On November 25, 2015, the Northern District of California dismissed Cahen v. Toyota Motor Corporation, Case No. 15-cv-01104, one of the first class actions to allege that automotive manufacturers did not sufficiently protect their vehicles’ technology from intrusion by hackers. This class action was first filed in March, following a report issued by Senator Ed Markey that described these security vulnerabilities (Senator Markey would eventually introduce the Security and Privacy in Your Car Act, which if enacted would instruct NHTSA and the FTC to create IT security and privacy standards for vehicle electronics and networks).
Relying heavily on the Markey report, the Cahen plaintiffs alleged that Ford, GM, and Toyota manufactured vehicles with computer systems that are “susceptible to dangerous hacking.” According to plaintiffs, a successful hack can result not only in an invasion of privacy, but can also allow the hacker to “take remote control of the operation of a vehicle.” In addition, plaintiffs alleged that the technology in the defendant manufacturers’ vehicles allowed them to collect data from unsuspecting drivers and share such data with third parties. The plaintiffs brought consumer fraud claims under California, Oregon, and Washington law.