.)

CDAFA Damages

The class action lawsuit against Rack Room Shoes seeks damages through disgorgement, which is specifically allowed under the CDAFA. Disgorgement is a civil remedy that requires a wrongdoer to give up any profits earned from illegal actions.

The California federal court found that the plaintiffs in the class action plausibly pleaded that they suffered the type of compensable damages that may be recovered in a CDAFA claim. The court noted that online consumers have a stake in any profits derived unjustly from their personal data. The court concluded its discussion of CDAFA damages by stating that the plaintiffs were damaged simply by not having received a share of the allegedly unjust profits generated from their data, regardless of whether there was any direct financial harm. As support for this point, the court quoted the California State Legislature’s discussion of the statutory purpose of the CDAFA: “The legislature found that the protection of lawfully created computer data is vital to the protection of the privacy of individuals.”

Court: Plausible Allegation That Rack Room Shoes Violated the Federal Wiretap Act

The Federal Wiretap Act is part of the Electronic Communications Privacy Act (ECPA). The statute, codified at 18 U.S.C.§ 2511, creates both criminal and civil liability for anyone who intentionally intercepts any wire or electronic communication, as well as for anyone who intentionally uses content knowing that the information was obtained through interception. Anyone whose wire or electronic communication is intercepted, disclosed, or intentionally used in violation of the Federal Wiretap Act may be eligible to file a civil action and recover damages from the person or entity who committed the offense.

The statute defines “intercept” as “the acquisition of the contents of any wire, electronic, or oral communication through the use of any electronic, mechanical, or other device.” In its pre-trial ruling against the motion to dismiss, the U.S. District Court found that the plaintiffs “plausibly alleged that Rack Room intentionally used intercepted communications in violation of the Federal Wiretap Act.”

Exceptions to Federal Wiretap Act

The Federal Wiretap Act does provide a limited exemption from liability – known as the “party exception” – when the person who intercepted the communication was a party to the communication. However, the limitation on this exception – known as the “crime-tort exception” – is that it does not apply when the interception was “for the purpose of committing any criminal or tortious act.”

In this case, Rack Room Shoes was both a party to the communications and consented to the interception. As such, the party exception to the wiretap law would seemingly be triggered.

However, the court found that the crime-tort exception also applies here, which means that the alleged interception of customer data is still unlawful. In its pre-trial ruling, the court stated that the plaintiffs adequately alleged that Rack Room Shoes “played an active role in the use of embedded code to intercept customers’ electronic communications” because the company customized and deployed the code. Moreover, the court noted that these data collection practices were not clearly disclosed in the company’s privacy policy. As such, said the court, Rack Room Shoes’ alleged tortious purpose in intercepting website visitors’ communications is enough to satisfy the crime-tort exception and expose Rack Room Shoes to liability under the Federal Wiretap Act.

Contact the Los Angeles Consumer Protection Attorneys at Tauler Smith LLP

The Los Angeles consumer protection lawyers at Tauler Smith LLP represent plaintiffs in invasion of privacy cases, including California CIPA claims and federal wiretapping lawsuits. If you believe that your personal information was collected online without your consent, you may be eligible to bring a claim for monetary compensation.

Call 310-590-3927 or email us to learn more.

Trap and Trace Class Action Against HoMedics

May 28, 2025/in Consumer Protection /by taulersmith

A federal court in California recently ruled on a trap and trace class action against HoMedics and FKA Distributing Co. – and the ruling was fantastic news for the consumer protection attorneys at Tauler Smith LLP. The plaintiff in the case is a California resident who visited the HoMedics website. According to the legal complaint, the website utilized TikTok software to unlawfully collect personal information from the plaintiff and other consumers who visited the site. Now the court has issued a pre-trial ruling in favor of the plaintiff to deny the Defendant’s motion to dismiss.

For more information about the TikTok trap & trace complaint against HoMedics, and to find out if you might be eligible to join the class action, keep reading.

Lawsuit: HoMedics Used TikTok Software to Collect Personal Data of Website Visitors

FKA Distributing Co., or FKA Brands, is a personal care product company. FKA Distributing sells its products across the U.S. and globally in major department stores, specialty stores, and drugstores. Some of the main FKA brands include HoMedics, House of Marley, Revamp Professional, Obus Forme, Ellia, JAM Audio, HMDX Audio, and Sol Republic. FKA primarily does business as HoMedics, which specializes in products related to health and wellness.

HoMedics sells a number of personal care items for the medical and spa industries, including hot/cold compression wraps, dental appliances, magnetic therapy products, electronic back and body massagers, humidifiers, air purifiers, and water purification systems. HoMedics also sells therapeutic bedding products: pillows, mattresses, and protective bedding. Additionally, HoMedics makes products for Sharper Image and Stanley Black & Decker. Many of these products are sold on the Homedics.com website.

Digital Privacy Lawsuit Against HoMedics

The plaintiff alleged that when she visited the Defendant’s website, Homedics.com, her personal data was unlawfully collected with TikTok-created deanonymization software. According to the complaint, the TikTok software instantly gathered data about the plaintiff as soon as she visited the website, including her geographic location and other personal identifying information.

The purpose of this data collection was allegedly to match it with TikTok’s existing data, which could then be used to identify individual visitors. This has legal implications because the collection of a website visitor’s personal data without consent is a direct violation of California’s Trap and Trace Law. That law is codified in Cal. Penal Code § 638.51.

Class Action Lawsuit Against HoMedics in California Central District Court

The plaintiff, a California resident, filed a class action against FKA Distributing Co. on behalf of all persons living in California whose identifying information was sent to TikTok through the use of the HoMedics website. The lawsuit was initiated in the Los Angeles Superior Court and was later removed to a federal court: the United States District Court for the Central District of California.

The class action alleged that FKA Distributing violated California’s Trap and Trace Law. When the case was moved to federal court, FKA Distributing filed a motion to dismiss. That motion was rejected by the court, which means that the claim may now move forward.

HoMedics Accused of Violating the California Invasion of Privacy Act (CIPA)

The California Invasion of Privacy Act, also known as the CIPA, is codified in Cal. Penal Code § 630. The law imposes both civil and criminal penalties against offenders who engage in electronic interception, recording, or eavesdropping on private communications.

Section 638.51 of the statute prohibits the installation of a pen register or trap & trace device unless the party has obtained a court order to do so.

Under section 637.2 of the statute, a plaintiff can bring a private right of action for violations of the CIPA. This means that consumers can file a lawsuit and recover statutory damages if their personal data has been collected without consent.

Court: FKA Distributing and HoMedics May Have Violated California’s Trap & Trace Law

The first court order in the FKA Distributing TikTok complaint was issued in response to a motion to dismiss. The Defendant argued that the TikTok software allegedly used on the HoMedics website does not constitute a “trap and trace device” within the meaning of § 638.50(c). However, the court found the Defendant’s argument “unpersuasive,” stating that the TikTok software could plausibly constitute a “trap and trace device” and therefore could be a violation of the statute.

HoMedics TikTok Trap & Trace Software

The TikTok software allegedly utilized by the HoMedics website works by gathering the device information, browser information, and geographic information of site visitors, which then allows TikTok to identify individual users.

The California Invasion of Privacy Act (CIPA) defines a trap and trace device as any “device or process that captures the incoming electronic or other impulses” identifying the source of the communication. The federal court in this case noted that the statute’s reference to a “device or process” implies that it is the result of the information gathering that matters: the use of an AutoAdvanced Matching feature on the HoMedics website to identify the source of website visitors does fall within the scope of the Trap & Trace Law.

No Consumer Consent for Data Gathering

FKA Distributing Co. also argued that consent for the tracking of visitors’ data was granted by the Defendant, which was also a party to all communications on its website. The court rejected this absurd argument on its face since the person who needs to provide consent is clearly the website user whose personal data is being tracked by the website.

The Defendant attempted to argue that, by definition, a person cannot “intercept” communications to which they were already a party. But the court found that this narrow reading of the law only applies to allegations of wiretapping violations, not cases like this one that go beyond wiretapping and involve broader allegations of electronic interception.

No Automatic Consent for Data Collection

The court also rejected the Defendant’s argument that website visitors automatically consent to the data collection practices simply by visiting HoMedics.com.

The Defendant claimed that its website Privacy Policy provided notice of the site’s use of a trap and trace device, including a warning to site visitors that the Defendant may collect personal data like the user’s name, email, phone number, and postal address. But the court said that this was not sufficient to prove that a reasonable user reading the Privacy Policy would definitely understand it – or that it would necessarily involve the use of TikTok software to monitor and essentially spy on the user.

Federal Court Denies Dismissal of TikTok Trap & Trace Claim Against HoMedics

The California Central District Court recently issued a second court order in the digital privacy complaint against FKA Distributing Co. and HoMedics. FKA Distributing argued that the complaint should be dismissed for lack of personal jurisdiction, failure to allege a concrete injury, and failure to allege an actual violation of the Trap & Trace Law. The court rejected all of these arguments, finding them “unavailing.”

Personal Jurisdiction

The federal court quickly found that the Defendant waived personal jurisdiction when they failed to raise it as an issue in an earlier motion to dismiss the invasion of privacy complaint.

Consumers Harmed by HoMedics Privacy Violations

The court also found that the plaintiff adequately alleged concrete and particularized injury to her privacy rights. Specifically, the court said that the plaintiff provided the facts necessary for a trap & trace complaint, such as the number of times she visited the HoMedics website, exactly what information she provided on the site, what information the Defendant captured, and the fact that she was not aware of the Defendant’s tracking practices.

The plaintiff showed that she visited the HoMedics website in March 2024. The plaintiff also clearly alleged that the Defendant operates TikTok software on the website for the purpose of collecting users’ personal identifying information, including:

Device and browser types.
Geographic locations.
Referral URLs.

Moreover, the plaintiff alleged that the Defendant unlawfully collects this information from everyone who visits the website, and that this happens automatically as soon as anyone lands on the site.

TikTok Software Violates Consumer Privacy Interests

FKA Distributing Co. argued that the plaintiff failed to show that any private or personal identifying information had been collected by the Defendant’s website. The court rejected this argument as well. According to the court, the plaintiff alleges that the Defendant’s TikTok software “effectively de-anonymizes the website user” to collect tracking information. Additionally, this data collection allegedly happens regardless of whether the user has a TikTok account.

The court concluded that the plaintiff’s allegations are sufficient to establish a concrete injury from visiting HoMedics.com. This injury would be a direct harm to the plaintiff’s privacy interests because the compilation and collection of users’ personal data occurs without consent.

Did You Visit the HoMedics Website? Contact the Los Angeles Consumer Protection Lawyers at Tauler Smith LLP

If you visited the HoMedics website for any reason, it’s possible that your data was unlawfully collected and sent to TikTok. This could make you eligible to join a class action lawsuit to receive monetary compensation for the violation of your privacy rights. The legal team at Tauler Smith LLP represents plaintiffs in California trap & trace claims, consumer fraud complaints, and other types of consumer protection lawsuits. We can help you get justice.

Call 310-590-3927 or send an email to talk with one of our experienced California consumer protection attorneys today.

Judge Denies Motion to Dismiss Class Action Against C2 Education

July 30, 2024/in Consumer Protection /by taulersmith

Tauler Smith LLP recently filed a trap and trace lawsuit against C2 Education for violating the California Invasion of Privacy Act (CIPA), and now a federal court has ruled: a judge denied the motion to dismiss the class action against C2 Education. The complaint alleges that the leading provider of tutoring services nationwide has unlawfully installed “trap and trace” software on its website and allowed the social media app TikTok to collect private data from site visitors. The Defendant filed a motion to dismiss the lawsuit, but the court rejected all of the Defendant’s pre-trial arguments. This represents a major victory for the California consumer protection lawyers at Tauler Smith LLP.

For more information about the lawsuit against C2 Education for invasion of privacy, and to learn whether you might be eligible to join the class action, keep reading.

Tutoring Company C2 Education Sued for Invasion of Privacy

Tauler Smith LLP represents California consumers who have filed a class action complaint against C2 Educational Systems Inc., a company which markets itself as a leading provider of tutoring, test prep, and college admissions counseling services to K-12 students in California and throughout the United States. The company’s online tutoring programs can be accessed at the website www.c2educate.com. This website is at the heart of the lawsuit against C2 Education because of the company’s partnership with the controversial social media platform TikTok. According to the lawsuit, C2 Education allows TikTok to install a “trap and trace device” on the tutoring website landing page and to secretly collect personal data about consumers who visit the site.

What Are “Trap and Trace Devices”?

What are trap and trace devices? California consumer protection law defines these as devices or processes that record or capture “dialing, routing, addressing, or signaling information” from a “wire or electronic communication.” When a company embeds and uses a pen register or trap and trace device without first obtaining a court order, they are directly violating Section 638.51 of the Trap and Trace Law.

Lawsuit: C2 Education Violated California’s Trap and Trace Law

The California Trap and Trace Law is codified in California Penal Code § 638.51, a provision of the California Invasion of Privacy Act (CIPA). The lawsuit against C2 Education alleges that the tutoring company violated the Trap and Trace Law’s prohibition against the use of pen registers and trap & trace devices: TikTok software embedded on the C2 Education website is utilized to unlawfully collect site visitors’ information without either express or implied consent. Beyond that, site visitors are never informed that their data is being collected and shared with the Chinese government for “fingerprinting” and de-anonymization.

“Fingerprinting”

According to the legal complaint, the TikTok de-anonymization software installed on the C2 Education website uses a process known as “fingerprinting.” This allows the site to collect data from visitors, and the data is then matched with TikTok’s massive user database to uncover visitors’ identities. The personal data that TikTok allegedly collects from website visitors includes device and browser information, geographic information, referral tracking, and URL tracking.

“AutoAdvanced Matching”

The class action lawsuit also alleges that C2 Education enables TikTok’s “AutoAdvanced Matching” feature, which allows TikTok to run codes or “scripts” that capture data from online forms filled out by website users. This form data may include things like the user’s name, date of birth, and physical address.

Defendant Files Motion to Dismiss Class Action Complaint

The complaint against C2 Education was filed in the United States District Court for the Central District of California. The Defendant filed the motion to dismiss pursuant to Federal Rule of Civil Procedure 12(b)(6), which calls for a case to be dismissed when a plaintiff fails to state a claim upon which relief can be granted.

The Defendant argued that the complaint should be dismissed because:

Section 638.51 does not apply to website software.
The TikTok Software used by C2 Education merely collects information that is necessary for the basic operation and maintenance of the website.
Consent was given for use of the TikTok Software on the C2 Education website.
The TikTok Software only collects the “contents of a communication,” which is allowed under the statute.
Section 638.51 is a criminal statute and does not provide plaintiffs with a private right of action in civil court.

Federal Judge Denies Motion to Dismiss Trap & Trace Lawsuit Against C2 Education

U.S. District Judge R. Gary Klausner heard arguments from both sides and then issued a ruling denying the Defendant’s motion to dismiss. This means that the case against C2 Education could now proceed to trial. In fact, the court strongly rejected all of the Defendant’s arguments, and may have even set precedent for trap & trace class actions.

The court’s responses to the Defendant’s arguments are addressed below:

CIPA Applies to TikTok Software

C2 Education argued that the claim should be dismissed because California Penal Code § 638.52 uses language about “telephone lines,” not websites. Also, the statute indicates that a pen register or trap and trace device must be a physical device attached to a telephone line. Therefore, argued the Defendant, the TikTok Software embedded in the C2 Education website is not covered by the Trap and Trace Law because the software is not a physical device attached to a phone line. The U.S. District Court disagreed.

In rejecting the Defendant’s motion for dismissal, the court highlighted an important distinction between § 638.52 and § 638.50. Although Section 638.52 refers to trap & trace devices as physically attached to telephone lines, Section 638.50 does not include any such requirement: the statute refers broadly to “devices or processes” that capture information electronically. Additionally, other federal courts have interpreted the statute broadly by focusing on the result of the impermissible data collection and concluded that tracking software can constitute a pen register or trap & trace device under the law.

TikTok Software Collects Consumers’ Personal Data

C2 Education also argued that the complaint should be dismissed because the TikTok Software only records data needed for the operation and maintenance of the tutoring website. Since the Trap and Trace Law includes an exception for the use of pen registers and trap & trace devices to “operate and maintain” an electronic communication service, this kind of use would be allowed under the law. The district court rejected this argument.

In its ruling, the U.S. District Court noted that the plaintiff alleged that the TikTok Software is used by C2 Education to record more than just IP addresses. For example, the complaint alleges that the software also records browser and device data, form data, and other personal information about website visitors. The court found that this type of data collection is probably not necessary for the operation and maintenance of the website, so the statutory exception cited by the Defendant would not apply in this case.

Consumers Did Not Consent to Use of TikTok Software

Under § 638.51 of the Trap & Trace Law, companies are allowed to use pen registers and trap and trace devices if the website user has provided consent. C2 Education argued that the invasion of privacy lawsuit should be dismissed because the main “user” of the website was the Defendant, who consented to the use of tracking software. The court understandably rejected this argument because California law would seem to indicate that the only relevant user of a website is the site visitor, not the site operator – and the user in this instance did not consent to having their personal data collected by the TikTok software. As such, ruled the court, the lawsuit against C2 Education should survive summary judgment and possibly go to trial.

C2 Education Collects Personal Information from Consumers

The California Trap and Trace Law applies to websites that use pen registers or trap & trace devices to record “dialing, routing, addressing, or signaling information.” However, since the statute seemingly does not apply when the “contents of a communication” are recorded, the Defendant in this case argued that the data collected by the TikTok Software on the C2 Education website does not fall within the scope of the statute. Once again, the U.S. District Court rejected the Defendant’s argument.

The court found that the lawsuit clearly alleges that the TikTok Software used by C2 Education gathers “device and browser information, geographic information, and browsing history.” Moreover, the lawsuit describes multiple data points that the TikTok Software allegedly captures, which is sufficient to bring a claim under the Trap & Trace Law.

CIPA Allows Consumers to Sue for Digital Privacy Violations

The Trap and Trace Law is a part of the California Invasion of Privacy Act (CIPA), which is codified as Cal. Penal Code § 638.51. The Defendant argued that the civil lawsuit against C2 Education should be dismissed at the summary judgment phase because the CIPA is a criminal statute with criminal penalties and does not allow individual defendants to seek monetary remedies in a civil suit. The court rejected this argument because the CIPA explicitly confers a private right of action and allows individual consumers to bring lawsuits. The court specifically pointed to § 637.2, which has a broad and unambiguous endorsement of private rights of action for all CIPA violations.

U.S. District Court: C2 Education’s Use of TikTok Software May Have Violated California Consumer Privacy Laws

At the conclusion of its order rejecting the Defendant’s motion to dismiss, the U.S. District Court for the Central District of California stated that the allegations in the class action complaint “demonstrate that the Defendant, through use of the TikTok Software, collected site visitors’ information, thereby constituting an invasion of privacy.” Significantly, the plaintiffs may now have the opportunity to argue their case at trial – which represents another successful pre-trial outcome for the Tauler Smith litigation team.

Contact the California Consumer Protection Lawyers at Tauler Smith LLP

If you are a California resident who visited the C2 Education website for any reason, you may have been the victim of an unlawful invasion of privacy. Contact the Los Angeles consumer protection attorneys at Tauler Smith LLP to find out if you are eligible to join a class action lawsuit to receive financial compensation. Call 310-590-3927 or send an email.

FTC Rule Proposal on Automatic Renewals

August 30, 2023/in Consumer Protection /by taulersmith

The Federal Trade Commission (FTC) may soon pass new rules that strengthen federal protections for consumers who purchase products or services that are automatically renewed. The FTC rule proposal on automatic renewals would impose strict requirements on companies that offer automatic renewal subscriptions, or negative options, to consumers. Federal statutes and rules typically refer to automatic renewals as “negative options” because the absence of any affirmative action by the customer is enough to justify the auto-renewal. In other words, silence or inaction by the consumer is construed as acceptance of the auto-renewal contract. The amended FTC rule would make it easier for consumers to cancel their auto-renewal subscriptions, and it would impose civil penalties on companies that violate federal law.

For more information about the proposed amendments to the FTC Rule on Automatic Renewals, keep reading this blog.

What Is the Federal Law on Automatic Renewals?

California consumer protection lawyers are familiar with California’s Automatic Renewal Law (ARL), which regulates businesses that offer auto-renewing subscriptions to consumers in the state. The federal analogue to the ARL is the Negative Option Rule, which has been in effect in every state for 50 years. The Negative Option Rule is enforced through Section 5 of the FTC Act. In this context, automatic renewals are called “negative options” because sellers are allowed to interpret a customer’s silence as implied acceptance of an auto-renewal offer.

There are some major limitations on the Negative Option Rule. For example, the federal law only regulates prenotification plans. This means that the law only applies to companies that attach auto renewals to customer agreements before the sale of products or services.

FTC Proposes Amendment to the Federal Rule on Automatic Renewals

The FTC has proposed amendments to the federal Automatic Renewal Law. The suggested changes to federal law would have a significant effect on many state laws, especially in states that do not already regulate auto-renewal subscriptions. Some of the specific regulations that would be modified or added to federal law under the rule change include:

Mandatory upfront disclosures of auto-renewal plans.
Penalties for company misrepresentations about auto-renewal plans.
Obtaining consumer consent for enrolling in auto-renewal plans.
Annual reminders about automatic renewals.
Easier cancellation of auto-renewal plans.

Ultimately, the FTC will decide whether to approve or decline the proposed rule changes. The federal agency might also decide to make revisions and then open up the new amendment for public comments.

Auto-Renewal Disclosures

One of the biggest changes being proposed for federal law is to require businesses to disclose any auto-renewal terms in a way that ensures that customers will see the terms. The current federal law stipulates that businesses must place auto-renewal terms in “visual proximity” to a request for consent. By contrast, the new rules would require these disclosures to be “immediately adjacent,” or right next to, any text about customer consent so that the disclosures are easily noticeable or difficult to miss. In other words, companies won’t be able to hide the auto-renewal consent text.

Additionally, the proposed FTC rule calls for companies to disclose particular information before customers can legally consent to an automatic renewal plan:

Will payments be recurring?
What is the cost of the subscription, including the auto-renewals?
When will the subscription first automatically renew, and on what dates or at what intervals thereafter?
What is the deadline to cancel the subscription before it automatically renews?
What is the process for canceling the subscription?

The amended FTC rules would require companies to provide this information for all types of transactions involving recurring contracts, not just those occurring online. That’s because the rules would apply to offers made on the internet, in print publications and advertisements, during telephone solicitations, and in person at brick-and-mortar retail stores.

Misrepresentations About Auto-Renewal Plans

California consumer fraud lawyers will tell you that the state’s false advertising laws impose severe restrictions on the sales practices of companies that do business in the state. Companies that violate these laws may be subject to both civil liability and criminal penalties for egregious conduct. The proposed FTC rules would go a long way toward catching up with California’s regulations of companies that offer auto-renewal plans by applying federal regulations to misrepresentations about the entire sale agreement. For instance, the federal law would explicitly bar companies from misrepresenting a material fact related to any part of a transaction involving an automatically renewing subscription, even if the misrepresentation has nothing to do with the auto-renewal.

Consumer Consent for Auto-Renewals

The proposed changes to FTC rules would include a requirement that companies obtain affirmative consent from consumers before an auto-renewal contract becomes legally binding. Importantly, the customer’s consent for auto-renewal terms would have to be separate and apart from their consent for the transaction or purchase itself. For example, the business would not be able to hide the auto-renewal agreement or otherwise confuse the customer into thinking that they are only agreeing to the original purchase. As set forth by the recommended FTC rules, the request for affirmative consent from the consumer for the auto-renewal subscription would likely have to be a “check box, signature, or other substantially similar method.”

Additionally, companies will need to maintain a record of the customer-provided consent for a period of at least three (3) years from the date on which the subscription was first approved, or for one (1) year after the subscription has been cancelled.

Annual Reminders About Auto-Renewals

The FTC rule amendment under consideration would require companies to send annual reminders to customers about any auto-renewing subscriptions that involve products or services other than physical goods. The reminder must be sent annually even if it is not a yearly subscription plan. Additionally, these annual reminders would need to be in plain language that clearly identifies the product subscription or service being renewed, the dollar amount of the subscription, the frequency of the renewals, and the process for cancelling the subscription. The reminder would also have to be sent to the consumer in the same manner that they initially provided consent for the auto-renewal plan.

Cancellation of Auto-Renewals

The FTC rule changes would also require businesses to make it easy for customers to immediately cancel their auto-renewal subscriptions. For example, the cancellation option must use simple and easy-to-understand terms. The customer must also be given the ability to cancel through the same method they used to make the initial purchase, meaning that an online purchase could be cancelled on the company’s website.

Another requirement under consideration by the FTC is that companies would not be able to make any additional offers when a customer is attempting to cancel their auto-renewal subscription. These types of offers are known as “save attempts” because they tend to involve the business trying to save the auto-renewal subscription from cancellation. The idea here is that businesses should not be allowed to confuse customers with unclear terms or modifications that might dissuade them from cancelling their subscription.

FTC Rule on Auto-Renewals Regulates Business-to-Business Contracts

The California Automatic Renewal Law (ARL) is considered by many to be the strongest such law in the country, imposing requirements on businesses that go far beyond anything in current federal laws. In at least one way, however, the proposed FTC rule would actually go further than California’s ARL. That’s because the federal law would apply to both consumer transactions and business-to-business transactions.

FTC Enforcement of Federal Auto-Renewal Laws

Amendments to the federal law on automatic renewals would greatly strengthen the ability of the Federal Trade Commission (FTC) to enforce the law and crack down on violators. The FTC proposal would allow the government to seek restitution on behalf of consumers, as well as imposing civil penalties against companies that violate the law.

The federal law does not provide a civil remedy for individual consumers, but they can still seek financial compensation by filing a lawsuit based on state laws like the California Automatic Renewal Law (ARL). The federal law on auto renewals may also make it easier for consumers to file class action lawsuits under state law.

California’s Law on Automatic Renewal Offers

Companies that do business in California must follow stringent requirements when it comes to subscription renewals, including pre-transaction disclosures, affirmative consent, renewal notices, and cancellation policies. The purpose of the California Automatic Renewal Law (ARL) is to end the practice of ongoing charging of consumer credit cards without consumers’ explicit consent.

Some of the specific requirements that the California ARL imposes on companies include the following:

Cancellations: Customers must be permitted to cancel their subscriptions online if they initially signed up online. Additionally, the cancellation process must be easy, with no steps that might obstruct or delay the process.
Long-term subscriptions: If the subscription is for a period of at least one year before the initial renewal, businesses must send renewal notices to customers to ensure that they are informed. This notice needs to be sent at least 15 days before the subscription is scheduled to be renewed.
Free gifts or promotions: If there was a free gift, trial subscription, or promotional discount involved, the company must send a notice of renewal to the customer before the trial period is over.

Call the California Consumer Fraud Attorneys at Tauler Smith LLP

The California consumer fraud attorneys at Tauler Smith LLP represent plaintiffs in civil suits filed in both state and federal courtrooms throughout the country. If you were charged for an automatically renewing subscription that you did not authorize, we can help you pursue restitution and monetary damages. Call 310-590-3927 or email us to discuss your case.

