Low-Tech Proof In A High-Tech World: Northern District Of California Denies Class Certification In Hulu Data Privacy Case

On June 16, the Northern District of California denied a motion for class certification in In re Hulu Privacy Litigation, No. C 11-03764 LB, ECF No. 111. The plaintiffs in that action alleged that Hulu violated the Video Privacy Protection Act ("VPPA") by disclosing personal identification information ("PII") to third parties, including Facebook. Hulu provides its users with online, on-demand access to video content, such as television programs and movies. The PII allegedly disclosed was the plaintiffs' video viewing selections on Hulu. The Court denied the motion without prejudice, holding that the class was not ascertainable because the plaintiffs proposed to rely on self-reporting affidavits to prove class membership.

This decision represents an interesting contrast between allegations of high-tech data privacy violations and low-tech methods of proof. As discussed below, the plaintiffs' failure to corroborate their self-reporting affidavits by reference to the defendant's records was fatal to their proposed identification of class members. This failure is especially noticeable in a case where the alleged violations involve transmissions of electronic data identifying the plaintiffs. Moreover, because internet based services like Hulu and Facebook reach millions of customers, the potential damage awards can soar into the billions of dollars. This is especially true in the context of the VPPA, which provides for a relatively large statutory damage award of $2,500 per person. As the Court reasoned in this case, such a large pot of gold can distort the purpose of both class actions and statutory damages, and further increases the importance of objective forms of proof at the class certification stage.

Plaintiffs' Disclosure Theory

The named plaintiffs claimed that their PII was disclosed to Facebook as a result of Hulu's inclusion of a Facebook "Like" button on its "watch page." A watch page is a unique webpage generated each time a Hulu user selects video content to view on hulu.com. Specifically, the plaintiffs claimed that when they selected video content to view on hulu.com, Hulu loaded a watch page that included the Like button. The mere loading of the Like button caused certain information to be automatically sent to Facebook, including the uniform resource locator ("URL"), or web address of the watch page. During the class period, the URL of Hulu's watch pages included the title of the video content the Hulu user selected. This...