`
`
`
`IN THE
`Supreme Court of the United States
`____________________
`FACEBOOK, INC.,
`Petitioner,
`
`
`
`v.
`PERRIN AIKENS DAVIS ET AL.,
`
`
`
`Respondents.
`____________________
`On Petition for a Writ of Certiorari
`to the United States Court of Appeals
`for the Ninth Circuit
`____________________
`PETITION FOR A WRIT OF CERTIORARI
`____________________
`
`Jeffrey L. Fisher
` Counsel of Record
`O’MELVENY & MYERS LLP
`2765 Sand Hill Road
`Menlo Park, CA 94025
`(650) 473-2633
`jlfisher@omm.com
`Yaira Dubin
`O’MELVENY & MYERS LLP
`Times Square Tower
`7 Times Square
`New York, N.Y. 10036
`(212) 326-2000
`
`
`Michael R. Dreeben
`Ephraim McDowell
`O’MELVENY & MYERS LLP
`1625 Eye Street, N.W.
`Washington, D.C. 20006
`(202) 383-5300
`
`
`
`
`
`
`
`
`
`
`
`i
`QUESTION PRESENTED
`The Wiretap Act prohibits the “intentional[] inter-
`cept[ion]” of an “electronic communication,” but pre-
`cludes liability for a “party to [a] communication” or
`when a party consents to the interception. 18 U.S.C.
`§ 2511(1), (2)(d). Internet webpages are frequently
`composed of content—images and text—sent from
`multiple providers according to instructions commu-
`nicated by a user’s web browser to obtain that con-
`tent. The question presented is:
`Whether an internet content provider violates the
`Wiretap Act where a computer user’s web browser in-
`structs the provider to display content on the webpage
`the user visits.
`
`
`
`
`
`
`ii
`PARTIES TO THE PROCEEDING
`Facebook, Inc. is Petitioner here and was Defend-
`ant-Appellee below.
`Perrin Aikens Davis, Brian K. Lentz, Cynthia D.
`Quinn, and Matthew J. Vickery are Respondents here
`and were Plaintiffs-Appellants below.
`
`
`
`
`
`iii
`CORPORATE DISCLOSURE STATEMENT
`Facebook, Inc. is a publicly traded company and
`has no parent corporation. No publicly held company
`owns 10% or more of its stock.
`
`
`
`
`
`iv
`STATEMENT OF RELATED PROCEEDINGS
`In re Facebook, Inc. Internet Tracking Litigation,
`No. 17-17486 (9th Cir.) (opinion issued and judgment
`entered on April 9, 2020; petition for rehearing denied
`June 23, 2020; mandate issued August 18, 2020).
`In re Facebook, Inc. Internet Tracking Litigation,
`No. 5:12-md-02314 (N.D. Cal.) (order granting Face-
`book’s motion to dismiss with leave to amend issued
`October 23, 2015; order granting in part Facebook’s
`motion to dismiss second amended complaint with
`prejudice issued June 30, 2017; order granting Face-
`book’s motion to dismiss third amended complaint
`with prejudice issued November 17, 2017).
`There are no additional proceedings in any court
`that are directly related to this case.
`
`
`
`
`
`v
`TABLE OF CONTENTS
`
`
`Page
`QUESTION PRESENTED ........................................ i
`PARTIES TO THE PROCEEDING .......................... ii
`CORPORATE DISCLOSURE STATEMENT ......... iii
`STATEMENT OF RELATED PROCEEDINGS ..... iv
`PETITION FOR A WRIT OF CERTIORARI ........... 1
`OPINIONS BELOW .................................................. 1
`JURISDICTION ........................................................ 1
`RELEVANT STATUTORY PROVISIONS ............... 1
`INTRODUCTION ..................................................... 1
`STATEMENT ............................................................ 5
`A.
`The Wiretap Act ........................................ 5
`B.
`Factual Background .................................. 6
`C.
`Proceedings Below .................................. 11
`REASONS FOR GRANTING THE PETITION ..... 15
`A.
`The Courts Of Appeals Are Divided
`Over The Question Presented ................ 16
`The Ninth Circuit’s Interpretation
`Of The Wiretap Act Is Incorrect ............. 21
`The Decision Below Raises Issues Of
`Exceptional Importance .......................... 27
`This Case Is An Ideal Vehicle To
`Resolve The Question Presented ............ 32
`CONCLUSION ........................................................ 33
`
`D.
`
`B.
`
`C.
`
`
`
`
`
`vi
`TABLE OF CONTENTS
`(continued)
`
`Page
`
`APPENDIX A
`Ninth Circuit Opinion
`(Apr. 9, 2020)...................................................... 1a
`APPENDIX B
`District Court Opinion
`(Nov. 17, 2017) ................................................. 41a
`APPENDIX C
`District Court Opinion
`(June 30, 2017) ................................................. 54a
`APPENDIX D
`District Court Opinion
`(Oct. 23, 2015) .................................................. 74a
`APPENDIX E
`Order Denying Rehearing
`(June 23, 2020) ............................................... 102a
`APPENDIX F
`Relevant Statutory Provisions ............................ 103a
`
`
`
`
`
`
`
`
`
`
`vii
`TABLE OF AUTHORITIES
`
`
`Page(s)
`
`CASES
`
`Apple Inc. v. Pepper,
`139 S. Ct. 1514 (2019) ........................................ 33
`Barnhart v. Sigmon Coal Co.,
`534 U.S. 438 (2002) ............................................ 23
`Bartnicki v. Vopper,
`532 U.S. 514 (2001) .............................................. 6
`BP Am. Prod. Co. v. Burton,
`549 U.S. 84 (2006) .............................................. 21
`Caro v. Weintraub,
`618 F.3d 94 (2d Cir. 2010) ...................... 17, 19, 20
`Clark v. Martinez,
`543 U.S. 371 (2005) ............................................ 26
`Clemons v. Waller,
`82 F. App’x 436 (6th Cir. 2003) ......................... 26
`Food Marketing Inst. v. Argus Leader Media,
`139 S. Ct. 2356 (2019) ...................................23, 24
`In re Google Inc. Cookie Placement Consumer
`Privacy Litig.,
`806 F.3d 125 (3d Cir. 2015) ........................ passim
`In re Nickelodeon Consumer Privacy Litig.,
`827 F.3d 262 (3d Cir. 2016) .................... 17, 23, 28
`In re Pharmatrak, Inc. Privacy Litig.,
`329 F.3d 9 (1st Cir. 2003) ................... 4, 15, 18, 31
`Intel Corp. Inv. Policy Comm. v. Sulyma,
`140 S. Ct. 768 (2020) .......................................... 33
`Kloeckner v. Solis,
`568 U.S. 41 (2012) .............................................. 24
`Konop v. Hawaiian Airlines, Inc.,
`302 F.3d 868 (9th Cir. 2002) .......................... 6, 31
`
`
`
`
`
`
`
`viii
`TABLE OF AUTHORITIES
`(continued)
`
`Page(s)
`
`Leocal v. Aschroft,
`543 U.S. 1 (2004) ................................................ 26
`Lorillard v. Pons,
`434 U.S. 575 (1978) ............................................ 25
`Netscape Commc’ns Corp. v. ValueClick, Inc.,
`684 F. Supp. 2d 678 (E.D. Va. 2009) ................. 27
`Nguyen v. Barnes & Noble Inc.,
`763 F.3d 1171 (9th Cir. 2014) ............................ 30
`Sebelius v. Cloer,
`569 U.S. 369 (2013) ............................................ 21
`Shular v. United States,
`140 S. Ct. 779 (2020) .......................................... 27
`United States v. Campagnuolo,
`592 F.2d 852 (5th Cir. 1979) .........................19, 26
`United States v. Pasha,
`332 F.2d 193 (7th Cir. 1964) .............................. 25
`United States v. Passarella,
`788 F.2d 377 (6th Cir. 1986) .............................. 20
`United States v. Santos,
`553 U.S. 507 (2008) ............................................ 27
`United States v. Steiger,
`318 F.3d 1039 (11th Cir. 2003) .......................... 31
`United States v. Szymuszkiewicz,
`622 F.3d 701 (7th Cir. 2010) ..................... 4, 15, 19
`United States v. Thompson/Center Arms Co.,
`504 U.S. 505 (1992) ............................................ 26
`STATUTES
`18 U.S.C. § 2510 ...................................................... 24
`18 U.S.C. § 2511 ............................................... passim
`
`
`
`
`
`
`
`
`
`ix
`TABLE OF AUTHORITIES
`(continued)
`
`Page(s)
`18 U.S.C. § 2520 ............................................... 5, 6, 33
`18 U.S.C. § 2701 ...................................................... 11
`28 U.S.C. § 1254 ........................................................ 1
`Pub. L. 90-351, 82 Stat. 197 ..................................... 5
`OTHER AUTHORITIES
`2 Wayne R. LaFave et al., Criminal
`Procedure: Detection and Investigation of
`Crime .................................................................. 22
`Aaron Cahn et al., An Empirical Study of
`Web Cookies, International World Wide
`Web Conference Committee, Apr. 2016 ............ 28
`American Heritage Dictionary (2d ed. 1985) ......... 22
`Black’s Law Dictionary (11th ed. 2019) ................. 21
`Cookies & Other Storage Technologies,
`Facebook ............................................................. 30
`Daisuke Wakabayashi, Suit Claims Google’s
`Tracking Violates Federal Wiretap Law,
`N.Y. Times (June 2, 2020) ................................. 29
`Erik Manukyan, Summary: Ninth Circuit
`Permits Federal Wiretap Act Claim
`Against Facebook, LawFare (Apr. 24,
`2020) ................................................................... 28
`H. Rep. 99-647 (1986) .......................................... 6, 24
`Hannah Albarazi, Microsoft Accused of
`Giving Business User Data to Facebook,
`Law 360 (July 20, 2020) .................................... 29
`Merriam-Webster Online Dictionary ..................... 21
`
`
`
`
`
`
`
`
`
`x
`TABLE OF AUTHORITIES
`(continued)
`
`Page(s)
`
`Orin Kerr, Websurfing and the Wiretap Act,
`Part 2: The Third Circuit’s Ruling, The
`Washington Post (Nov. 9, 2015) ........................ 31
`Orin Kerr, Websurfing and the Wiretap Act,
`The Washington Post (June 4, 2015) ................ 31
`S. Rep. 90-1097 (1968), reprinted in 1968
`U.S.C.C.A.N. 2112 .................................... 5, 14, 25
`S. Rep. No. 99-541 (1986), reprinted in 1986
`U.S.C.C.A.N. 3555 ............................................... 6
`Timothy Libert, Exposing the Hidden Web:
`An Analysis of Third-Party HTTP
`Requests on One Million Websites, Int’l
`Journal of Communication, Oct. 2015 .............. 27
`What Information Does Facebook Get When I
`Visit a Site With the Like Button?,
`Facebook ............................................................. 30
`
`
`
`
`
`
`
`
`
`
`
`
`PETITION FOR A WRIT OF CERTIORARI
`Petitioner Facebook, Inc. respectfully petitions for
`a writ of certiorari to review the judgment of the
`United States Court of Appeals for the Ninth Circuit.
`OPINIONS BELOW
`The decision of the court of appeals is reported at
`956 F.3d 589 and reprinted in the Appendix to the Pe-
`tition (“App.”) at 1a-40a. The decisions of the district
`court are reported at 290 F. Supp. 3d 916; 263 F.
`Supp. 3d 836; and 140 F. Supp. 3d 922, and are re-
`printed at App. 41a-53a; 54a-73a; and 74a-101a.
`JURISDICTION
`The court of appeals issued its decision on April 9,
`2020, App. 40a, and denied rehearing on June 23,
`2020, id. at 102a. This Court’s March 19, 2020 order
`extended the deadline for all petitions for writs of cer-
`tiorari due on or after March 19 to 150 days from the
`date of the lower court judgment or order denying a
`timely petition for rehearing. The jurisdiction of this
`Court is invoked under 28 U.S.C. § 1254(1).
`RELEVANT STATUTORY PROVISIONS
`Relevant statutory provisions are reprinted in the
`appendix to this petition. App. 103a-116a.
`INTRODUCTION
`This case presents a question of critical im-
`portance on which the circuits are openly divided: do
`certain ubiquitous practices in the technology indus-
`try involving computer-to-computer communications
`violate the federal Wiretap Act? The answer to this
`question has sweeping practical consequences. It will
`
`
`
`
`
`2
`determine whether content providers on the internet
`will face sizable damages actions and potential crimi-
`nal liability for routine business activity.
`The Wiretap Act prohibits the “intercept[ion]” of
`“electronic communication[s].” 18 U.S.C. § 2511(1).
`But it makes clear that a “party to [a] communication”
`does not act unlawfully by “intercept[ing]” the very
`communication
`in which
`it takes part.
` Id.
`§ 2511(2)(d). “Party to a communication” in the Wire-
`tap Act means exactly what one would expect: a des-
`ignated sender or recipient of information in an inter-
`action between multiple entities.
`This case arises from a putative nationwide class
`action asserted against Facebook, a social-media and
`internet company. Plaintiffs are Facebook users who
`allege that Facebook “intercepted” their communica-
`tions, in violation of the Wiretap Act. Plaintiffs seek
`$15 billion in class-wide damages.
`Plaintiffs’ allegations focus on a prevalent practice
`in the technology sector: computer-to-computer com-
`munications involving internet users’ web browsers,
`through which servers provide content to webpages
`users visit. Here, plaintiffs allege that, while logged
`out of Facebook, they visited webpages that had
`elected to integrate Facebook features, such as “Like”
`or “Share” buttons. Plaintiffs further allege that their
`browsers communicated with Facebook to allow Face-
`book to provide those features, without plaintiffs’
`knowledge or authorization. Through that communi-
`cation, plaintiffs maintain, Facebook received certain
`data about the websites and pages they visited.
`
`
`
`
`
`3
`In the decision below, the Ninth Circuit held that
`plaintiffs’ Wiretap Act claim could proceed, ruling
`that Facebook was not a “party to [a] communication”
`under the Act. App. 33a. While the court acknowl-
`edged that plaintiffs’ browsers sent the information
`that Facebook allegedly intercepted directly to Face-
`book, the court believed that Facebook was not a
`“party” because plaintiffs did not know about or au-
`thorize their browsers’ communication with Face-
`book. Id. at 30a-33a. The Ninth Circuit did not pur-
`port to base that holding on the Wiretap Act’s text,
`which uses the unmodified term “party” and says
`nothing about knowledge or authorization. Instead,
`the court relied on its view of the Act’s “paramount
`objective” and “legislative history.” Id. at 33a (inter-
`nal quotation marks omitted). The court’s analysis of
`those considerations was itself erroneous—but more
`fundamentally, the Ninth Circuit disregarded this
`Court’s repeated instructions to adhere to statutory
`language.
`In reaching its conclusion, the Ninth Circuit ex-
`pressly acknowledged that “the Third Circuit has held
`to the contrary.” Id. at 32a (citing In re Google Inc.
`Cookie Placement Consumer Privacy Litig., 806 F.3d
`125, 143 (3d Cir. 2015)). In In re Google, the Third
`Circuit considered the same type of computer-to-com-
`puter communications at issue here and ruled that
`the Wiretap Act’s “party” provision precluded liabil-
`ity. 806 F.3d at 143-44. Thus, if Facebook had been
`sued for a purported Wiretap Act violation in the
`Third Circuit, it could not be held liable. The same
`can almost certainly be said of the Fifth, Sixth, and
`Second Circuits, which have all rejected the Ninth
`
`
`
`
`
`4
`Circuit’s rule that “unknown” or “unauthorized” par-
`ticipants cannot be “parties” to a communication.
`Meanwhile, the Ninth Circuit “adopt[ed]” decisions of
`the First and Seventh Circuits holding that defend-
`ants engaging in computer-to-computer communica-
`tions that the Ninth Circuit perceived as similar to
`those here can face liability under the Act. App. 33a
`(citing In re Pharmatrak, Inc. Privacy Litig., 329 F.3d
`9, 22 (1st Cir. 2003); United States v. Szymuszkiewicz,
`622 F.3d 701, 706 (7th Cir. 2010)).
