This nationwide class action challenged Google’s collection of payload data from unencrypted Wi‑Fi networks through its Street View vehicles, raising significant questions about electronic privacy. The case was important because the Ninth Circuit held for the first time that data transmitted over unencrypted Wi‑Fi networks is not an exempt “radio communication” under the Wiretap Act. The outcome resulted in a $13 million cy pres settlement, required Google to destroy the collected data and refrain from gathering protected data with its Street View vehicles without prior notice and consent in the future.
Case Background and Important Rulings
Since at least May 2007, Google had used vehicles sent to capture images for its “Street View” technology to also access unencrypted wireless internet networks located in the United States and more than thirty countries around the world. Google designed its Street View vehicles so that as they traveled through cities and towns they not only gathered images, but also collected data sent and received over the unencrypted wireless networks they encountered, including all or part of e-mails, passwords, videos, audio files, and documents, as well as network names and router information. This data was captured and stored without the knowledge or authorization of class members.
On May 28, 2010, Cohen Milstein Sellers & Toll PLLC; Kellogg, Huber, Hansen, Todd, Evans & Figel, PLLC; and Consumer Watchdog filed a class action complaint in the U.S. District Court for the District of Columbia. Plaintiffs alleging that Google’s conduct violated Title III of the Omnibus Crime Control and Safe Streets Act of 1968, as amended by the Electronic Communications Privacy Act of 1986, 18 U.S.C. § 2511, et seq., also known as the Wiretap Act. This case, and other class actions filed nationwide, were consolidated in November 2010 in the U.S. District Court for the District of Northern California.
Cohen Milstein, as co-lead counsel, represented U.S. non-profit consumer and internet policy organizations.
The issue was so significant that the Federal Trade Commission investigated Google’s conduct, as did officials in Germany, Italy, Spain, France, and the Czech Republic, among other nations.
- In June 2013, the court denied defendant’s motion to dismiss. However, Google was granted permission to take an interlocutory appeal.
- In September 2014, the Ninth Circuit affirmed the denial, holding for the first time that data transmitted over unencrypted Wi-fi networks is not an unencrypted “radio communication” exempt from the Wiretap Act.
- In January 2014, the Ninth Circuit declined to rehear the case en banc, and in June 2014, the U.S. Supreme Court denied Google’s petition for certiorari.
- On remand, the district court limited discovery to the jurisdictional issue of whether Google had intercepted the payload data of the named plaintiffs. After three years of jurisdictional discovery, involving technical searches of the massive amount of data that Google had intercepted, the parties negotiated a settlement with the assistance of a mediator.
On March 18, 2020, the Honorable Charles R. Breyer of the United States District Court for the District of Northern California granted final approval of a $13 million cy pres settlement. In granting final approval, Judge Charles R. Breyer of the United States District Court for the District of Northern California commented that the case was significant in that it addressed previously unexplored questions involving electronic privacy.
The settlement required Google to destroy all the data it gathered, and to refrain from gathering protected data with its Street View vehicles without prior notice and consent in the future. In addition, for five years following final approval, Google agreed to host web pages dedicated to teaching users about the value of encrypting their networks, along with instructions on how to do so.
The non-profit recipients of the cy pres funds are the Center on Privacy and Technology at Georgetown University Law Center, the Center for Digital Democracy, the Massachusetts Institute of Technology’s Internet Policy Research Initiative, the World Privacy Forum, Public Knowledge, the Rose Foundation for Communities and the Environment, the American Civil Liberties Union Foundation, and Consumer Reports Inc.