Class Action Alleging Company Created and Sold Identity Profiles Will Continue, Court Rules
A class-action complaint alleging a software company created and sold consumer profiles without their consent will continue, the U.S. District Court for Northern California ruled on Friday.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
Judge Jon Tigar said that despite LiveRamp's "contention that it publicly discloses its data collection practices" in its privacy policies, consumers were unaware of its conduct. The suit alleges LiveRamp violated state and federal laws.
"The Court cannot at this stage conclude as a matter of law that the alleged aggregation, synthesis, and sale of comprehensive online and offline data of individuals without their knowledge is not highly offensive," said Tigar.
Tigar also rejected the claim that Section 230 of the Communications Decency Act barred the plaintiff's claims, and allowed claims of violations of the California Invasion of Privacy Act (CIPA) to stand as well.
Case 25-00824 began when a group of individuals, led by Christina Riganian, filed a class-action complaint alleging LiveRamp, which maintains vast databases of personal information, links information to build profiles of consumers, which it then sells to third parties. This "commercial surveillance ecosystem" allegedly contains "detailed personal information on 700 million consumers globally," the plaintiffs said.
Riganian alleges violations of the Wiretap Act and CIPA, intrusion upon seclusion, and the invasion of privacy, among other counts.