Oracle Accused of Mass Surveillance in Class Action


A complaint filed against Oracle America Inc. last Friday took issue with the company’s alleged deliberate surveillance of the general public, amalgamation of that information into “dossiers,” and its sale for Oracle’s financial gain. The suit accuses Oracle of committing “egregious breaches of social norms,” against people who have no direct relationship with it in an essentially invisible manner.

The suit was filed by three individuals from California, Florida, and Ireland, one of whom was described as a “privacy rights activist.” The suit explains that Oracle, a California-registered “data broker,” uses multiple methods to collect personal data from unsuspecting internet users, in part through its operation of the world’s largest third-party data marketplace.

One way the company collects data is through its service product “Oracle ID Graph,” which creates accurate customer profiles by “synchronizing” mass amounts of data, including “concrete identifiers such as names, home and work addresses, e-mail addresses, and telephone numbers,” according to the complaint. In addition, Oracle compiles behavioral signifiers such as where customers shop and how they pay for purchases through cookies, tracking pixels, and other methods, the filing adds.

The complaint also points to the defendant’s Data Marketplace, “an online store owned and operated by Oracle where Oracle facilitates the buying and selling of data and data-derived services by Oracle and its so-called ‘premier partners’ to private commercial and governmental entities.” It reportedly uses this tool to track online activities and enrich the “dossiers” it compiles.

The suit says that Oracle profits from its comprehensive surveillance of much of the American and worldwide public, corroding their individual autonomy and that of the society at large. It contends that the intrusion on people’s privacy far outweighs the commercial benefits that extend to the defendant, a private corporation.

The filing states seven claims for relief, all under California statutory and common law except its Federal Wiretap Act claim. According to the plaintiffs, Oracle invades their privacy, intrudes upon seclusion, and commits unfair business practices, among other wrongful acts.

The complaint seeks certification of four classes: a worldwide, a nationwide, a California subclass, and an Electronic Communications Privacy Act subclass for all United States class members whose electronic communications were intercepted by the use of Oracle’s bk-coretag.js functionality.

The plaintiffs are represented by Hagens Berman Sobol Shapiro LLP.