Is Netflix’s Practice Of Retaining Information About Ex-Customers Legit?

If you quit Netflix (NSDQ: NFLX) and come back again, you’ll find it’s like coming back to an old friend-an old friend who knows a whole lot about you. That’s because Netflix doesn’t toss out your queue or your ratings when you leave; it keeps them around to help improve its algorithm. Now, a recently filed lawsuit, which is seeking class-action status, has challenged that practice, arguing that retaining that data violates video privacy laws.

The lawsuit itself, first reported in The Hollywood Reporter, looks like kind of a reach, but the lawyers might be hoping that both data retention and online privacy are hot enough topics that they’ll get some leverage.

The main law that the lawsuit is claiming is being violated, the federal Video Privacy Protection Act, prohibits a video rental outlet like Blockbuster (NYSE: BBI) from sharing your rental history without permission. (There’s a funny story about how this law got passed-I’ll get to that in a minute.) Netflix doesn’t sell or share your movie preferences. However, the law also tells video providers that they must “destroy personally identifiable information as soon as practicable, but no later than one year from the date the information is no longer necessary for the purpose for which it was collected.”

So does that mean Netflix has to destroy all its data after a year? Not the way I read it. Netflix’s movie-suggestion system is certainly an innovative product in itself, and the company could easily argue that it collects that data for the “purpose” of improving its recommendations, meaning they could keep it for as long as they want.

In fact, since the “purpose for which it was collected” phrase is deliberately broad, it’s not clear that even a bricks-and-mortar video store couldn’t keep your information for a long time after cancellation-if the only purpose for that data retention was to give you good recommendations in case you came back.

In any case, the Comstock v. Netflix complaint, embedded below, highlights a couple interesting recent trends in privacy law.

— Companies that rent or sell video material may well be held to a higher standard. Because of a historical anomaly, information about what videos you watch is some of the most heavily-protected information out there. How did that happen? You can thank Robert Bork, whose failed Supreme Court nomination from the 1980s led to the creation of the Video Privacy Protection Act (it also coined ‘Borking’ as a verb.) How did that happen? During the debate over Bork’s nomination his (very unremarkable) video rental history got leaked to the press, and was published in the Washington City Paper and elsewhere. It was meant to be a kind of funny protest against Bork, who was seen as an opponent of expansive privacy laws. The tactic outraged a whole bunch of other Senators, and Congress ended up passing one of the tightest privacy laws ever-specifically related to what videos you watch.

— Privacy lawsuits are getting filed based on some very long-standing internet practices. This could be because a sort of internet privacy bar is getting formed and becoming increasingly sophisticated; another factor could be that online privacy has been getting much more attention from politicians and the press in the last year or so. Examples abound, but consider the Gaos v. Google lawsuit filed in October, which challenges the sending of referral URLs, a practice almost as old as search engines themselves.

var docstoc_docid=”73971522″;var docstoc_title=”Comstock and Others v. Netflix”;var docstoc_urltitle=”Comstock and Others v. Netflix”;
Comstock and Others v. Netflix