Nationwide Mutual Insurance CIPA Lawsuit

CIPA Lawsuit Against Nationwide Mutual Insurance

August 24, 2023/in Consumer Protection /by taulersmith

A CIPA lawsuit was recently filed against Nationwide Mutual Insurance for illegal wiretapping and invasion of privacy, and now a federal judge in California has ruled that the case can proceed to trial. The U.S. District Court judge issued the ruling in response to a motion to dismiss the wiretapping claims under Section 631 of CIPA, or the California Invasion of Privacy Act. The civil suit alleges that Nationwide Mutual unlawfully allows a third party to eavesdrop on customer conversations on the insurance company’s website. Chat communications are allegedly monitored in real time, and the sensitive personal data from those conversations is allegedly stored and used for financial gain. These actions would constitute clear violations of California consumer privacy laws.

These days, it is common for many different types of businesses to violate the CIPA and other invasion of privacy laws. If you live in California and used the chat feature on a company’s website, you may be eligible to join a class action lawsuit for invasion of privacy. The Los Angeles consumer protection lawyers at Tauler Smith LLP can help you get financial compensation.

Nationwide Mutual Insurance Sued for Invasion of Privacy

The defendant in the recent invasion of privacy case is Nationwide Mutual Insurance Co., which is a corporation that offers insurance, retirement, investing, and other financial services and products to consumers in the United States, including residents of California. Nationwide operates a website: www.nationwide.com. The website has a chat feature, which customers can use to have online conversations with Nationwide. Sometimes, the customers who use the chat feature may share sensitive personal data with the company.

Third-Party Wiretapping of Customer Conversations

Nationwide Mutual Insurance has been accused of using a third-party company, Akamai or Kustomer, to embed code into the Nationwide website, which allows the third-party company to monitor and store transcripts of the conversations that occur through the chat feature. Akamai specializes in harvesting data from consumer conversations, which is believed to be the reason that Nationwide contracted with them in the first place.

Significantly, Nationwide does not inform customers who use the chat feature on the website that monitoring of conversations, storing of transcripts, or data harvesting occurs. Beyond that, Nationwide does not obtain customers’ consent for any of these activities.

Federal Judge Denies Motion to Dismiss Wiretapping Lawsuit Against Nationwide Mutual Insurance

The plaintiff in the consumer data privacy case is a California resident who used a smartphone to visit the Nationwide Mutual Insurance website and to communicate with Nationwide via the company’s website chat program. She filed her original legal complaint in Los Angeles County Superior Court, and the case was later removed to the U.S. District Court for the Central District of California.

Once the case arrived in federal court, Nationwide filed a motion to dismiss the complaint. The U.S. District Court recently held a hearing on the motion to dismiss. Although the Section 632.7 CIPA complaint was dismissed, the court ruled that the Section 631 CIPA complaint could move forward to trial. The court found that the plaintiff had stated a valid claim under § 631 of the CIPA because she plausibly alleged that Nationwide aided third-party Akamai in violating the consumer privacy statute.

What Are California’s Data Privacy Laws?

On top of having extremely strong consumer protection laws, California also has some of the strongest digital privacy laws in the country. The three most prominent statutes are the California Invasion of Privacy Act (CIPA), the California Consumer Privacy Act (CCPA), and the California Privacy Rights Act (CPRA). All of these data protection laws impose civil liability on companies that invade the privacy of customers. The CIPA imposes a requirement on businesses to obtain permission from customers before recording telephone and internet communications, including online chat conversations. The CCPA specifically prohibits businesses from sharing the personal information of customers with third parties, while the CPRA amended the law to increase the penalties for violating consumer privacy.

What Conduct Is Prohibited by the California Invasion of Privacy Act?

Although Section 631 of the California Invasion of Privacy Act (CIPA) is technically a criminal statute with criminal penalties, the Penal Code authorizes civil liability for violations of the law. This means that consumers whose confidentiality was invaded by a company doing business in California can potentially bring a civil lawsuit for monetary damages.

California courts ruling on CIPA claims have interpreted Section 631 to prohibit three types of conduct:

Intentional wiretapping.
Attempting to learn the contents of a communication in transit over a wire.
Attempting to use information obtained as a result of wiretapping or monitoring of communications.

Additional requirements or elements of a CIPA violation include that the intentional wiretapping was done while the communication was in transit and that the communication was being sent from or received at a location within California. The prohibited conduct includes reading the contents of any message, report, or communication without the consent of all parties to that message, report, or communication. If one of the parties did not know that the chat or other type of communication was being monitored and/or wiretapped, then it would not be possible for them to provide consent or authorization. The bottom line is that eavesdropping on a conversation is a clear violation of Section 631 of the CIPA.

“Aiding” a Violation of the CIPA

Section 631 of the California Invasion of Privacy Act (CIPA) also imposes liability on any company that “aids” or assists another in violating the statute. The plaintiff in this case alleges that Nationwide Mutual Insurance “aided, abetted, and even paid third parties to eavesdrop” on her conversations. Moreover, she alleges that these privacy breaches happened not only with her communications, but also with other consumers’ communications on the Nationwide website.

Party Exception to § 631

There is a “party exception” to Section 631 of the CIPA. Courts have found that a party to a conversation cannot be liable for “eavesdropping” on that conversation. But this gets complicated when the conversation involves a third party. For example, if computer code on a website automatically directs a communication to a third party, the party exception won’t shield the third party from civil liability under the CIPA.

U.S. District Court: Nationwide Mutual Insurance May Have Violated California Invasion of Privacy Law

The plaintiff in the Nationwide Mutual Insurance data privacy case alleged that Nationwide violated the California Invasion of Privacy Act (CIPA) pursuant to California Penal Code § 631. Now, the U.S. District Court for the Central District of California has found that the plaintiff plausibly alleged that Akamai read the contents of her messages, which would constitute a violation of Section 631 by Nationwide for “aiding” in the wiretapping offense. Moreover, the court agreed that it is conceivable that Nationwide hired Akamai specifically to intercept messages and use them for Nationwide’s financial benefit. This would constitute “aiding” the illegal wiretapping by Akamai, which would lead to Nationwide itself being liable for violating the CIPA.

One theory put forward in the case is that Nationwide paid Akamai to “embed code” into the website that “enables Akamai to secretly intercept in real time, eavesdrop upon, and store transcripts” of messages sent via the website chat feature. In fact, it has been alleged that Akamai’s business model is to harvest data from transcripts of communications. Significantly, the federal court said that one inference from the plaintiff’s legal claim is that the personal information being harvested goes beyond mere “record information” like the consumer’s name, address, and subscriber number.

Akamai has been accused of intercepting customers’ messages as they are sent and received on the Nationwide website. The court found that these allegations are “plausible” based on Akamai’s public statements about their conduct. Additionally, the court said that the plaintiff clearly alleged that neither Akamai nor Nationwide Mutual Insurance had her consent to harvest personal data from communications on the Nationwide website.

