- Central District of California dismisses lawsuit alleging that a third-party’s interception of communications over a website’s live chat feature violated California’s wiretapping and eavesdropping prohibitions.
- Important to the Court’s holding was its finding that the code used by the third party to acquire and transmit the contents of the chat communications was not necessarily used to intercept the communications while they were “in transit” but rather to store them after they were received.
In recent years, the “live chat” feature often used on consumer-facing websites has become the subject of lawsuits brought under the California Invasion of Privacy Act (“CIPA”). In particular, there have been a surge of putative class actions challenging the use of this feature under Sections 631(a) and 632.7 of CIPA, which prohibit wiretapping and eavesdropping on certain communications.
This month, Judge Sunshine S. Sykes of the Central District of California dismissed one such lawsuit at the motion to dismiss phase, holding that the plaintiff had failed to allege any unlawful conduct under CIPA. Cody v. Boscov’s, Inc., No. 22-cv-01434 (C.D. Cal. May 6, 2024).
The plaintiff alleged that she used her smart phone to visit a website belonging to the department store, Boscov’s, and conducted a brief conversation through the website’s chat feature. She further alleged that Boscov’s chat feature contained a code that intercepted customer inquiries and rerouted them to computer servers owned and controlled by a separate company, Kustomer, which then stored and used the customer information it gathered for its own purposes. The plaintiff alleged that this practice violated Sections 631(a) and 632.7 of CIPA.
CIPA Section 631(a) imposes liability on an entity that “intentionally taps, or makes any unauthorized connection . . . with any telegraph or telephone wire, line, cable or instrument of any internal telephonic communication system, or willfully and without the consent of all parties to the communication, or in any unauthorized manner, reads, or attempts to read, or to learn the contents or meaning of any message, report or communication while the same is in transit . . . ” (emphasis added). The same section also imposes liability on an entity that “aids, agrees with, employs, or conspires with any person or persons” to commit one or more of the aforesaid acts.”
The Court dismissed plaintiff’s claims under Section 631(a) based in large part on its determinations that (i) using a cell phone’s web browser does not constitute a “telephonic communication” and (ii) the alleged code was not necessarily used to intercept customer communications “while”they were “in transit,” rather than to store such communications after they were received by Boscov’s. The Court’s findings are consistent with other recent decisions coming out of California courts, finding that when a third party is purportedly recording and storing communications, they are operating like a tape recorder utilized by the defendant and therefore an extension of the defendant, as opposed to an eavesdropping “friend against the door.” See, e.g., Licea v. Am. Eagle Outfitters, Inc., 659 F. Supp. 3d 1072, 1083 (C.D. Cal. 2023).
Separately, the Court also dismissed plaintiff’s claim under CIPA Section 632.7, which imposes liability on an entity that intercepts “a communication transmitted between two cellular radio telephones, a cellular radio telephone and a landline telephone, two cordless telephones, a cordless telephone and a landline telephone, or a cordless telephone and a cellular radio telephone.” The Court held that although the plaintiff need not identify the exact type of “telephone” the defendant employed, she failed to plead facts to support a “reasonable inference that the defendant used some device that could constitute either a cell phone, cordless phone, or landline phone under the statute.”
While many courts, like this one, have rejected CIPA claims based on website chat features, these decisions have not deterred plaintiffs from continuing to bring these claims, and their case theories will continue to evolve. To reduce exposure to CIPA lawsuits, it would be prudent for companies that employ a live chat feature on their website to consider: (i) notifying chat users that their communications may be recorded and shared; and (ii) requesting users consent to record and share their communications before they begin chatting.
For more background on the current wave of website technology CIPA cases, see our previous blog post: Privacy Class Action Spotlight: Latest Wave of Wiretap Class Actions Continues Despite Dismissals as Plaintiffs Try New Approaches – Insights – Proskauer Rose LLP.