IF YOU’VE BEEN SUED FOR A DATA PRIVACY VIOLATION & NEED HELP GETTING YOUR WEBSITE COMPLIANT CONTACT US RIGHT AWAY

When Google’s voice assistant allegedly recorded private conversations without activation, the plaintiffs’ bar had the kind of firm that could manage a seven-year federal class action against one of the most well-resourced defendants in the world. Lowey Dannenberg was that privacy litigator. 

A Complex Litigation Firm That Grew Into Privacy

Lowey Dannenberg, P.C. is not a privacy boutique. It is a nationally active plaintiff firm with roots in antitrust, securities fraud, and consumer protection that has built a substantial data privacy practice on the back of its complex litigation infrastructure. Based at The Helmsley Building in White Plains, New York, with attorneys operating coast-to-coast, the firm applies the same institutional machinery it uses in multi-district antitrust cases—expert witness management, extensive discovery, multi-year class certification development—to privacy claims that most boutique plaintiff shops cannot sustain at that level.

That distinction matters. The privacy cases Lowey Dannenberg pursues are not quick-file, quick-settle VPPA complaints or standardized pixel class actions. They are systemically important cases against the largest technology companies in the world, involving novel legal theories, contested technical evidence, and litigation timelines measured in years, not months. The firm’s data privacy practice is led by partner Christian Levis, whose name appears across the firm’s most consequential privacy matters—from voice assistant surveillance claims to health data pixel tracking to major payment card breaches—as lead or co-lead counsel.

The Marquee Case: In re Google Assistant Privacy Litigation

The centerpiece of Lowey Dannenberg’s data privacy docket is In re Google Assistant Privacy Litigation (N.D. Cal., Case No. 5:19-cv-04286), a case that has been in active litigation in the Northern District of California for nearly seven years and is finally approaching resolution.

Filed in July 2019 before Judge Beth Labson Freeman, the consolidated class action alleged that Google’s Assistant—the AI voice tool embedded in Android phones, Google Home devices, and third-party hardware—was routinely recording and transmitting private conversations that were never intended to activate the assistant. The complaint’s theory: Google’s “hotword detection” system was imprecise, activating on words and sounds that resembled “Hey Google” but were not. Those accidental activations caused the assistant to record, process, and transmit audio from private conversations to Google’s servers and—critically—to third-party human reviewers who evaluated the recordings for quality improvement purposes.

Named plaintiffs include Lourdes Galvan, Eleeanna Galvan, Asif Kumandan, B.S., and Melissa Spurr. Lowey Dannenberg served as co-lead counsel alongside Scott+Scott Attorneys at Law LLP, with Christian Levis and Margaret C. MacLean as the firm’s primary attorneys on the matter. The partnership with Scott+Scott—itself a nationally prominent plaintiff firm—reflects the case’s complexity and the resource commitment required to litigate against Google over a multi-year period.

The case survived Google’s motions to dismiss and proceeded through contested class certification briefing and extensive expert-supported discovery. The scale of the litigation is reflected in the settlement motion papers: Levis and Scott+Scott co-lead Erin Green Comite submitted a joint declaration in support of preliminary approval, accompanied by a 25-page Lowey Dannenberg firm resume updated as of December 30, 2024, presented as evidence of class counsel’s qualifications.

On January 23, 2026, plaintiffs filed an unopposed motion for preliminary approval of a class action settlement, with a hearing scheduled before Judge Freeman on March 19, 2026. The settlement agreement—filed in redacted form as Exhibit 1 to the motion—represents the culmination of nearly seven years of litigation against Google and Alphabet over one of the most significant voice privacy questions in consumer technology. The settlement terms remain subject to court approval, but the filing of an unopposed motion signals that the parties have reached an agreement that plaintiffs’ counsel believes merits class approval.

In re Google Assistant Privacy Litigation is not a pixel case. It is a voice surveillance case—a category of privacy claim that requires establishing that a consumer technology product was systematically capturing audio it had no authorization to capture. That is a meaningfully harder litigation challenge than establishing that a tracking pixel fired on a video page. That Lowey Dannenberg has carried this case from 2019 through a settlement hearing in 2026 says something specific about the firm’s capacity.

Health Data and Google: Doe I v. Google LLC

Lowey Dannenberg’s second major Google privacy matter is Doe I v. Google LLC (N.D. Cal., Case No. 3:23-cv-02431, filed May 17, 2023, assigned to Judge Vince Girdhari Chhabria), a case that targets a different dimension of Google’s data practices: the collection of sensitive health information through tracking pixels embedded on third-party healthcare and tax-filing websites.

