Google is asking a federal judge to reconsider her recent decision allowing Chrome users to proceed with a claim that the company engaged in larceny by collecting their personal information -- including their IP addresses, identifiers stored on cookies, and data about web-browsing activity.
In papers filed Thursday, Google argues that U.S. District Court Judge Lucy Koh in San Jose gave short shrift to its company's contention that the data at the heart of the battle -- IP addresses, identifiers and browsing history -- isn't considered property in California.
“The court did not consider -- or at least squarely address -- Google’s argument that the information plaintiffs allege Google stole is not their 'property' under California law because the information is not capable of 'exclusive possession or control' by plaintiffs,” the company writes.
The new motion comes in a dispute dating to last July, when Patrick Calhoun and three other Chrome users alleged in a class-action complaint that the company harvested a trove of data from them -- even when they were logged out of their Google accounts.
Google urged Koh to dismiss the case at an early stage, arguing that consumers consented to the data collection.
But Koh found those disclosures lacking for a few reasons, including that Chrome represents that users' personal data won't be sent to Google unless they sync Chrome to their Google accounts.
Koh dismissed some claims without prejudice, including allegations that Google violated the federal wiretap law.
But she also allowed the users to proceed with others -- including allegations that Google broke its contract with Chrome users, intruded on their privacy, and violated a law against larceny by stealing “personal information.”
Google had argued that the data at the center of the case isn't “property” and that, even if the allegations were true, the data would have been copied, as opposed to stolen.
Koh rejected both of those argument, writing that the trend across the country is to recognize a property interest in personal information, and that copying can be a form of theft.
That ruling, issued two weeks ago, appears to mark the first time a judge has allowed web users to bring a larceny claim over alleged privacy violations.
Google says in its new motion that Koh reached the wrong conclusion. The company specifically argues that Chrome users lack “exclusive possession of control” over any of the information at the heart of the legal battle.
“Users cannot be said to 'own' their IP address -- it is assigned to them by their internet service provider, routinely exchanged every time a user accesses the internet or visits a website, and can be changed at any time depending on their location or other factors,” Google writes. “Nor can users legitimately claim to 'own' cookies that are placed on their browsers by websites or other entities, or the x-client-data header that Google assigns to certain instances of the Chrome browser so that Google can test new features in Chrome.”
For now, Google is only asking Koh to reconsider her ruling on the larceny claim, and a related claim that the company engaged in unfair competition, but not the other counts. That relatively narrow argument means that even if Google prevails, the lawsuit against it would be pared back -- but not dismissed entirely.
But Google still has incentives to urge Koh to dismiss the larceny claim, according to law professor Eric Goldman, co-director of the High Tech Law Institute at Santa Clara University.
He says Koh's initial decision to allow the larceny count to move forward is “a potential major precedent, because it opens up a whole new frontier for plaintiffs to explore.”
Goldman adds that the ruling gives class-action privacy lawyers “a whole new vector for privacy attacks.”
“When a judge does something like this, it becomes a beachhead for a lot of new activity,” he says.