As readers of CPW know, although the California Consumer Protection Act (“CCPA”) and other state statutes provides California residents additional privacy protections there are limits on the laws’ scope.  This includes as was the case here and, consistent with prior rulings, that a defendant may not rely on the CCPA and other state privacy laws as a shield to avoid its discovery obligations in federal litigation.  RG Abrams Ins. v. Law Offices of C.R. Abrams, 2022 U.S. Dist. LEXIS 25044 (C.D. Cal. Jan. 19, 2022).  Read on to learn more.

Although many data privacy disputes are brought as class actions, this is not always the case.  In this instance, Plaintiff filed suit against Defendants alleging that Defendants appropriated Plaintiff’s client database, marketing software, and computer to start a competing business venture.  Plaintiff brought claims under the federal Computer Fraud and Abuse Act a number of related state law claims.  The litigation eventually entered discovery, where Plaintiff served a number of requests on Defendants concerning the conduct underscoring the claims at issue.

In objecting to Plaintiff’s written discovery, the Defendants creatively relied in part on various California privacy laws that would be violated if they produced the information and documents requested.  Plaintiff, in turn, urged the Court to reject these objections because Defendants failed to establish that Defendants had a “reasonable right of privacy to the information sought to be disclosed.”

Ultimately the Court agreed with Plaintiffs.

As an initial matter, the Court held that the California privacy rights asserted by the Defendants (including in relation to the CCPA, the California Information Privacy Act, the California Privacy Rights Act, and Article 1, Section 1 of the California Constitution) were not applicable here.  This is because, the Court explained “even to the extent the California constitution and these California statutes create a privilege—which this Court does not decide here—only federal law on privilege applies in cases, such as this one, involving federal question jurisdiction.” (citing Kalinoski v. Evans, 377 F. Supp. 2d 136, 140-41 (D.D.C. 2005) (“The Supremacy Clause of the United States Constitution (as well as Federal Rule of Evidence 501) prevent a State from directing a federal court with regard to the evidence it may order produced in the adjudication of a federal claim.”).

Although the Court acknowledged that although there “is no federal law counterpart to California’s privacy statutes, federal courts recognize a right of privacy implicit in Rule 26.”  (quotation omitted).  Moreover, in the Ninth Circuit courts have recognized a limited corporate privacy interest—albeit one that is narrowly circumscribed:

To the extent such a privacy interest exists, “corporations have a lesser right to privacy than human beings and are not entitled to claim a right to privacy in terms of a fundamental right, [although] some right to privacy exists.”  Indeed, “[p]rivacy rights accorded artificial entities are not stagnant, but depend on the circumstances.”

(quotations omitted).

As such, to the extent a corporate privacy right exists, it gives way when information requested in discovery “is material, not available from another source, and protected from disclosure by a protective order.”  The Court readily found this standard was satisfied here and ordered production of the requested materials and information.  First, the discovery was relevant to Plaintiff’s claim.  Second, Defendants did not offer or suggest any alternative means by which Plaintiff could obtain the requested information.  And third, the Court found that a protective order would adequately protect Defendants’ privacy interests.

So there you have it.  Although many states have enacted new privacy laws, Courts are consistently interpreting them as not interfering with the scope of discovery in federal court litigation.  For more on this, and other news concerning data privacy more broadly, stay tuned.  CPW is here to keep you in the loop.