Tag: CNN

CNN, BREAKING NEWS: CNN Targeted In Massive CIPA Case Involving A NEW Theory Under Section 638.51!

CNN is now facing a massive CIPA class action for violating CIPA Section 638.51 by allegedly installing “Trackers” on its website. In  Lesh v. Cable News Network, Inc, filed in the Superior Court of the State of California by Bursor & Fisher, plaintiff accuses the multinational news network of installing 3 tracking software to invade users’ privacy and track their browsing habits in violation of Section 638.51.

More on that in a bit…

As CIPAworld readers know, we predicted the 2023 privacy litigation trends for you.

We warned you of the risky CIPA Chat Box cases.

We broke the news on the evolution of CIPA Web Session recording cases.

We notified you of major CIPA class action lawsuits against some of the world’s largest brands facing millions of dollars in potential exposure.

Now – we are reporting on a lesser-known facet of CIPA – but one that might be even more dangerous for companies using new Internet technologies.

This new focus for plaintiff’s attorneys appears to rely on the theory that website analytic tools are “pen register” or “trap and trace” devices under CIPA §638.51. These allegations also come with a massive $5,000 per violation penalty.

First, let’s delve into the background.

The Evolution of California Invasion of Privacy Act:

We know the California Invasion of Privacy Act is this weird little statute that was enacted decades ago and was designed to prevent ease dropping and wiretapping because — of course back then law enforcements were listening into folks phone calls to find the communist.

638.51 in particular was originally enacted back in the 80s and traditionally, “pen-traps” were employed by law enforcement to record outgoing and/or incoming telephone numbers from a telephone line.

The last two years, plaintiffs have been using these decades-old statues against companies claiming that the use of internet technologies such as website chat boxes, web session recording tools, java scripts, pixels, cookies and other newfangled technologies constitute “wire tapping” or “eavesdropping” on website users.

And California courts who love to take old statutes and apply it to these new technologies – have basically said internet communications are protected from being ease dropped on.

Now California courts will have to address whether these new fangled technologies are also “pen-trap” “devices or processes” under 638.51. These new 638.51 cases involve technologies such as cookies, web beacons, java scripts, and pixels to obtain information about users and their devices as they browse websites and or mobile applications. The users are then analyzed by the website operator or a third party vendor to gather relevant information users’ online activities.

Section 638.51:

Section 638.51 prohibits the usage or installation of “pen registers” – a device or process that records or decodes dialing, routing, addressing, or signaling information (commonly known as DRAS) and “trap and trace” (pen-traps) – devices or processes traditionally used by law enforcement that allow one to record all numbers dialed on outgoing calls or numbers identifying incoming calls — without first obtaining a court order.

Unlike CIPA’s 631, which prohibits wiretapping — the real-time interception of the content of the communications without consent, CIPA 638.51 prohibits the collection of DRAS.

638.51 has limited exceptions including where a service provider’s customer consents to the device’s use or to protect the rights of a service provider’s property.

Breaking Down the Terminology:

The term “pen register” means a device or process that records or decodes DRAs “transmitted by an instrument or facility from which a wire or electronic communication is transmitted, but not the contents of a communication.” §638.50(b).

The term “trap and trace” focuses on incoming, rather than outgoing numbers, and means a “device or process that captures the incoming electronic or other impulses that identify the originating number or other dialing, routing, addressing, or signaling information reasonably likely to identify the source of a wire or electronic communication, but not the contents of a communication.” §638.50(c).

Lesh v. Cable News Network, Inc “CNN” and its precedent:

This new wave of CIPA litigation stems from a single recent decision, Greenley v. Kochava, where the CA court –allowed a “pen register” claim to move pass the motion to dismiss stage. In Kochava, plaintiff challenged the use of these new internet technologies and asserting that the defendant data broker’s software was able to collect a variety of data such as geolocation, search terms, purchase decisions, and spending habits. Applying the plain meaning to the word “process” the Kochava court concluded that “software that identifies consumers, gathers data, and correlates that data through unique ‘fingerprinting’ is a process that falls within CIPA’s pen register definition.”

The Kochava court noted that no other court had interpreted Section 638.51, and while pen registers were traditionally physical machines used by law enforcement to record outbound call from a telephone, “[t]oday pen registers take the form of software.” Accordingly the court held that the plaintiff adequately alleged that the software could collect DRAs and was a “pen register.”

Kochava paved the wave for 638.51 litigation – with hundreds of complaints filed since. The majority of these cases are being filed in Los Angeles Country Superior Court by the Pacific Trial Attorneys in Newport Beach.

In  Lesh v. Cable News Network, Inc, plaintiff accuses the multinational news network of installing 3 tracking software to invade users’ privacy and track their browsing habits in violation of CIPA Section 638.51(a) which proscribes any “person” from “install[ing] or us[ing] a pen register or a trap and trace device without first obtaining a court order.”

Plaintiff alleges CNN uses three “Trackers” (PubMatic, Magnite, and Aniview), on its website which constitute “pen registers.” The complaint alleges to make CNN’s website load on a user’s browser, the browser sends “HTTP request” or “GET” request to CNN’s servers where the data is stored. In response to the request, CNN’s service sends an “HTTP response” back to the browser with a set of instructions how to properly display the website – i.e. what images to load, what text should appear, or what music should play.

These instructions cause the Trackers to be installed on a user’s browsers which then cause the browser to send identifying information – including users’ IP addresses to the Trackers to analyze data, create and analyze the performance of marketing campaigns, and target specific users for advertisements. Accordingly the Trackers are “pen registers” – so the complaint alleges.

