This week, Ancestry.com Inc. prevailed in a class action which alleged that it misappropriated consumers’ images and violated their privacy by using such data to solicit and sell their services and products. The court granted Ancestry.com’s motion to dismiss the amended complaint with prejudice because the plaintiffs “did not cure the complaint’s deficiencies” after being granted leave to amend the first complaint.

As we previously wrote in November 2020, Ancestry.com was hit with a class action in the Northern District of California for “knowingly misappropriating the photographs, likenesses, names, and identities of Plaintiff and the class; knowingly using those photographs, likenesses, names, and identities for the commercial purpose of selling access to them in Ancestry products and services; and knowingly using those photographs, likenesses, names and identities to advertise, sell and solicit purchases of Ancestry services and products; without obtaining prior consent from Plaintiffs and the class.” In March 2021, the court dismissed the lawsuit based on lack of standing, but allowed the plaintiffs to amend and address the deficiencies. Although the plaintiffs added allegations of emotional harm, lost time, and theft of intellectual property, that didn’t sway the court. U.S. Magistrate Judge Laurel Beeler said that the new allegations “do not change the analysis in this court’s earlier order.” The court held that the plaintiffs still did not establish Article III standing because they had not alleged a concrete injury.

Additionally, the court noted that even if standing were established, Ancestry.com is immune from liability under the Communications Decency Act (CDA) because it is not a content creator. Magistrate Beeler said that Ancestry.com “obviously did not create the yearbooks [. . .] [i]nstead, it necessarily used information provided by another information content provider and is immune under [the CDA].”

Photo of Kathryn Rattigan Kathryn Rattigan

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy+ Cybersecurity Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security…

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy+ Cybersecurity Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security compliance. Kathryn helps clients review, revise and implement necessary policies and procedures under the Health Insurance Portability and Accountability Act (HIPAA). She also provides clients with the information needed to effectively and efficiently handle potential and confirmed data breaches while providing insight into federal regulations and requirements for notification and an assessment under state breach notification laws. Prior to joining the firm, Kathryn was an associate at Nixon Peabody. She earned her J.D., cum laude, from Roger Williams University School of Law and her B.A., magna cum laude, from Stonehill College. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.