Jury Trial Finds Meta Breached State Privacy Law in Class Action Against Fertility App

A U.S. federal jury in San Francisco has delivered a landmark verdict against Meta Platforms Inc., finding the company liable for violating California's wiretap law by intentionally and secretly intercepting the sensitive personal health data of millions of women.

The verdict concludes a trial stemming from a class-action lawsuit that accused Meta of using its "Meta Pixel" tracking code to collect private information from the period-tracking app Flo. The jury found that Meta intentionally "eavesdropped" on these confidential communications without the users' consent, a direct violation of the California Invasion of Privacy Act (CIPA).

The Lawsuit and Key Allegations

The case, which was part of a larger multi-district litigation, centered on Meta's use of a software development kit (SDK) within the Flo app. Plaintiffs argued that the SDK acted as a secret "recording device," capturing highly sensitive menstrual and reproductive health data that users entered into the app. This information was then allegedly transmitted to Meta and used for targeted advertising.

During the trial, the plaintiffs' lawyers presented evidence that Meta had used "custom app events" with names like "R_SELECT_LAST_PERIOD_DATE" and "R_SELECT_CYCLE_LENGTH" to systematically collect this data. They asserted that this demonstrated a clear intent to record the communications.

Meta's defense team, in contrast, argued that the data collection was a function of the Flo app's own programming and that Meta did not "intentionally" eavesdrop. They attempted to shift the blame to the app developer, Flo Health, but the jury ultimately rejected this argument.

Jury's Findings

The jury was presented with three critical questions and sided with the plaintiffs on every point:

Intentional Eavesdropping: Did Meta intentionally eavesdrop on or record the confidential communications? The jury's answer was "yes."
Reasonable Expectation of Privacy: Did the users have a reasonable expectation that their sensitive health information would not be shared? The jury's answer was "yes."
Consent: Did Meta have consent for its actions? The jury's answer was a definitive "no."

Implications of the Verdict

While the specific amount of damages has not yet been determined, the verdict is a significant victory for digital privacy rights advocates and has major implications for the tech industry. It establishes a strong legal precedent that a company's use of tracking tools to collect user data, even from a third-party app, can be considered a violation of wiretapping laws if done without explicit, informed consent.

The ruling reinforces the idea that users have a "reasonable expectation of privacy" in their digital communications, especially when dealing with sensitive health information. This could pave the way for similar lawsuits against other tech companies that use similar tracking tools to collect personal data without user knowledge. The verdict sends a clear message to Silicon Valley that old laws, like the California Invasion of Privacy Act, can be applied to modern digital tracking and that a lack of consent will not be tolerated.

For any enquiries or information, contact info@thelawreporters.com or call us on +971 52 644 3004. Follow The Law Reporters on WhatsApp Channels