Now, a group of Safari users who are suing Google, Vibrant Media and WPP's Media Innovation Group say that the ruling supports the argument that those companies violated the law by allegedly circumventing Safari's no-tracking settings.
The Safari users argue that Google and the other companies violated the federal wiretap law by allegedly hacking Safari's default settings in order to place tracking cookies on their computers. The users say the tracking cookies enabled the companies to intercept the content of a communication without consent.
U.S. District Court Judge Sue Robinson in Delaware sided against the consumers last year, ruling that they didn't have “standing” to proceed because they weren't harmed. Robinson also ruled that tracking cookies can only reveal the Web site addresses that users visit, but not the “content” of communications.
“While URLs may provide a description of the contents of a document, e.g., www.helpfordrunks.com, a URL is a location identifier and does not 'concern the substance, purport, or meaning' of an electronic communication,” she wrote, quoting from the wiretap statute.
The consumers are appealing to the 3rd Circuit. Among other arguments, they say that the definition of “content” is broad enough to cover any information about a communication's meaning -- including URLs. “A URL such as www.oprah.com/health/Stop-Drinking-How-to-Get-on-the-Path-to-Sobriety conveys loads of such information, telling much about the substance, purport and meaning,” they argue in their appeal.
The consumers recently filed a letter with the 3rd Circuit, alerting it to the Supreme Court's ruling regarding cell-phone searches. They say the Supreme Court judges endorsed the view that people's browsing history, including a list of URLs visited, is in itself “content.”
“As the ... court pointed out, URL histories 'could reveal an individual's private interests and concerns,' including health concerns,” the consumers argue.
But Vibrant Media and WPP counter that the Supreme Court didn't address the wiretap law in its decision about cell phones. “An alleged interception of a URL that 'could reveal' the 'contents' of an individual’s communications does not constitute a violation of the Wiretap Act,” the companies argue in a letter filed with the 3rd Circuit on Monday.
For its part, Google argued in a document filed on Tuesday that the Supreme Court's decision regarding searches of cell phones is “factually and legally irrelevant” to a lawsuit about tracking cookies.
The litigation was sparked by a 2012 report by Stanford grad student Jonathan Mayer, who said the four companies were circumventing Safari's no-tracking settings. Google, Vibrant Media and PointRoll confirmed Mayer's report, adding that they had stopped tracking Safari users or would soon do so. None of the companies were accused of linking cookie-based data to users' names or other personally identifiable information.
Internet legal expert Venkat Balasubramani tells MediaPost that the consumers' lawyers are engaging in good advocacy and making a creative argument, but not one that's likely to carry the day. Largely that's because the cell-phone privacy case dealt with questions about the government's power to search and prosecute criminal suspects. But the Safari-hack lawsuit centers on the Electronic Communications Privacy Act -- which prohibits companies from making specific types of interceptions.
“'Contents as used in ECPA has a statutory definition,” he says, adding that the 3rd Circuit isn't likely to draw on the cell-phone privacy case to interpret that term.
Either way, questions about whether the wiretap law prohibits companies from gathering the addresses of sites visited by consumers appear unsettled. The same issue came up in a potential class-action lawsuit against Facebook, which was accused of “leaking” users' information to advertisers via URLs. In that case, the URLs allegedly included people's Facebook IDs, which could be used to identify people by name.