Posts

MSC Cruises Trap & Trace Lawsuit

Trap & Trace Lawsuit Against MSC Cruises

MSC Cruises Trap & Trace Lawsuit

The California consumer protection lawyers at Tauler Smith LLP are representing a consumer who filed a trap & trace lawsuit against MSC Cruises. The cruise ship company has been accused of utilizing trap & trace technology on its website to collect customer information without permission. The Superior Court of Los Angeles County recently ruled on a demurrer filed by the Defendant in the case: the court overruled the demurrer, which means that the case against MSC Cruises could proceed to trial.

For additional information about the MSC Cruises trap and trace complaint, keep reading.

Lawsuit: MSC Cruises Violated the California Invasion of Privacy Act (CIPA)

MSC Cruises is the world’s largest privately held cruise company. The global cruise line operates a website that invites customers to “sail to over 250 of the world’s most sought-after travel destinations.” Site visitors can register and book cruises directly on the website.

The civil lawsuit filed against MSC Cruises in L.A. County Superior Court alleges that the cruise ship company violated the California Invasion of Privacy Act (CIPA) by utilizing trap and trace software on their website.

What Is the California Invasion of Privacy Act?

The California Invasion of Privacy Act (CIPA) is codified in Penal Code § 638.51, which states that “a person may not install or use a pen register or a trap and trace device without first obtaining a court order.”

Pen Registers

As set forth by the statute, a “pen register” is a device or process that records certain information transmitted by an instrument that also transmits a wire or electronic communication. This information includes dialing, routing, addressing, or signaling information. Importantly, a pen register does not record or decode the contents of a communication.

There are exceptions to California’s digital privacy law on pen registers. For example, the pen register prohibition in the CIPA does not apply to a device used for billing purposes, cost accounting, or other similar purposes that exist in the ordinary course of business.

Trap & Trace Devices

The California Invasion of Privacy Act (CIPA) defines a “trap and trace device” as “a device or process that captures incoming electronic or other impulses that identify the originating number or other dialing, routing, addressing, or signaling information reasonably likely to identify the source of a wire or electronic communication, but not the contents of a communication.”

The last clause in the definition is what MSC Cruises focused on for one of its pre-trial arguments: the Defendant argued that the TikTok Software on its website only intercepts the content of communications, which would not fit the definition of a trap and trace device. However, the court found the opposite to be true: that the civil suit against MSC Cruises sufficiently alleged that the TikTok Software used on the company’s website collects data such as device, browser, and geographic information about site visitors. This is precisely the type of data which would show where users are located and thus violate the CIPA.

MSC Cruises Accused of Using TikTok Software on Its Website

Alarmingly, MSC Cruises is accused of collaborating with the Chinese government to use TikTok software to gather personal information about website visitors without their knowledge or consent. According to the complaint, MSC Cruises installed software created by TikTok on the company’s website. The TikTok Software was allegedly created for the purpose of identifying website visitors, collecting data about the visitors, and then matching the information with existing customer data that the social media platform already possessed.

The complaint alleges that the TikTok Software uses a de-anonymization process that runs codes or “scripts” on the MSC Cruises website to identify users and then send user details to TikTok. This includes data such as browser information, geographic information, referral tracking, and URL tracking.

The digital privacy complaint states that visitors of the MSC Cruises website do not consent to have their data collected and shared with TikTok. That’s because the TikTok Software allegedly starts working the moment a user lands on a website page. According to the trap & trace lawsuit, the software collects and shares the information “regardless of the cookie banner which appears on the site.” In other words, a site visitor does not have an opportunity to opt out of the collecting and sharing of their personal data because this occurs as soon as visitors land on a page or click on a page.

Pre-Trial Motion: Court Rules in Favor of Plaintiff in MSC Cruises Trap & Trace Lawsuit

The Plaintiff, a California consumer represented by Tauler Smith LLP, filed her CIPA complaint against MSC Cruises in Los Angeles County Superior Court. A short time later, the Defendant filed a demurrer with the court. Basically, this meant that the Defendant asked the court to dismiss the complaint. The court heard arguments from both sides, then ruled in favor of the Plaintiff.