Contact the California Consumer Protection Lawyers at Tauler Smith LLP

Anyone who used the chat feature on a company’s website may have been the victim of illegal wiretapping and privacy violations. If you are a California resident who visited a website, the Tauler Smith LLP legal team can help you. Contact our Los Angeles consumer fraud and false advertising attorneys today. You can call 310-590-3927 or email us.

California Invasion of Privacy Act & Website Wiretapping

July 7, 2023/in Consumer Protection /by taulersmith

It is important for consumers who interact with businesses online to have a solid understanding of the California Invasion of Privacy Act (CIPA) and website wiretapping. When you have a conversation with someone on the phone or via the computer, there is usually a reasonable expectation that the conversation will remain between the two parties. But what happens when what you believed to be a private conversation was actually being wiretapped, surveilled, and/or recorded by the other party? If this happens in the context of a business transaction, sales call, or online chat, your information could be sold to other companies that profit from the data. This has become a very serious problem in the internet era when personal data can be transmitted and circulated at a rapid pace. It’s one reason that California consumer privacy laws like the CIPA have become so important as tools to protect consumers against unethical business practices.

To learn more about the consumer protections against website wiretapping afforded by the California Invasion of Privacy Act, keep reading this blog.

What Is Website Wiretapping?

Wiretapping is a term used to describe the act of connecting a listening or recording device to a telephone. Website wiretapping occurs when the chat communications on a website are unlawfully recorded, transcribed, or surveilled without permission. These days, wiretapping technology is commonly used to secretly record conversations on websites that were supposed to remain private. Some of the reasons that people might illegally wiretap a website chat include gaining information about a business competitor, learning the details of an opponent’s lawsuit, or acquiring valuable data about a customer that can be sold to others.

Illegal wiretaps are not just against the law; they can also cause significant harm to victims. That’s why both federal privacy statutes and California privacy laws allow individuals to file civil lawsuits against anyone who records their online conversation without consent.

California’s Law on Website Wiretapping: Section 631 of the CIPA

California has a number of very strong consumer protection laws that prohibit companies from jeopardizing the digital privacy and security of customers. Any company that does business in California needs to be completely transparent in their data collection practices, which includes obtaining proper consent from customers and website visitors before any personal information is shared online.

For example, California courts have held that it is a violation of California’s Invasion of Privacy Act (CIPA) for companies to wiretap user chats and other communications on websites. It is specifically a violation of § 631(a) of the CIPA when the intercepted communications contain what might be considered more sensitive than “record information” such as the user’s name, address, email, etc.

Additionally, Section 631 of the CIPA gives consumers a legal right to know when their phone conversation is being recorded, or when their online chat conversation is being monitored and transcribed. That is why a lot of companies provide automated warnings at the beginning of calls to alert customers to the possibility that the call may be monitored or recorded, and privacy policies on websites that disclose the monitoring of website chat communications with session recording technology.

Wiretapping on Websites:

Customers have a reasonable expectation of privacy when they visit a company’s website and use the chat feature. Their privacy rights are violated when a company wiretaps the online conversations, and they are further violated when that company allows third-party entities to eavesdrop on the chat conversations.

In recent years, many companies doing business online have been accused of breaching the privacy of individuals who visit their websites. When those websites are accessible to customers in California, the companies may be violating California’s very robust consumer privacy laws. Companies violate the California Invasion of Privacy Act (CIPA) by illegally wiretapping the conversations of website visitors.

Winning a CIPA Claim for Illegal Wiretapping

The simple fact is that a lot of businesses fail to provide clear warnings about the nature of phone conversations, online chats, or other communications with customers. When a business secretly monitors or records a conversation, the customer whose privacy rights were violated by the illegal wiretapping may be able to take legal action by filing a CIPA claim.

One element of a successful CIPA claim that the plaintiff will need to prove is that they had a reasonable expectation of privacy. Generally, the content and circumstances of the conversation can be used to determine whether such an expectation existed. This is where the court will examine a number of case-specific factors, including:

The identity of the person who initiated the conversation.
The purpose of the communication.
The duration of the conversation.
Whether there were prior conversations between the parties.
The type of information that was communicated.
Whether the party recording the conversation provided a warning.

Section 632(c) of the CIPA clarifies that when the parties to a communication reasonably expect to be overheard or recorded, it does not qualify as a “confidential communication” under the law.

Civil Remedies Available to Consumers Under the CIPA

As mentioned above, the CIPA includes both civil and criminal penalties for companies that violate the statute by unlawfully accessing, maintaining, or sharing customer data. For consumers who have been victimized, the civil penalties can be a valuable tool to get some sort of justice. The CIPA allows consumers to file civil lawsuits in California state court to recover damages of up to $5,000 for each invasion of privacy violation. Additionally, in some cases, the court may order the defendant to pay treble damages that total three (3) times the economic harm suffered by the consumer.

Criminal Penalties for Wiretapping in California

Violations of the wiretapping law can also result in criminal penalties. On the criminal side, the CIPA gives courts the ability to impose penalties such as monetary fines and even jail time. A person charged with a crime for monitoring and recording a private communication could be sentenced to up to three (3) years in the county jail.

The decision about whether to bring criminal charges against a business or individual for breaching your privacy rights by recording a conversation will ultimately be made by prosecutors and other law enforcement authorities. If charges are filed against the defendant, the case will be heard in criminal court. A knowledgeable attorney can help victims start this process, as well as helping victims decide whether to file a civil lawsuit to recover money damages either before or after resolution of the criminal case.

Other Data Privacy Laws in California

Data privacy has been a major concern of California lawmakers for a while now, which is why the state has tended to lead the way with this kind of legislation. In fact, the California Invasion of Privacy Act (CIPA) is just one of the state’s extremely strong consumer fraud laws with a focus on data privacy. The California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) are two other laws that explicitly protect customers against companies that overreach when it comes to sharing personal data. In fact, both the CCPA and the CPRA require companies doing business in the state to give customers the right to opt out of the sharing of their data.

Recently, plaintiffs have been relying on § 638.51 of the CIPA to file class actions against companies that use pen registers or trap and trace devices to acquire data from website visitors without permission.

Additionally, consumers whose data was secretly collected and/or shared with third parties may be able to file a Federal Wiretap Act claim in federal court. Moreover, both federal and state claims can be filed at the same time because the relevant statutes work in tandem.

Contact the Los Angeles Consumer Protection Lawyers at Tauler Smith LLP to File a Website Wiretapping Claim

Too often, companies doing business online choose to deliberately disregard the privacy concerns of customers who use their websites. Instead, these companies prioritize financial gains over consumer privacy and personal well-being. If you visited one of these websites and shared any information via a chat feature, you may be able to get statutory damages under the wiretapping provision of the CIPA.

The Los Angeles consumer protection lawyers at Tauler Smith LLP can help you file a website wiretapping claim. Call 310-590-3927 or email us to learn more.

