May 2018
Self-Checkout Cameras Invade Privacy
Valesquez v. WalMart
Class complaint – WalMart allegedly collected customer personal information as a condition of a credit card transaction. Plaintiff claimed his personal information (specifically, eye color, hair color, and facial features) was collected by video cameras at a self check-out kiosk, and he had no way to avoid being recorded while making his purchase. Plaintiff further alleged the Kiosk cameras were not used exclusively for security purposes, but to collect biometric data for undisclosed uses.
Walmart removed the suit to federal court.
[S.D. CA; 3:18-cv-01004]
jbho: a new twist on an old theory of liability. If plaintiff knew he was being recorded, and made a purchase anyway, did he consent?
This video seems to indicate the recordings take place in plain sight.
https://youtu.be/LwNW4oEVVrE
March 2017
Song-Beverly Covers Phone Numbers Too
Davis v. Innovative Dining Group (BOA Steakhouse)
Class complaint – BOA Steakhouse allegedly requested plaintiffs phone number as a condition of his restaurant purchase. The credit card receipt presented to plaintiff at the end of his meal included a space for his phone number, a space allegedly “designated for such information to process the credit card transaction.”
[Super. Ct. LA Co.; BC654126]
jbho: could be a tricky one. The complaint doesn’t state he was instructed to provide a number, just that the waiter said nothing about the “consequences if he did not provide”. Although, a copy of the receipt was not attached to the complaint (at least not the copy I have). Let me know if you find a copy.
October 2016
Privacy Policy Violation Portal
AG Kamala Harris launched a tool for consumers to report privacy violations. The tool allows any person to report:
• A missing or inapplicable privacy policy
• A privacy policy that is difficult to locate
• An incomplete privacy policy
• A company that did not follow its privacy policy
• A company that failed to provide notice of a material change
The tool allows for upload of attachments, and complaints can be filed “anonymously” – that is, submitters are not required to provide names or contact info (although, the pages use the same tracking technologies used on the rest of the oag.ca.gov site).
https://oag.ca.gov/news/press-releases/attorney-general-kamala-d-harris-launches-new-tool-help-consumers-report
jbho: Take note of the statement in the press release that, “CalOPPA form is part of a multi-pronged approach to improve online privacy. The Attorney General’s office is also partnering with the Usable Privacy Policy Project at Carnegie Mellon University to develop a tool that will identify mobile apps that may be in violation of CalOPPA. The tool is designed to look for discrepancies between disclosures in a given privacy policy and the mobile app’s actual data collection and sharing practices (for example, a company might share personal information with third parties but doesn’t disclose that in its privacy policies). This tool will help proactively identify and focus attention on policies that may require enforcement.” (Emphasis added). Another reason to make sure you know what your apps are doing.
BTW: the complaint form can be found here: https://oag.ca.gov/privacy/caloppa/complaint-form
August 2016
Song-Beverly Covers More Than Just Zip Codes
Goff v. Williams-Sonoma
Class complaint – Williams-Sonoma allegedly collected email addresses as a condition of a credit card purchase. Sales representatives would allegedly misrepresent the reason for collecting email addresses (such as for sending receipts), and failed to inform customers they would receive marketing as a result of sharing email addresses.
[BC631223, California Superior Court, County of Los Angeles]
jbho: cases I’ve seen seem to establish a “safe harbor” if you make sure merchandise and receipt are in hand BEFORE asking for any personal information. And fully disclose the purpose of collection, of course.