Trap & Trace Software

MSC Cruises filed a demurrer with the L.A. County Superior Court on the grounds that the complaint failed to allege a violation of the California Invasion of Privacy Act (CIPA). Specifically, the Defendant argued that it had not utilized a “pen register” or a “trap and trace device” as defined by the statute because the CIPA only explicitly covers telephone-based communications, not website-based communications.

The court rejected the Defendant’s argument and found that the Plaintiff’s trap and trace complaint alleged facts sufficient for a violation of the CIPA. First, the court stated that the plain language of Section 638.51 does not limit the statute to telephone-based communications. Beyond that, the court noted that the Plaintiff did not need to provide a detailed description of the TikTok Software used by MSC Cruises at this stage of the legal proceedings; instead, all that is needed is facts alleging that the software installed on the cruise ship website captures user information which would reasonably lead to the source of the users’ communications with the website.

Consent to Trap & Trace Devices

In its demurrer filed with the court, MSC Cruises also argued that users of its website consented to the capture of their personal data through automated technologies simply by visiting the website. However, the court found that the Plaintiff’s complaint clearly alleged that the TikTok Software captured user data without users’ consent or knowledge. Moreover, this data capture occurred as soon as a user landed on the website – and without users submitting the information to the website voluntarily.

Call a Los Angeles Consumer Protection Attorney Today

Are you a California resident? Did you visit the MSC Cruises website to book a cruise vacation or for any other reason? If so, your personal data may have been compromised. The Los Angeles consumer protection lawyers at Tauler Smith LLP represent victims of consumer privacy violations, and we help them get financial compensation. Call 310-590-3927 or send an email to discuss your legal options.

Taylor Farms CIPA Claim

CIPA Claim Against Taylor Farms

Taylor Farms CIPA Claim

Tauler Smith LLP won an important pre-trial argument in a CIPA claim against Taylor Farms. The lawsuit, which was heard in the Los Angeles County Superior Court, stemmed from allegations that Taylor Farms violated the California Invasion of Privacy Act (CIPA) by using trap & trace software on the produce distribution company’s website to collect customer data without permission. The court ruled that the Plaintiff pled sufficient facts to support a reasonable inference that the Defendant violated the consumer protection statute. This was a major victory for the Los Angeles consumer protection attorneys at Tauler Smith.

Taylor Farms Accused of Using Tracking Software to Collect Customer Information Without Consent

Taylor Farms, which operates under the name Taylor Fresh Foods, Inc., is one of the leading producers of fruits and vegetables in the United States. The company distributes produce to numerous supermarket chains and restaurants, including Chipotle and McDonald’s.

The complaint against Taylor Farms alleged that the company’s website utilized tracking software created by TikTok to identify certain confidential user information, including device and browser information, geographic information, referral tracking, and URL tracking. The use of trap and trace software is a violation of the California Invasion of Privacy Act (CIPA), codified in Penal Code § 638.51. The CIPA has an express purpose to “protect the right of privacy” of California consumers. When a website operator utilizes a trap and trace device to track a site visitor’s information without consent, they have invaded the privacy of that individual.

Digital “Fingerprinting”

According to the lawsuit, the TikTok Software’s digital process is known as “fingerprinting.” This allows companies to gather user data by running code or “scripts” on their websites and then send user details to TikTok. The data is matched with information that the Chinese-owned social media company has already amassed about hundreds of millions of Americans.

What Is a “Trap and Trace Device”?

Section 638.51 of the California Invasion of Privacy Act (CIPA) stipulates that, under most circumstances, “a person may not install or use a pen register or a trap and trace device without first obtaining a court order.”

What is a trap and trace device? The statute defines a trap and trace device as “a device or process that captures the incoming electronic or other impulses that identify the originating number or other dialing, routing, addressing, or signaling information reasonably likely to identify the source of a wire or electronic communication, but not the contents of a communication.”