Tom Girardi Indicted for Embezzlement

February 16, 2023/in Arbitration /by taulersmith

Disgraced California lawyer Tom Girardi was indicted for embezzlement by a federal grand jury. The charges stem from allegations that Girardi engaged in highly unethical and illegal behavior, which included using private judges affiliated with the national arbitration company JAMS to steal millions of dollars from his clients. The U.S. Department of Justice (DOJ) announced the felony charges against Girardi after the grand jury formally indicted him. U.S. Attorney Martin Estrada observed that Girardi “preyed on the very people who trusted and relied upon him the most—his clients—and brought disrepute upon the entire legal profession.”

For more information about Tom Girardi’s indictment and his connection with JAMS, keep reading this blog.

Who Are Tom Girardi and Erika Jayne?

Tom Girardi used to be a well-respected attorney. For many years, the prominent Los Angeles lawyer was known for being a dogged defender of the powerless as they filed class action lawsuits against corporations. As the founder of California law firm Girardi & Keese, he represented plaintiffs in a number of high-profile cases, including Brian Stow’s civil suit against Major League Baseball. Stow was the San Francisco Giants fan who sustained severe injuries during an attack at a Los Angeles Dodgers game. Girardi also represented the plaintiffs in the case against Pacific Gas & Electric Co. dramatized in the Julia Roberts movie Erin Brockovich.

Outside of the courtroom, Girardi became known for being the husband of “Real Housewives of Beverly Hills” star Erika Jayne, who eventually filed for divorce from Girardi. They were married for 21 years. After the split, the couple listed their Pasadena home for sale at a price of $13 million. Jayne has also been accused of illegally using funds meant for Girardi’s clients to cover her own personal expenses, including the purchase of expensive diamond earrings.

Federal Grand Jury in California Indicts Tom Girardi on Wire Fraud Charges

As a plaintiff’s attorney in California, Tom Girardi was responsible for negotiating settlements in mass tort lawsuits. Instead of sending the settlement funds to his clients, however, Girardi allegedly deposited the money into law firm accounts that he later accessed for his own personal use. A federal grand jury in California has now indicted Girardi on charges that he embezzled $15 million from clients over a period of 10 years, resulting in the DOJ bringing formal charges against him for five counts of wire fraud. If Girardi is convicted of wire fraud, he could be sentenced to 20 years in federal prison.

Martin Estrada, the United States Attorney for the Central District of California, issued a statement about the case after the grand jury indictment was announced. Estrada said that Girardi is “accused of engaging in a widespread scheme to steal from clients and lie to them to cover up the fraud.”

FBI Acting Assistant Director in Charge Amir Ehsaei also weighed in on the charges against Girardi. Ehsaei said that the disgraced attorney “created a mirage over several years in order to disguise the fact that he was robbing clients of large sums of money…to fund his lavish lifestyle.” Ehsaei observed that Girardi’s alleged theft came at the expense of clients who were enduring significant hardships of their own as they desperately awaited settlement funds to cover medical bills and other expenses. The clients’ unfamiliarity with the legal process made it possible for Girardi to take advantage of them.

What’s Next in the Criminal Case Against Tom Girardi?

Last year, Tom Girardi was reportedly diagnosed with Alzheimer’s and dementia. At his initial appearance in federal criminal court, United States Magistrate Judge Karen L. Stevenson ordered a mental competency hearing to determine whether Girardi is fit to stand trial on the criminal charges. In the meantime, Girardi’s bond was set at $250,000 and he was released to the custody of his brother Robert Girardi. The next hearing will occur in the U.S. District Court for the Central District of California.

The Girardi Keese law firm is no longer operational, having declared bankruptcy with more than $100 million in total debt. Additionally, Girardi was disbarred as a result of the alleged embezzlement and cannot act as an attorney in California. He has been living at the Belmont Village Senior Living Facility in Burbank, CA.

Erika Jayne and Others Accused of Business Fraud with Tom Girardi

Also criminally charged along with Tom Girardi is Christopher Kamon, who served as the chief financial officer of Girardi’s law firm for more than a decade. According to law enforcement officials, Kamon was the person who handled financial accounting for the firm. Federal prosecutors believe that Kamon committed wire fraud offenses by embezzling client funds for personal expenses.

Additionally, Girardi’s son-in-law David Lira has been accused of fraud in connection with the Girardi & Keese firm. A federal grand jury in Chicago issued an indictment against both Girardi and Lira on charges filed by the U.S. Attorney’s Office. They have been accused of stealing more than $3 million in settlement funds from clients whose families were killed in the 2018 Boeing Lion Air Flight 610 crash in Indonesia.

Erika Jayne Sued for Fraud

A civil suit has also been filed that accuses Tom Girardi’s estranged wife, reality TV star Erika Jayne, of participating in the illegal fraud scheme. The trustee overseeing the bankruptcy of Girardi’s law firm filed the lawsuit against the Real Housewives star after reportedly discovering that Jayne received $25 million in transfers from the law firm to her company, EJ Global LLC. She then allegedly used the money to pay personal expenses, such as her credit card bill, personal assistant salaries, and a fashion and makeup team. Jayne has denied having any knowledge of Girardi’s alleged embezzlement of client funds.

JAMS Mediators Allegedly Helped Tom Girardi Embezzle Money from Clients

According to the Department of Justice, Tom Girardi was able to get away with embezzling client funds by placing onerous requirements on clients to access their settlement money. For example, Girardi often told clients that they needed to get authorizations from JAMS judges in order to receive the funds. The JAMS private judges were overseeing the lawsuit settlements and had control over how and when the funds were distributed. Many of these judges had personal relationships with Girardi, creating an obvious conflict of interest for the alternative dispute resolution company.

Over the years, there have been many other instances of JAMS judges being biased in favor of certain litigants and showing favoritism in their rulings. In fact, several JAMS mediators and arbitrators benefited financially from their involvement in Girardi’s fraud by charging as much as $1,500 per hour for their work on his cases. Beyond that, JAMS reportedly made millions of dollars by providing mediators to oversee Girardi’s settlements.

Contact the Los Angeles Arbitration Attorneys at Tauler Smith LLP

Tauler Smith LLP is a California law firm that helps individuals, small business owners, and others bring class action lawsuits against JAMS. If you were involved in an arbitration or mediation that was administered by JAMS, you may have a legal claim against the company for the way they handled your case. Call 310-590-3927 or email us today to discuss your options with one of our experienced Los Angeles arbitration attorneys.

Goodyear Tires Wiretapping Lawsuit to Proceed

February 8, 2023/in Consumer Protection /by taulersmith

In a highly anticipated ruling, a federal judge in California recently denied Goodyear’s motion to dismiss wiretapping claims based on their use of third-party chat applications hosted on their website. This ruling allows the Goodyear Tires wiretapping lawsuit to proceed. The complaint alleges that when users visit www.goodyear.com/ and use the website chat feature, they share personal data in communications that are unlawfully recorded and transcribed. The plaintiff alleged that Goodyear was allowing a third-party company to intercept, eavesdrop, and store transcripts of the conversations, which is prohibited by the California Invasion of Privacy Act (CIPA).

