A class-action lawsuit alleging that DoubleClick Inc. invaded people's privacy by placing cookies on their computers and storing private data about them in its databases will go to trial in early January unless the parties settle, a California judge ruled earlier this month.
A specific trial date has not been set. A status conference is scheduled for Oct. 31.
San Rafael District Court Judge Lynn O'Malley Taylor denied DoubleClick's motion to dismiss the case, which seeks damages from the company for allegedly tracking users without their consent as they browsed the Internet.
The lawsuit centers on the most fundamental aspect of DoubleClick's business — that it uses an opt-out model that forces people to tell the company they do not want to be tracked, rather than an opt-in model, in which DoubleClick would have to ask permission to track a person's movements on the Internet.
“We have an important story to tell,” said Ira Rothken, principal of the Rothken Law Firm and lead plaintiff's attorney in the case. “It's one that goes to the heart of DoubleClick's business model.”
Rothken said the fundamental argument in the case is that if people have a right to privacy on the Internet — and he thinks they do under the California Constitution — then people should knowingly waive that right before a company such as DoubleClick, or anyone else, starts collecting and storing personal information.
“There's no way to unring the bell,” he said. “You have to ask before you take a person's private information.”
DoubleClick spokeswoman Jennifer Blum said the company does not comment on pending litigation.
The lawsuit, which was filed in February 2000, accuses DoubleClick of collecting user-identifiable data in violation of the U.S. and California constitutions.
“Defendants use sophisticated computer technology to identify Internet users, track and record their Internet use and the Internet Web sites and specific pages they visit and obtain a plethora of highly confidential and personal information about them without their consent, including, without limitation, their names, addresses, ages, shopping patterns and histories, credit card information, bank account information, sexual orientation and preferences, health related preferences and problems and other private information,” the lawsuit alleges.
However, DoubleClick's newly revised privacy policy says it does not collect such information. The policy indicates that it uses only non-personally identifiable information such as IP address, browser type and version, Internet service provider and how a person uses the pages he visits within the DoubleClick network of companies. This is done to provide the user with targeted ads, according to the company.
“DoubleClick does not use your name, address, e-mail address or phone number to deliver Internet ads,” the privacy policy states. “DoubleClick does use information about your browser and your prior Web surfing to determine which ads to show your browser.”
A similar class-action lawsuit brought at the federal level against DoubleClick was dismissed earlier this year. A federal judge in New York ruled in March that the ad serving network was not engaging in an invasion of privacy by placing cookies on a computer user's hard drive.
Judge Naomi Reice Buchwald of the U.S. District Court for the Southern District of New York said the company was not engaged in the “secret collection of private and personal data” from Internet users.
In that lawsuit, the plaintiffs charged that DoubleClick built detailed profiles of Internet users by placing cookies on the hard drives of visitors to Web sites affiliated with the DoubleClick network. They said this constituted an invasion of privacy because the cookies could track a user's name, e-mail address, the searches he performed and other Web sites he visited. The plaintiffs also claimed that DoubleClick violated federal laws against hacking.
The plaintiffs argued that DoubleClick's collection of demographic data caused them economic damage. The judge noted that even though demographic data are highly valued by advertisers and marketers, the collection of data does not constitute an economic loss to those from whom the data are collected.