Trap & Trace Lawsuit Against Taylor Farms

Taylor Farms was sued for allegedly violating the California Invasion of Privacy Act (CIPA) by using trap & trace software on the company’s website. The lawsuit alleged that the site deployed TikTok Software to identify visitors by using electronic impulses generated from users’ devices. Without either visitors’ consent and or a court order to use the TikTok Software to track visitors of the website, this would be a violation of consumer privacy under the CIPA.

After the lawsuit was filed, Taylor Farms filed a formal objection in the form of a demurrer. The company argued that the original complaint failed to state a cause of action and should therefore be dismissed.

Court: Denied Demurrer in CIPA Complaint Against Taylor Fresh Foods

L.A. Superior Court Judge Daniel S. Murphy heard arguments and then issued a ruling denying the Taylor Farms demurrer. The ruling stated that the Plaintiff’s complaint alleged the two elements necessary to establish a violation of the CIPA:

  1. The Defendant installed a prohibited pen register or trap & trace device.
  2. The Defendant installed the trap & trace device without a court order.

Significantly, the court said that the allegations in the digital privacy complaint against Taylor Fresh Foods, Inc. “support a reasonable inference that Plaintiff had her information tracked without her consent, thus resulting in harm to her personal autonomy.” This outstanding pre-trial outcome represented yet another consumer protection court victory for the Tauler Smith law firm.

The California Invasion of Privacy Act Applies to Websites and Software

In a filing with the court, Taylor Farms argued that the California Invasion of Privacy Act (CIPA) only regulates physical trap & trace devices and therefore does not apply to IP addresses or “standard website data collection.” The court strongly rejected this argument.

In its ruling, the court said that the CIPA does not limit the definition of “pen register” or “trap and trace device” to physical devices attached to telephone lines. In fact, said the court, the statute’s definitions make no reference to a physical attachment. Moreover, a trap & trace device is broadly defined as applying to “electronic communications,” which the court noted “encompasses a range of transfers plainly not limited to telephone lines.”

Additionally, the court agreed with the Plaintiff’s cited case of Greenley v. Kochava, in which the U.S. District Court for the Southern District of California held that a software development kit installed in a third-party mobile application constituted a violation of the CIPA’s pen register prohibition. In that case, the court said that unlawful trap and trace technology can involve software that identifies consumers and gathers data through unique “fingerprinting.”

Section 638.51 Applies to Websites

In its demurrer filing, the Defendant also argued that the CIPA should not apply to websites because such an interpretation would subject every website to liability. Again, the court strongly rejected the Defendant’s argument. The court stated that the TikTok Software allegedly gathered unique location information and tracked user data that went well beyond the type of data which might be necessary for the proper functioning of a website.

In fact, the court said that the Defendant’s interpretation of the CIPA would lead to the “absurd result” of immunizing all websites from prosecution under the law. In other words, the CIPA would basically cease to exist because anyone who visited a website would automatically consent to the use of a trap and trace device and other tracking software.

Who Is the “User” of a Website in a Trap and Trace Claim?

The court also rejected an argument by the Defendant that Taylor Farms was the “user” of the TikTok Software allegedly installed on its website and therefore consented to the use of a pen register or trap & trace device. This argument would mean that no website visitor could ever bring a viable claim under the California Invasion of Privacy Act (CIPA) because every website operator necessarily consents to the use of the software on their own site. In other words, the CIPA “could never be violated.”

Again, the court found that it would be absurd to accept an interpretation of the CIPA which would mean every website operator could escape liability even when website user privacy is invaded.

Contact the Los Angeles Consumer Protection Lawyers at Tauler Smith LLP

If you are a California resident who visited a company’s website, it’s possible that your data was shared with third parties like TikTok. The California consumer protection attorneys at Tauler Smith LLP represent plaintiffs in consumer privacy claims, and we can help you. Call 310-590-3927 or email us to schedule a free consultation.

Tony Robbins CIPA Lawsuit

CIPA Lawsuit Against Tony Robbins Company

Tony Robbins CIPA LawsuitA CIPA lawsuit against the Tony Robbins Company was recently filed in a California superior court. The self-help business has been accused of secretly wiretapping the communications of website users in violation of the California Invasion of Privacy Act, or CIPA. Beyond that, the company has been accused of allowing third parties to use digital surveillance tools to monitor user behavior and eavesdrop on visitor conversations without express or implied consent, which is also a violation of state consumer privacy laws.