The case was filed alongside a related action, DOE v. Google LLC (Case No. 3:23-cv-02343), and consolidated before Judge Chhabria. The plaintiffs—proceeding anonymously as Jane Does and John Does given the sensitive nature of the data at issue—alleged that Google’s tracking tools embedded on healthcare and financial services websites transmitted their private health and financial information to Google without consent. Christian Levis served as lead Lowey Dannenberg attorney; co-counsel was Simmons Hanly Conroy, LLC.

In July 2023, plaintiffs filed a motion for preliminary injunction and provisional class certification—an aggressive early procedural move that sought to halt Google’s data collection practices while the case proceeded. The motion was supported by technical declarations from expert witnesses including Dr. Timothy Libert and Dr. Zubair Shafiq, along with a 219-page declaration from technical expert Richard M. Smith (filed under seal in redacted form) documenting the specific tracking mechanisms at issue.

In early 2024, Lowey Dannenberg filed statements of recent decision citing In re Meta Pixel Tax Filing Cases and Toy v. Life Line Screening of America Ltd as favorable authority—indicating that the firm was actively tracking the developing case law on health data pixel tracking and positioning the Doe I litigation within the broader legal landscape around health data privacy online.

The case illustrates Lowey Dannenberg’s capacity to litigate at the intersection of pixel tracking and health data—a particularly high-stakes combination that implicates HIPAA expectations (even if not HIPAA directly), California’s CMIA, federal wiretapping statutes, and general invasion of privacy theories. Health data pixel cases require technical experts who can establish what specific data fields were transmitted; Lowey Dannenberg has demonstrated it can build and manage that kind of expert record.

The VPPA Docket: In re Insider, Inc. Pixel-VPPA Litigation

Lowey Dannenberg’s VPPA footprint is smaller than its technology surveillance practice, but the firm has participated in the VPPA wave targeting media publishers. In In re Insider, Inc. Pixel-VPPA Litigation (S.D.N.Y., Case No. 1:22-cv-06529, filed August 2022, terminated December 2023, assigned to Judge Analisa Nadine Torres), Lowey Dannenberg was appointed liaison counsel in the consolidated action against Insider, Inc.—the digital media company—for alleged VPPA violations arising from Meta Pixel use alongside video content.

The November 2022 appointment order consolidated the action and designated Bursor, Milberg, and Girard as co-lead interim class counsel, with Lowey as liaison counsel. In the multi-firm structure that characterizes major VPPA class actions, liaison counsel handles coordination between counsel, filings, and case management—a role that draws on the firm’s procedural sophistication rather than its substantive privacy expertise specifically.

The case terminated in December 2023 following voluntary dismissals from some plaintiffs, including a Rule 41 notice filed by plaintiff Sanchez Johnson. The Insider litigation was part of the first major wave of media publisher VPPA cases that swept through the Southern District of New York in 2022 and 2023 following the rise of Meta Pixel tracking claims.

Data Breach: In re Wawa, Inc. Data Security Litigation

Lowey Dannenberg’s data privacy practice extends beyond tracking pixels and surveillance claims into large-scale payment card data breach litigation. In re Wawa, Inc. Data Security Litigation (E.D. Pa., Case No. 2:19-cv-06019, filed December 2019, terminated January 2026) represents one of the more significant data breach class actions of the 2019–2026 period.

Wawa, the Mid-Atlantic convenience store and gas station chain, disclosed in December 2019 that malware had been deployed across its entire network of approximately 850 stores for most of 2019, compromising payment card data—credit and debit card numbers, expiration dates, and cardholder names—for potentially millions of customers. The breach was among the largest point-of-sale malware incidents in retail history, and the litigation that followed consolidated consumer plaintiffs and financial institution plaintiffs (credit unions and banks that suffered fraud losses from reissuance and fraud reimbursement) in a complex MDL-style proceeding in the Eastern District of Pennsylvania before Judge Kelley Brisbon Hodge.

Christian Levis and Lowey Dannenberg participated in the Wawa litigation from its early stages. In January 2020, the firm submitted its firm resume in connection with the motion to consolidate cases and appoint interim co-lead counsel. The case proceeded through years of contested class litigation and ultimately reached a settlement: in October 2024, financial institution plaintiffs (including Greater Cincinnati Credit Union, Insight Credit Union, and Inspire Federal Credit Union) filed motions for approval of a class action settlement and for attorney fees, with Lowey Dannenberg’s joint declaration and firm credentials submitted alongside co-counsel materials. The case terminated in January 2026 following final settlement approval.

The Wawa participation reflects a side of Lowey Dannenberg’s data privacy practice that the firm’s pixel and surveillance work doesn’t capture: traditional data breach class litigation representing both consumer and financial institution classes. Data breach cases require different legal theories (negligence, breach of contract, state consumer protection statutes) and different damages structures than pixel tracking or VPPA claims, but they draw on the same class action procedural infrastructure.

