Texas Court of Appeals Dismisses Privacy Lawsuit Against Google: Implications for Corporate Jurisdiction

Consumer ProtectionPrivacy
Written By Hosch & Morris

January 30, 2025

Privacy Plus+

Privacy, Technology and Perspective

This week, let’s look at a new case from the Texas 13th Court of Appeals in Corpus Christi, concluding that the State of Texas does not have jurisdiction to sue Google in Texas over deceptive trade practices related to privacy. The case presents important lessons about the limits of state jurisdiction over global technology companies.

Background:

In 2022, the Texas Attorney General sued Google on behalf of the State under the Texas “Little FTC Act,” commonly known as the “Texas Consumer Protection – Deceptive Trade Practices Act” (or “DTPA”), Tex. Bus. & Com. Code §§ 17.46 et seq., alleging that Google has misled Texas consumers over its privacy practices. The case emerged from allegations that Google had deceived Texas users about its tracking of their location data and search history. However, the court's focus wasn't on whether these claims had merit, but rather on whether Texas courts had the authority to hear the case at all. 

Google’s Challenge to Jurisdiction:

Before the court could even consider whether Google's privacy practices were right or wrong, Google successfully argued that Texas courts didn't have the authority to hear the case at all. Google systematically challenged on both general and specific jurisdiction by focusing on several key arguments that ultimately proved persuasive to the appellate court:

General Jurisdiction: Google emphasized that its Texas operations, while substantial, represented only a fraction of its global footprint. Google pointed out that:

  • ·       Only about 5,500 of its 169,000 employees worldwide work in Texas;

  • ·       Its Texas operations bring in less than 9% of its U.S. revenue; and

  • ·       Its main operations are in California, where it has over 58,500 employees.

The company argued these figures fell far short of making Texas its "corporate home" under Supreme Court precedent, particularly Daimler AG v. Bauman and BNSF Railway Co. v. Tyrrell.

Specific Jurisdiction: Google then argued that this specific privacy case had little connection to Texas. They showed that:

  • ·       The people who wrote Google's privacy policies don't work in Texas;

  • ·       The decisions about how to handle user data weren't made in Texas; and

  • ·       Having Texas users affected by these policies isn't enough to give Texas courts the power to hear the case.

Google’s arguments on both general and specific jurisdiction proved successful, with the appeals court agreeing that neither theory supported Texas's ability to bring the suit in state court.

You can read the opinion by clicking the following link:

https://casetext.com/case/google-llc-v-state  

Our Thoughts:

We are skeptical that this case was decided correctly. But assuming it was, the court's decision exposes a gap between legal doctrine and technological reality. Despite Google's massive Texas presence—including a 35-floor tower in Austin, multiple office complexes statewide, two $600 million data centers, 5,500 employees, and operations affecting virtually every Internet-using Texan—the court found Texas lacks jurisdiction to protect its citizens' privacy interests, even in the face of a company’s allegedly deceptive practices.

This creates a paradox: a company can build towers in our cities, process data in our communities, employ thousands of our residents, and collect personal data from millions of our citizens, yet avoid accountability in our state courts simply because it's even bigger elsewhere. Under this framework, a smaller Texas-based tech company would more easily be subject to Texas jurisdiction than a tech giant with a larger Texas presence but an even larger global footprint.

This kind of disparity would suggest that meaningful tech accountability may increasingly depend on federal action rather than state enforcement. However, this would create its own concerns—states have historically played a crucial role in protecting their citizens' interests, particularly in emerging areas of law. A system that forces states to rely solely on federal enforcement may ultimately weaken consumer protection. Accordingly, we think that there are strong public policy reasons that the Texas Supreme Court may want to reconsider this decision.

---

Hosch & Morris, PLLC is a boutique law firm dedicated to data privacy and protection, cybersecurity, the Internet and technology. Open the Future℠.

Hosch & Morris https://hoschmorris.com
Previous

CFPB Freeze Leaves Data Broker Regulations in Limbo
Next

U.S. Cyber Trust Mark: Where are we?