| Plaintiffs filed a consolidated complaint on behalf of themselves and a putative class of people, alleging that internal Facebook communications revealed that company executives were aware of the tracking of logged-out users and recognized that these practices posed various user-privacy issues. The Ninth Circuit held that plaintiffs have standing to pursue their privacy claims under the Wiretap Act, the Stored Communications Act (SCA), and the California Invasion of Privacy Act (CIPA), as well as their claims for breach of contract and breach of the implied covenant of good faith and fair dealing. In this case, plaintiffs have adequately alleged that Facebook's tracking and collection practices would cause harm or a material risk of harm to their interest in controlling their personal information. Therefore, plaintiffs have sufficiently alleged a clear invasion of the historically recognized right to privacy. Furthermore, plaintiffs sufficiently alleged a state law interest whose violation constitutes an injury sufficient to establish standing to bring their claims for Computer Data Access and Fraud Act (CDAFA) violations and California common law trespass to chattels, fraud, and statutory larceny. On the merits, the panel held that plaintiffs adequately stated claims for relief for intrusion upon seclusion and invasion of privacy under California law. Plaintiffs have also sufficiently alleged that Facebook's tracking and collection practices violated the Wiretap Act and CIPA. The panel held that the district court properly dismissed plaintiffs' SCA claims, because the allegations do not show that the communications were even in "storage," much less that the alleged "storage" within a URL toolbar falls within the SCA's intended scope. The district court also properly dismissed plaintiffs' breach of contract claim, because plaintiffs failed to adequately allege the existence of a contract. Finally, plaintiffs' claims for breach of the implied covenant of good faith and fair dealing were rejected. |
