As of late, many privacy class actions have attempted to invoke California's common-law invasion of privacy claim, arguing that it is a valid cause of action. The courts, however, have been reluctant to apply the strict parameters of this privacy law--which has high pleading standards--to data breaches and privacy class actions. By its very nature, this law punishes "a serious invasion of the protected privacy interest," which traditionally has required intentional or egregious actions. This common law is not a suitable substitute for a valid claim in privacy class actions and in data breach class actions.
The latest court to grapple with this issue rejected the plaintiffs' pleading attempt. It granted the defendant's motion to dismiss, with leave to amend, rejecting the allegations that the alleged capture of the keystrokes and other information satisfied the pleading requirements for this cause of action. The court determined that the amended complaint did "not plead any facts to suggest Defendants collected intimate or sensitive personally identifiable information or otherwise disregarded Plaintiff’s privacy choices."
This is yet another ruling, which refused to stretch the bounds of this common-law claim to novel legal theories advanced by the creative plaintiff's bar. It is expected that other courts facing similar claims will likely follow suit.
“According to Defendants, Plaintiff 'intentionally provided [information] to the Defendants,' and it is of no moment that Plaintiff alleges he was unaware that [Defendants] recorded his activity. Plaintiff responds he alleges he did not intentionally provide [Defendants] with his activity and, therefore, to the extent Plaintiff understood he was providing information to Nike, he was not informed he was 'being wiretapped by FullStory.' The court agrees with Defendants.”