Gmail Class Action Survives Motion to Dismiss. Is Yahoo Next?
A class action lawsuit challenging Gmail’s practice of scanning email for purposes of serving targeted advertisements survived Google’s attempt to dismiss The development has led some to speculate that Yahoo! might bee the next target.
Excerpts from the Judge Kohs opinion along with the full opinion sare below:
Plaintiffs bring these cases alleging that Google, in the operation of its Gmail system,violated federal and state anti-wiretapping laws. ECF No. 38-2 ¶ 216 (federal law), ¶ 288(California law), ¶ 328 (Maryland law), ¶ 349 (Florida law), ¶ 370 (Pennsylvania law). Plaintiffsseek the certification of several classes, preliminary and permanent injunctive relief, declaratoryrelief, statutory damages, punitive damages, and attorneys’ fees.
The Wiretap Act, as amended by the ECPA, generally prohibits the interception of “wire,oral, or electronic communications.” 18 U.S.C. § 2511(1); see also Joffe v. Google, Inc. , No. 11-17483, 2013 WL 4793247, at *3 (9th Cir. Sept. 10, 2013). More specifically, the Wiretap Act provides a private right of action against any person who “intentionally intercepts, endeavors tointercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication.” 18 U.S.C. § 2511(1)(a); see id. § 2520 (providing a private right of action for violations of § 2511). The Act further defines “intercept” as “the aural or other acquisition of the contents of any wire, electronic, or oral communication through the use of anyelectronic, mechanical, or other device.” Id. § 2510(4).
Google first contends that it did not engage in an interception because its reading of users’emails occurred in the ordinary course of its business. ECF No. 44 at 6–13. Conversely, Plaintiffscontend that the ordinary course of business exception is narrow and applies only when anelectronic communication service provider’s actions are “necessary for the routing, termination, or management of the message.” See ECF No. 53 at 7. The Court finds that the ordinary course of business exception is narrow. The exception offers protection from liability only where anelectronic communication service provider’s interception facilitates the transmission of thecommunication at issue or is incidental to the transmission of such communication. Specifically,the exception would apply here only if the alleged interceptions were an instrumental part of thetransmission of email. Plaintiffs have alleged, however, that Google’s interception is not aninstrumental component of Google’s operation of a functioning email system. ECF No. 38-2 ¶ 97.In fact, Google’s alleged interception of email content is primarily used to create user profiles and to provide targeted advertising — neither of which is related to the transmission of emails. See id. ¶¶ 26–27, 33, 57, 65, 84, 95. The Court further finds that Plaintiffs’ allegations that Googleviolated Google’s own agreements and internal policies with regard to privacy also precludeapplication of the ordinary course of business exception.
Here, Plaintiffs allege that Google has violated its own policies and therefore is acting outside the ordinary course of business. Specifically, Plaintiffs allege thatGoogle’s Privacy Policies explicitly limit the information that Google may collect to anenumerated list of items, and that this list does not include content of emails.
Rather, the Court finds that it cannot conclude that any party — Gmail users or non-Gmail users — has consented to Google’s reading of email for the purposes of creating user profiles or providing targeted advertising.
Google has cited no case that stands for the proposition that userswho send emails impliedly consent to interceptions and use of their communications by third parties other than the intended recipient of the email. Nor has Google cited anything that suggeststhat by doing nothing more than receiving emails from a Gmail user, non-Gmail users haveconsented to the interception of those communications