The Firm’s Privacy Architecture

Across these matters, Lowey Dannenberg’s data privacy practice reflects a coherent architecture that distinguishes it from smaller plaintiff shops:

Longitudinal Case Management. The firm carries cases for years. Google Assistant ran from 2019 to a 2026 settlement hearing. Wawa ran from 2019 to 2026 termination. Doe I v. Google was still generating active briefing through 2024. The firm has the financial and operational infrastructure to sustain complex litigation across multi-year timelines without pressure-settling early.

Expert Witness Integration. Both the Google Assistant matter and the Doe I v. Google health data case relied heavily on technical expert witnesses—Dr. Timothy Libert, Dr. Zubair Shafiq, Richard M. Smith. Building and managing credible technical experts who can testify about voice activation systems, tracking pixel data flows, and health data transmission is an expensive, time-consuming process that separates firms capable of litigating tech privacy claims seriously from those that file complaints and hope to survive a motion to dismiss.

Co-Counsel Collaboration. Lowey Dannenberg operates as a co-counsel firm in its largest matters—paired with Scott+Scott in Google Assistant, Simmons Hanly Conroy in the health data Google case, and various co-lead firms in Wawa. This is a deliberate structural choice: it allows the firm to participate in cases that exceed any single firm’s resource capacity while contributing its specific litigation expertise and credibility.

Multi-Theory Pleading. The firm’s complaints deploy multiple legal theories simultaneously—federal wiretapping statutes, California’s CIPA, California’s CMIA for health data, CPRA, common law invasion of privacy, and intrusion upon seclusion. Multi-theory pleading serves the same function in privacy litigation that it does in antitrust: it gives courts options when individual theories face resistance, and it gives plaintiffs leverage in settlement negotiations by presenting a broader damages surface area.

What This Means for the Industries It Targets

Lowey Dannenberg’s case portfolio maps directly onto the industries facing the most concentrated data privacy litigation risk:

Consumer Technology and AI Platforms: The Google Assistant and Doe I v. Google cases together establish that Lowey Dannenberg is willing and able to pursue the largest technology companies on claims involving the most sensitive types of data—voice recordings, health information, financial data. Any consumer AI product, voice interface, or smart device operating in a gray zone around consent and data collection falls within the firm’s demonstrated targeting range.

Healthcare and Health-Adjacent Digital Products: The Doe I v. Google health data case, with its expert-backed technical record and preliminary injunction motion, signals that health data pixel tracking is a priority litigation area for the firm. Telehealth platforms, hospital websites, health information portals, and wellness apps that run advertising pixels on pages where users engage with health content face the specific type of case Lowey Dannenberg has shown it can build.

Media Publishers and Streaming Platforms: The Insider VPPA liaison role places the firm in the media publisher pixel litigation ecosystem. While Lowey Dannenberg did not serve as lead counsel in that matter, its participation reflects attention to the VPPA/media publisher space and familiarity with the consolidated litigation structures those cases produce.

Retail and Payment Infrastructure: The Wawa matter establishes data breach litigation capability across retail and payment card environments. Large retail chains, point-of-sale technology vendors, and payment processors that experience significant breaches fall within the firm’s demonstrated reach.

The Compliance Implications

Lowey Dannenberg’s docket, read as a forward-looking compliance map, identifies the specific technical and contractual failures that create the litigation exposure this firm pursues:

Voice and Ambient Audio Collection: Any product that uses microphone access or voice activation in consumer contexts must be designed with explicit, accurate consent mechanisms that match actual activation behavior. The Google Assistant case is essentially a product design litigation claim: the product’s behavior (inadvertent activation) diverged from user consent (activation on deliberate command only), and that gap became the legal exposure. Products whose ambient audio collection exceeds their disclosed consent scope are the targets.

Health Data Pixel Segregation: Healthcare websites, telehealth platforms, and health information portals must audit whether advertising pixels fire on pages where users engage with health content—symptom checkers, appointment schedulers, medication pages, patient portals. Health data fields transmitted through pixels to advertising networks create HIPAA-adjacent liability, California CMIA exposure, and general privacy tort risk even when technically outside HIPAA’s direct coverage.

Third-Party Data Sharing Disclosure: Across all its cases, the firm focuses on the gap between what privacy policies represent and what advertising infrastructure actually does. Closing that gap—through accurate disclosure, meaningful consent, and technically enforced limitations on what pixels and SDKs transmit—is the structural response to the legal theories Lowey Dannenberg deploys.

Data Breach Preparedness: The Wawa case is a reminder that point-of-sale and payment infrastructure breaches remain a live litigation risk. The cost of the Wawa settlement—including the financial institution track—reflects the downstream losses that accompany large payment card breaches. Security investment that reduces breach probability and severity reduces litigation exposure correspondingly.