`This square circuit conflict over the meaning of a
`federal statute warrants review. And that review
`should occur now. Most leading internet companies
`are based in the Ninth Circuit, so future plaintiffs will
`bring their Wiretap Act claims there, preventing ad-
`ditional courts from addressing this issue. In fact,
`since the Ninth Circuit’s decision below, plaintiffs
`have already brought Wiretap Act class actions in-
`volving similar allegations in California federal court
`against Google and Microsoft. If this Court were to
`deny review, such suits would undoubtedly multiply.
`The risk of massive civil damages—and even possible
`criminal prosecution—will hang over the internet sec-
`tor and stifle future innovation.
`Facebook is deeply committed to user privacy. It
`has protected and will continue to protect users’ data.
`But the Wiretap Act does not prohibit Facebook’s par-
`ticipation in the routine computer communications at
`issue in this case. And if the Ninth Circuit’s errone-
`ous decision is left uncorrected, its error threatens to
`upend common internet practices and chill the crea-
`tivity that allows the internet to flourish. The peti-
`tion for certiorari should be granted.
`
`
`
`
`
`
`
`5
`
`STATEMENT
`A. The Wiretap Act
`In 1968, decades before Facebook and other inter-
`net companies came into existence, Congress enacted
`Title III of the Omnibus Crime Control and Safe
`Streets Act, known as the Wiretap Act. Pub. L. 90-
`351, 82 Stat. 197. The Wiretap Act’s core provision
`makes it unlawful for any person to “intentionally in-
`tercept[] … any wire, oral, or electronic communica-
`tion.” 18 U.S.C. § 2511(1)(a). But the Act also makes
`clear that it is not unlawful for a person—whether or
`not “acting under color of law”—“to intercept a … com-
`munication where such person is a party to the com-
`munication.” Id. § 2511(2)(d); see id. § 2511(2)(c) (cog-
`nate provision for “person[s] acting under color of
`law”). The exemption of a “party” “reflect[s] existing
`[pre-1968] law,” which provided that a “person actu-
`ally participating in [a] communication” could not face
`liability for intercepting that communication. S. Rep.
`90-1097, 1968 U.S.C.C.A.N. 2112, 2182 (1968).
`The Act’s substantive prohibitions carry both
`criminal and civil penalties. First, the Act subjects
`those who “intentionally intercept[]” communications
`to the possibility of five years’ imprisonment. 18
`U.S.C. § 2511(4)(a). Second, it allows those whose
`communications have been intercepted to sue the per-
`son or entity that committed the relevant violation.
`Id. § 2520(a). Plaintiffs may recover either “the sum
`of the actual damages suffered by the plaintiff and
`any profits made by the violator as a result of the vio-
`lation,” or “statutory damages of whichever is greater
`
`
`
`
`
`6
`of $100 a day for each day of violation or $10,000.” Id.
`§ 2520(c)(2). And courts may award “punitive dam-
`ages in appropriate cases,” as well as “a reasonable
`attorney’s fee.” Id. § 2520(b)(2)-(3).
`Congress’s last major amendment to the Act came
`in 1986, when it “enlarged [the Act’s] coverage … to
`prohibit the interception of ‘electronic’ as well as oral
`and wire communications.” Bartnicki v. Vopper, 532
`U.S. 514, 524 (2001). That amendment “update[d]
`and clarif[ied] Federal privacy protections and stand-
`ards in light of dramatic changes in new computer
`and telecommunications technologies.” S. Rep. No.
`99-541, at 1 (1986), reprinted in 1986 U.S.C.A.A.N.
`3555, 3555. Those new technologies included “elec-
`tronic mail operations, cellular and cordless tele-
`phones, [and] paging devices.” H. Rep. 99-647, at 18
`(1986).
`Since 1986, the world has witnessed a remarkable
`evolution in communication technologies—most im-
`portantly, “the advent of the Internet and the World
`Wide Web.” Konop v. Hawaiian Airlines, Inc., 302
`F.3d 868, 874 (9th Cir. 2002). But Congress has not
`altered the Wiretap Act or curtailed its exemption
`from liability for parties to communications.
`B. Factual Background
`1. This case involves a common form of computer-
`to-computer communication, called a “GET request.”
`7ER1201.1 GET requests take place whenever a per-
`son is browsing the internet using a web browser,
`
`1 “ER” refers to the Appellant’s Excerpts of Record in the
`Ninth Circuit. Facebook draws on the allegations in plaintiffs’
`
`
`
`
`
`7
`such as Apple Safari or Microsoft Internet Explorer.