To learn more about the class action complaint against the Tony Robbins Company, keep reading.

Class Action Complaint Against Robbins Research International

The defendant in the invasion of privacy case is Robbins Research International, Inc., which operates www.tonyrobbins.com. This is the official website of Tony Robbins, a celebrity self-help guru. Consumers in California and elsewhere access the website to purchase books, programs, and tickets to events on how to master all aspects of their lives.

The case, Haviland v. Robbins Research International, Inc., is being heard in the Los Angeles County Superior Court. The class action complaint alleges violations of the California Invasion of Privacy Act (CIPA), including illegally wiretapping internet communications, as well as aiding, abetting, and paying third parties to eavesdrop on internet conversations.

Illegal Wiretapping

The defendant has been accused of surreptitiously implanting code the Tony Robbins website that allows for the unauthorized recording of private conversations. The civil suit also alleges that the website code allows for the creation of transcripts of these conversations with site visitors. Both acts are violations of the California Invasion of Privacy Act (CIPA), which requires companies to obtain permission from customers before recording online conversations.

Due to the nature of the defendant’s business, customers who use the Tony Robbins website often disclose sensitive personal information via the website chat feature. This information goes beyond mere “record information” like the user’s name and address; it includes confidential information such as the user’s IP address, geolocation information, browsing history, and search history. The data collected by the defendant could enable the creation of detailed profiles about individuals for the purpose of delivering targeted advertisements specifically tailored to their personal interests. Significantly, the data collected from customers who use the website chat feature is allegedly harvested without consent.

Tony Robbins Company Accused of Sharing Customer Data with Third Parties

One of the major allegations in the civil suit against Robbins Research International is that the company allows a third party to collect a bevy of personal information from website visitors without their consent or knowledge. According to the complaint, the Tony Robbins company has entered into financial agreements with a third-party company, UserWay, to embed code into the website’s chat function. This code allegedly enables UserWay to covertly intercept and monitor the chat conversations in real time without the knowledge or consent of site visitors. In other words, the chats that users believe are taking place on the Tony Robbins website are actually occurring on UserWay.

According to the lawsuit, the company’s website privacy policy never discloses to users that the company can share and sell site visitors’ personal information to third parties. The unauthorized sharing of users’ personal information with third parties is a clear violation of the California Invasion of Privacy Act (CIPA). Moreover, the defendant’s alleged behavior is particularly egregious because website users have a reasonable expectation of privacy when they use a seemingly harmless chat box feature on www.tonyrobbins.com.

Customer Data Exposed

The defendant’s actions leave consumers exposed to significant privacy risks because their personal information is allegedly shared with a wide range of entities – and without any clear limitations or safeguards on how that personal information may be used.

Additionally, the lawsuit raises serious concerns about whether this digital privacy violation could further compromise the privacy and control of users’ information by opening the door for the dissemination of personal data to other entities for cross-context behavioral advertising purposes. This kind of invasive practice could subject users to relentless advertising campaigns across multiple platforms – without their consent or knowledge.

How Companies Violate the California Invasion of Privacy Act (CIPA)

The California Invasion of Privacy Act (CIPA) explicitly prohibits both wiretapping and eavesdropping of electronic communications unless all parties to the communication have first provided consent. Most website operators comply with these legal requirements by conspicuously warning visitors if their conversations will be recorded or if any third parties will be eavesdropping on them.

The invasion of privacy law is written in terms of wiretapping, with language barring companies from using a “machine, instrument, or contrivance” to illegally record and eavesdrop on conversations. But it is important to note that courts have found that Cal. Penal Code § 631(a) applies to internet communications. This means that any company that attempts to learn the contents of a website communication without the consent of all parties can be sued for violating the law.

