Ninth Circuit Reverses Summary Judgment and Remands Case Alleging Privacy Violations by Google

Speaking of scraping, well this isn’t exactly a scraping case, but it’s definitely scraping-adjacent.  Plaintiffs sought to certify a class consisting of Google Chrome users who sought to avoid data collection by choosing not to sync their browsers to the Google accounts.  Their belief that Google would not collect their personal data was based on Google’s “Chrome Privacy Notice.”

The District Court denied Google’s consent-based motion to dismiss, but after an evidentiary hearing, it granted summary judgment to Google based on its finding that data was shared with Google on a “browser-agnostic” basis.  That is, data flowed to Google even if web browsers were not using Chrome. Plaintiffs, on notice of Google’s general data-collection practices, could not complain that the same data collection occurred through their non-synced Chrome accounts.

In August, in Calhoun v. Google, LLC, the Ninth Circuit reversed.  Google’s general privacy policy pertains to IP addresses and cookies. The Chrome-specific privacy policy related to broader categories of data, including “browsing history, bookmarks, tabs, passwords and autofill information, and other browser settings.” The Ninth Circuit chided the District Court for holding a 7.5 hour evidentiary hearing that got sidetracked on browser agnosticism and failed to ask the legally pertinent question: was a reasonably prudent web browser on notice that by using Chrome in the non-synced setting, they were consenting to the collect of their personal data.  At this point in the proceedings, plaintiffs had sufficient alleged that the notices Google provided were insufficient.

The case was remanded to the District Court with instructions to apply the appropriate standard.  Only then can the District Court make a determination of whether a class should be certified.