`Id. When the user seeks to visit a particular webpage,
`she types that webpage’s address into the browser’s
`navigation bar or clicks on a hyperlink. At that time,
`the browser sends a message to the server that hosts
`the requested webpage, asking the server to display
`the webpage on the person’s computer. Id. That mes-
`sage from the browser to the webpage’s server is
`called a “GET request”—effectively a request to get
`the relevant content. 7ER1201-02.
`But the webpage’s contents are not delivered by
`the server to the user in a single piece; rather, they
`consist of an assemblage of independent parts.
`7ER1203. And many webpages include content that
`exists on different servers operated by third parties.
`Id. A common example of this third-party content is
`an advertisement. For instance, a NYTimes.com
`webpage may include content from not only the New
`York Times, but also from advertisers. These third-
`party advertisements are displayed in pre-arranged
`portions of the NYTimes.com webpage. See 7ER1203-
`04.
`Third-party content providers, like advertisers, re-
`ceive directions from users’ browsers to display their
`content on the webpage the user is visiting. That di-
`rection occurs through a “separate but simultaneous
`GET command,” also from the user’s browser, but this
`time sent to the third-party server. 7ER1204.
`
`
`second and third amended complaints and accompanying exhib-
`its to describe the practices at issue for purposes of this petition,
`but it does not admit the veracity of all of these allegations.
`
`
`
`
`
`8
`Suppose a person browsing the internet seeks to
`visit NYTimes.com, and suppose that the NY-
`Times.com webpage she visits is designed to contain
`a third-party advertisement. To display the full
`webpage including the advertisement, the person’s
`browser sends two separate GET requests. One is the
`GET request to the NYTimes.com server, asking the
`server to display the NYTimes.com webpage. The
`other, following a direction from the NYTimes.com
`webpage to seek third-party content, is a separate
`GET request to the third-party advertiser’s server,
`asking it to display the relevant advertisement. See,
`e.g., In re Google, 806 F.3d at 130 (describing this pro-
`cess for “internet advertising companies” that “serv[e]
`advertisements to the browsers of webpage visitors”).
`This entire process occurs in milliseconds. 7ER1204.
`Because the third-party advertiser’s server needs
`to know the webpage for which it is providing content,
`the GET request sent to the third party’s server will
`generally contain the Uniform Resource Locator
`(“URL”) of the webpage the internet user is visiting.
`Id. A URL is the familiar identifier that a person sees
`in her navigation bar when she visits a website—for
`instance,
`http://www.nytimes.com/business.
`7ER1202-03. When sent to a third-party server, the
`URL is called a “referer header” because it refers the
`third-party server to the webpage the internet user is
`visiting. 7ER1204. If the third-party server did not
`receive the referer header, the relevant portion of the
`host webpage would appear blank. See id.
`2. The other relevant technological concept in this
`case is “cookies.” Cookies are small pieces of text that
`browsers and websites use to store information.
`
`
`
`
`
`9
`7ER1207. For instance, cookies enable websites to
`recognize users, which in turn allows the websites to
`keep users logged in and prevent unauthorized access
`to their accounts. 4ER614.
`3. Facebook operates a social-media service with
`more than 2.4 billion users worldwide, including more
`than 200 million users in the United States. Face-
`book’s users create personal profiles and share mes-
`sages, photographs, videos, and content with the ser-
`vice’s other users.
` To enhance user experience, Facebook permits
`people or businesses to integrate “plug-ins,” such as
`the Facebook “Like” or “Share” buttons, on their
`webpages. 4ER628; 7ER1207. Plug-ins consist of
`computer code that people or businesses can choose to
`embed on their webpages. For instance, an internet
`user visiting a NYTimes.com webpage may see, in ad-
`dition to New York Times content and third-party ad-
`vertisements, a Facebook “Like” button. Clicking that
`“Like” button enables the reader to seamlessly share
`the relevant New York Times content with her Face-
`book social network (rather than manually copying
`the link and sharing it directly on Facebook). Many
`other companies,
`like Twitter, Pinterest, and
`LinkedIn, have similar plug-ins that webpages may
`integrate.