The specific part of the digital privacy statute that Robbins Research International has been accused of violating is Section 631(a), which imposes liability on companies that invade the privacy of consumers. Section 631 is technically a criminal statute, but it does provide a mechanism for victims to bring a civil lawsuit and recover monetary damages.

Call the Los Angles Consumer Protection Attorneys at Tauler Smith LLP

The consumer protection lawyers at Tauler Smith LLP are representing California residents in a class action lawsuit against Robbins Research International. If you visited the Tony Robbins website and used the chat feature, you may be eligible to join the class action complaint. Call 310-590-3927 or email us today to schedule a free consultation.

Cannabis Class Action Lawsuit

Tauler Smith LLP Successfully Defends THC Potency Class Action

Cannabis Class Action Lawsuit

A California court granted Tauler Smith LLP’s motion to dismiss without leave to amend in a deceptive pricing class action alleging mislabeling of THC potency. The plaintiffs specifically alleged that the cannabinoid content in the defendant’s infused joints did not match what was on label. Tauler Smith’s skilled Los Angeles class action defense attorneys filed a demurrer to the class action based on the discrepancy between the plaintiffs’ purchases and the potency tests that formed the basis of plaintiffs’ claims.

To learn more about Tauler Smith’s latest legal victory, keep reading this blog.

California Consumer Laws on Cannabis Advertising and THC Content

Recreational marijuana is a multi-billion-dollar business in the states where it is legal, which includes California. In fact, it is estimated that California is the largest cannabis market in the world. Although there are no clear federal regulations of cannabis sales, California agencies do regulate marijuana product sales within the state. For example, the California Department of Cannabis Control allows just a 10% margin of error for THC content listed on product packaging and labels. If the THC potency amount listed on the package is not close enough to the THC potency amount of the actual product, then a court may find that the company selling the products engaged in false advertising.

One reason that cannabis product labels may promise higher potency is that consumers are typically willing to pay more for weed with a stronger concentration of THC, which stands for Delta-9-tetrahydrocannabinol. Marijuana with a higher percentage of THC can deliver a more euphoric “high” for users.

Class Action Lawsuit: Ayala v. Central Coast Agriculture

Central Coast Agriculture is a California-based progressive farm that focuses on sustainability. The company is also a licensed cannabis cultivator, and some of its products are sold under the Raw Garden brand name. According to the original complaint against Central Coast Agriculture, the consumer-plaintiffs purchased two products: a Raw Garden Infused Joints three-pack in the “Sunset Cookies” strain, and Raw Garden Infused Joints in the “Caribbean Slurm” strain. The plaintiffs alleged that the marijuana products were mislabeled because the amount of THC contained in the products was substantially lower than the amount stated on the packaging: 25 percent THC potency versus 44 percent THC potency.

The plaintiffs in Ayala et al. v. Central Coast Agriculture, Inc. filed a class action lawsuit under a number of consumer protection statutes, including the California Consumers Legal Remedies Act (CLRA), the California Unfair Competition Law (UCL), and the California False Advertising Law. The case was heard in the Superior Court of California, County of Santa Clara, and the Honorable Theodore C. Zayner ruled on the litigants’ pre-trial motions.

Tauler Smith LLP Wins Defense Demurrer in Class Action Lawsuit

A demurrer is a legal challenge to a specific claim made in court, much like a motion to dismiss in federal court. When determining whether to grant a demurrer, courts will typically assume that all the facts alleged in the pleading are true, no matter how improbable they might be. If the plaintiff’s case is still unlikely to succeed even under these circumstances, then the motion for demurrer may be granted by the court.

The defendant in Ayala v. Central Coast Agriculture was represented by Los Angeles law firm Tauler Smith LLP. Our class action defense attorneys demurred to all causes of action in the case because the plaintiffs failed to allege sufficient facts. Specifically, the defense attorneys objected because the plaintiffs were unable to sufficiently demonstrate that the marijuana products purchased actually contained less THC than the amount listed on the product labels.

California Class Action Defense Lawyers Win THC Potency Case

The Santa Clara Superior Court sustained defense counsel’s demurrers on every cause of action in the case, which represented another huge pre-trial victory for the Tauler Smith LLP law firm. Moreover, the court held that the legal arguments were so overwhelmingly in favor of the defendant that the plaintiffs should have no leave to amend their complaint. In other words, the plaintiffs’ complaint was dismissed entirely.

