A class action lawsuit has been filed in the Northern California U.S. District Court involving Twitter and its direct message feature. The class action stems from privacy concerns regarding Twitter tracking links that are sent through these direct messages. Twitter tracks these links by sweeping over links that are sent and shortening them with its T.co service. The plaintiffs believe that Twitter should have to obtain consent from its users before collecting and changing these links. The plaintiffs allege that Twitter’s conduct is unlawful under the Electronic Communications Privacy Act, 18 U.S.C. §§ 2510 et seq. (“ECPA”), and the California Invasion of Privacy Act, California Penal Code §§ 630 et seq (“CIPA”). The plaintiffs are suing on behalf of all Americans who use direct messages. They hope to recover $100 per day for each user whose privacy was allegedly violated.
Looking at the first cause of action, the ECPA prohibits any person from intentionally intercepting any electronic communication or from intentionally using, or endeavoring to use, the contents of any electronic communication while knowing or having reason to know the information was obtained through the interception of an electronic communication. Whether this argument prevails will depend on the necessity of Twitter’s interceptions. The plaintiffs stated in the complaint that Twitter has no urgent need to identify and replace hyperlinks. This is only used for analytics, and not actually protection of users. Twitter will have to respond with information showing that protecting against malicious hyperlinks is necessary to its platform. For this cause of action, the plaintiffs are seeking declarative relief, actual damages suffered and the profits obtained by Twitter as a result of this conduct, punitive damages, and reasonable costs and attorneys’ fees.
The second cause of action involves CIPA, which states that advancing technology allows for eavesdropping on private communications in a way that constitutes a rising threat to personal liberties, such as protection from invasions of privacy. It prohibits a person from willfully, and without consent of all parties to the communication, reading or attempting to read the contents of an electronically filed message, or from using or attempting to use these communications in any way. The plaintiffs’ arguments here are similar. Also noting that Twitter doesn’t have consent of users who send these messages without suspecting they’re being scanned and altered by Twitter. For this cause of action, the plaintiffs are seeking statutory damages of $5,000 to each member of the Class. As well as reasonable costs and attorneys’ fees.