`When a person browsing the Internet visits a
`webpage with a Facebook plug-in, the person’s
`browser engages in the two separate communications
`discussed above. 7ER1209. It sends one GET request
`to the server of the webpage being visited, asking it to
`display that webpage. Id. And after that server di-
`
`
`
`
`
`10
`rects the user’s browser to seek information from Fa-
`cebook, the browser sends a “separate but simultane-
`ous” GET request to Facebook, 7ER1204, asking it to
`display the plug-in on the webpage, 7ER1209. To in-
`struct Facebook where to display the plug-in, the GET
`request sent to Facebook contains the referer header
`of the webpage being visited—i.e., the webpage’s
`URL. 7ER1210.
`The following diagram (drawn from plaintiffs’
`complaint, 7ER1209) illustrates the GET request pro-
`cess:
`
`
`This process occurs whether or not the internet
`user has a Facebook account, is logged in to Facebook,
`or has ever visited Facebook: it “is part of the normal
`operation of the Internet.” 4ER635. If it did not oc-
`cur, the portion of the webpage allocated to the plug-
`in would appear blank. 7ER1204.
`
`
`
`
`
`11
`As explained in its privacy policy, Facebook uses
`the information it receives from GET requests (such
`as the URLs a user visits) to show users “content from
`[their] friends that may interest [them]” and to “im-
`prove ads generally” on its service. 2ER140; see
`2ER117-19.
`C. Proceedings Below
`1. Plaintiffs, four Facebook users, brought this
`case as a multi-district litigation on behalf of them-
`selves and a putative nationwide class of people with
`active Facebook accounts between April 22, 2010 and
`September 26, 2011. 7ER1234. After the district
`court dismissed plaintiffs’ first complaint with leave
`to amend, see App. 100a-101a, they filed a second
`amended complaint asserting eleven claims, includ-
`ing a violation of the Wiretap Act, 7ER1235-37.2
`Plaintiffs’ Wiretap Act claim alleges that while
`logged out of Facebook, plaintiffs visited websites con-
`taining Facebook plug-ins. 7ER1196; 7ER1223.
`When they visited those websites, plaintiffs allege,
`their browsers sent Facebook GET requests that in-
`cluded the websites’ URLs. 7ER1237. According to
`plaintiffs, Facebook then employed “user-specific and
`user-identifying cookies” to “gather[]” these URLs.
`Id. Facebook’s actions, plaintiffs contend, amount to
`unlawful “interception” of their data under the Wire-
`tap Act. 7ER1235.
`
`
`2 Plaintiffs’ other causes of action include a Stored Commu-
`nications Act claim, 18 U.S.C. § 2701, as well as numerous state-
`law claims. See 7ER1237-1252.
`
`
`
`
`
`12
`Plaintiffs acknowledge that their browsers sent
`the URL data directly to Facebook, so that Facebook
`could display plug-ins on the webpages plaintiffs vis-
`ited. 7ER1209. They also admit that their browsers’
`communications with Facebook were “separate from”
`their browsers’ communications with the webpages
`they visited. 7ER1237. But plaintiffs maintain that
`Facebook was still not an “authorized party” to the
`communication through which it received URL data.
`7ER1236. That is so, plaintiffs say, because plaintiffs
`did not “know[]” about their browsers’ communication
`with Facebook and were logged out of Facebook when
`that communication occurred. Id.
`Plaintiffs do not allege that Facebook represented
`to them that it would refrain from receiving URL data
`generally. Nor do plaintiffs allege that Facebook
`failed to accurately disclose its data-receipt practices
`as to logged-in users. 7ER1246. Rather, plaintiffs
`claim solely that Facebook’s disclosures “implicitly
`promise[d]” that Facebook would not receive URL
`data about logged-out users. 7ER1089. And even as
`to that class of activity, plaintiffs assert only general-
`ized privacy harms. 7ER1223-24. They do not assert
`that they engaged in different browsing behavior
`while logged out of Facebook, or that Facebook sold or
`disclosed any URL information it received.
`Nevertheless, plaintiffs seek more than $15 billion
`in total damages. 5ER921.
