Last Tuesday, District Judge Lucy Koh of the Northern District of California partially granted the plaintiffs’ motion for class certification in In re Yahoo Mail Litig., allowing the plaintiffs to pursue their claims for injunctive relief on behalf of class members under the Stored Communications Act (“SCA”) and California’s Invasion of Privacy Act (“CIPA”). The plaintiffs, none of whom has a Yahoo email account, originally filed suit alleging that Yahoo scanned emails they exchanged with other individuals’ Yahoo email addresses and used the results for advertising purposes. Last August, Judge Koh partially granted Yahoo’s motion to dismiss, eliminating the plaintiff’s claims under the Wiretap Act and the California Constitution but allowing the SCA and CIPA claims to proceed.
In response to the class certification motion, Yahoo argued that the plaintiffs did not have standing to pursue their claims under Article III, since the plaintiffs consented to Yahoo’s practices by continuing to exchange email messages with Yahoo email users despite knowledge of Yahoo’s alleged scanning practices. The court, however, rejected this argument as “overly narrow.” Under Yahoo’s argument, Judge Koh stated, the plaintiffs would have to cease exchanging emails with Yahoo users to avoid consenting to Yahoo’s conduct, but would still have to show a real and immediate threat of future injury in order to demonstrate Article III standing by alleging that they intended to continue emailing Yahoo users. Rather than subject plaintiffs to an “impossible” choice that would “artificially preclude” injunctive relief, the court concluded that plaintiffs demonstrated sufficient Article III standing by alleging both past and intended future exchange of emails with Yahoo users.
In light of Judge Koh’s recent decision in In re Gmail Litig., denying certification of a class seeking money damages under Rule 23(b)(3)’s predominance requirement, the plaintiffs in Yahoo had moved for only class-wide injunctive relief under Rule 23(b)(2). Yahoo cited Gmail for the argument that the plaintiffs’ class could not satisfy Rule 23(a)’s commonality requirement due to variations in how individual class members may have consented to Yahoo’s practices, but the court considered Gmail inapplicable to commonality determinations. Instead, the court held that plaintiffs satisfied the requirement by identifying several common questions of law and fact, including how Yahoo allegedly intercepts and scans email messages between Yahoo users and non-Yahoo users. Yahoo also argued that the plaintiffs could not adequately represent class members’ interests after choosing not to pursue statutory damages claims available under the SCA and CIPA. The court rejected this argument, concluding that there is no bar to plaintiffs seeking money damages in another lawsuit, though Judge Koh’s decision in In re Gmail Litig. would presumably be a roadblock to class certification of any such “damages” lawsuit.
Finally, the court found that the plaintiffs satisfied the requirements of Rule 23(b)(2) by alleging that Yahoo utilized a uniform scanning policy for its users’ emails. However, the court refused the plaintiffs’ request to certify a nationwide class for their CIPA claims, agreeing with Yahoo that other states’ interests in applying their own wiretap laws to the claims at issue rendered certification of a nationwide class for these claims inappropriate. Instead, the court certified a nationwide class for the plaintiffs’ SCA claims and a class of California residents for the plaintiffs’ CIPA claims.