California Invasion of Privacy Act

Subscribe to California Invasion of Privacy Act via RSS

In recent years, private plaintiffs have leveraged the California Invasion of Privacy Act (CIPA) against companies over customer service call recordings, transcription services, and website monitoring. These lawsuits allege that businesses violate CIPA by disclosing or allowing third parties to monitor private communications. Even though many cases are dismissed or settled before trial, defending a

On August 15, 2025, notetaker app Otter.ai, Inc. was named a defendant in litigation alleging that its artificial intelligence-powered meeting assistant called Otter Notetaker, which “engages in real-time transcription of Google Meet, Zoom, and Microsoft Teams meetings for Otter accountholders and other users…records, accesses and records the contents of private conversations between Otter accountholders who

This post was co-authored by Mark Abou Naoum, Summer Associate. Mark is not admitted to practice law.

The 1988 Video Privacy Protection Act (VVPA) prohibits the disclosure of VHS rental history; now, in a recent class action where the VPPA was invoked by the plaintiffs, the parties’ voluntary settlement signals developments related to this outdated

Video game developer Ubisoft, Inc. came out on top earlier this month in the Northern District of California when a judge dismissed, with prejudice, a class action claiming that the company’s use of third-party website pixels violated privacy laws. The judge concluded that the “issue of consent defeat[ed] all of Plaintiffs’ claims.” Lakes v. Ubisoft

In a big win for businesses, a California federal court just held that a “tester” plaintiff—someone who visits websites to initiate litigation—cannot bring a claim under the California Invasion of Privacy Act (CIPA). Rodriguez v. Autotrader.com, Inc., No. 2:24-cv-08735, 2025 WL 65409 (C.D. Cal. 1.8.25). Tester plaintiffs have started to focus on consumer protection

Yahoo’s ConnectID is a cookieless identity solution that allows advertisers and publishers to personalize, measure, and perform ad campaigns by leveraging first-party data and 1-to-1 consumer relationships. ConnectID uses consumer email addresses (instead of third-party tracking cookies) to produce and monetize consumer data. A lawsuit filed in the U.S. District Court for the Southern District

In the latest surge of lawsuits against retailers for embedding tracking technology into websites, yummy cookie company Crumbl was sued on May 1, 2024, for allegedly embedding web-tracking technology allowing third-party processing company Stripe to obtain, without consumer consent, customers’ names, email and delivery addresses, geographic locations, IP addresses, and payment information when consumers surf