In Re Intuit Privacy Litigation, 138 F. Supp.

In Re Intuit Privacy Litigation, 138 F. Supp. 2d 1272 (C.D. Cal. 2001). in the United States

This is a Primary Party Cookie Collection case.

Background

Plaintiffs allege that:

  • A “cookie” is an electronic file that online companies, including Intuit, implant upon computer users’ hard drives when those users visit Internet Web sites such as Quicken com .. Cookies are generally created by Web servers and implanted on users’ computers when they first establish their connection to the Web site or particular Web pages therein.
  • Cookies, which Internet companies can differentiate between by assigning unique identification numbers to each computer user, can contain virtually any kind of information Cookies generally perform many convenient and innocuous functions, such as keeping track of items Web site visitors may purchase. Cookies are also commonly used to keep track of usernames and passwords to make it easier for people to access Web sites that require authentication to view certain Web pages.
  • The original purpose of the cookie, however, has been subverted by advertising entities like DoubleClick, and the companies that use such firms, as a method to track and record a particular user’s movements across the Web and to gather, via rampant and undisclosed cookie implantation, among other things, personal and confidential information about computer users–information that computer users are unaware is being perpetually harvested for others’ commercial benefit and enrichment. Information contained in implanted cookie files is sent back to the implanting company or entity each subsequent time that the user visits that Web site or particular Web page so that the information viewed by the Web user can be “linked” to the computer containing the cookie.
  • Plaintiffs allege that Defendant placed cookies on their computers.

Developments

Whereas the DoubleClick case (In Re DoubleClick, Inc. Privacy Litigation, 154 F. Supp. 2d 497,S.D.N.Y. 2001) looked at a third party cookie collector, Intuit was being litigated for directly placing cookies and gathering information from users on their website www.quicken.com. The class action lawsuit similarly alleged violations of the ECPA, the Wiretap Act, and the CFAA.

The California district court presiding over the case refused to dismiss the ECPA claim even after Intuit stated that they could not be held liable as an unauthorized “third party” since they collected the data directly from their site. The court felt that the ECPA “generally prohibited the unauthorized access of electronic data and did not apply exclusively to third parties.” This viewpoint may prove to me a major breakthrough for attempts to make companies liable for collecting cookies.

Again, the Wiretap Act claim was dismissed due to the plaintiff’s failure to “state any facts in their complaint which support the allegation that [Intuit] intercepted electronic communications for the purpose of committing a tortious or criminal act.” The court read the statute very narrowly and held that there was no way that the interception of the communications could have helped with the planting of cookies on user’s hard drives. This narrow construction should be seen as an area for future litigation to seek changes in the existing precedent. Likewise, the CFAA claims was again dismissed for failure to asset $5000 in damages during the period of one year.

See also

Cookies legal issues
In Re DoubleClick, Inc. Privacy Litigation, 154 F. Supp. 2d 497


Posted

in

, , , ,

by

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *