DOE v. Github (original complaint) Court Filing, retrieved on November 3, 2022 is part of . You can jump to any part in this filing . This is part 32 of 37. HackerNoon’s Legal PDF Series here VIII. CLAIMS FOR RELIEF COUNT IX VIOLATION OF THE CALIFORNIA CONSUMER PRIVACY ACT Cal. Civ. Code § 1798.150 (GitHub and OpenAI) 221. Plaintiffs and the Class hereby repeat and incorporate by reference each preceding and succeeding paragraph as though fully set forth herein. 222. At all relevant times, GitHub and OpenAI were “businesses” under the terms of Cal. Civ. Code § 1798.140(g) of the California Consumer Privacy Act (“CCPA”) as sole proprietorships, partnerships, limited liability companies, corporations, associations, or other legal entities operating in the State of California that collect consumers’ personal information. GitHub and OpenAI either have annual operating revenue above $25 million, collect the personal information of 50,000 or more California residents annually, or derive at least fifty percent of their annual revenue from the sale of personal information of California residents. 223. At all relevant times, Plaintiffs and the Class were “consumers” under the terms of the CCPA as natural persons as defined in Section 17014 of Title 18 of the California Code of Regulations. 224. “Personal Information” is defined in Section 1798.140(o)(1) of the CCPA, which protects consumers’ personal information from collection, use, or sale by businesses without consumers’ notice and consent. 225. GitHub and OpenAI violated the CCPA by using customers’ PII without providing the required notice under the CCPA. GitHub and OpenAI did not notify Plaintiffs nor the Class they were using, distributing, or selling their PII to unauthorized third parties, namely Copilot users. 226. GitHub and OpenAI also violated the CCPA by failing to provide notice to its customers of their right to opt-out of the disclosure of their PII to unauthorized third parties, namely Copilot users. 227. GitHub and OpenAI also violated the CCPA by incorporating Plaintiffs’ and the Class’s personal information into Copilot with no way to alter or delete. And also with no way to share that personal data with Plaintiffs or the Class upon request. 228. GitHub and OpenAI also violated the CCPA by failing to provide a clear and conspicuous link entitled “Do Not Sell My Personal Information” to a webpage that enables a consumer—or a person authorized by a consumer—to opt out of the sale of Plaintiffs’ and the Class’s personal data through Copilot. 229. By the acts described above, GitHub and OpenAI violated the CCPA by negligently, carelessly, and recklessly collecting, maintaining, and controlling their customers’ sensitive personal information and by engineering, designing, maintaining, and controlling systems that exposed their customers’ sensitive personal information of which GitHub and OpenAI had control and possession to the risk of exposure to unauthorized persons, thereby violating their duty to implement and maintain reasonable security procedures and practices appropriate to the nature of the information to protect the personal information. GitHub and OpenAI allowed unauthorized users to view, use, manipulate, exfiltrate, and steal the nonencrypted and nonredacted personal information of Plaintiffs and other customers, including their personal and financial information. Continue Reading . Here About HackerNoon Legal PDF Series: We bring you the most important technical and insightful public domain court case filings. This court case 3:22-cv-06823-KAW retrieved on September 5, 2023, from is part of the public domain. The court-created documents are works of the federal government, and under copyright law, are automatically placed in the public domain and may be shared without legal restriction. Storage.Courtlistener

GitHub and OpenAI Accused of Violating the California Consumer Privacy Act

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

20% of All General Searches in the U.S. Go Through the Default on User-Downloaded Version of Chrome

California's Delete Act: The Game-Changer in Data Privacy and Broker Control

Playing Hide and Seek with Big Brother

5 Reasons Why Privacy by Design is More Critical Than Ever in 2023

5 Things You Need to Know About CCPA Compliance

Announcing our Data Breach website on Data Privacy Day

20% of All General Searches in the U.S. Go Through the Default on User-Downloaded Version of Chrome

California's Delete Act: The Game-Changer in Data Privacy and Broker Control

Playing Hide and Seek with Big Brother

5 Reasons Why Privacy by Design is More Critical Than Ever in 2023

5 Things You Need to Know About CCPA Compliance

Announcing our Data Breach website on Data Privacy Day

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps