A recent Northern District of California ruling has stymied Google’s initial effort to kill a lawsuit. The lawsuit alleges Google collected private data on users browsing in “Incognito” mode—a setting meant to keep search activity private. Judge Lucy Koh dismissed Google’s motion, effectively greenlighting the class action, Brown et al v. Google LLC et al, to proceed.
Brown’s Claims in Google Class Action Lawsuit
The plaintiffs allege that when users browse in Incognito mode, Google still collects browser history and other online activity data. Specifically, lead plaintiffs Chason Brown, Maria Nguyen, and William Byatt complain that after they turned off the collection of their data in Chrome, Google tools continued to pluck their personal data. This happens, according to the complaint, despite Google promising consumers that they can elect to “browse the web privately” and stay in “control of what information [users] share with Google.”
The plaintiffs elaborate on how Google goes about snooping into their personal activity. Google Analytics, Google Ad Manager, website plug-ins, and other website applications intercept and grab users’ IP address, device information, website activity, and other personal data. The personal information is then sorted and compiled to serve up ads to users on behalf of Google’s advertising customers and to support other Google business interests.
Motion Denied
Google filed a motion to dismiss the case; however, on March 12, 2021, Judge Koh denied this motion. Google’s counsel, Boies Schiller Flexner, argued users browsing in incognito mode were given information that their activity might be tracked. They added “Google also makes clear that ‘Incognito’ does not mean ‘invisible,’ and the user’s activity during that session may be visible to websites they visit and any third-party analytics or ads services the visited websites use. ”
Judge Koh rejected these arguments. The judge found that “Google cannot demonstrate that Plaintiffs expressly consented because Google did not notify users that it would be engaging in the alleged data collection while Plaintiffs were in private browsing mode.”
Google’s Alleged Violations
The plaintiffs lay out four legal claims, asserting that Google’s practices violate three California laws and one federal law. The prayer for relief seeks available statutory for all damages resulting from defendants’ wrongdoing. It also seeks an order forcing Google to disgorge wrongfully obtained revenues and profits. The plaintiffs also want Google permanently restrained from intercepting, tracking, or collecting communications when class members browse in “private browsing mode,” or prohibited from violating its policies with users.
Wiretapping
The Federal Wiretap Act, as amended by the Electronic Communications Privacy Act of 1986 (Wiretap Act), prohibits the intentional interception of the contents of any wire, oral, or electronic communication through the use of a device. The plaintiffs say Google violated the Act when it intercepted the plaintiffs’ internet communications during “private browsing mode” web browsing.
California Constitutional Right to Privacy
Brown also cites the right of action against private entities set forth in the right to privacy in California’s constitution. The plaintiffs believe they can meet the California constitutional privacy claim requirements. To meet the requirements, “a plaintiff must show an invasion of (1) a legally protected privacy interest; (2) where the plaintiff had a reasonable expectation of privacy in the circumstances; and (3) conduct by the defendant constituting a serious invasion of privacy.”
Invasion of Privacy
This claim pivots off the protection of privacy from the use of technological devices to eavesdrop on private communications. This protection of privacy is found in the California Invasion of Privacy Act (CIPA). This law prohibits the use of machines to attempt to read or learn the contents or meaning of messages and communications transmitted over any wire, line, or cable. The kicker is a defendant under this law must show it had the consent of all parties to a communication.
Seclusion Intrusion
The last claim falls under intrusion upon seclusion. Here, the complaint states that Google intentionally intruded on private communications made while in “privacy browsing mode.” By doing this, Google is essentially violating the company’s own privacy policies. Brown et al charge that Google intruded upon their solitude or seclusion by inserting itself in the “middle of conversations to which it was not an authorized party.”
What’s Next for Google Class Action Lawsuit
Since the plaintiffs can pursue this lawsuit, plaintiff attorneys, government officials, and privacy groups will watch with keen interest. Big Tech companies such as Google, Facebook, Amazon, and others have been under intense scrutiny as of late. In the last few years, global, state, and national lawmakers summoned executives to investigative hearings. In these hearings, lawmakers ask them about the impact their business practices have on consumers’ privacy. Privacy laws at the state level continue to proliferate, as Congress once again takes up privacy protection legislation. Plaintiff counsel everywhere will want to watch this case as the court evaluates consumers’ legal privacy protections against ubiquitous technology.
