TACTICAL LAW
  • Home
  • Professionals
    • Pamela K. Fulmer
    • Dee A. Ware
    • Marcela Davison Avilés
    • Affiliated Counsel
  • Practice
    • Software Audit Defense
    • Licensing & Contract Disputes
    • Litigation
    • ERP Licensing & Disputes >
      • Oracle/NetSuite Disputes >
        • River Supply v. Oracle/NetSuite
    • Advertising and Competition
    • Trade Secrets & Employee Mobility
    • Intellectual Property
    • Arts & Entertainment
    • Tech Transactions
    • Outside General Counsel Services
    • Privacy and Data Security
  • Industries
  • Resources
  • About us
  • Oracle Blog
  • Tactical Law Blog
  • Contact

Oracle Blog

Oracle Hit With Class Action Alleging Purposeful Surveillance and Invasion of Privacy of American Consumers

8/22/2022

0 Comments

 
By Pam Fulmer

Well respected San Francisco Plaintiffs’ firm Lieff Cabraser Heimann & Bertstein LLP (“Lieff Cabraser”) has hit Oracle America, Inc. with a massive class action lawsuit alleging several data privacy-based claims including Invasion of Privacy under the California Constitution, Intrusion Upon Seclusion under the common law, violation of Business & Professions Code Section 17200, violation of the California Invasion of Privacy Act and the Federal Wiretap Act, and Unjust Enrichment.  Plaintiffs seek a declaratory judgment on behalf of the class that Oracle wrongfully accessed, collected, stored, disclosed, sold and otherwise improperly used private data.  Plaintiffs also seek injunctive relief.  Outing Oracle as one of the largest data brokers in the world, Plaintiffs paint a grim picture of how Oracle has used its software across the Internet to collect, track and identify consumers, without giving those consumers notice that the information is being collected and the ability to object.  The lawsuit alleges that Oracle’s improper use of the most private data of American consumers will only get worse now that Oracle has acquired Cerner and will begin collecting health data as well.
 
The 71-page Complaint alleges that “the regularly conducted business practices” of Oracle amount to a “deliberate and purposeful surveillance of the general population via their digital and online existence.”  Claiming that Oracle is “one of the world’s largest data brokers” Plaintiffs allege that “[i]n the course of functioning as a worldwide data broker, Oracle has created a network that tracks in real-time and records indefinitely the personal information of hundreds of millions of people” and that “Oracle sells this detailed personal information to third parties, either directly, or through its “ID Graph” and other related products and services derived from this data.”  Plaintiffs further claim that the proposed Classes “lack a direct relationship with Oracle and have no reasonable or practical basis upon which they could legally consent to Oracle’s surveillance.” Complaint ¶1.
 
Plaintiffs assert that as a data broker Oracle “facilitates the buying and selling of digital data, including personal information, among private commercial and governmental entities” and  “operates a data management platform called the BlueKai Data Management Platform, which includes two key features: the Oracle Data Marketplace and the Oracle ID Graph. The Oracle Data Marketplace is one of the world’s largest, if not the largest, commercial data exchange, with a broad impact upon the lives of most Americans and many millions of people worldwide.”  Citing to Oracle’s own marketing claims, the Complaint recites that “[t]he Oracle ID Graph helps marketers connect identities across disparate marketing channels and devices to one customer. Powered by the Oracle Marketing Cloud and Oracle Data Cloud, the Oracle ID Graph seamlessly pulls together the many IDs across marketing channels and devices that comprise a given person, enabling marketers to tie their interactions to an actionable customer profile. This ID enables the marketer to orchestrate a relevant, personalized experience for each individual across marketing channels and device types.” Plaintiffs accuse Oracle’s business model of having “long roots in the surveillance of ordinary citizens” and claims that “surveillance is central to Oracle’s history and development, and to its current business and marketing plan.”  Complaint ¶21.
 
According to the Complaint:
 
“Oracle collects many types of personal information from Internet users including concrete identifiers such as names, home and work addresses, e-mail addresses, and telephone numbers. Oracle also amasses data about peoples’ behavior, including the sites they visit online, their digital and offline purchases, where they shop, and how they pay for their purchases. Oracle gathers this personal information from a suite of its own Internet technologies, including cookies, tracking pixels, device identification, cross-device tracking, as well as from its acquisition of data from other parties. Oracle then processes, analyzes, and monetizes this data.” Complaint ¶27.
 
Plaintiffs further allege that: 
 
“Oracle, its partners, and its customers work in parallel to compile personal data and associate that data with specific individuals, effectively creating “dossiers” on people across the world. Oracle accomplishes its dossier building through its multifarious business practices, including not only the functionality of the ID Graph that connects, unifies, and then associates data to a person into a “profile,” but also the functioning of the Oracle Data Marketplace. Oracle’s Data Marketplace is an online store owned and operated by Oracle where Oracle facilitates the buying and selling of data and data-derived services by Oracle and its so-called “premier partners” to private commercial and governmental entities. The Data Marketplace allows the confluence of mass amounts of personal data by which its participants, including Oracle, can continually track people’s activities and enrich people’s dossiers.”
 
