On May 31, 2022, the Ninth Circuit issued its ruling in Javier v. Assurance IQ, LLC et al. – a putative “session-replay” class action under the California Invasion of Privacy Act (Cal. Penal Code § 630, et seq.) (CIPA). For those who have not kept up with the session-replay litigation, over the past several years, plaintiffs have begun filing putative class actions against website operators and third-party analytics companies, alleging that use of “session-replay” software, which tracks website users’ interactions with a website, constitutes an illegal wiretap under various states’ two-party consent wiretapping statutes.
Although it acknowledged that the California Supreme Court has not addressed whether retroactive consent is valid under Section 631(a), the Ninth Circuit, interpreting other California Supreme Court opinions, concluded Section 631(a) “require[s] the prior consent of all parties to a communication.” Because the plaintiff alleged the defendants did not request consent “prior to his filling out the insurance questionnaire online,” the Ninth Circuit determined his communications were recorded without his valid consent.
Despite this holding, the Ninth Circuit emphasized that it did “not reach Defendants’ other arguments,” which leaves open a host of other questions about the viability of session-replay cases under CIPA, as well as other state wiretapping statutes.
Learn more about the implications of this case by contacting any of the authors.