`2. The district court granted Facebook’s motion to
`dismiss plaintiffs’ second amended complaint, holding
`that plaintiffs failed to state a Wiretap Act claim. Fa-
`cebook, the court concluded, was a “party to the [rele-
`
`
`
`
`
`13
`vant] communication,” so it “did not ‘intercept’ Plain-
`tiffs’ communications within the meaning of the Wire-
`tap Act.” App. 63a (quoting 18 U.S.C. § 2511(2)(d)).
`“[W]hen someone visits a page where a Facebook ‘like’
`button is embedded,” the court explained, “two sepa-
`rate communications occur”: “[f]irst, the user’s
`browser sends a GET request to the server where the
`page is hosted”; “[s]econd,” the “Facebook button trig-
`gers a second, independent GET request to Facebook’s
`servers.” Id. While “[t]he parties to the first transac-
`tion are the web user (e.g., one of the Plaintiffs) and
`the server where the page is located,” the “[p]arties to
`the second transaction are that same web user and a
`Facebook server.” Id. at 63a-64a. “As to the second
`transaction”—the only one in which URL data is sent
`to Facebook—“Facebook has not ‘intercepted’ the
`communication … because it is ‘a party to the commu-
`nication.’” Id. at 64a (quoting 18 U.S.C. § 2511(2)(d)).3
`3. The Ninth Circuit reversed. After concluding
`that plaintiffs had standing to pursue their Wiretap
`Act claim, App. 11a-13a, the Ninth Circuit held that
`the claim could proceed because the “party” provision
`did not apply. The Ninth Circuit agreed with the dis-
`trict court that the “GET request and its associated
`[URL] referer header” sent from the user’s browser to
`Facebook is the relevant communication through
`which Facebook receives a user’s URL information—
`
`
`3 The district court likewise dismissed plaintiffs’ other
`claims, though it granted leave to amend two of them. Id. at 72a-
`73a. After plaintiffs filed a third amended complaint asserting
`those two claims alone, the district court granted Facebook’s mo-
`tion to dismiss those claims without leave to amend. Id. at 53a.
`
`
`
`
`
`14
`i.e., the allegedly “intercepted” communication. Id. at
`31a. And it agreed that the browser-to-Facebook com-
`munication is “separate” from the GET request sent
`from the browser to “the third-party website.” Id.
`Nonetheless, the court held that Facebook was not a
`“party” to the supposedly “intercepted” communica-
`tion and could face Wiretap Act liability. Id. at 33a.
`The Ninth Circuit did not purport to base its con-
`clusion on the Wiretap Act’s text, which uses the un-
`modified term “party.” Rather, the court based its
`conclusion on its view of the Act’s purpose and legis-
`lative history. First, the court asserted that the Act’s
`“paramount objective” is “protect[ing] effectively the
`privacy of communications.” Id. (internal quotation
`marks omitted). Second, the court stated “that the
`Wiretap Act’s legislative history evidences Congress’s
`intent to prevent the acquisition of the contents of a
`message by an unauthorized third-party or ‘an un-
`seen auditor.’” Id. (quoting S. Rep. No. 90-1097, 1968
`U.S.C.C.A.N. at 2154, 2182). In light of those two con-
`siderations, the court concluded that allowing the
`“party” provision to apply to “unauthorized duplica-
`tion and forwarding of unknowing users’ information”
`would allow too many “common methods of intrusion.”
`Id.
`In reaching this conclusion, the Ninth Circuit rec-
`ognized that “the Third Circuit has held to the con-
`trary.” Id. at 32a. In In re Google, the court ex-
`plained, the Third Circuit held that “internet adver-
`tising companies were parties to a communication”
`when they received “duplicated GET requests” from a
`web user’s browser. Id. (citing In re Google, 806 F.3d
`at 143). But instead of following the Third Circuit,
`
`
`
`
`
`15
`the Ninth Circuit “adopt[ed] the First and Seventh
`Circuits’ understanding that simultaneous, unknown
`duplication and communication of GET requests do
`not exempt a defendant from liability under the party
`exception.” Id. at 33a (citing In re Pharmatrak, 329
`F.3d at 22; Szymuszkiewicz, 622 F.3d at 706).
`The Ninth Circuit denied Facebook’s petition for
`panel rehearing or rehearing en banc. Id. at 102a.
`This petition for certior