Blog

Chrome Data Collection Class Action Revived on Appeal

Julie Rubash, General Counsel and Chief Privacy Officer
August 26, 2024
Chrome Data Collection Class Action Revived on Appeal

USA

Chrome Data Collection Class Action Revived on Appeal

The 9th Circuit Court of Appeals reversed a district court dismissal of a class action case against Google alleging that Google Chrome sent personal information to Google whenever users exchanged communication with any website that included Google “surveillance source code.” The district court had granted summary judgment to Google based on Google’s assertion that users had consented to such data collection through Google’s general Privacy Policy, a new account creation agreement, and a push down banner that Google had shown to account holders. However, the 9th Circuit reversed that decision, remanding the case back to the district court to determine whether a reasonable user would understand Google’s various privacy policies and terms and think that they were consenting to the data collection. 

TAKEAWAY

This case demonstrates the importance of not just implementing consent banners and privacy policies as a checkbox exercise, but rather tailoring privacy consents and disclosures to the sophistication of the specific user audience at issue to ensure they can actually understand what they are consenting to. One quote from the case is particularly insightful on this point: “Whether a ‘reasonable’ user of Google’s computer software at issue in this case consented to a particular data collection practice is not to be determined by attributing to that user the skill of an experienced business lawyer or someone who is able to easily ferret through a labyrinth of legal jargon to understand what he or she is consenting to. Instead, a determination of what a ‘reasonable’ user would have understood must take into account the level of sophistication attributable to the general public, which uses Google’s services.”

Customize user privacy experiences and consent banners to comply with global regulations while optimizing for your business goals with Sourcepoint Dialogue consent management platform (CMP)

California Bill Mandating Browser Support of Opt-out Signals Is Amended

California AB 3048, which would require browsers and mobile operating systems to include a setting enabling users to send opt-out preference signals to websites and applications they interact with, has been amended by the Senate to, among other changes, set an effective date of January 1, 2026. The amendment also added a definition of “Opt-out preference signal,” specifically, “a signal that complies with this title and that communicates the consumer’s choice to opt out of the sale and sharing of the consumer’s personal information or to limit the use of the consumer’s sensitive personal information.”

NEXT STEPS

The amended bill has been ordered to a second reading in the Senate. If it passes the Senate, the amendment will still need to be approved by the House (which already passed the bill before it was amended). The California legislative session closes August 31, so any movement on this bill will need to happen in the coming days. The governor would then have until September 30 to sign or veto the legislation if it passes before the end of August.

Download Sourcepoint’s sensitive data guide to learn how different states define sensitive information, understand enforcement mechanisms, and discover best practices for processing sensitive data.

A Little Privacy, Please weekly recaps are provided for general, informational purposes only, do not constitute legal advice, and should not be relied upon for legal decision-making. Please consult an attorney to determine how legal updates may impact you or your business.

Latest Blog Posts

CPPA Settles With Unregistered Data Brokers

November 18, 2024

Following an investigative sweep of unregistered data brokers, the...

Paramount Hit With VPPA Class Action

November 5, 2024

A class action complaint was filed in NY alleging...

Noyb Complaint Alleges Pinterest Personalized Advertising Violates GDPR

October 28, 2024

Noyb Complaint Alleges Pinterest Personalized Advertising Violates GDPR

Latest White Papers

E-book: Enterprise Guide To Cookie management & Tracker List Curation

July 1, 2024

How to review the tracking tech on your websites...

Benchmark Report: US Privacy Compliance

August 19, 2022

The current state of publisher compliance with CCPA, and...

Keep in touch

Sign up for our newsletter to keep up with privacy news for adtech and martech,
plus occasional company news.

Let's explore what we can do together.

We'll be in touch within 48 hours

[contact-form-7 id="593" title="Schedule a Demo"]