We have been at the forefront of legal developments in this area, including representing:

• The Kobe Bryant Estate in winning a liability finding and $15 million in damages in Vanessa Bryant’s invasion of privacy and federal civil rights suit against the Los Angeles County Sheriff’s Department for its members’ illegal taking and sharing of photos from the helicopter crash that killed Kobe Bryant, his daughter Gianna, and seven others. 
• Snap, Inc., in:
  • Obtaining dismissal of claims alleging it is liable for individual defendants taking snaps of an assault on the plaintiff. 
  • A class action brought under the Illinois Biometric Information Privacy Act (BIPA), Martinez v. Snapchat, Inc. After we removed the case and filed a motion to dismiss or compel arbitration, the plaintiffs voluntarily dismissed their claims.
• An online service provider in several cases, including:
  • Obtaining dismissal of Wiretap Act and Stored Communications Act claims on the basis of user consent and negotiating a favorable class settlement in a class action challenging its importation of email contacts and sending of connection invitations to those contacts.
  • Several matters against parties using bots or other technologies engage in unauthorized data scraping, or create fake or unauthorized accounts, resulting in numerous favorable judgments or settlements.
• Facebook in matters that include:
  • Two class actions—Lundy et al. v. Facebook et al. and Heeger v. Facebook — alleging that it misrepresented its practices with respect to the collection of location-related information when users turned off these settings, in violation of the California Invasion of Privacy Act (CIPA), the Stored Communications Act (SCA), and other laws. We obtained dismissal of all statutory damages claims brought under CIPA and the SCA on the pleadings, substantially narrowing the scope of the cases. Lundy was settled and Heeger was dismissed on a 12(b)(6) motion—a result which was featured by the Daily Journal as a highlighted verdict of the week.
  • An appellate victory that affirmed a $20 million settlement in a privacy class action alleging Facebook included user names and profile photos in ads without the users’ permission. The Ninth Circuit upheld the settlement, which included nominal per-user payments and mechanisms for users to prevent their images from being used in ads.
• ESPN in obtaining dismissal of a high-stakes class action alleging that ESPN violated the Video Privacy Protection Act (VPPA) by disclosing Roku device IDs to a third-party data analytics company.
• The Walt Disney Company in obtaining an injunctive-relief only settlement of a nationwide class action alleging that the online gaming apps of Disney and other developer defendants improperly collected personal data from the devices of minors for marketing purposes. There was no monetary payment to the class.
• Block (formerly Square, Inc.), in a class action, Ruark v. Square, alleging Square sent an automatic receipt to third parties divulging confidential medial information, in violation of various state and federal privacy laws, including HIPAA. After filing a motion to dismiss, we reached a successful resolution with the individual plaintiff.
• The University of California, in:
  • Winning a jury verdict in favor of UCLA Health System, which was accused of negligently releasing the plaintiff’s medical records in violation of California’s Confidentiality of Medical Information Act (CMIA). After a one-week trial, a Los Angeles jury rejected the plaintiff’s claim for more than $1.25 million in damages.
  • Multiple class and individual actions involving unauthorized access to computer networks that contained patients’ confidential medical information or other alleged unauthorized releases of such information. We obtained the first appellate ruling that a claim under California’s CMIA requires proof that the plaintiff’s confidential information was viewed by an unauthorized person.
• An online payment technology company, in a privacy class action alleging that it secretly tracks and collects the personal data of users and merchants and creates “risk profiles” of these users. We secured dismissal of most claims with prejudice, including all claims seeking statutory damages. The case subsequently resolved with the individual plaintiff (with no payment to any class).
• Mattel, in a class action, filed in the District of Northern California, alleging that a number of operators of YouTube channels aimed at children have collected personal information from users under the age of 13, in violation of the Children s Online Privacy Protection Act (COPPA), to target the minors for advertising based on their profiles.  The case was dismissed in district court on preemption grounds, however the matter was appealed to the Ninth Circuit, which reversed the dismissal and remanded it to district court.   
• Upwork , in matters relating to impersonation by unauthorized persons posing as Upwork-endorsed freelancers on its platform. 
• Transgender, non-binary, and intersex prisoners and former prisoners of the Washington Department of Corrections, in obtaining a consent decree that bars the Department from disclosing their medical information, sexual history and history of sexual victimization in response to Public Records Act requests. The litigation, filed with Disability Rights Washington and the ACLU of Washington, led to a new law and a $2.4 million settlement in a related matter regarding access to care and cross-gender searches.