By Rob Morgan
Online advertisers may collectively be breathing a cautious sigh of relief following last week's dismissal by the U.S. District Court in the Central District of California of the class action in Genevive La Court, et al. v. Specific Media, Inc. Plaintiffs had alleged Specific Media improperly used local shared objects ("LSOs," also known as "Flash cookies") to bypass web users' security settings to gather browsing information to support targeted ads. The Court held that Plaintiffs failed to demonstrate specific harm needed to support standing to bring such a suit, but gave them leave to amend the complaint and try again. Although Plaintiffs have said they intend to re-file, the Court pointed out other problems with the claims that could be difficult to overcome, even in a new filing.
Specific Media is the latest in a line of Flash cookie cases against Quantcast, Clearspring and several media companies. Earlier cases were settled in late March, 2011. The litigation flowed from release of an academic study that accused publishers and advertising companies of using LSOs, which were first used to support Flash Player and HTML5-based browsers. This raised concerns among consumer groups and privacy advocates insofar as it could support practices like restoring tracking information to deleted cookies, or tracking users without their knowledge.
Advocacy groups have vociferously complained about their use, the FTC hinted it is examining the issue, and in response to the criticism, Adobe partnered with browsers to build an API for clearing LSOs. Parties to those earlier cases admitted to using LSOs but claimed they only did so for statistical purposes. Specific Media denied having used them at all.
Plaintiffs alleged Specific Media deprived them of the value of their personal information and violated their privacy by installing Flash Cookies on their computers without consent. The data gathered by the LSOs was used to compile behavioral profiles of the users for use in targeted advertising. Plaintiffs asserted Specific Media’s conduct violated the Computer Fraud and Abuse Act (“CFAA”) and various California computer and privacy statutes.
In dismissing, the Court concluded Plaintiffs never actually alleged Specific Media tracked them personally, or that they suffered harm from the alleged practices: “Ultimately, the Court probably would decline to say that it is categorically impossible for Plaintiffs to allege some property interest that was compromised by Defendant’s alleged practices. The problem is, at this point they have not done so.”
In addition the Court noted significant shortcomings in Plaintiffs’ substantive claims. In particular, to support a claim under the CFAA, plaintiffs must have suffered economic losses totaling at least $5,000 in a one-year period. Based on the complaint, the Court agreed with Specific Media that the Plaintiffs “at the very least failed to plausibly allege that they and the putative class – even in the aggregate – suffered $5,000 in economic damages.”
The Plaintiffs are reportedly planning to refile, saying the ruling provides “clarification regarding the pleading standard.” They do have a point insofar as the dismissal decision in some ways could be viewed as a “how-to” guide for drafting a complaint that will survive a motion to dismiss, and in dismissing without prejudice, the Court certainly left that door open to Plaintiffs. However, Plaintiffs still probably face a steep climb if they choose to re-file. In any case, the decision offers a useful reference point in analyzing the potential liabilities for behavioral advertisers or ISPs involved with using LSOs.