Online Powerhouses – Too Big to Sue?
Internet privacy is not just under siege from the NSA. Google is fighting two huge class action suits based upon privacy violations. Facebook recently settled two privacy-based class action lawsuits. These lawsuits are colossal because Google and Facebook are two mammoth companies with enormous numbers of customers. One class is comprised of everyone who has a Gmail account or sent a message to a GMail account over the last two years. How huge is that? The last time Google released the number of Gmail accounts was in June, 2012: 425 million worldwide. I’ve opened two myself since then. But that’s only the number of Gmail accounts and doesn’t include everyone sending messages to Gmail accounts. Facebook boasts over 1 billion users. We mean huge.
(Image Source: Shutterstock)
The second Google case is In re Google Street View Electronic Communications Litigation. This class is every person in the US whose home WiFi Google tapped to perform its street view mapping. No one knows how many people that is, but it could be in the millions.
While lawyers typically look for moneyed defendants, the problem with lawsuits of this magnitude is that each privacy violation has a statutory penalty of up to $10,000 under the Wiretap Act. When the class of plaintiffs is so large, the penalties rapidly hit billions or even trillions of dollars – that is if every class member decides to participate.
So what does this really look like? Facebook lucked out on its class action, Fraley v. Facebook, when the judge approved a settlement in August to pay each class member $15. The potential class included 150 million users but only 615,000 filed claims. Facebook paid $20 million into a settlement fund with $9,225,000 going to class members; $5,000,000 to Internet privacy watch dog groups, called cy pres awards; and $3.5 million in attorneys’ fees. So Facebook is lucky because $20 million is far less than $2.25 billion (150 million members x $15). If each class member got $1,000, more would likely have signed up and well, you can do the math.
Facebook managed to settle its next class action on the Beacon program (Let’s broadcast details about our users’ personal lives!) with a $6 million cy pres award to a privacy group Facebook controls. Clearly Facebook thought it “cracked the code” on managing its privacy problems but the case is being appealed. And what’s more, settling class actions with cy pres awards in lieu of compensating individuals is now losing favor in the 9th Circuit where Google and Facebook live.
The Google cases have been progressing through the litigation process with the plaintiffs largely winning. Even with gross revenues of $50 billion in 2012, awarding significant damages to each class member would likely bankrupt Google, leaving the claimants without payments and hundreds of millions without services.
Some commentators are arguing that the suits are “Too Big to Settle”. In the class action world, once the class is certified by the court, settlements are very difficult. What usually happens is that prior to certification, the parties come up with their proposed settlement and present it to the court for approval. Once the class is certified, it’s up to the court to define the award. If the court won’t accept a cy pres award and applies statutory damages to each class member, we are looking at staggering judgments.
It’s reminiscent of the “Too Big to Fail” arguments of the big banks and auto companies. But do they warrant it? However you feel about class action suits, shouldn’t Google and Facebook be held accountable for privacy violations even though they are so large – or because they are so large? Would the impact of Google’s or Facebook’s demise be similar to bringing down the banking system or the auto industry? Or would the Internet ecosystem hiccup and move on?
The U.S. Supreme Court should announce if they will take the appeal of the Beacon Facebook class action and its cy pres award on Monday. Any bets?
By Cindy Wolf
Cindy is a Colorado lawyer with more than 25 years experience representing large and small domestic and multinational companies. Her expertise is in helping companies enter the cloud safely, either as providers or users. She also practices in the areas of corporate law and commercial contracting, with an emphasis on international issues. She can be reached at firstname.lastname@example.org.
(Note: This publication is provided for informational purposes only. It does not constitute legal advice. There is no implicit guarantee that this information is correct, complete, or up to date. This publication is not intended to and does not create an attorney-client relationship between you and the author.)
- 15 Cloud Data Performance Monitoring Companies - June 21, 2016
- Cross-Site Scripting – Why Is It A Serious Security Threat For Big Data Applications? - June 21, 2016
- What’s Ahead For Predictive Analytics And Why It Matters For Businesses - June 17, 2016
- Do Not Rely On Passwords To Protect Your Online Information - June 15, 2016
- Despite Record Breaches, Secure Third Party Access Still Not An IT Priority - June 14, 2016