A class action lawsuit accuses Inito of secretly sharing app users' intimate reproductive data with third parties without consent. Understand the alleged privacy violations, laws at issue, and what's at stake in this important data privacy case.
by LawInc Staff
December 6, 2024
A class action lawsuit filed against Inito, Inc. alleges the fertility tracking app company enabled third parties to unlawfully intercept users’ sensitive communications about their reproductive and sexual health in violation of privacy laws. The case raises important questions about data privacy and the duties companies owe consumers when handling intimate information.
This guide breaks down everything you need to know about the allegations against Inito, the laws at issue, and what the case could mean for your privacy rights.
1. Understand the Allegations Against Inito
-
- Plaintiff Jane Doe: California user of Inito’s fertility tracking app who answered onboarding survey questions.
- Confidentiality Promised: App told users survey answers would “remain between us,” implying data would stay private.
- Google Allowed to Intercept: Inito allegedly enabled Google to intercept survey responses about users’ fertility, sexual activity, and health.
- Consent Not Obtained: Neither Inito nor Google got user permission for this interception of private communications.
- Valuable Data Exposed: Reproductive health info has significant value to advertisers for making inferences about users.
2. Know the Laws Inito Allegedly Violated
-
- California Invasion of Privacy Act (CIPA): Prohibits unauthorized interception of communications.
- Cal. Penal Code 631(a): Imposes liability for using a “machine, instrument, contrivance or in any other manner” to unlawfully intercept communications.
- Applies to “New Technologies”: While written for phone wiretaps, courts say 631(a) also covers websites, apps, emails.
- California Constitution: Protects privacy rights, including in confidential health info like reproductive data.
- Intrusion Upon Seclusion: Common law tort claim for offensive intrusion into private matters.
3. See How Inito Allegedly Enabled Illegal Interception
-
- Google Analytics and Firebase: Inito embedded Google’s analytics software into its app through the Firebase platform.
- Protobuf Data Format: Interception allegedly occurred via Google’s “Protocol Buffers” format to efficiently serialize data.
- HTTPS to Google’s Servers: As users answered survey questions, responses were duplicated and sent to Google along with personal info.
- Dashboard Access: Intercepted data then made available to Inito through Google Analytics interface for the app.
- Google Could Exploit Data: Besides sharing with Inito, Google had ability to repurpose sensitive info for its own advertising/analytics services.
4. Understand the Relief Sought for Class Members
-
- Class Certification: Doe seeks to represent all US users who completed Inito’s app survey, with a California subclass.
- Injunctive Relief: A court order prohibiting Inito from enabling further interceptions without consent.
- CIPA Statutory Damages: $5,000 per class member per violation of the wiretapping law under 637.2.
- Punitive Damages: Exemplary damages to punish Inito for invading privacy rights and deter similar conduct.
- Attorneys’ Fees & Costs: Reimbursement of class counsel’s litigation expenses to prosecute case on contingency.
5. Consider the Implications for Data Privacy
-
- Consumer Control Over Data: Case alleges practices that deprived users of meaningful choice over sensitive health info sharing.
- Heightened Security for Health Info: Spotlights need for enhanced safeguards and restrictions on sharing reproductive/sexual info.
- Valid Consent Required: Questions whether fine print policies constitute sufficient permission for invasive data sharing.
- Entities as “Machines” Under CIPA: Argues separate analytics companies intercepting data can be liable, not just devices.
- Privacy as Human Right: Frames control over intimate data as key to human dignity, autonomy, and avoiding exploitation.
In Summary
This class action against Inito for allegedly permitting Google to intercept app users’ confidential communications about their fertility raises timely questions about the privacy of sensitive health data in an age of digital tracking. The case puts a microscope on whether users were adequately notified about how their intimate information would be shared with and utilized by third parties.
With causes of action under California’s wiretapping statute, the state constitution’s privacy provisions, and common law, the suit seeks class certification, an injunction against further violations, and statutory damages. How the court defines ‘interception,’ whether Google qualifies as an unauthorized third party under the law, and the extent to which users consented could all have significant implications for health data privacy. This is definitely a case to watch as it progresses.
Test Your Knowledge
Questions
- What key fact makes the data Inito allegedly let Google intercept so sensitive?
- A) It included financial info
- B) It included location tracking
- C) It included reproductive health details
- D) It included web browsing history
- What California law is the main basis for the lawsuit?
- A) California Consumer Privacy Act (CCPA)
- B) California Invasion of Privacy Act (CIPA)
- C) California Online Privacy Protection Act (CalOPPA)
- D) California Confidentiality of Medical Information Act (CMIA)
- If successful, what’s the minimum each class member could recover in statutory damages under CIPA 637.2?
- A) $1,000 per violation
- B) $2,500 per violation
- C) $5,000 per violation
- D) $10,000 per violation
Answers
- C) The data included highly sensitive details about users’ reproductive health, sexual activity, and fertility.
- B) The California Invasion of Privacy Act and its prohibition on wiretapping is the key law at issue.
- C) CIPA allows statutory damages of $5,000 per violation, which could add up quickly for a large class.
Also See
iSpy: Apple Lawsuit Alleges Invasive Employee Surveillance Scandal
Federal Judge Gives Green Light to Massive Biometric Data Lawsuit Against Target
Betrayal in the Rubble: Class Action Accuses Red Cross of $500M Haiti Relief Fraud
Related Articles
Popular Articles
-
Olympic Trademark Battle: USOPC's High-Stakes Lawsuit Against Prime Hydration
-
10 Essential Legal Documents Every Adult Needs for Future Security
-
Probate in California: The Ticking Time Bomb That Could Devastate Your Family's Future
-
Corporate Transparency Act Bombshell: Why Your Business Needs to Act NOW
-
Starting a Law Practice in California? 10 Essential Legal Steps to Protect Yourself and Your Firm