Oracle clients utilizing the technology include not only private businesses but “also political campaigns and government agencies seeking to surveil, investigate, or target particular individuals with propaganda” and Oracle markets directly to these public agencies and political parties”, referring to them as “Public Sector Customers.”  Complaint at ¶69.
 
According to the Complaint “political campaigns now have “needle-in-the-haystack capabilities” to “microtarget voters on all their devices” using personal information sold by data brokers.”  The Complaint claims that during the 2016 election the Trump campaign, “built a 220 million–person database of voter information named “Project Alamo” using Datalogix, a data collection platform owned by Oracle.”  Plaintiffs allege that Project Alamo facilitated the Trump campaign’s voter suppression initiatives including highly targeted political advertising to African Americans, white women, and young white liberals in 16 swing states, several of which were narrowly won by Trump” and that through “Project Alamo’s voter suppression efforts, it is estimated that 2 million black voters who voted in 2012 did not vote in 2016.” Complaint ¶70.
 
The Complaint likewise alleges that “in the wake of Dobbs v. Jackson Women’s Health Organization, No. 19-1392, 142 S. Ct. 2228 (2022), the threat data brokers like Oracle pose to the privacy of individuals seeking information about abortions is significantly magnified” and that Oracle’s “trackers on the websites of nonprofits providing abortion resources and services, including Planned Parenthood… may have had their personal information tracked and compiled by Oracle, which Oracle may then make available to law enforcement officials.” Complaint ¶ 81. 
 
The Complaint also raises the alarm regarding Oracle’s “$28.3 billion acquisition of electronic health record company Cerner” finding the acquisition “[c]onsistent with Oracle’s plan of engaging in wide-ranging surveillance of the intimate health details of all Americans.”  In that regard, “Oracle’s Larry Ellison has announced Oracle’s plan to build “a unified national health records database,” which it is effectuating through its software. According to Oracle’s Ellison, the company is “building a system where the health records [of] all American citizens[] . . . not only exist at the hospital level but also are in a unified national health records database,” apparently to be maintained and controlled by Oracle.  Complaint ¶ 82.
 
Finally, the Complaint alleges that:
 
“Oracle sits atop a complex data collection and processing apparatus feeding its labyrinthine multinational data marketplace, making it impossible for ordinary persons to reasonably understand the true purpose and extent of Oracle’s data collection, compiling of digital dossiers, and other data exploitation practices, which are opaque, if not invisible, to ordinary data subjects. Given the complexity and disguised nature of Oracle’s collection and use of personal information, and the lack of any direct relationship between Oracle and the Plaintiffs and Class members, there is no reasonable basis for Plaintiffs and the Class members to know the extent to which Oracle is obtaining their data, tracking them, and selling their data or services derived from their data. Complaint ¶ 86.
 
Our prediction is that Big Red is going to be busy fighting this one for a while.  Tactical Law will continue to monitor the case, which is Michael Katz-Lacabe, Dr. Jennifer Golbeck and Dr. Johnny Ryan v. Oracle America, Inc., Northern District of California, Case Number 3:22-cv-04792.  Check back for updates.
 


0 Comments

    By Tactical Law Attorneys and From Time to Time Their Guests
    ​

    The contents of this blog is intended to convey general information.  It should not be relied upon as legal advice.  It is not an offer to represent you nor is it intended to create an attorney-client relationship.  Tactical Law does not sponsor, endorse, verify or warrant the accuracy of the information contained on internal sites or subsequent links.

    Best Lawyers Award Badge

    Authors

    Collectively we have practiced law in California for over 60 years.  Our attorneys have advised clients of all sizes across industries on how to favorably resolve software audits, licensing and other disputes with Oracle/NetSuite and other software companies.

    Archives

    December 2024
    October 2024
    September 2024
    June 2024
    April 2024
    February 2024
    December 2023
    September 2023
    July 2023
    June 2023
    May 2023
    April 2023
    March 2023
    January 2023
    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    December 2021
    July 2021
    May 2021
    March 2021
    February 2021
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    January 2020
    December 2019
    November 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    August 2018
    July 2017
    January 2016

    Categories

    All

    RSS Feed

tactical law group llp

Privacy Policy
Terms of Use
Contact

 COPYRIGHT TACTICAL LAW GROUP LLP 2016-2023..  ALL RIGHTS RESERVED
​ 
Legal Disclaimer:  Contents may contain attorney advertising under the laws of some states.  Prior results do not guarantee a similar outcome.
  • Home
  • Professionals
    • Pamela K. Fulmer
    • Dee A. Ware
    • Marcela Davison Avilés
    • Affiliated Counsel
  • Practice
    • Software Audit Defense
    • Licensing & Contract Disputes
    • Litigation
    • ERP Licensing & Disputes >
      • Oracle/NetSuite Disputes >
        • River Supply v. Oracle/NetSuite
    • Advertising and Competition
    • Trade Secrets & Employee Mobility
    • Intellectual Property
    • Arts & Entertainment
    • Tech Transactions
    • Outside General Counsel Services
    • Privacy and Data Security
  • Industries
  • Resources
  • About us
  • Oracle Blog
  • Tactical Law Blog
  • Contact