On November 10, 2008, a class action lawsuit was filed against online media company NebuAd and six affiliated ISPs in the Northern District of California alleging violations of various privacy related laws. The suit arises from NebuAd’s use of deep packet inspection technology to track the web surfing habits of the ISPs’ customers. According to the complaint (http://docs.justia.com/cases/federal/district-courts/california/candce/3:2008cv05113/208758/1/), NebuAd placed its patent-pending device on the data hubs of its affiliated ISPs to capture all data transmitted between the consumer and the internet. This device not only allowed NebuAd to track internet users’ web browsing activities, but to append additional packets of information to the internet transmissions enroute to the users’ computers causing their browsers to load cookies for NebuAd’s advertising partners. These cookies were then later used to deliver customized ads based on the consumers’ internet activities.
The complaint alleges violations of the Electronic Communications Privacy Act, 18 U.S.C. § 2510, the Computer Fraud and Abuse Act, 18 U.S.C. § 1030, California’s Invasion of Privacy Act, Cal. Penal Code § 631, California’s Computer Crime Law, Penal Code § 502, and various common law claims.
NebuAd’s website claims that its “powerful advertising platform [was] built with consumer privacy and data protection at the core of its foundation.” This claim is incredible considering that, as alleged, NebuAd’s activities were apparently in clear violation of various laws prohibiting unauthorized access to electronic transmissions and information. Furthermore, the intrusive nature of NebuAd’s unauthorized activities would seem to have exceeded even common-sense notions of what constitutes invasion of privacy.
Companies engaging in online activities should be cautioned to consult an attorney, rather their own judgment of what is fair, in determining whether their activities are legal. In particular, companies should consult an attorney in considering the privacy issues that arise from their online activities. Privacy rules may be governed by a patchwork of state, federal and international legal norms. In light of the increasing concerns with identity theft and the inadvertent disclosure of confidential information, state legislatures have become extremely active in regulating this field. A review of the applicable requirements in one's jurisdiction is critical.
Allen M. Lee Mr. Lee’s practice focuses on business, corporate and intellectual property matters, including the creation, protection and exploitation of intellectual property assets. He counsels clients on business formation, general corporate matters, trademark, copyright, trade secret, patent, licensing, internet and domain name issues, among other things. For more information contact: Allen M. Lee, a Professional Law Corporation, Tel: (650) 254-0758, Fax: (650) 967-1851, Email: allen@allenmlee.com, Internet: www.allenmlee.com.
Subscribe