In its ruling, the court held that the plaintiffs’ class action complaint relied on several faulty assumptions about the products they purchased, as well as the lab results cited in the lawsuit:

  1. Testing was done too late. The court noted that the THC lab tests were conducted roughly two (2) months after the original purchases, which cast serious doubt on how relevant the tests might be in the case. The court further noted that there was nothing in the plaintiffs’ lawsuit about when the joints tested by the WeedWeek researchers were produced or sold. This meant that the plaintiffs had no way of knowing how long the products were on the shelves before being tested.
  2. Not the same products. The court also said that the plaintiffs failed to show that the joints tested by WeedWeek were the same as the products at issue in the lawsuit. There was no evidence that any lab tests were conducted on the particular “Sunset Cookies” strain of marijuana purchased by one of the plaintiffs. (The plaintiffs suggested that a “Fire Walker” THC product tested by researchers was “substantially similar” to the “Sunset Cookies” strain, but the court rejected this argument.) Beyond that, only a single pre-rolled joint of the “Caribbean Slurm” strain was tested, which was an insufficient analog of the particular product purchased by the other plaintiff. Even the WeedWeek article authors characterized their testing as an “imperfect experiment” with conclusions that do not necessarily apply to any individual brand, company, or product.
  3. No information on product labeling. The court stated that there was zero information about the labelling of the products tested by the lab researchers and cited by the plaintiffs. This meant that the plaintiffs failed to prove that the THC amounts listed on the packages they purchased were the same as the THC amounts listed on the packages of the products being tested.
  4. Failed to account for testing variables. The court noted other problems with the laboratory test results referenced by the plaintiff in their lawsuit, including the failure of the testers to account for significant variables. For example, there was no information about the products’ temperature exposure, the potential for testers’ bias, or the possibility of human error.
  5. No injury or harm suffered by plaintiffs. The court found that since the plaintiffs failed to show that the marijuana products purchased actually contained less THC than was listed on the product labels, they could not establish that they sustained any injury or damage as a result of their purchases.

The Santa Clara Superior Court held that there was no clear connection between the lab testing results and the plaintiffs’ actual purchases. The testing results could not be applied to the Raw Garden marijuana joints purchased by the plaintiffs because the tests were conducted on different products at different times by different entities using different methods for different purposes. This was a clear and decisive victory for both the defendant and the Tauler Smith LLP litigation team. The legal win was even more impressive because the consumer protection statutes relied on by the plaintiffs tend to be interpreted broadly by California courts and often in favor of plaintiffs.

You Need to Hire the Right Lawyer for Your Consumer Class Action Defense

When ruling on the demurrer in Ayala et al. v. Central Coast Agriculture, Inc., the court concluded that the lab tests relied on by the plaintiffs were insufficient to draw an inference that the products at issue were inaccurately labeled. This was in stark contrast to the ruling in another false advertising case.

Two other consumers recently sued a different California marijuana company, DreamFields Brands, Inc. That class action complaint, which was filed in Los Angeles Superior Court, alleged similar facts: that the plaintiffs purchased pre-rolled joints containing a lower percentage of THC than declared on the product packaging. Additionally, the class action lawsuit cited the same independent lab tests performed by WeedWeek. The defendant in that lawsuit was represented by a different law firm, and those lawyers were unsuccessful in getting the case dismissed.

The dissimilar results in these cases should make one thing abundantly clear: hiring the right lawyer to represent you in your class action defense could be the difference between winning and losing.

Contact the California Class Action Defense Lawyers at Tauler Smith LLP

Class action lawsuits filed in California courts are notoriously complicated, particularly when they involve consumer protection claims. That’s why it is imperative that defendants in these cases be represented by the experienced California class action defense lawyers at Tauler Smith LLP. Our litigation team has extensive experience representing defendants in false advertising cases, including both private civil actions and class actions.

Call or email us today for a free initial consultation.