On this basis, the Plaintiff is asking the court for an order to certify the class, and statutory damages in addition to attorney fees. The alleged class is as follows:

“Pursuant to Cal. Code Civ. Proc. § 382, Plaintiff seeks to represent a class defined as all California residents who accessed the Website in California and had their IP address collected by the Trackers (the “Class”).

The following people are excluded from the Class: (i) any Judge presiding over this action and members of her or her family; (ii) Defendant, Defendant’s subsidiaries, parents, successors, predecessors, and any entity in which Defendant or their parents have a controlling interest (including current and former employees, officers, or directors); (iii) persons who properly execute and file a timely request for exclusion from the Class; (iv) persons whose claims in this matter have been finally adjudicated on the merits or otherwise released; (v) Plaintiff’s counsel and Defendant’s counsel; and (vi) the legal representatives, successors, and assigns of any such excluded persons.”

Under this expansive definition of “pen-register,” plaintiffs are alleging that almost any device that can track a user’s web session activity falls within the definition of a pen-register.

We’ll keep an eye out on this one – but until more helpful case law develops, the Kochava decision will keep open the floodgate of these new CIPA suits. Companies should keep in mind that unlike the other CIPA cases under Section 631 and 632.7, 638.51 allows for a cause of action even where no “contents” are being “recorded” – making 638.51 easier to allege.

Additionally, companies should be mindful of CIPA’s consent exceptions and ensure they are obtaining consent to any technologies that may trigger CIPA.

© 2024 Troutman Amin, LLP
For more news on the California Invasion of Privacy Act, visit the NLR Communications, Media & Internet section.

CNN Investigates Expanding Use of Nuedexta in Nursing Homes

A recent investigation by CNN brought to light the expanding and allegedly inappropriate use of the prescription drug Nuedexta in nursing homes throughout the country. Nuedexta is FDA-approved to treat a rare condition known as pseudobulbar affect (PBA).

What is Pseudobulbar Affect?

Pseudobulbar affect is characterized by sudden and uncontrollable laughing or crying. It is associated with people who have multiple sclerosis (MS) or amyotrophic lateral sclerosis (ALM), known as Lou Gehrig’s disease. Avanir Pharmaceuticals has been aggressively targeting elderly nursing home residents with the drug, the CNN investigation found, although PBA reportedly impacts less than 1 percent of Americans, based on a calculation using the drug maker’s own figures.

What the Investigation Revealed

Nuedexta prescription use in nursing homes is rising at a rapid rate, even though Avanir Pharmaceuticals acknowledges that the drug has not been extensively studied in elderly patients, according to CNN.

CNN found that Avanir Pharmaceutical’s sales force is focused on expanding the drug’s use among elderly patients suffering from dementia and Alzheimer’s disease, coupled with “high-volume prescribing and advocacy efforts by doctors receiving payments from the company.”

Since 2012, more than half of all Nuedexta pills have gone to long-term care facilities, according to data obtained from QuintilesIMS, which tracks pharmaceutical sales. Total sales of Nuedexta reached almost $300 million that year.

In response to requests to be interviewed for the CNN article, Avanir reportedly responded by email with a statement that PBA is often “misunderstood” and that the condition can affect people with dementia and other neurological disorders that are common in nursing home residents.

Nuedexta is approved by the Food and Drug Administration (FDA) to treat anyone with PBA, including those with neurological conditions such as dementia. But geriatric physicians, dementia researchers, and other medical experts reportedly told CNN that PBA is extremely rare in dementia patients.

How Can Nuedexta Impact Nursing Home Residents?

One study of 194 patients with Alzheimer’s disease found that patients taking Nuedexta suffered more than twice as many falls as those patients taking a placebo.

CNN reports that Lon Schneider, director of the University of Southern California’s California Alzheimer’s Disease Center, reviewed information from several hundred reports obtained by CNN through the Freedom of Information Act. Schneider expressed concern about potential interactions between Nuedexta and other medications intended to treat problematic behaviors. These medications may include antipsychotic drugs, antidepressants, and anti-anxiety medication which are often given to nursing home residents to suppress anxiety or aggression that may occur with Alzheimer’s disease and other dementia types.

Why Are Doctors Prescribing Nuedexta to Nursing Home Residents?

According to CNN’s analysis of government data, between 2013 and 2016, Avanir and its parent company, Otsuka, paid almost $14 million to physicians for Nuedexta-related consulting, promotional speaking, and other services. The companies also spent $4.6 million on travel and dining costs. CNN found that in 2015 nearly half the Nuedexta claims filed with Medicare came from doctors who had received money or other perks.

According to the investigation, state regulators have found that doctors may inappropriately diagnose nursing home residents with PBA to justify the use of Nuedexta to treat confusion, agitation, and unruly behavior. Further, doctors may inappropriately diagnose nursing home residents with PBA to justify the use of Nuedexta to treat confusion, agitation, and unruly behavior. A diagnosis of PBA may be used because “off-label” prescriptions written by doctors using Nuedexta to treat patients who have not been diagnosed with PBA would typically not be covered by Medicare.

What Adverse Events Have Been Reported With Nuedexta Use By Nursing Home Patients?

Soon after Nuedexta came on the market, doctors, nurses, and nursing home patients’ family members began filing reports including rashes, dizziness, and falls as well as comas and death. CNN found that Nuedexta was listed as a “suspect” medication in nearly 1,000 adverse event reports received by the FDA. These reports disclosed side effects, drug interactions, and other issues. According to CNN, the FDA declined to comment on adverse events or the approval process for Nuedexta.

This post was written by Denise Mariani  of STARK & STARK, COPYRIGHT © 2017
For more legal analysis, go to The National Law Review