In the past year, plaintiffs have filed a wave of lawsuits asserting claims under the Video Privacy Protection Act (“VPPA”) in connection with the alleged use of third-party pixels on websites that offer video content.  A recent decision establishes the limits of the VPPA’s reach and provides a well-reasoned ground for future motions to dismiss.

In Carroll v. General Mills, Inc., 2:23-cv-01746 (C.D. Cal. June 26, 2023), plaintiffs alleged that their video-viewing activity had been shared with third parties, in purported violation of the VPPA, via pixel code allegedly installed on defendant’s website.  The federal court dismissed the lawsuit in an opinion that will have broad impact for other companies. 

In Carroll, the VPPA’s “video tape service provider” element was at issue.  The VPPA applies only to “video tape service provider[s]” (a/k/a VTSPs), defined as “any person engaged in the business . . . of rental sale, or delivery of prerecorded video cassette tapes or similar audio visual materials.”  Plaintiffs claimed that General Mills was “in the business” of video delivery through its creation and distribution of online videos to “increase[] its brand presence.”  The court found this allegation insufficient to satisfy the VTSP requirement and held that the VPPA “does not cover every company that merely delivers audio visual materials ancillary to its business.”  The court stated that a plaintiff seeking to bring a claim under the VPPA must plead facts demonstrating that a defendant’s “particular field of endeavor” is the delivery of audiovisual materials, rather than merely a “peripheral” part of its marketing strategy. 

In making clear that posting online videos that are only incidental to a company’s core business is not subject to the VPPA, Carroll supports a strong threshold defense to future VPPA claims.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Eric Bosset Eric Bosset

Eric Bosset is a senior counsel whose practice encompasses a broad range of complex litigation matters, with an emphasis on (1) privacy, data security and consumer protection, (2) employment and ERISA, and (3) financial products and services. Eric has extensive experience in class…

Eric Bosset is a senior counsel whose practice encompasses a broad range of complex litigation matters, with an emphasis on (1) privacy, data security and consumer protection, (2) employment and ERISA, and (3) financial products and services. Eric has extensive experience in class actions, MDL proceedings, and other multi-party lawsuits. His trial victories include a jury verdict in an employment class action lawsuit that The National Law Journal ranked among the 25 most notable defense verdicts of the year.

Privacy and Consumer Protection

Eric was named “Most Valuable Player” in Privacy & Consumer Protection by Law360. He has an extensive practice representing Internet service providers, publishers and advertisers in class action litigation involving claims of unauthorized collection and disclosure of personally identifiable information (“PII”). He has successfully represented Microsoft, AOL, CBS, McDonald’s, Mazda, the Indianapolis Colts, and other companies in obtaining the dismissals of putative class action lawsuits that asserted federal law claims under the Electronic Communications Privacy Act (“ECPA”), Computer Fraud and Abuse Act (“CFAA”), and Video Privacy Protection Act (“VPPA”), as well as state law claims under the Illinois Biometric Information Privacy Act (“BIPA”) and for unfair practices, trespass, and invasion of privacy.

Eric also represents companies in connection with matters arising under the Fair Credit Reporting Act (“FCRA”), Fair and Accurate Credit Transaction Act (“FACTA”), Telephone Consumer Protection Act (“TCPA”), and other consumer protection statutes.

Employment and ERISA

Eric has extensive experience defending companies in individual and class action litigation brought under federal and state laws concerning discrimination, retaliation, whistleblowing, wage and hour disputes, and wrongful termination, as well as in class action litigation involving the Employee Retirement Income Security Act (“ERISA”). Eric has the rare distinction of having tried and won a jury verdict in a class action lawsuit alleging “pattern or practice” discrimination on the basis of age in connection with a corporate reduction in force. Bush, et al. v. Deere & Company (C.D. Ill.). He also secured the reversal on appeal of a class certification order in a “stock drop” lawsuit that claimed breaches of fiduciary duty in the administration of a company retirement savings plan. In re Schering Plough Corporation ERISA Litig., 589 F.3d 585 (3d Cir. 2009). Eric also represents clients in EEOC investigations.

Financial and Fintech

Eric’s practice includes the representation of financial and fintech companies on a broad array of civil litigation, arbitration, and regulatory enforcement matters relating to financial products and services, including matters for Wells Fargo Bank, JPMorgan Chase, Synchrony Bank, Envestnet, Yodlee, and MidFirst Bank.

Photo of Lindsey Tonsager Lindsey Tonsager

Lindsey Tonsager co-chairs the firm’s global Data Privacy and Cybersecurity practice. She advises clients in their strategic and proactive engagement with the Federal Trade Commission, the U.S. Congress, the California Privacy Protection Agency, and state attorneys general on proposed changes to data protection…

Lindsey Tonsager co-chairs the firm’s global Data Privacy and Cybersecurity practice. She advises clients in their strategic and proactive engagement with the Federal Trade Commission, the U.S. Congress, the California Privacy Protection Agency, and state attorneys general on proposed changes to data protection laws, and regularly represents clients in responding to investigations and enforcement actions involving their privacy and information security practices.

Lindsey’s practice focuses on helping clients launch new products and services that implicate the laws governing the use of artificial intelligence, data processing for connected devices, biometrics, online advertising, endorsements and testimonials in advertising and social media, the collection of personal information from children and students online, e-mail marketing, disclosures of video viewing information, and new technologies.

Lindsey also assesses privacy and data security risks in complex corporate transactions where personal data is a critical asset or data processing risks are otherwise material. In light of a dynamic regulatory environment where new state, federal, and international data protection laws are always on the horizon and enforcement priorities are shifting, she focuses on designing risk-based, global privacy programs for clients that can keep pace with evolving legal requirements and efficiently leverage the clients’ existing privacy policies and practices. She conducts data protection assessments to benchmark against legal requirements and industry trends and proposes practical risk mitigation measures.