The U.S. District Court for the Northern District of California granted certification to a nationwide class of individuals who do not use Yahoo Mail, but who have sent or received emails from Yahoo users since October 2011. These plaintiffs filed suit against Yahoo for allegedly accessing the content of their non-Yahoo Mail emails. The plaintiffs contend that Yahoo illegally copies, scans, and analyzes the content of emails, including keywords and attachments, and shares the content with third parties to create targeted advertising. The plaintiffs assert that they never gave consent for Yahoo to scan their messages; unlike Yahoo Mail users, who agree to this practice when they obtain an account. The plaintiffs also complain that there is no mechanism for non-Yahoo users to opt out of the practice. The plaintiffs assert that these practices allow Yahoo to create more targeted advertising and thus boost advertising, which in 2013 accounted for about 75 percent of its total revenue. The plaintiffs claim that these practices violate privacy provisions of the federal Stored Communications Act.
The plaintiffs seek injunctive relief requiring Yahoo to cease scanning non-Yahoo Mail users’ emails without consent and to identify everyone with whom Yahoo has shared or sold information collected from non-subscribers’ emails. The plaintiffs anticipate about one million class members in the nationwide privacy lawsuit.
The court also certified a sub-group of California residents who have non-Yahoo Mail accounts allowing suit under the California Invasion of Privacy Act, a wiretapping statute. This class will also be made up of non-Yahoo users who have sent or received emails from Yahoo users since October 2011, and alleges the same conduct.
In making its decision, the court considered that, in the “Mail FAQ” section of its website, Yahoo states that its message-analysis system is the same system that scans messages for spam, viruses, malware, and phishing scams. Yahoo acknowledges that the message analysis may help target ads to users, as the system will “result in both product enhancements as well as more relevant advertising in addition to a safer, less cluttered Mail experience.”
Yet, Yahoo challenged certification, arguing that the plaintiffs who have continued to send emails to Yahoo users after learning of the scanning practice have effectively given their consent to the practice. Yahoo contends that knowledge of the practice prohibits the plaintiffs from establishing damages. Yahoo relies upon In Re Google Inc. Gmail Litigation, and argues that it will be too difficult to figure out consent to the degree the lawsuit demands. It also described the requested injunctive relief as “setting back email services for decades.”
Entities with practices similar to those at issue here should be aware of the potential litigation and be prepared to defend similar practices.
—Alexi Layton, Summer Associate, Snell & Wilmer, Las Vegas, NV