Do you live in California? Did you use a chat feature on a commercial website? You may be eligible to file a civil suit for invasion of privacy and get financial compensation. Contact us now.

CIPA Claim: Judge Denies Motion to Dismiss Goodyear Wiretapping Lawsuit

The California Central District Court recently issued a ruling in Arisha Byars v. The Goodyear Tire & Rubber Co., a case involving allegations that Goodyear Tires violated the California Invasion of Privacy Act (CIPA) by wiretapping user chats on the company’s website. The federal court agreed with the plaintiff that the chat feature violated the CIPA, ruling that the plaintiff contends that Goodyear used a third-party service to “intercept in real time” website visitors’ chat conversations. The court added that the allegation that user messages were unlawfully intercepted “is to be taken as true at this stage of the case.”

In her CIPA claim, the plaintiff alleged that visitors to the Goodyear Tires website share “sensitive personal information” when they use the chat conversation. Significantly, the court ruled that the plaintiff pled sufficient facts for a claim under § 631(a) of the CIPA by showing that chat communications were intercepted, and those communications plausibly contained “more than mere record information” such as her name and address.

Wiretapping of Smartphone Communications

The California Central District Court also addressed the fact that the plaintiff accessed the Goodyear Tires website on her smartphone, which is considered a cellular phone with web capabilities. The federal court noted the precedent set by other courts that have applied § 632.7 of the CIPA to internet-based communications, ruling that the plaintiff has sufficiently alleged that users of Goodyear’s chat feature have a reasonable expectation of privacy because they share highly sensitive personal data.

California Has the Strongest Data Privacy Laws in the Country

California’s consumer protection laws include the California Invasion of Privacy Act (CIPA), the California Consumer Privacy Act (CCPA), and the California Privacy Rights Act (CPRA). The CIPA requires companies to get permission before recording any online chats, while the CCPA gives customers the right to prevent companies from sharing their personal data and the CPRA bolsters those digital privacy protections. California’s data privacy laws go even further by placing the onus on companies to make efforts to warn customers if their phone conversations or online chats are being monitored or recorded. In fact, California has some of the strongest such laws in the country. This may be why Goodyear’s terms of use include a forum selection clause requiring claims to be filed in another state: Ohio.

Goodyear Website Terms of Use

The Goodyear Tires website has a “Terms of Use and Privacy Policy” hyperlink at the bottom of the homepage. Site visitors can only see this link by scrolling all the way down on the website. When a user clicks on this link, they are directed to a “Terms, Conditions & Privacy Policy” page that includes another link for Terms of Use. There is no option for the user to click a button acknowledging that they have read the terms of use. Buried deep on this page is a section on “Applicable Laws,” which includes a forum selection clause stating that anyone who uses the Goodyear website automatically consents to litigating any legal disputes in an Ohio courtroom.

Goodyear Forum Selection Clause

In a recent lawsuit filed in California by Los Angeles false advertising attorney Robert Tauler against Goodyear, the tire company attempted to get the case moved to a jurisdiction with less stringent consumer protection laws. Goodyear specifically requested that the venue be changed from the U.S. District Court for the Central District of California to the District Court for the Northern District of Ohio.

Goodyear Tires argued that the plaintiff already agreed to having any legal proceedings handled in Ohio because she used the Goodyear website and automatically consented to the forum selection clause contained in the website’s “Terms of Use.” Robert Tauler responded on behalf of the plaintiff and persuasively argued that it was not possible for the plaintiff to legally consent to the forum selection clause because there was neither actual nor constructive notice of the “Terms of Use.”

The California federal trial court hearing the case ultimately rejected Goodyear’s motion to change venue, which means that the case will be adjudicated in the California Central District Court and decided under California’s very strong invasion of privacy and consumer protection laws. The court gave several reasons for ruling in favor of the consumer-plaintiff and against Goodyear, including contract formation laws which require mutual assent in order for a contract to be binding on both parties.

Are Internet Contracts Legally Enforceable?

The Ninth Circuit Court of Appeals previously identified two categories of internet contracts like the Goodyear terms of use:

Clickwrap Agreements: Site visitors must check a box to confirm that they agree with the website’s terms and conditions of use.
Browsewrap Agreements: Site visitors are able to click on a hyperlink that will take them to a page with the website’s terms and conditions of use.

An important aspect of browsewrap agreements is that it is possible for a site visitor to continue using a website without knowing that the agreement even exists. That’s because browsewrap agreements like the one on the Goodyear Tires website do not require site visitors to take any affirmative action. This creates a legal issue for internet contracts that rely on browsewrap agreements since users might not have an opportunity to assent to the terms of use. Courts have held that such a contract can only be valid if the website user had either actual or constructive notice of the terms and conditions.

Goodyear Browsewrap Agreement

The Goodyear browsewrap agreement does not qualify as a valid, legally binding internet contract because the website terms of use are inconspicuous: the hyperlink can only be seen when the user scrolls to the bottom of the page, and the text does not stand out against the background colors. This does not provide the user with sufficient notice. In Wilson v. Huuuge, Inc., the Ninth Circuit Court of Appeals held that courts should not enforce a similar smartphone app agreement “where the terms are buried at the bottom of the page or tucked away in obscure corners of the website.”

Additionally, there is nothing on the Goodyear Tires website that requires the consumer to click a button, check a box, or take any other action that would unambiguously convey their assent to the terms of use. This also means that site visitors are not provided with constructive notice of the website terms of use which they are supposedly agreeing to abide by.

Class Action Lawsuit Against Goodyear Tires for Violating California’s Wiretapping Law

When you visit a website, you have an expectation that your personal data will be protected and that any conversations you have on the website will remain confidential. The Los Angeles consumer protection attorneys at Tauler Smith LLP help clients file CIPA claims both individually and in class action lawsuits against companies that violate California’s data privacy laws. For example, our attorneys have represented individuals whose data was compromised due to illegal wiretapping and eavesdropping, including chat conversations on company websites.

The CIPA is a criminal statute that subjects companies to criminal penalties, including jail time and substantial fines. Victims can also bring civil lawsuits to recover statutory damages of $5,000 for each illegally recorded conversation. In some cases, it may be possible to recover treble damages, meaning that plaintiffs are eligible for up to three (3) times the total economic damages caused by the invasion of privacy.

Contact the California Consumer Protection Attorneys at Tauler Smith LLP Today

Did you use the chat feature on the Goodyear Tires website? Did you use a chat feature on any other commercial website? If so, your personal data may have been unlawfully recorded without your consent and in violation of both state and federal wiretapping laws. The California consumer protection lawyers at Tauler Smith LLP can help you. Call 310-590-3927 or send an email to learn more and find out if you are eligible to file a CIPA claim.