FullStory's Vendor-Party Exception Argument 'Not Credible,' Says Plaintiff
FullStory’s motion to dismiss Jane Doe’s third amended complaint (TAC) “turns on a false narrative created by selectively ignoring important facts alleged,” said Doe’s opposition (docket 3:23-cv-00059) to the data analytics firm’s motion to dismiss the TAC Wednesday in U.S. District Court for Northern California in San Francisco.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
Doe’s January 2023 class action alleged Meta and TikTok, via their Pixel tracking codes, intercepted confidential healthcare information from her communications with Hey Favor, an online women-focused telehealth firm that delivered birth control. The plaintiff alleged Hey Favor knowingly and intentionally sent personally identifiable information about her and class members' medical history to Meta, TikTok and data analytics firm FullStory.
Hey Favor rebranded as The Pill Club in January 2023 following a trademark lawsuit and then filed for Chapter 11 bankruptcy in April 2023, triggering a stay in the class action. In July, Doe voluntarily dismissed all claims vs. Hey Favor, following a June motion to lift the stay in which she said the action will exist against “advertising and analytics defendants” Meta, TikTok and FullStory, as if she had never named Hey Favor (see 2308010066).
FullStory’s April 2 motion to dismiss suggested the company was a “party” to the communications between Favor and plaintiffs because it’s a vendor, said Doe's opposition, calling the argument “not credible.” The 9th U.S. Circuit Court of Appeals “has never endorsed a vendor-party exception because it is inconsistent with the legislative intent of the California Invasion of Privacy Act,” it said, “to outlaw secret, unauthorized interceptions of communications by third parties regardless of the purpose of those interceptions.” FullStory’s use and analysis of data “plausibly allege that FullStory was not acting as a mere ‘vendor’ but an unauthorized interloper with its own purposes for intercepting Plaintiffs’ communications” in a manner that “falls squarely within CIPA,” it said.
FullStory’s argument that the health data at issue doesn’t constitute confidential communications under CIPA is “inconsistent with the law,” said Doe's opposition, saying FullStory “fails to cite any authority that has ever reached this conclusion.” That is “unsurprising as health data is objectively confidential information,” it said.
FullStory’s challenges to Doe’s intrusion and unjust enrichment claims also lack merit, “reflecting an obvious attempt to downplay its highly intrusive collection of sensitive data for its own purposes to only innocuous storage of routine record information,” said the opposition. FullStory’s arguments contradict plaintiffs’ allegations and “should be rejected,” and its motion to dismiss should be denied in its entirety, the filing said.
Meta, in its Wednesday response to Doe’s TAC, said in its 32nd affirmative defense that the claims are barred on the grounds that she and class members “explicitly consented to Meta’s conduct” by agreeing to its and Hey Favor’s policies and terms “and implicitly consented by continuing to use Meta’s and Favor’s products after becoming aware of the conduct that forms the basis for their claims.”
Doe’s TAC fails to state a claim upon which relief may be granted and fails to plead each purported cause of action with sufficient particularity, said Meta's response (docket 3:23-cv-00059). Doe and class members haven’t sustained injury, harm or damages as a result of actions allegedly taken or omissions made by Meta and are barred from asserting any claim against the company, it said. They are also barred by the doctrines of “laches, waiver, release, estoppel, unclean hands in pari delicto, and/or inequitable conduct,” said the response.
TikTok also denied all allegations in the TAC in its Wednesday response (docket 3:23-cv-00059) except for those noted, including conceding that “Montana passed legislation regarding the use of the TikTok platform based in part on concerns regarding national security.” It also conceded that when a website owner embeds the baseline TikTok Pixel on a webpage, the Pixel can transmit “certain information” to TikTok, including URL, user agent and pixel session ID. The TikTok Pixel “differs in many capacities and functions” from the Meta Pixel, said the response.
Doe and class members’ claims are barred because of their consent to TikTok’s alleged conduct by affirmative consent to TikTok’s and Favor’s privacy policies or by their continued use of the platform and website, said the defendant's response. By choosing to use the TikTok platform and visiting Favor’s website, the plaintiffs “gave implied consent to the collection of information about their visits in the manner provided by TikTok and/or Favor,” it said.
TikTok requested that the plaintiffs “take nothing by way of their complaint,” that no class be certified, that judgment be entered in favor of the defendants, and that the court deny Doe’s prayers for relief with prejudice. The defendants should also be awarded litigation costs, it said.